Affected by 
Documentation
¶
Overview ¶
Package secretsmanager provides the backend implementation for the secretsmanager facade.
Index ¶
- func Register(registry facade.FacadeRegistry)
- type CrossModelSecretsClient
- type CrossModelState
- type SecretTriggers
- type SecretsConsumer
- type SecretsManagerAPI
- func (s *SecretsManagerAPI) CreateSecretURIs(arg params.CreateSecretURIsArg) (params.StringResults, error)
- func (s *SecretsManagerAPI) CreateSecrets(args params.CreateSecretArgs) (params.StringResults, error)
- func (s *SecretsManagerAPI) GetConsumerSecretsRevisionInfo(args params.GetSecretConsumerInfoArgs) (params.SecretConsumerInfoResults, error)
- func (s *SecretsManagerAPI) GetSecretBackendConfigs(arg params.SecretBackendArgs) (params.SecretBackendConfigResults, error)
- func (s *SecretsManagerAPI) GetSecretContentInfo(args params.GetSecretContentArgs) (params.SecretContentResults, error)
- func (s *SecretsManagerAPI) GetSecretMetadata() (params.ListSecretResults, error)
- func (s *SecretsManagerAPI) GetSecretRevisionContentInfo(arg params.SecretRevisionArg) (params.SecretContentResults, error)
- func (s *SecretsManagerAPI) RemoveSecrets(args params.DeleteSecretArgs) (params.ErrorResults, error)
- func (s *SecretsManagerAPI) SecretsGrant(args params.GrantRevokeSecretArgs) (params.ErrorResults, error)
- func (s *SecretsManagerAPI) SecretsRevoke(args params.GrantRevokeSecretArgs) (params.ErrorResults, error)
- func (s *SecretsManagerAPI) SecretsRotated(args params.SecretRotatedArgs) (params.ErrorResults, error)
- func (s *SecretsManagerAPI) UpdateSecrets(args params.UpdateSecretArgs) (params.ErrorResults, error)
- func (s *SecretsManagerAPI) UpdateTrackedRevisions(uris []string) (params.ErrorResults, error)
- func (s *SecretsManagerAPI) WatchConsumedSecretsChanges(args params.Entities) (params.StringsWatchResults, error)
- func (s *SecretsManagerAPI) WatchObsolete(args params.Entities) (params.StringsWatchResult, error)
- func (s *SecretsManagerAPI) WatchSecretRevisionsExpiryChanges(args params.Entities) (params.SecretTriggerWatchResult, error)
- func (s *SecretsManagerAPI) WatchSecretsRotationChanges(args params.Entities) (params.SecretTriggerWatchResult, error)
- type SecretsManagerAPIV1
- type SecretsManagerAPIV2
- func (s *SecretsManagerAPIV2) GetSecretBackendConfigs(arg params.SecretBackendArgs) (params.SecretBackendConfigResults, error)
- func (s *SecretsManagerAPIV2) GetSecretContentInfo(args params.GetSecretContentArgs) (params.SecretContentResults, error)
- func (s *SecretsManagerAPIV2) GetSecretRevisionContentInfo(arg params.SecretRevisionArg) (params.SecretContentResults, error)
- type SecretsState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Register ¶
func Register(registry facade.FacadeRegistry)
Register is called to expose a package of facades onto a given registry.
Types ¶
type CrossModelSecretsClient ¶
type CrossModelSecretsClient interface {
GetRemoteSecretContentInfo(uri *coresecrets.URI, revision int, refresh, peek bool, sourceControllerUUID, appToken string, unitId int, macs macaroon.Slice) (*secrets.ContentParams, *secretsprovider.ModelBackendConfig, int, bool, error)
GetSecretAccessScope(uri *coresecrets.URI, appToken string, unitId int) (string, error)
Close() error
}
CrossModelSecretsClient gets secret content from a cross model controller.
type CrossModelState ¶
type SecretTriggers ¶
type SecretTriggers interface {
WatchSecretsRotationChanges(owners []names.Tag) (state.SecretsTriggerWatcher, error)
WatchSecretRevisionsExpiryChanges(owners []names.Tag) (state.SecretsTriggerWatcher, error)
SecretRotated(uri *secrets.URI, next time.Time) error
}
SecretTriggers instances provide secret rotation/expiry apis.
type SecretsConsumer ¶
type SecretsConsumer interface {
GetSecretConsumer(*secrets.URI, names.Tag) (*secrets.SecretConsumerMetadata, error)
GetURIByConsumerLabel(string, names.Tag) (*secrets.URI, error)
SaveSecretConsumer(*secrets.URI, names.Tag, *secrets.SecretConsumerMetadata) error
WatchConsumedSecretsChanges(consumer names.Tag) (state.StringsWatcher, error)
GrantSecretAccess(*secrets.URI, state.SecretAccessParams) error
RevokeSecretAccess(*secrets.URI, state.SecretAccessParams) error
SecretAccess(uri *secrets.URI, subject names.Tag) (secrets.SecretRole, error)
}
SecretsConsumer instances provide secret consumer apis.
type SecretsManagerAPI ¶
type SecretsManagerAPI struct {
// contains filtered or unexported fields
}
SecretsManagerAPI is the implementation for the SecretsManager facade.
func NewSecretManagerAPI ¶
func NewSecretManagerAPI(context facade.Context) (*SecretsManagerAPI, error)
NewSecretManagerAPI creates a SecretsManagerAPI.
func (*SecretsManagerAPI) CreateSecretURIs ¶
func (s *SecretsManagerAPI) CreateSecretURIs(arg params.CreateSecretURIsArg) (params.StringResults, error)
CreateSecretURIs creates new secret URIs.
func (*SecretsManagerAPI) CreateSecrets ¶
func (s *SecretsManagerAPI) CreateSecrets(args params.CreateSecretArgs) (params.StringResults, error)
CreateSecrets creates new secrets.
func (*SecretsManagerAPI) GetConsumerSecretsRevisionInfo ¶
func (s *SecretsManagerAPI) GetConsumerSecretsRevisionInfo(args params.GetSecretConsumerInfoArgs) (params.SecretConsumerInfoResults, error)
GetConsumerSecretsRevisionInfo returns the latest secret revisions for the specified secrets. This facade method is used for remote watcher to get the latest secret revisions and labels for a secret changed hook.
func (*SecretsManagerAPI) GetSecretBackendConfigs ¶
func (s *SecretsManagerAPI) GetSecretBackendConfigs(arg params.SecretBackendArgs) (params.SecretBackendConfigResults, error)
GetSecretBackendConfigs gets the config needed to create a client to secret backends.
func (*SecretsManagerAPI) GetSecretContentInfo ¶
func (s *SecretsManagerAPI) GetSecretContentInfo(args params.GetSecretContentArgs) (params.SecretContentResults, error)
GetSecretContentInfo returns the secret values for the specified secrets.
func (*SecretsManagerAPI) GetSecretMetadata ¶
func (s *SecretsManagerAPI) GetSecretMetadata() (params.ListSecretResults, error)
GetSecretMetadata returns metadata for the caller's secrets.
func (*SecretsManagerAPI) GetSecretRevisionContentInfo ¶
func (s *SecretsManagerAPI) GetSecretRevisionContentInfo(arg params.SecretRevisionArg) (params.SecretContentResults, error)
GetSecretRevisionContentInfo returns the secret values for the specified secret revisions.
func (*SecretsManagerAPI) RemoveSecrets ¶
func (s *SecretsManagerAPI) RemoveSecrets(args params.DeleteSecretArgs) (params.ErrorResults, error)
RemoveSecrets removes the specified secrets.
func (*SecretsManagerAPI) SecretsGrant ¶
func (s *SecretsManagerAPI) SecretsGrant(args params.GrantRevokeSecretArgs) (params.ErrorResults, error)
SecretsGrant grants access to a secret for the specified subjects.
func (*SecretsManagerAPI) SecretsRevoke ¶
func (s *SecretsManagerAPI) SecretsRevoke(args params.GrantRevokeSecretArgs) (params.ErrorResults, error)
SecretsRevoke revokes access to a secret for the specified subjects.
func (*SecretsManagerAPI) SecretsRotated ¶
func (s *SecretsManagerAPI) SecretsRotated(args params.SecretRotatedArgs) (params.ErrorResults, error)
SecretsRotated records when secrets were last rotated.
func (*SecretsManagerAPI) UpdateSecrets ¶
func (s *SecretsManagerAPI) UpdateSecrets(args params.UpdateSecretArgs) (params.ErrorResults, error)
UpdateSecrets updates the specified secrets.
func (*SecretsManagerAPI) UpdateTrackedRevisions ¶
func (s *SecretsManagerAPI) UpdateTrackedRevisions(uris []string) (params.ErrorResults, error)
UpdateTrackedRevisions updates the consumer info to track the latest revisions for the specified secrets.
func (*SecretsManagerAPI) WatchConsumedSecretsChanges ¶
func (s *SecretsManagerAPI) WatchConsumedSecretsChanges(args params.Entities) (params.StringsWatchResults, error)
WatchConsumedSecretsChanges sets up a watcher to notify of changes to secret revisions for the specified consumers.
func (*SecretsManagerAPI) WatchObsolete ¶
func (s *SecretsManagerAPI) WatchObsolete(args params.Entities) (params.StringsWatchResult, error)
WatchObsolete returns a watcher for notifying when:
- a secret owned by the entity is deleted
- a secret revision owed by the entity no longer has any consumers
Obsolete revisions results are "uri/revno" and deleted secret results are "uri".
func (*SecretsManagerAPI) WatchSecretRevisionsExpiryChanges ¶
func (s *SecretsManagerAPI) WatchSecretRevisionsExpiryChanges(args params.Entities) (params.SecretTriggerWatchResult, error)
WatchSecretRevisionsExpiryChanges sets up a watcher to notify of changes to secret revision expiry config.
func (*SecretsManagerAPI) WatchSecretsRotationChanges ¶
func (s *SecretsManagerAPI) WatchSecretsRotationChanges(args params.Entities) (params.SecretTriggerWatchResult, error)
WatchSecretsRotationChanges sets up a watcher to notify of changes to secret rotation config.
type SecretsManagerAPIV1 ¶
type SecretsManagerAPIV1 struct {
*SecretsManagerAPIV2
}
SecretsManagerAPIV1 the secrets manager facade v1. TODO - drop when we no longer support juju 3.1.0
func NewSecretManagerAPIV1 ¶
func NewSecretManagerAPIV1(context facade.Context) (*SecretsManagerAPIV1, error)
NewSecretManagerAPIV1 creates a SecretsManagerAPIV1. TODO - drop when we no longer support juju 3.1.x
func (*SecretsManagerAPIV1) GetSecretBackendConfig ¶
func (s *SecretsManagerAPIV1) GetSecretBackendConfig() (params.SecretBackendConfigResultsV1, error)
GetSecretBackendConfig gets the config needed to create a client to secret backends. TODO - drop when we no longer support juju 3.1.x
func (*SecretsManagerAPIV1) GetSecretBackendConfigs ¶
func (*SecretsManagerAPIV1) GetSecretBackendConfigs(_ struct{})
GetSecretBackendConfigs isn't on the V1 API.
func (*SecretsManagerAPIV1) GetSecretStoreConfig ¶
func (s *SecretsManagerAPIV1) GetSecretStoreConfig() (params.SecretBackendConfig, error)
GetSecretStoreConfig is for 3.0.x agents. TODO - drop when we no longer support juju 3.0.x
type SecretsManagerAPIV2 ¶
type SecretsManagerAPIV2 struct {
*SecretsManagerAPI
}
SecretsManagerAPIV2 the secrets manager facade v2.
func NewSecretManagerAPIV2 ¶
func NewSecretManagerAPIV2(context facade.Context) (*SecretsManagerAPIV2, error)
NewSecretManagerAPIV2 creates a SecretsManagerAPIV2.
func (*SecretsManagerAPIV2) GetSecretBackendConfigs ¶
func (s *SecretsManagerAPIV2) GetSecretBackendConfigs(arg params.SecretBackendArgs) (params.SecretBackendConfigResults, error)
GetSecretBackendConfigs gets the config needed to create a client to secret backends.
func (*SecretsManagerAPIV2) GetSecretContentInfo ¶
func (s *SecretsManagerAPIV2) GetSecretContentInfo(args params.GetSecretContentArgs) (params.SecretContentResults, error)
GetSecretContentInfo returns the secret values for the specified secrets.
func (*SecretsManagerAPIV2) GetSecretRevisionContentInfo ¶
func (s *SecretsManagerAPIV2) GetSecretRevisionContentInfo(arg params.SecretRevisionArg) (params.SecretContentResults, error)
GetSecretRevisionContentInfo returns the secret values for the specified secret revisions.
type SecretsState ¶
type SecretsState interface {
CreateSecret(*secrets.URI, state.CreateSecretParams) (*secrets.SecretMetadata, error)
UpdateSecret(*secrets.URI, state.UpdateSecretParams) (*secrets.SecretMetadata, error)
DeleteSecret(*secrets.URI, ...int) ([]secrets.ValueRef, error)
GetSecret(*secrets.URI) (*secrets.SecretMetadata, error)
GetSecretValue(*secrets.URI, int) (secrets.SecretValue, *secrets.ValueRef, error)
GetSecretRevision(uri *secrets.URI, revision int) (*secrets.SecretRevisionMetadata, error)
ListSecrets(state.SecretsFilter) ([]*secrets.SecretMetadata, error)
ListSecretRevisions(uri *secrets.URI) ([]*secrets.SecretRevisionMetadata, error)
WatchObsolete(owners []names.Tag) (state.StringsWatcher, error)
ChangeSecretBackend(state.ChangeSecretBackendParams) error
SecretGrants(uri *secrets.URI, role secrets.SecretRole) ([]secrets.AccessInfo, error)
}
Source Files
Directories