secretstorage

package

v0.2023.21 Latest Latest Go to latest Published: May 22, 2023 License: Apache-2.0 Imports: 10 Imported by: 2

Documentation ¶

Index ¶

Variables
func DeserializeJSON[D any](data []byte, obj *D) error
func SerializeJSON[D any](obj *D) ([]byte, error)
type DefaultTypedSecretStorage
type NotifyingSecretStorage
type SecretID
- func ObjectToID[O client.Object](obj O) (*SecretID, error)
- func (s SecretID) String() string
type SecretStorage
type TestSecretStorage
type TypedSecretStorage

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrNoUid = errors.New("kubernetes object does not have UID")

View Source

var NotFoundError = errors.New("not found")

Functions ¶

func DeserializeJSON ¶

func DeserializeJSON[D any](data []byte, obj *D) error

DeserializeJSON is a thin wrapper around Unmarshal function of encoding/json.

func SerializeJSON ¶

func SerializeJSON[D any](obj *D) ([]byte, error)

SerializeJSON is a thin wrapper around Marshal function of encoding/json.

Types ¶

type DefaultTypedSecretStorage ¶

type DefaultTypedSecretStorage[ID any, D any] struct {
	// DataTypeName is the human-readable name of the data type that is being stored. This is used
	// in error messages.
	DataTypeName string

	// SecretStorage is the underlying secret storage used for the actual operations against the persistent
	// storage. This must be initialized explicitly before it is used in this token storage instance.
	SecretStorage SecretStorage

	// ToID is a function that converts the strongly typed ID to the generic SecretID used by the SecretStorage.
	ToID func(*ID) (*SecretID, error)

	// Serialize is a function to convert the strongly type data into a byte array. You can use
	// for example the SerializeJSON function.
	Serialize func(*D) ([]byte, error)

	// Deserialize is a function to convert the byte array back to the strongly type data. You can use
	// for example the DeserializeJSON function.
	Deserialize func([]byte, *D) error
}

DefaultTypedSecretStorage is the default implementation of the TypedSecretStorage interface that uses the provided functions to convert between the id and data types to SecretID and []byte respectively.

func (*DefaultTypedSecretStorage[ID, D]) Delete ¶

func (s *DefaultTypedSecretStorage[ID, D]) Delete(ctx context.Context, id *ID) error

Delete implements TypedSecretStorage

func (*DefaultTypedSecretStorage[ID, D]) Get ¶

func (s *DefaultTypedSecretStorage[ID, D]) Get(ctx context.Context, id *ID) (*D, error)

Get implements TypedSecretStorage

func (*DefaultTypedSecretStorage[ID, D]) Initialize ¶

func (s *DefaultTypedSecretStorage[ID, D]) Initialize(ctx context.Context) error

Initialize implements TypedSecretStorage. It is a noop.

func (*DefaultTypedSecretStorage[ID, D]) Store ¶

func (s *DefaultTypedSecretStorage[ID, D]) Store(ctx context.Context, id *ID, data *D) error

Store implements TypedSecretStorage

type NotifyingSecretStorage ¶

type NotifyingSecretStorage struct {
	ClientFactory kubernetesclient.K8sClientFactory
	SecretStorage SecretStorage
	Group         string
	Kind          string
}

This is a wrapper around the provided SecretStorage that creates the SPIAccessTokenDataUpdate objects on data modifications. The supplied secret storage must be initialized explicitly before it can be used by this storage.

func (*NotifyingSecretStorage) Delete ¶

func (s *NotifyingSecretStorage) Delete(ctx context.Context, id SecretID) error

Delete implements SecretStorage

func (*NotifyingSecretStorage) Get ¶

func (s *NotifyingSecretStorage) Get(ctx context.Context, id SecretID) ([]byte, error)

Get implements SecretStorage

func (*NotifyingSecretStorage) Initialize ¶

func (s *NotifyingSecretStorage) Initialize(ctx context.Context) error

Initialize implements SecretStorage. It is a noop.

func (*NotifyingSecretStorage) Store ¶

func (s *NotifyingSecretStorage) Store(ctx context.Context, id SecretID, data []byte) error

Store implements SecretStorage

type SecretID ¶

type SecretID struct {
	Uid       types.UID
	Name      string
	Namespace string
}

SecretID is a generic identifier of the secret that we store data of. While it very much resembles the Kubernetes client's ObjectKey, we keep it as a separate struct to be more explicit and forward-compatible should any changes to this struct arise in the future.

func ObjectToID ¶

func ObjectToID[O client.Object](obj O) (*SecretID, error)

ObjectToID converts given Kubernetes object to SecretID based on the name and namespace.

func (SecretID) String ¶

func (s SecretID) String() string

String returns the string representation of the SecretID.

type SecretStorage ¶

type SecretStorage interface {
	// Initialize initializes the connection to the underlying data store, etc.
	Initialize(ctx context.Context) error
	// Store stores the provided data under given id
	Store(ctx context.Context, id SecretID, data []byte) error
	// Get retrieves the data under the given id. A NotFoundError is returned if the data is not found.
	Get(ctx context.Context, id SecretID) ([]byte, error)
	// Delete deletes the data of given id. A NotFoundError is returned if there is no such data.
	Delete(ctx context.Context, id SecretID) error
}

SecretStorage is a generic storage mechanism for storing secret data keyed by the SecretID.

type TestSecretStorage ¶

type TestSecretStorage struct {
	InitializeImpl func(context.Context) error
	StoreImpl      func(ctx context.Context, key SecretID, data []byte) error
	GetImpl        func(ctx context.Context, key SecretID) ([]byte, error)
	DeleteImpl     func(ctx context.Context, key SecretID) error
}

func (TestSecretStorage) Delete ¶

func (t TestSecretStorage) Delete(ctx context.Context, key SecretID) error

func (TestSecretStorage) Get ¶

func (t TestSecretStorage) Get(ctx context.Context, key SecretID) ([]byte, error)

func (TestSecretStorage) Initialize ¶

func (t TestSecretStorage) Initialize(ctx context.Context) error

func (TestSecretStorage) Store ¶

func (t TestSecretStorage) Store(ctx context.Context, key SecretID, data []byte) error

type TypedSecretStorage ¶

type TypedSecretStorage[ID any, D any] interface {
	// Initialize initializes the connection to the underlying data store, etc.
	Initialize(ctx context.Context) error
	// Store stores the provided data under given id
	Store(ctx context.Context, id *ID, data *D) error
	// Get retrieves the data under the given id. A NotFoundError is returned if the data is not found.
	Get(ctx context.Context, id *ID) (*D, error)
	// Delete deletes the data of given id. A NotFoundError is returned if there is no such data.
	Delete(ctx context.Context, id *ID) error
}

TypedSecretStorage is a generic "companion" to the "raw" SecretStorage interface which uses strongly typed arguments instead of the generic SecretID and []byte.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
awsstorage
awscli
memorystorage
vaultstorage
vaultcli

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL