gcp

package

v0.17.6 Latest Latest Go to latest Published: Jan 6, 2022 License: AGPL-3.0 Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/minio/kes

Links

Open Source Insights

Documentation ¶

Index ¶

type Config
- func (c *Config) Clone() *Config
type Credentials
- func (c Credentials) MarshalJSON() ([]byte, error)
type SecretManager
- func Connect(ctx context.Context, c *Config) (*SecretManager, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶ added in v0.17.3

type Config struct {
	Endpoint string

	ProjectID string

	Credentials Credentials

	ErrorLog *log.Logger
	// contains filtered or unexported fields
}

func (*Config) Clone ¶ added in v0.17.3

func (c *Config) Clone() *Config

type Credentials ¶

type Credentials struct {

	// ClientID is the client ID of the GCP service account.
	ClientID string

	// Client is the client email of the GCP service account.
	Client string

	// Key is the private key ID of the GCP service account.
	KeyID string

	// Key is the encoded private key of the GCP service account.
	Key string
	// contains filtered or unexported fields
}

Credentials represent GCP service account credentials.

func (Credentials) MarshalJSON ¶

func (c Credentials) MarshalJSON() ([]byte, error)

MarshalJSON returns a JSON representation of the GCP credentials.

The returned JSON contains extra fields to match the JSON credentials returned by GCP. Those additional fields are set to default values.

type SecretManager ¶

type SecretManager struct {
	// contains filtered or unexported fields
}

SecretManager is a GCP SecretManager client.

func Connect ¶ added in v0.17.3

func Connect(ctx context.Context, c *Config) (*SecretManager, error)

Connect connects and authenticates to a GCP SecretManager server.

func (*SecretManager) Create ¶

func (s *SecretManager) Create(ctx context.Context, name string, key key.Key) error

Create stores the given key-value pair at GCP secret manager if and only if it doesn't exists. If such an entry already exists it returns kes.ErrKeyExists.

Creating a secret at the GCP SecretManager requires first creating secret itself and then adding a secret version with some payload data. The payload data contains the actual value.

func (*SecretManager) Delete ¶

func (s *SecretManager) Delete(ctx context.Context, name string) error

Delete remove the key-value pair from GCP SecretManager.

Delete will remove all versions of the GCP secret. Even though CreateKey will create only one version and fails if the secret already exists a user may create more secrets versions through e.g. the GCP CLI. However, KES does not support multiple secret versions and expects a different mechanism for "key-rotation".

func (*SecretManager) Get ¶

func (s *SecretManager) Get(ctx context.Context, name string) (key.Key, error)

Get returns the value associated with the given key.

func (*SecretManager) List ¶ added in v0.13.0

func (s *SecretManager) List(ctx context.Context) (key.Iterator, error)

List returns a new Iterator over the names of all stored keys.

func (*SecretManager) Status ¶ added in v0.17.3

func (s *SecretManager) Status(ctx context.Context) (key.StoreState, error)

Status returns the current state of the GCP SecretManager instance. In particular, whether it is reachable and the network latency.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL