pluginutil

package

v0.8.0-rc1 Latest Latest Go to latest Published: Aug 3, 2017 License: MPL-2.0 Imports: 23 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/linii/vault

Documentation ¶

Index ¶

Variables
func OptionallyEnableMlock() error
func VaultPluginTLSProvider(apiTLSConfig *api.TLSConfig) func() (*tls.Config, error)
type APIClientMeta
- func (f *APIClientMeta) FlagSet() *flag.FlagSet
- func (f *APIClientMeta) GetTLSConfig() *api.TLSConfig
type LookRunnerUtil
type Looker
type PluginRunner
- func (r *PluginRunner) Run(wrapper RunnerUtil, pluginMap map[string]plugin.Plugin, ...) (*plugin.Client, error)
type RunnerUtil

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// PluginUnwrapTokenEnv is the ENV name used to pass unwrap tokens to the
	// plugin.
	PluginUnwrapTokenEnv = "VAULT_UNWRAP_TOKEN"

	// PluginCACertPEMEnv is an ENV name used for holding a CA PEM-encoded
	// string. Used for testing.
	PluginCACertPEMEnv = "VAULT_TESTING_PLUGIN_CA_PEM"
)

View Source

var (
	// PluginUnwrapTokenEnv is the ENV name used to pass the configuration for
	// enabling mlock
	PluginMlockEnabled = "VAULT_PLUGIN_MLOCK_ENABLED"
)

Functions ¶

func OptionallyEnableMlock ¶

func OptionallyEnableMlock() error

OptionallyEnableMlock determines if mlock should be called, and if so enables mlock.

func VaultPluginTLSProvider ¶

func VaultPluginTLSProvider(apiTLSConfig *api.TLSConfig) func() (*tls.Config, error)

VaultPluginTLSProvider is run inside a plugin and retrives the response wrapped TLS certificate from vault. It returns a configured TLS Config.

Types ¶

type APIClientMeta ¶

type APIClientMeta struct {
	// contains filtered or unexported fields
}

func (*APIClientMeta) FlagSet ¶

func (f *APIClientMeta) FlagSet() *flag.FlagSet

func (*APIClientMeta) GetTLSConfig ¶

func (f *APIClientMeta) GetTLSConfig() *api.TLSConfig

type LookRunnerUtil ¶

type LookRunnerUtil interface {
	Looker
	RunnerUtil
}

LookWrapper defines the functions for both Looker and Wrapper

type Looker ¶

type Looker interface {
	LookupPlugin(string) (*PluginRunner, error)
}

Looker defines the plugin Lookup function that looks into the plugin catalog for availible plugins and returns a PluginRunner

type PluginRunner ¶

type PluginRunner struct {
	Name           string                      `json:"name" structs:"name"`
	Command        string                      `json:"command" structs:"command"`
	Args           []string                    `json:"args" structs:"args"`
	Sha256         []byte                      `json:"sha256" structs:"sha256"`
	Builtin        bool                        `json:"builtin" structs:"builtin"`
	BuiltinFactory func() (interface{}, error) `json:"-" structs:"-"`
}

PluginRunner defines the metadata needed to run a plugin securely with go-plugin.

func (*PluginRunner) Run ¶

func (r *PluginRunner) Run(wrapper RunnerUtil, pluginMap map[string]plugin.Plugin, hs plugin.HandshakeConfig, env []string) (*plugin.Client, error)

Run takes a wrapper instance, and the go-plugin paramaters and executes a plugin.

type RunnerUtil ¶

type RunnerUtil interface {
	ResponseWrapData(data map[string]interface{}, ttl time.Duration, jwt bool) (*wrapping.ResponseWrapInfo, error)
	MlockEnabled() bool
}

Wrapper interface defines the functions needed by the runner to wrap the metadata needed to run a plugin process. This includes looking up Mlock configuration and wrapping data in a respose wrapped token.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL