vault

package
v0.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 15, 2024 License: BSD-3-Clause Imports: 8 Imported by: 0

README

Vault Provider

The Vault Provider extends the platform-health server to enable monitoring the health of HashiCorp Vault servers. It does this by querying the sys/health endpoint and validating that it returns initialized: true and sealed: false for "healthy", and "unhealthy" otherwise.

Usage

Once the Vault Provider is configured, any query to the platform-health server will trigger validation of the configured Vault service(s). The server will attempt to send an HTTP request to each service, and it will report each service as "healthy" if the request is successful and the server reports as initialized and unsealed, or "unhealthy" otherwise.

Configuration

The Vault Provider is configured through the platform-health server's configuration file, with component instances listed under the vault key.

  • name (required): The name of the Vault service instance, used to identify the service in the health reports.
  • address (required): The address of the Vault instance in standard VAULT_ADDR format.
  • timeout (default: 1s): The maximum time to wait for a response before timing out.
  • insecure (default: false): If set to true, allows the Vault provider to establish connections even if the TLS certificate of the service is invalid or untrusted. This is useful for testing or in environments where services use self-signed certificates. Note that using this option in a production environment is not recommended, as it disables important security checks.
Example
vault:
  - name: example
    address: https://vault.example.com

In this example, the platform-health server will validate that the Vault cluster running at https://vault.example.com is up, initialized and unsealed.

Documentation

Index

Constants

View Source
const TypeVault = "vault"

Variables

This section is empty.

Functions

This section is empty.

Types

type Vault

type Vault struct {
	Name     string        `mapstructure:"name"`
	Address  string        `mapstructure:"address"`
	Timeout  time.Duration `mapstructure:"timeout" default:"1s"`
	Insecure bool          `mapstructure:"insecure"`
}

func (*Vault) GetHealth

func (i *Vault) GetHealth(ctx context.Context) *ph.HealthCheckResponse

func (*Vault) GetName

func (i *Vault) GetName() string

func (*Vault) GetType

func (i *Vault) GetType() string

func (*Vault) LogValue

func (i *Vault) LogValue() slog.Value

func (*Vault) SetDefaults

func (i *Vault) SetDefaults()

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL