vault

package

v0.0.22 Latest Latest Go to latest Published: Aug 11, 2016 License: MIT Imports: 22 Imported by: 6

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/starkandwayne/safe

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func DecodeErrorResponse(body []byte) error
type CertOptions
type Node
type Secret
- func NewSecret() *Secret
type Vault
- func NewVault(url, token string) (*Vault, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var NotFound error

Functions ¶

func DecodeErrorResponse ¶ added in v0.0.22

func DecodeErrorResponse(body []byte) error

Types ¶

type CertOptions ¶ added in v0.0.22

type CertOptions struct {
	CN                string `json:"common_name"`
	TTL               string `json:"ttl,omitempty"`
	AltNames          string `json:"alt_names,omitempty"`
	IPSans            string `json:"ip_sans,omitempty"`
	ExcludeCNFromSans bool   `json:"exclude_cn_from_sans,omitempty"`
}

type Node ¶ added in v0.0.3

type Node struct {
	Path     string
	Children []Node
}

type Secret ¶

type Secret struct {
	// contains filtered or unexported fields
}

A Secret contains a set of key/value pairs that store anything you want, including passwords, RSAKey keys, usernames, etc.

func NewSecret ¶

func NewSecret() *Secret

func (*Secret) Format ¶ added in v0.0.14

func (s *Secret) Format(oldKey, newKey, fmtType string) error

func (*Secret) Get ¶

func (s *Secret) Get(key string) string

Get retrieves the value of the given key, or "" if no such key exists.

func (*Secret) Has ¶

func (s *Secret) Has(key string) bool

Has returns true if the Secret has defined the given key.

func (*Secret) JSON ¶

func (s *Secret) JSON() string

JSON converts a Secret to its JSON representation and returns it as a string. Returns an empty string if there were any errors.

func (Secret) MarshalJSON ¶ added in v0.0.3

func (s Secret) MarshalJSON() ([]byte, error)

func (*Secret) Password ¶

func (s *Secret) Password(key string, length int)

Password creates and stores a new randomized password.

func (*Secret) RSAKey ¶

func (s *Secret) RSAKey(bits int) error

RSAKey generates a new public/private keypair, and stores it in the secret, under the 'public' and 'private' keys.

func (*Secret) SSHKey ¶

func (s *Secret) SSHKey(bits int) error

SSHKey generates a new public/private keypair, and stores it in the secret, under the 'public' and 'private' keys.

func (*Secret) Set ¶

func (s *Secret) Set(key, value string)

Set stores a value in the Secret, under the given key.

func (*Secret) UnmarshalJSON ¶ added in v0.0.3

func (s *Secret) UnmarshalJSON(b []byte) error

func (*Secret) YAML ¶

func (s *Secret) YAML() string

YAML converts a Secret to its YAML representation and returns it as a string. Returns an empty string if there were any errors.

type Vault ¶

type Vault struct {
	URL    string
	Token  string
	Client *http.Client
}

A Vault represents a means for interacting with a remote Vault instance (unsealed and pre-authenticated) to read and write secrets.

func NewVault ¶

func NewVault(url, token string) (*Vault, error)

NewVault creates a new Vault object. If an empty token is specified, the current user's token is read from ~/.vault-token.

func (*Vault) Copy ¶

func (v *Vault) Copy(oldpath, newpath string) error

Copy copies secrets from one path to another.

func (*Vault) CreateSignedCertificate ¶ added in v0.0.22

func (v *Vault) CreateSignedCertificate(role, path string, params CertOptions) error

func (*Vault) Curl ¶ added in v0.0.22

func (v *Vault) Curl(method string, path string, body []byte) (*http.Response, error)

func (*Vault) Delete ¶

func (v *Vault) Delete(path string) error

Delete removes the secret stored at the specified path.

func (*Vault) DeleteTree ¶ added in v0.0.21

func (v *Vault) DeleteTree(root string) error

func (*Vault) List ¶ added in v0.0.3

func (v *Vault) List(path string) (paths []string, err error)

List returns the set of (relative) paths that are directly underneath the given path. Intermediate path nodes are suffixed with a single "/", whereas leaf nodes (the secrets themselves) are not.

func (*Vault) Move ¶

func (v *Vault) Move(oldpath, newpath string) error

Move moves secrets from one path to another.

func (*Vault) MoveCopyTree ¶ added in v0.0.21

func (v *Vault) MoveCopyTree(oldRoot, newRoot string, f func(string, string) error) error

func (*Vault) Read ¶

func (v *Vault) Read(path string) (secret *Secret, err error)

Read checks the Vault for a Secret at the specified path, and returns it. If there is nothing at that path, a nil *Secret will be returned, with no error.

func (*Vault) RetrievePem ¶ added in v0.0.22

func (v *Vault) RetrievePem(path string) ([]byte, error)

func (*Vault) RevokeCertificate ¶ added in v0.0.22

func (v *Vault) RevokeCertificate(serial string) error

func (*Vault) Tree ¶ added in v0.0.3

func (v *Vault) Tree(path string, ansify bool) (tree.Node, error)

Tree returns a tree that represents the hierarhcy of paths contained below the given path, inside of the Vault.

func (*Vault) Write ¶

func (v *Vault) Write(path string, s *Secret) error

Write takes a Secret and writes it to the Vault at the specified path.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL