secrets

package

v1.0.0 Latest Latest Go to latest Published: Jan 5, 2024 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/trisacrypto/courier

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type GRPCSecretClient
type GoogleSecrets
type SecretManagerClient
- func NewClient(conf config.GCPSecretsConfig, opts ...SecretsOption) (_ SecretManagerClient, err error)
type SecretsOption
- func WithGRPCClient(client GRPCSecretClient) SecretsOption

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrSecretNotFound    = errors.New("secret not found")
	ErrPayloadTooLarge   = errors.New("secret payload too large")
	ErrPermissionsDenied = errors.New("secret access denied")
)

Functions ¶

This section is empty.

Types ¶

type GRPCSecretClient ¶

type GRPCSecretClient interface {
	CreateSecret(context.Context, *secretmanagerpb.CreateSecretRequest, ...gax.CallOption) (*secretmanagerpb.Secret, error)
	GetSecretVersion(context.Context, *secretmanagerpb.GetSecretVersionRequest, ...gax.CallOption) (*secretmanagerpb.SecretVersion, error)
	AddSecretVersion(context.Context, *secretmanagerpb.AddSecretVersionRequest, ...gax.CallOption) (*secretmanagerpb.SecretVersion, error)
	AccessSecretVersion(context.Context, *secretmanagerpb.AccessSecretVersionRequest, ...gax.CallOption) (*secretmanagerpb.AccessSecretVersionResponse, error)
	DeleteSecret(context.Context, *secretmanagerpb.DeleteSecretRequest, ...gax.CallOption) error
}

gRPCSecretClient describes a lower level interface in order to mock the google secret manager client.

type GoogleSecrets ¶

type GoogleSecrets struct {
	// contains filtered or unexported fields
}

GoogleSecrets implements the secret manager interface.

func (*GoogleSecrets) AddSecretVersion ¶

func (s *GoogleSecrets) AddSecretVersion(ctx context.Context, name string, payload []byte) (err error)

AddSecretVersion adds a new secret version to the given secret and the provided payload. Returns an error if one occurs. Note: to add a secret version, the secret must first be created using CreateSecret.

func (*GoogleSecrets) CreateSecret ¶

func (s *GoogleSecrets) CreateSecret(ctx context.Context, name string) (err error)

CreateSecret creates a new secret in the child directory of the parent. Does not return an error if the secret already exists.

func (*GoogleSecrets) DeleteSecret ¶

func (s *GoogleSecrets) DeleteSecret(ctx context.Context, secret string) error

DeleteSecret deletes the secret with the given the name, and all of its versions. Note: this is an irreversible operation. Any service or workload that attempts to access a deleted secret receives a Not Found error.

func (*GoogleSecrets) GetLatestVersion ¶

func (s *GoogleSecrets) GetLatestVersion(ctx context.Context, name string) (_ []byte, err error)

GetLatestVersion returns the payload for the latest version of the given secret, if one exists, else an error.

type SecretManagerClient ¶

type SecretManagerClient interface {
	GetLatestVersion(ctx context.Context, name string) ([]byte, error)
	CreateSecret(ctx context.Context, name string) error
	AddSecretVersion(ctx context.Context, name string, payload []byte) error
	DeleteSecret(ctx context.Context, name string) error
}

SecretManagerClient describes a high level interface for secret manager clients to enable mocking.

func NewClient ¶

func NewClient(conf config.GCPSecretsConfig, opts ...SecretsOption) (_ SecretManagerClient, err error)

NewClient creates a secret manager client from the configuration.

type SecretsOption ¶

type SecretsOption func(s *GoogleSecrets) error

SecretsOption allows us to configure the secrets client when it is created.

func WithGRPCClient ¶

func WithGRPCClient(client GRPCSecretClient) SecretsOption

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mock

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL