model

package
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 26, 2022 License: Apache-2.0 Imports: 2 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	DefaultVaultKubernetesHost = "https://kubernetes.default.svc"

	VaultRootToken = "root-token"
	VaultUnsealKey = "unseal-key"

	VaultKubernetesHost   = "kubernetes_host"
	VaultKubernetesCACert = "kubernetes_ca_cert"

	VaultPathConfig = "config"
	VaultPathKeys   = "keys"
	VaultPathRole   = "role"

	VaultTokenReviewerJWT = "token_reviewer_jwt"

	VaultSysAuth   = "sys/auth"
	VaultSysMounts = "sys/mounts"
)
View Source 
const (
	KubernetesSecretDataCACertificate = "ca.crt"
	KubernetesSecretDataToken         = "token"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type KubernetesCertificateData 

type KubernetesCertificateData struct {
	CACertificate string
	Token         string
}

type VaultAuthAccessor 

type VaultAuthAccessor struct {
	Name  string
	Rules string
}

type VaultAuthType 

type VaultAuthType string
const (
	VaultAuthTypeJWT        VaultAuthType = "jwt"
	VaultAuthTypeKubernetes VaultAuthType = "kubernetes"
)

func (VaultAuthType) String 

func (vat VaultAuthType) String() string

type VaultInitializationData added in v0.1.1 

type VaultInitializationData struct {
	JWTRoles        []*VaultJWTRole
	KubernetesRoles []*VaultKubernetesRole
	Policies        []*VaultPolicy
	Plugins         []*vaultapi.RegisterPluginInput
	SecretEngines   []*VaultSecretEngine
}

type VaultInitializationManager added in v0.1.1 

type VaultInitializationManager interface {
	InitializeVault(ctx context.Context, vaultInitializationData *VaultInitializationData) error
}

type VaultJWTRole 

type VaultJWTRole struct {
	Name           string
	RoleType       string
	BoundAudiences []string
	UserClaim      string
	TokenType      string
	TokenPolicies  []string
	ClaimMappings  map[string]string
}

type VaultKeys 

type VaultKeys struct {
	RootToken  string
	UnsealKeys []string
}

type VaultKubernetesRole 

type VaultKubernetesRole struct {
	BoundServiceAccountNames      []string
	BoundServiceAccountNamespaces []string
	Name                          string
	Policies                      []string
	TTL                           string
}

type VaultPolicy 

type VaultPolicy struct {
	Name  string
	Rules string
}

type VaultSecretEngine 

type VaultSecretEngine struct {
	Path        string
	Type        string
	Description string
}

type VaultSecretEngineType 

type VaultSecretEngineType string
const (
	VaultSecretEngineTypeKVV2    VaultSecretEngineType = "kv-v2"
	VaultSecretEngineTypeTransit VaultSecretEngineType = "transit"
)

func (VaultSecretEngineType) String 

func (vset VaultSecretEngineType) String() string

type VaultSystemManager 

type VaultSystemManager interface {
	ConfigureJWTAuth(ctx context.Context) error
	ConfigureJWTAuthRoles(roles []*VaultJWTRole) error
	ConfigureKubernetesAuth(ctx context.Context) error
	ConfigureKubernetesAuthRoles(roles []*VaultKubernetesRole) error
	CreateCredentials(ctx context.Context, vaultKeys *VaultKeys) error
	CreateTransitKey(mount, key string) error
	EnableJWTAuth() error
	EnableKubernetesAuth() error
	EnableSecretEngines(secretEngines []*VaultSecretEngine) error
	GetAuthMethod(name string) (*vaultapi.AuthMount, error)
	GetCredentials(ctx context.Context) (*VaultKeys, error)
	GetKubernetesAuthConfig(ctx context.Context) (*KubernetesCertificateData, error)
	Initialize(ctx context.Context) (*VaultKeys, error)
	IsJWTAuthEnabled() (bool, error)
	IsKubernetesAuthEnabled() (bool, error)
	PutPolicies(policies []*VaultPolicy) error
	RegisterPlugins(plugins []*vaultapi.RegisterPluginInput) error
	SetToken(vaultKeys *VaultKeys)
	Unseal(vaultKeys *VaultKeys) error
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.