secrets

package
v0.0.0-...-3da446c Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 16, 2025 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ReadFromEnv

func ReadFromEnv(name string, censor *DynamicCensor) string

ReadFromEnv loads an environment variable and adds it to the censor list.

func ReadFromFile

func ReadFromFile(path string, censor *DynamicCensor) (string, error)

ReadFromFile loads content from a file and adds it to the censor list.

Types

type CLIOptions

type CLIOptions struct {
	VaultTokenFile string
	VaultAddr      string
	VaultPrefix    string
	VaultRole      string

	VaultToken string
}

func (*CLIOptions) Bind

func (o *CLIOptions) Bind(fs *flag.FlagSet, getenv func(string) string, censor *DynamicCensor)

func (*CLIOptions) Complete

func (o *CLIOptions) Complete(censor *DynamicCensor) error

func (*CLIOptions) NewClient

func (o *CLIOptions) NewClient(censor *DynamicCensor) (Client, error)

func (*CLIOptions) NewReadOnlyClient

func (o *CLIOptions) NewReadOnlyClient(censor *DynamicCensor) (ReadOnlyClient, error)

func (*CLIOptions) Validate

func (o *CLIOptions) Validate() error

type Client

type Client interface {
	ReadOnlyClient
	SetFieldOnItem(itemName, fieldName string, fieldValue []byte) error
	UpdateNotesOnItem(itemName string, notes string) error
}

func NewDryRunClient

func NewDryRunClient(outputFile *os.File) Client

func NewVaultClient

func NewVaultClient(upstream VaultClient, prefix string, censor *DynamicCensor) Client

type DynamicCensor

type DynamicCensor struct {
	sync.RWMutex
	*secretutil.ReloadingCensorer
	// contains filtered or unexported fields
}

DynamicCensor keeps a list of censored secrets that is dynamically updated. Used when the list of secrets to censor is updated during the execution of the program and cannot be determined in advance. Access to the list of secrets is internally synchronized.

func NewDynamicCensor

func NewDynamicCensor() DynamicCensor

func (*DynamicCensor) AddSecrets

func (c *DynamicCensor) AddSecrets(s ...string)

AddSecrets adds the content of one or more secrets to the censor list.

type ReadOnlyClient

type ReadOnlyClient interface {
	GetFieldOnItem(itemName, fieldName string) ([]byte, error)
	GetInUseInformationForAllItems(optionalPrefix string) (map[string]SecretUsageComparer, error)
	GetUserSecrets() (map[types.NamespacedName]map[string]string, error)
	HasItem(itemname string) (bool, error)
}

type SecretUsageComparer

type SecretUsageComparer interface {
	LastChanged() time.Time
	UnusedFields(inUse sets.Set[string]) (Difference sets.Set[string])
	SuperfluousFields() sets.Set[string]
}

type VaultClient

type VaultClient interface {
	GetKV(path string) (*vaultclient.KVData, error)
	ListKVRecursively(path string) ([]string, error)
	UpsertKV(path string, data map[string]string) error
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL