Documentation
¶
Index ¶
- Constants
- Variables
- func Authenticate(client *api.Client, config map[string]interface{}) (token string, autoAuth bool, err error)
- func CloseIdleConnections(cfg *api.Config)
- func ConfigureTLS(config *api.Config, secretConfig map[string]interface{}) error
- func GetAuthToken(client *api.Client, config map[string]interface{}) (string, error)
- func GetVaultParam(secretConfig map[string]interface{}, name string) string
- func IsValidAddr(address string) error
Constants ¶
View Source
const ( // AuthMethodKubernetes is a named auth method. AuthMethodKubernetes = "kubernetes" // AuthMethodApprole AuthMethodAppRole = "approle" // AuthMethod is a vault authentication method used. // https://www.vaultproject.io/docs/auth#auth-methods AuthMethod = "VAULT_AUTH_METHOD" // AuthMountPath defines a custom auth mount path. AuthMountPath = "VAULT_AUTH_MOUNT_PATH" // AuthKubernetesRole is the role to authenticate against on Vault AuthKubernetesRole = "VAULT_AUTH_KUBERNETES_ROLE" // AuthKubernetesTokenPath is the file path to a custom JWT token to use for authentication. // If omitted, the default service account token path is used. AuthKubernetesTokenPath = "VAULT_AUTH_KUBERNETES_TOKEN_PATH" // AuthKubernetesMountPath AuthKubernetesMountPath = "kubernetes" // AuthAppRoleRoleID AuthAppRoleRoleID = "VAULT_APPROLE_ROLE_ID" // AuthAppRoleSecretID AuthAppRoleSecretID = "VAULT_APPROLE_SECRET_ID" )
Variables ¶
View Source
var ( ErrVaultAuthParamsNotSet = errors.New("VAULT_TOKEN or VAULT_AUTH_METHOD not set") ErrVaultAddressNotSet = errors.New("VAULT_ADDR not set") ErrInvalidVaultToken = errors.New("VAULT_TOKEN is invalid") ErrInvalidSkipVerify = errors.New("VAULT_SKIP_VERIFY is invalid") ErrAppRoleIDNotSet = errors.New("VAULT_APPROLE_ROLE_ID or VAULT_APPROLE_SECRET_ID not set") ErrInvalidVaultAddress = errors.New("VAULT_ADDRESS is invalid. " + "Should be of the form http(s)://<ip>:<port>") ErrAuthMethodUnknown = errors.New("unknown auth method") ErrKubernetesRole = errors.New(AuthKubernetesRole + " not set") ErrInCooldown = errors.New("vault client is in cooldown") )
Functions ¶
func Authenticate ¶
func Authenticate(client *api.Client, config map[string]interface{}) (token string, autoAuth bool, err error)
Authenticate gets vault authentication parameters for the provided configuration.
func CloseIdleConnections ¶
CloseIdleConnections ensures that the vault idle connections are closed.
func ConfigureTLS ¶
ConfigureTLS adds tls parameters to the vault configuration.
func GetAuthToken ¶
GetAuthToken tries to get the vault token for the provided authentication method.
func GetVaultParam ¶
GetVaultParam retrieves a named parameter from the config or tried to get it from the environment variables.
func IsValidAddr ¶
IsValidAddr checks address has the correct format.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.