api

package
v0.1.3-alpha Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 27, 2022 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config

type Config struct {
	// Address of the Vault server that the API is served on. Equivalent of setting VAULT_ADDR for the vault CLI
	APIAddress string
	// Authentication token to perform Vault operations. Must have sufficient permissions
	Token string
}

Config represents the configuration values needed to connect to Vault via the API

type VaultAPIClient

type VaultAPIClient interface {
	// GetPluginDir queries the server for the local plugin directory
	GetPluginDir() (directory string, err error)
	// RegisterPlugin adds the plugin to the VaultPlugin Catalog
	RegisterPlugin(name, command, sha string) error
	// GetPlugin returns information about a registered plugin (command, sha, args etc)
	GetPlugin(name string) (map[string]interface{}, error)
	// ReloadPlugin reloads a plugin (globally across a cluster if Vault is clustered) and waits for the number of
	// completed reloads to equal the number of replicas
	ReloadPlugin(name string) error
	// MountPlugin mounts a secret engine at the specified path. Equivalent to vault secrets enable -plugin-name=name -path=path
	MountPlugin(name, path string) error
	// GetMountPluginName checks which backend is used for particular mount
	GetMountPluginName(path string) (string, error)
	// WriteValue writes to the specified path. Equivalent to `$ vault write path value1=v1 value2=v2`
	WriteValue(path string, value map[string]interface{}) (map[string]interface{}, error)
	// ReadValue reads from the specified path. Equivalent to `$ vault read path`
	ReadValue(path string) (map[string]interface{}, error)
	// GetVaultConfig reads the config from sys/config/state/sanitized and returns it as a map
	GetVaultConfig() (map[string]interface{}, error)
	// IsMLockDisabled checks to see if the server was run with the disable_mlock option
	IsMLockDisabled() (bool, error)
}

VaultAPIClient represents a HashiCorp Vault instance and the operations available on it via the Vault API. For operations involving SSH, see the vault/ssh/VaultSSHClient interface instead.

func NewClient

func NewClient(config *Config, apiClient lib.VaultAPIWrapper) (VaultAPIClient, error)

NewClient returns an instance of the Vault API client

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL