The highest tagged major version is
Documentation
¶
Index ¶
- Constants
- Variables
- func AdminSecretPath(secret AdminSecret) string
- func InstallSecretPath(secret string) string
- func ReadBasicAuth(client Client, path string) (*config.BasicAuth, error)
- func WriteBasicAuth(client Client, path string, auth config.BasicAuth) error
- func WriteYamlFiles(client Client, path string, files ...string) error
- type AdminSecret
- type Client
- type PathPolicy
- type PathRule
Constants ¶
View Source
const ( // SystemVaultName name of the system vault used by the jenkins-x platfrom SystemVaultName = "jx-vault" // InstallSecretsPath the path of secrets generated during the installation InstallSecretsPath = "install/" // AdminSecretsPath the path of admin secrets AdminSecretsPath = "admin/" )
View Source
const ( // JenkinsAdminSecret the secret name for Jenkins admin password JenkinsAdminSecret = "jenkins" // NexusAdminSecret the secret name for Nexus credentials NexusAdminSecret = "nexus" // ChartmuseumAdminSecret the secret name for Chartmuseum credentials ChartmuseumAdminSecret = "chartmuseum" // GrafanaAdminSecret the secret name for Grafana credentials GrafanaAdminSecret = "grafana" // IngressAdminSecret the secret name for Ingress basic authentication IngressAdminSecret = "ingress" )
View Source
const ( DenyCapability = "deny" CreateCapability = "create" ReadCapability = "read" UpdateCapability = "update" DeleteCapability = "delete" ListCapability = "list" SudoCapability = "sudo" RootCapability = "root" PathRulesName = "allow_secrets" DefaultSecretsPathPrefix = "secret/*" PoliciesName = "policies" )
Variables ¶
View Source
var (
DefaultSecretsCapabiltities = []string{CreateCapability, ReadCapability, UpdateCapability, DeleteCapability, ListCapability}
)
Functions ¶
func AdminSecretPath ¶
func AdminSecretPath(secret AdminSecret) string
AdminSecretPath returns the admin secret path for a given admin secret
func InstallSecretPath ¶ added in v1.3.668
InstallSecretPath returns the path of an install secret
func ReadBasicAuth ¶
ReadBasicAuth reads the basic authentication credentials from vault at the given path.
func WriteBasicAuth ¶
WriteBasicAuth stores the basic authentication credentials in vault at the given path.
Types ¶
type Client ¶
type Client interface {
// Write writes a named secret to the vault
Write(secretName string, data map[string]interface{}) (map[string]interface{}, error)
// WriteObject writes a generic named object to the vault. The secret _must_ be serializable to JSON
WriteObject(secretName string, secret interface{}) (map[string]interface{}, error)
// WriteYaml writes a yaml object to a named secret
WriteYaml(secretName string, yamlstring string) (map[string]interface{}, error)
// List lists the secrets under the specified path
List(path string) ([]string, error)
// Read reads a named secret from the vault
Read(secretName string) (map[string]interface{}, error)
// Config gets the config required for configuring the official Vault CLI
Config() (vaultURL url.URL, vaultToken string, err error)
}
Client is an interface for interacting with Vault
func NewVaultClient ¶
NewVaultClient creates a new Vault Client wrapping the api.client
type PathPolicy ¶
type PathPolicy struct {
Prefix string `hcl:",key"`
Capabilities []string `hcl:"capabilities" hcle:"omitempty"`
}
PathPolicy defiens a vault path policy
Source Files
Click to show internal directories.
Click to hide internal directories.