secret

package
v0.0.0-...-d559fe2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 19, 2024 License: MIT Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetSecretsOfTask

func GetSecretsOfTask(ctx context.Context, task *actions_model.ActionTask) (map[string]string, error)

func UpdateSecret

func UpdateSecret(ctx context.Context, secretID int64, data string) error

UpdateSecret changes org or user reop secret.

Types

type ErrSecretNotFound

type ErrSecretNotFound struct {
	Name string
}

ErrSecretNotFound represents a "secret not found" error.

func (ErrSecretNotFound) Error

func (err ErrSecretNotFound) Error() string

func (ErrSecretNotFound) Unwrap

func (err ErrSecretNotFound) Unwrap() error

type FindSecretsOptions

type FindSecretsOptions struct {
	db.ListOptions
	RepoID   int64
	OwnerID  int64 // it will be ignored if RepoID is set
	SecretID int64
	Name     string
}

func (FindSecretsOptions) ToConds

func (opts FindSecretsOptions) ToConds() builder.Cond

type Secret

type Secret struct {
	ID          int64
	OwnerID     int64              `xorm:"INDEX UNIQUE(owner_repo_name) NOT NULL"`
	RepoID      int64              `xorm:"INDEX UNIQUE(owner_repo_name) NOT NULL DEFAULT 0"`
	Name        string             `xorm:"UNIQUE(owner_repo_name) NOT NULL"`
	Data        string             `xorm:"LONGTEXT"` // encrypted data
	CreatedUnix timeutil.TimeStamp `xorm:"created NOT NULL"`
}

Secret represents a secret

It can be:

  1. org/user level secret, OwnerID is org/user ID and RepoID is 0
  2. repo level secret, OwnerID is 0 and RepoID is repo ID

Please note that it's not acceptable to have both OwnerID and RepoID to be non-zero, or it will be complicated to find secrets belonging to a specific owner. For example, conditions like `OwnerID = 1` will also return secret {OwnerID: 1, RepoID: 1}, but it's a repo level secret, not an org/user level secret. To avoid this, make it clear with {OwnerID: 0, RepoID: 1} for repo level secrets.

Please note that it's not acceptable to have both OwnerID and RepoID to zero, global secrets are not supported. It's for security reasons, admin may be not aware of that the secrets could be stolen by any user when setting them as global.

func InsertEncryptedSecret

func InsertEncryptedSecret(ctx context.Context, ownerID, repoID int64, name, data string) (*Secret, error)

InsertEncryptedSecret Creates, encrypts, and validates a new secret with yet unencrypted data and insert into database

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL