vault

package
v0.0.30 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 16, 2017 License: MIT Imports: 24 Imported by: 6

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecodeErrorResponse added in v0.0.22

func DecodeErrorResponse(body []byte) error

func IsNotFound added in v0.0.26

func IsNotFound(err error) bool

IsNotFound returns true if the given error is a SecretNotFound error

or a KeyNotFound error. Returns false otherwise.

func NewKeyNotFoundError added in v0.0.26

func NewKeyNotFoundError(path, key string) error

NewKeyNotFoundError returns an error object describing the key that could not be located within the secret it was searched for in. Returning a KeyNotFound error should semantically mean that the secret it would've been contained in was located in the vault.

func NewSecretNotFoundError added in v0.0.26

func NewSecretNotFoundError(path string) error

NewSecretNotFoundError returns an error with a message descibing the path which could not be found in the secret backend.

func ParsePath added in v0.0.26

func ParsePath(path string) (secret, key string)

ParsePath splits the given path string into its respective secret path

and contained key parts

Types

type CertOptions added in v0.0.22

type CertOptions struct {
	CN                string `json:"common_name"`
	TTL               string `json:"ttl,omitempty"`
	AltNames          string `json:"alt_names,omitempty"`
	IPSans            string `json:"ip_sans,omitempty"`
	ExcludeCNFromSans bool   `json:"exclude_cn_from_sans,omitempty"`
}

type Secret

type Secret struct {
	// contains filtered or unexported fields
}

A Secret contains a set of key/value pairs that store anything you want, including passwords, RSAKey keys, usernames, etc.

func NewSecret

func NewSecret() *Secret

func (*Secret) DHParam added in v0.0.23

func (s *Secret) DHParam(length int) error

func (*Secret) Format added in v0.0.14

func (s *Secret) Format(oldKey, newKey, fmtType string) error

func (*Secret) Get

func (s *Secret) Get(key string) string

Get retrieves the value of the given key, or "" if no such key exists.

func (*Secret) Has

func (s *Secret) Has(key string) bool

Has returns true if the Secret has defined the given key.

func (*Secret) JSON

func (s *Secret) JSON() string

JSON converts a Secret to its JSON representation and returns it as a string. Returns an empty string if there were any errors.

func (Secret) MarshalJSON added in v0.0.3

func (s Secret) MarshalJSON() ([]byte, error)

func (*Secret) Password

func (s *Secret) Password(key string, length int, policy string)

Password creates and stores a new randomized password.

func (*Secret) RSAKey

func (s *Secret) RSAKey(bits int) error

RSAKey generates a new public/private keypair, and stores it in the secret, under the 'public' and 'private' keys.

func (*Secret) SSHKey

func (s *Secret) SSHKey(bits int) error

SSHKey generates a new public/private keypair, and stores it in the secret, under the 'public' and 'private' keys.

func (*Secret) Set

func (s *Secret) Set(key, value string)

Set stores a value in the Secret, under the given key.

func (*Secret) SingleValue added in v0.0.26

func (s *Secret) SingleValue() (string, error)

SingleValue converts a secret to a string representing the value extracted. Returns an error if there are not exactly one results in the secret object

func (*Secret) UnmarshalJSON added in v0.0.3

func (s *Secret) UnmarshalJSON(b []byte) error

func (*Secret) YAML

func (s *Secret) YAML() string

YAML converts a Secret to its YAML representation and returns it as a string. Returns an empty string if there were any errors.

type TreeOptions added in v0.0.26

type TreeOptions struct {
	UseANSI    bool /* Use ANSI colorizing sequences */
	HideLeaves bool /* Hide leaf nodes of the tree (actual secrets) */
}

type Vault

type Vault struct {
	URL    string
	Token  string
	Client *http.Client
}

A Vault represents a means for interacting with a remote Vault instance (unsealed and pre-authenticated) to read and write secrets.

func NewVault

func NewVault(url, token string) (*Vault, error)

NewVault creates a new Vault object. If an empty token is specified, the current user's token is read from ~/.vault-token.

func (*Vault) Configure added in v0.0.26

func (v *Vault) Configure(path string, params map[string]string) error

func (*Vault) Copy

func (v *Vault) Copy(oldpath, newpath string) error

Copy copies secrets from one path to another.

func (*Vault) CreateSignedCertificate added in v0.0.22

func (v *Vault) CreateSignedCertificate(role, path string, params CertOptions) error

func (*Vault) Curl added in v0.0.22

func (v *Vault) Curl(method string, path string, body []byte) (*http.Response, error)

func (*Vault) Delete

func (v *Vault) Delete(path string) error

Delete removes the secret stored at the specified path.

func (*Vault) DeleteTree added in v0.0.21

func (v *Vault) DeleteTree(root string) error

func (*Vault) IsMounted added in v0.0.26

func (v *Vault) IsMounted(typ, path string) (bool, error)

func (*Vault) List added in v0.0.3

func (v *Vault) List(path string) (paths []string, err error)

List returns the set of (relative) paths that are directly underneath the given path. Intermediate path nodes are suffixed with a single "/", whereas leaf nodes (the secrets themselves) are not.

func (*Vault) Mount added in v0.0.26

func (v *Vault) Mount(typ, path string, params map[string]interface{}) error

func (*Vault) Move

func (v *Vault) Move(oldpath, newpath string) error

Move moves secrets from one path to another.

func (*Vault) MoveCopyTree added in v0.0.21

func (v *Vault) MoveCopyTree(oldRoot, newRoot string, f func(string, string) error) error

func (*Vault) Read

func (v *Vault) Read(path string) (secret *Secret, err error)

Read checks the Vault for a Secret at the specified path, and returns it. If there is nothing at that path, a nil *Secret will be returned, with no error.

func (*Vault) RetrievePem added in v0.0.22

func (v *Vault) RetrievePem(path string) ([]byte, error)

func (*Vault) RevokeCertificate added in v0.0.22

func (v *Vault) RevokeCertificate(serial string) error

func (*Vault) Seal added in v0.0.28

func (v *Vault) Seal() (bool, error)

func (*Vault) SealKeys added in v0.0.28

func (v *Vault) SealKeys() (int, error)

func (*Vault) Strongbox added in v0.0.28

func (v *Vault) Strongbox() (map[string]string, error)

func (*Vault) Tree added in v0.0.3

func (v *Vault) Tree(path string, options TreeOptions) (tree.Node, error)

Tree returns a tree that represents the hierarchy of paths contained below the given path, inside of the Vault.

func (*Vault) Unseal added in v0.0.28

func (v *Vault) Unseal(keys []string) error

func (*Vault) Write

func (v *Vault) Write(path string, s *Secret) error

Write takes a Secret and writes it to the Vault at the specified path.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL