Documentation
¶
Index ¶
- Constants
- func Command() cli.Command
- func CreateTokenRequest(rw http.ResponseWriter, req *http.Request) (int, error)
- func HandleError(s *client.Schemas, t func(http.ResponseWriter, *http.Request) (int, error)) http.Handler
- func HealthCheck(rw http.ResponseWriter, req *http.Request) (int, error)
- func NewRouter() *mux.Router
- func RevokeTokenRequest(rw http.ResponseWriter, req *http.Request) (int, error)
- func StartServer(c *cli.Context) error
- type Config
- type ConfigError
- type IntermediateToken
- type VaultClient
- type VaultIntermediateTokenResponse
- type VaultTokenExpireInput
- type VaultTokenInput
Constants ¶
View Source
const (
SignatureHeaderString = "X-Vault-Driver-Signature"
)
Variables ¶
This section is empty.
Functions ¶
func CreateTokenRequest ¶
func HandleError ¶
func HandleError(s *client.Schemas, t func(http.ResponseWriter, *http.Request) (int, error)) http.Handler
HandleError wraps the HTTP Handler so that errors can be handled and non-200 response codes issued.
func HealthCheck ¶
func RevokeTokenRequest ¶
func StartServer ¶
StartServer takes the CLI options and starts a server based on the configuration.
Types ¶
type Config ¶
type Config struct {
VaultURL string
VaultRole string
VaultToken string
RancherURL string
RancherAccess string
RancherSecret string
}
Config contains config info for server setup.
func (*Config) ValidateConfig ¶
type ConfigError ¶
type ConfigError struct {
// contains filtered or unexported fields
}
func (ConfigError) Error ¶
func (c ConfigError) Error() string
type IntermediateToken ¶
type VaultClient ¶
type VaultClient struct {
// contains filtered or unexported fields
}
func NewVaultClient ¶
func NewVaultClient(url, token, role string) (*VaultClient, error)
func (*VaultClient) Healthy ¶
func (vc *VaultClient) Healthy() bool
func (*VaultClient) InspectIssuingTokenForConfig ¶
func (vc *VaultClient) InspectIssuingTokenForConfig() error
func (*VaultClient) NewWrappedVaultToken ¶
func (vc *VaultClient) NewWrappedVaultToken(policies []string) (*IntermediateToken, error)
func (*VaultClient) RevokeToken ¶
func (vc *VaultClient) RevokeToken(accessor string) error
func (*VaultClient) StartTokenRefresh ¶
func (vc *VaultClient) StartTokenRefresh() error
type VaultIntermediateTokenResponse ¶
type VaultIntermediateTokenResponse struct {
client.Resource
// EncryptedToken is the Vault Token RSA Encrypted with the hosts public key.
// This prevents replay attacks from another host.
EncryptedToken string `json:"encryptedToken"`
Accessor string `json:"accessor"`
}
func NewVaultTokenResponse ¶
func NewVaultTokenResponse(intermediateToken *IntermediateToken, pubKey string) (*VaultIntermediateTokenResponse, error)
NewVaultTokenResponse returns a VaultIntermedateTokenResponse object
type VaultTokenExpireInput ¶
type VaultTokenExpireInput struct {
client.Resource
Accessor string `json:"accessor"`
TimeStamp string `json:"timestamp"`
HostUUID string `json:"hostUUID"`
}
func (*VaultTokenExpireInput) GetTimeStamp ¶
func (vte *VaultTokenExpireInput) GetTimeStamp() (*time.Time, error)
func (*VaultTokenExpireInput) Prepare ¶
func (vte *VaultTokenExpireInput) Prepare() []byte
func (*VaultTokenExpireInput) SetTimeStamp ¶
func (vte *VaultTokenExpireInput) SetTimeStamp()
type VaultTokenInput ¶
type VaultTokenInput struct {
client.Resource
Policies string `json:"policies"`
HostUUID string `json:"hostUUID"`
TimeStamp string `json:"timestamp"`
VolumeName string `json:"volumeName"`
}
func (*VaultTokenInput) GetTimeStamp ¶
func (vti *VaultTokenInput) GetTimeStamp() (*time.Time, error)
func (*VaultTokenInput) Prepare ¶
func (vti *VaultTokenInput) Prepare() []byte
func (*VaultTokenInput) SetTimeStamp ¶
func (vti *VaultTokenInput) SetTimeStamp()
Source Files
Click to show internal directories.
Click to hide internal directories.