secrets

package

v0.9.1 Latest Latest Go to latest Published: May 23, 2022 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/m-lab/locate

Links

Open Source Insights

Documentation ¶

Overview ¶

Package secrets loads secrets from the Google Cloud Secret Manager.

Index ¶

type Config
- func NewConfig(project string) *Config
- func (c *Config) LoadSigner(ctx context.Context, client SecretClient, name string) (*token.Signer, error)
- func (c *Config) LoadVerifier(ctx context.Context, client SecretClient, name string) (*token.Verifier, error)
type LocalConfig
- func NewLocalConfig() *LocalConfig
- func (c *LocalConfig) LoadSigner(ctx context.Context, client SecretClient, name string) (*token.Signer, error)
- func (c *LocalConfig) LoadVerifier(ctx context.Context, client SecretClient, name string) (*token.Verifier, error)
type SecretClient

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	Project string
	// contains filtered or unexported fields
}

Config contains settings for secrets.

func NewConfig ¶

func NewConfig(project string) *Config

NewConfig creates a new secret config.

func (*Config) LoadSigner ¶

func (c *Config) LoadSigner(ctx context.Context, client SecretClient, name string) (*token.Signer, error)

LoadSigner fetches the oldest enabled version of the named secret containing the JWT signer key from the Secret Manager API and returns a *token.Signer.

func (*Config) LoadVerifier ¶

func (c *Config) LoadVerifier(ctx context.Context, client SecretClient, name string) (*token.Verifier, error)

LoadVerifier fetches all enabled versions of the named secret containing the JWT verifier keys and returns a * token.Verifier.

type LocalConfig ¶ added in v0.9.0

type LocalConfig struct{}

LocalConfig supports loading signer and verifier keys from a local file rather than from secretmanager.

func NewLocalConfig ¶ added in v0.9.0

func NewLocalConfig() *LocalConfig

NewLocalConfig creates a new instance for loading local signer and verifier keys.

func (*LocalConfig) LoadSigner ¶ added in v0.9.0

func (c *LocalConfig) LoadSigner(ctx context.Context, client SecretClient, name string) (*token.Signer, error)

LoadSigner reads the secret from the named file. The client parameter is ignored.

func (*LocalConfig) LoadVerifier ¶ added in v0.9.0

func (c *LocalConfig) LoadVerifier(ctx context.Context, client SecretClient, name string) (*token.Verifier, error)

LoadVerifier reads the secret from the named file. The client parameter is ignored.

type SecretClient ¶

type SecretClient interface {
	AccessSecretVersion(ctx context.Context, req *secretmanagerpb.AccessSecretVersionRequest, opts ...gax.CallOption) (*secretmanagerpb.AccessSecretVersionResponse, error)
	ListSecretVersions(ctx context.Context, req *secretmanagerpb.ListSecretVersionsRequest, opts ...gax.CallOption) *secretmanager.SecretVersionIterator
}

SecretClient wraps the AccessSecretVersion function provided by the secretmanager.Client.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL