secrets

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 23, 2023 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// Path is the path to the base working directory
	Path = "path"

	// Token is the token used for authenticating with a KMS
	Token = "token"

	// Server is the address of the KMS
	Server = "server"

	// Name is the name of the current node
	Name = "name"
)

Define constant key names for SecretsManagerParams.Extra

View Source
const (
	// ValidatorKey is the private key secret of the validator node
	ValidatorKey = "validator-key"

	// ValidatorBLSKey is the bls secret key of the validator node
	ValidatorBLSKey = "validator-bls-key"

	// NetworkKey is the libp2p private key secret used for networking
	NetworkKey = "network-key"

	// ValidatorBLSSignature is the BLS signature of the validator node
	ValidatorBLSSignature = "validator-bls-signature"
)

Define constant names for available secrets

View Source
const (
	ValidatorKeyLocal          = "validator.key"
	ValidatorBLSKeyLocal       = "validator-bls.key"
	NetworkKeyLocal            = "libp2p.key"
	ValidatorBLSSignatureLocal = "validator.sig"
)

Define constant file names for the local StorageManager

View Source
const (
	ConsensusFolderLocal = "consensus"
	NetworkFolderLocal   = "libp2p"
)

Define constant folder names for the local StorageManager

Variables

View Source
var (
	ErrSecretNotFound = errors.New("secret not found")
)

Functions

func SupportedServiceManager

func SupportedServiceManager(service SecretsManagerType) bool

SupportedServiceManager checks if the passed in service manager type is supported

Types

type SecretsManager

type SecretsManager interface {
	// Setup performs secret manager-specific setup
	Setup() error

	// GetSecret gets the secret by name
	GetSecret(name string) ([]byte, error)

	// SetSecret sets the secret to a provided value
	SetSecret(name string, value []byte) error

	// HasSecret checks if the secret is present
	HasSecret(name string) bool

	// RemoveSecret removes the secret from storage
	RemoveSecret(name string) error
}

SecretsManager defines the base public interface that all secret manager implementations should have

type SecretsManagerConfig

type SecretsManagerConfig struct {
	Token     string                 `json:"token"`      // Access token to the instance
	ServerURL string                 `json:"server_url"` // The URL of the running server
	Type      SecretsManagerType     `json:"type"`       // The type of SecretsManager
	Name      string                 `json:"name"`       // The name of the current node
	Namespace string                 `json:"namespace"`  // The namespace of the service
	Extra     map[string]interface{} `json:"extra"`      // Any kind of arbitrary data
}

SecretsManagerConfig is the configuration that gets written to a single configuration file

func ReadConfig

func ReadConfig(path string) (*SecretsManagerConfig, error)

ReadConfig reads the SecretsManagerConfig from the specified path

func (*SecretsManagerConfig) WriteConfig

func (c *SecretsManagerConfig) WriteConfig(path string) error

WriteConfig writes the current configuration to the specified path

type SecretsManagerFactory

type SecretsManagerFactory func(

	config *SecretsManagerConfig,

	params *SecretsManagerParams,
) (SecretsManager, error)

SecretsManagerFactory is the factory method for secrets managers

type SecretsManagerParams

type SecretsManagerParams struct {
	// Local logger object
	Logger hclog.Logger

	// Extra contains additional data needed for the SecretsManager to function
	Extra map[string]interface{}
}

SecretsManagerParams defines the configuration params for the secrets manager

type SecretsManagerType

type SecretsManagerType string
const (
	// Local pertains to the local FS [Default]
	Local SecretsManagerType = "local"

	// HashicorpVault pertains to the Hashicorp Vault server
	HashicorpVault SecretsManagerType = "hashicorp-vault"

	// AWSSSM pertains to AWS SSM using configured EC2 instance role
	AWSSSM SecretsManagerType = "aws-ssm"

	// GCPSSM pertains to the Google Cloud Computing secret store manager
	GCPSSM SecretsManagerType = "gcp-ssm"
)

Define constant types of secrets managers

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL