secrets

package

v0.4.0 Latest Latest Go to latest Published: Dec 14, 2024 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/smartcontractkit/chainlink-common

Documentation ¶

Index ¶

func ContainsP2pId(p2pId [32]byte, p2pIds [][32]byte) bool
func DecryptSecretsForNode(result EncryptedSecretsResult, key X25519Key, workflowOwner string) (map[string]string, error)
func EncryptSecretsForNodes(workflowOwner string, secrets map[string][]string, ...) (map[string]string, map[string][]AssignedSecrets, error)
func ValidateEncryptedSecrets(secretsData []byte, encryptionPublicKeys map[string][32]byte, ...) error
type AssignedSecrets
type EncryptedSecretsResult
type Metadata
type SecretPayloadToEncrypt
type SecretsConfig
type X25519Key

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ContainsP2pId ¶

func ContainsP2pId(p2pId [32]byte, p2pIds [][32]byte) bool

func DecryptSecretsForNode ¶

func DecryptSecretsForNode(
	result EncryptedSecretsResult,
	key X25519Key,
	workflowOwner string,
) (map[string]string, error)

func EncryptSecretsForNodes ¶

func EncryptSecretsForNodes(
	workflowOwner string,
	secrets map[string][]string,
	encryptionPublicKeys map[string][32]byte,
	config SecretsConfig,
) (map[string]string, map[string][]AssignedSecrets, error)

func ValidateEncryptedSecrets ¶

func ValidateEncryptedSecrets(secretsData []byte, encryptionPublicKeys map[string][32]byte, workflowOwner string) error

Types ¶

type AssignedSecrets ¶

type AssignedSecrets struct {
	WorkflowSecretName string `json:"workflowSecretName"`
	LocalEnvVarName    string `json:"localEnvVarName"`
}

this holds the mapping of secret name (e.g. API_KEY) to the local environment variable name which points to the raw secret

type EncryptedSecretsResult ¶

type EncryptedSecretsResult struct {
	EncryptedSecrets map[string]string `json:"encryptedSecrets"`
	Metadata         Metadata          `json:"metadata"`
}

this is the result of the encryption, will be used by the DON

type Metadata ¶

type Metadata struct {
	WorkflowOwner            string                       `json:"workflowOwner"`
	CapabilitiesRegistry     string                       `json:"capabilitiesRegistry"`
	DonId                    string                       `json:"donId"`
	DateEncrypted            string                       `json:"dateEncrypted"`
	NodePublicEncryptionKeys map[string]string            `json:"nodePublicEncryptionKeys"`
	EnvVarsAssignedToNodes   map[string][]AssignedSecrets `json:"envVarsAssignedToNodes"`
}

this is the metadata that will be stored in the encrypted secrets file

type SecretPayloadToEncrypt ¶

type SecretPayloadToEncrypt struct {
	WorkflowOwner string            `json:"workflowOwner"`
	Secrets       map[string]string `json:"secrets"`
}

this is the payload that will be encrypted

type SecretsConfig ¶

type SecretsConfig struct {
	SecretsNames map[string][]string `yaml:"secretsNames"`
}

this matches the secrets config file by the users, see the secretsConfig.yaml file

type X25519Key ¶

type X25519Key interface {
	Decrypt(box []byte) ([]byte, error)
	PublicKey() [32]byte
	PublicKeyString() string
}

Source Files ¶

View all Source files

secrets.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL