Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BackingStore ¶
type BackingStore string
var File BackingStore = "file"
var Memory BackingStore = "memory"
type JsonTime ¶
func (JsonTime) MarshalJSON ¶
type SecretFormat ¶
type SecretFormat string
var Json SecretFormat = "json"
var Yaml SecretFormat = "yaml"
type SecretMeta ¶
type SecretMeta struct {
// Overrides Env.SafeUseKubernetesSecrets()
UseKubernetesSecret bool `json:"k8s"`
// Overrides Env.SafeBackingStoreType()
BackingStore BackingStore `json:"storage"`
// Defaults to "default"
Namespace string `json:"namespace"`
// Go template used to transform the secret.
// Sample secret:
// '{"username":"admin","password":"AegisRocks"}'
// Sample template:
// '{"USER":"{{.username}}", "PASS":"{{.password}}"}"
Template string `json:"template"`
// Defaults to None
Format SecretFormat
// For tracking purposes
CorrelationId string `json:"correlationId"`
}
type SecretStored ¶
type SecretStored struct {
// Name of the secret.
Name string
// Raw values. A secret can have multiple values. Sentinel returns
// a single value if there is a single value in this array. Sentinel
// will return an array of values if there are multiple values in the array.
Values []string `json:"values"`
// Transformed values. This value is the value that workloads see.
//
// Apply transformation (if needed) and then store the value in
// one of the supported formats. If the format is json, ensure that
// a valid JSON is stored here. If the format is yaml, ensure that
// a valid YAML is stored here. If the format is none, then just
// apply transformation (if needed) and do not do any validity check.
ValueTransformed string `json:"valuesTransformed"`
// Additional information that helps formatting and storing the secret.
Meta SecretMeta
// Timestamps
Created time.Time
Updated time.Time
}
func (SecretStored) Parse ¶ added in v0.15.7
func (secret SecretStored) Parse() (string, error)
Parse takes a data.SecretStored type as input and returns the parsed string or an error.
It parses all the `.Values` of the secret, and for each value tries to apply a template transformation.
Here is how the template transformation is applied:
- Compute parsedString: If the Meta.Template field is empty, then parsedString is the original value. Otherwise, parsedString is the result of applying the template transformation to the original value.
2. Compute the output string:
- If the Meta.Format field is Json, then the output string is parsedString if parsedString is a valid JSON, otherwise it’s the original value.
- If the Meta.Format field is Yaml, then the output string is the result of transforming parsedString into Yaml if parsedString is a valid JSON, otherwise it’s parsedString.
func (SecretStored) ToMap ¶ added in v0.15.7
func (secret SecretStored) ToMap() map[string]any
ToMap converts the SecretStored struct to a map[string]any. The resulting map contains the following key-value pairs:
"Name": the Name field of the SecretStored struct "Values": the Values field of the SecretStored struct "Created": the Created field of the SecretStored struct "Updated": the Updated field of the SecretStored struct
func (SecretStored) ToMapForK8s ¶ added in v0.15.7
func (secret SecretStored) ToMapForK8s() map[string][]byte
ToMapForK8s returns a map that can be used to create a Kubernetes secret.
- If there is no template, attempt to unmarshal the secret’ss value into a map. If that fails, store the secret’s value under the "VALUE" key.
- If there is a template, attempt to parse it. If parsing is successful, create a new map with the parsed data. If parsing fails, follow the same logic as in case 1, attempting to unmarshal the secret’s value into a map, and if that fails, storing the secret’s value under the "VALUE" key.
Source Files
Click to show internal directories.
Click to hide internal directories.