credential

package
v0.0.0-...-85ffd96 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 10, 2019 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CredManager

type CredManager struct {
	// contains filtered or unexported fields
}

func (*CredManager) CreateRole

func (c *CredManager) CreateRole(name string, namespace string, secretName string) error

Creates kubernetes role

func (*CredManager) CreateRoleBinding

func (c *CredManager) CreateRoleBinding(name string, namespace string, roleName string, subjects []rbac.Subject) error

Create kubernetes role binding

func (*CredManager) CreateSecret

func (c *CredManager) CreateSecret(name string, namespace string, credSecret *vaultapi.Secret) error

Creates a kubernetes secret containing database credential

func (*CredManager) GetCredential

func (c *CredManager) GetCredential() (*vaultapi.Secret, error)

Gets credential from vault

func (*CredManager) IsLeaseExpired

func (c *CredManager) IsLeaseExpired(leaseID string) (bool, error)

https://www.vaultproject.io/api/system/leases.html#read-lease

Whether or not lease is expired in vault In vault, lease is revoked if lease is expired

func (*CredManager) RevokeLease

func (c *CredManager) RevokeLease(leaseID string) error

RevokeLease revokes respective lease It's safe to call multiple time. It doesn't give error even if respective lease_id doesn't exist but it will give an error if lease_id is empty

type CredentialManager

type CredentialManager interface {
	// Gets credential from vault
	GetCredential() (*vaultapi.Secret, error)

	// Creates a kubernetes secret containing postgres credential
	CreateSecret(name string, namespace string, credential *vaultapi.Secret) error

	// Creates kubernetes role
	CreateRole(name string, namespace string, secretName string) error

	// Creates kubernetes role binding
	CreateRoleBinding(name string, namespace string, roleName string, subjects []rbac.Subject) error

	IsLeaseExpired(leaseID string) (bool, error)

	RevokeLease(leaseID string) error
}

type SecretEngine

type SecretEngine interface {
	secret.SecretGetter
	ParseCredential(secret *vaultapi.Secret) (map[string][]byte, error)
	GetOwnerReference() metav1.OwnerReference
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL