command

package

v0.0.0-...-877ff3d Latest Latest Go to latest Published: Jan 2, 2021 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/milosgajdos/vaultops

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GeneralOptionsUsage() string
func Redact(ch rune, length int) string
func VaultKeyCipher(m *Meta) (c cipher.Cipher, err error)
func VaultKeyStore(storeType string, m *Meta) (s store.Store, err error)
type FlagSetFlags
type InitCommand
type Meta
type UnsealCommand
type VaultKeys
- func (v *VaultKeys) Read(s store.Store, c cipher.Cipher) (int, error)
- func (v *VaultKeys) Write(s store.Store, c cipher.Cipher) (int, error)

Constants ¶

View Source

const (
	// EnvVaultAddress stores vault address env var name
	EnvVaultAddress = "VAULT_ADDR"
	// EnvVaultCACert stores vault CA cert env var name
	EnvVaultCACert = "VAULT_CACERT"
	// EnvVaultClientCert stores vault client cert env var name
	EnvVaultClientCert = "VAULT_CLIENT_CERT"
	// EnvVaultClientKey stores vault client key env var name
	EnvVaultClientKey = "VAULT_CLIENT_KEY"
	// EnvVaultInsecure stores vault skip SSL host verify env var name
	EnvVaultInsecure = "VAULT_SKIP_VERIFY"
	// EnvVaultTLSServerName stores vault TLS server name env var name
	EnvVaultTLSServerName = "VAULT_TLS_SERVER_NAME"
	// EnvVaultToken stores vault token env var name
	EnvVaultToken = "VAULT_TOKEN"
)

Variables ¶

This section is empty.

Functions ¶

func GeneralOptionsUsage ¶

func GeneralOptionsUsage() string

GeneralOptionsUsage returns the usage documentation for commonly available options this is ripped off (https://github.com/hashicorp/vault/blob/master/meta/meta.go#L177-L208)

func Redact ¶

func Redact(ch rune, length int) string

Redact returns string of characters ch of length long

func VaultKeyCipher ¶

func VaultKeyCipher(m *Meta) (c cipher.Cipher, err error)

VaultKeyCipher returns KMS key handle to use for encrypting and decrypting keys

func VaultKeyStore ¶

func VaultKeyStore(storeType string, m *Meta) (s store.Store, err error)

VaultKeyStore creates vault keys store

Types ¶

type FlagSetFlags ¶

type FlagSetFlags uint

FlagSetFlags is an enum to define what flags are present in the default FlagSet returned by Meta.FlagSet.

const (
	// FlagSetNone allows to implement FlagSet enum
	FlagSetNone FlagSetFlags = 0
	// FlagSetServer allows to provide FlagSet flags
	FlagSetServer FlagSetFlags = 1 << iota
	// FlagSetDefault allows to use  default FlagSet flags
	FlagSetDefault = FlagSetServer
)

type InitCommand ¶

type InitCommand struct {
	// meta flags contain vault client config
	Meta
}

InitCommand implements vault initialization It fulfills cli.Command interface

func (*InitCommand) Help ¶

func (c *InitCommand) Help() string

Help returns detailed command help

func (*InitCommand) Run ¶

func (c *InitCommand) Run(args []string) int

Run runs init command which initializes vault server If init command fails it returns non-zero integer

func (*InitCommand) Synopsis ¶

func (c *InitCommand) Synopsis() string

Synopsis provides a simple command description

type Meta ¶

type Meta struct {

	// UI is the cli UI
	UI cli.Ui
	// contains filtered or unexported fields
}

Meta contains meta-options used by almost every command This is a stripped down version of vault meta struct.

func (*Meta) Client ¶

func (m *Meta) Client(address, token string) (*api.Client, error)

Client initializes vault api.Client and returns it or fails with error This is heavily inspired by (https://github.com/hashicorp/vault/blob/master/meta/meta.go#L74-L98)

func (*Meta) Config ¶

func (m *Meta) Config(address string) (*api.Config, error)

Config returns vault *api.Config or fails with error

func (*Meta) FlagSet ¶

func (m *Meta) FlagSet(name string, fs FlagSetFlags) *flag.FlagSet

FlagSet returns a FlagSet with the common flags that every command implements.

func (*Meta) Token ¶

func (m *Meta) Token() string

Token returns client token

type UnsealCommand ¶

type UnsealCommand struct {
	// meta flags contain vault client config
	Meta
}

UnsealCommand implements vault unsealing It fulfills cli.Command interface

func (*UnsealCommand) Help ¶

func (c *UnsealCommand) Help() string

Help returns detailed command help

func (*UnsealCommand) Run ¶

func (c *UnsealCommand) Run(args []string) int

Run runs unsearl command which unseals vault servers If unseal fails Run returns non-zero integer

func (*UnsealCommand) Synopsis ¶

func (c *UnsealCommand) Synopsis() string

Synopsis provides a simple command description

type VaultKeys ¶

type VaultKeys struct {
	// RootToken is vault root token
	RootToken string `json:"root_token,omitempty"`
	// MasterKeys are vault master keys used to unseal vault servers
	MasterKeys []string `json:"master_keys,omitempty"`
}

VaultKeys stores vault root token and master keys

func (*VaultKeys) Read ¶

func (v *VaultKeys) Read(s store.Store, c cipher.Cipher) (int, error)

Read reads vault keys from store, decrypts them and stores them in its fields i.e. it modifies the keys stored in the receiver.

func (*VaultKeys) Write ¶

func (v *VaultKeys) Write(s store.Store, c cipher.Cipher) (int, error)

Write writes vault keys in store and encrypts them with cipher c

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL