Documentation
¶
Index ¶
- Constants
- Variables
- func AllSecrets(cid string) []entity.Secret
- func AllSecretsEncrypted(cid string) []entity.SecretEncrypted
- func DecryptValue(value string) (string, error)
- func DeleteSecret(secretToDelete entity.SecretStored)
- func EncryptValue(value string) (string, error)
- func Initialize()
- func ReadSecret(cid string, key string) (*entity.SecretStored, error)
- func RootKeySet() bool
- func RootKeyTriplet() (string, string, string)
- func SetRootKey(k string)
- func UpsertSecret(secretStored entity.SecretStored, appendValue bool)
Constants ¶
const BlankRootKeyValue = "{}"
Variables ¶
var RootKey = ""
RootKey is the key used for encryption, decryption, backup, and restore.
var RootKeyLock sync.RWMutex
Functions ¶
func AllSecrets ¶
AllSecrets returns a slice of entity.Secret containing all secrets currently stored. If no secrets are found, an empty slice is returned.
func AllSecretsEncrypted ¶ added in v0.22.0
func AllSecretsEncrypted(cid string) []entity.SecretEncrypted
AllSecretsEncrypted returns a slice of entity.SecretEncrypted containing all secrets currently stored. If no secrets are found, an empty slice is returned.
func DecryptValue ¶
DecryptValue takes a base64-encoded and encrypted string value and returns the original, decrypted string. If the decryption process encounters any error, it will return an empty string and the corresponding error.
func DeleteSecret ¶
func DeleteSecret(secretToDelete entity.SecretStored)
DeleteSecret orchestrates the deletion of a specified secret from both the application's internal cache and its persisted storage locations, which may include local filesystem and Kubernetes secrets. The deletion process is contingent upon the secret's metadata, specifically its backing store and whether it is used as a Kubernetes secret.
Parameters:
- secretToDelete (entity.SecretStored): The secret entity marked for deletion, containing necessary metadata such as the name of the secret, its correlation ID for logging, and metadata specifying where and how the secret is stored.
func EncryptValue ¶
EncryptValue takes a string value and returns an encrypted and base64-encoded representation of the input value. If the encryption process encounters any error, it will return an empty string and the corresponding error.
func Initialize ¶
func Initialize()
Initialize starts two goroutines: one to process the secret queue and another to process the Kubernetes secret queue. These goroutines are responsible for handling queued secrets and persisting them to disk.
func ReadSecret ¶
func ReadSecret(cid string, key string) (*entity.SecretStored, error)
ReadSecret takes a key string and returns a pointer to an entity.SecretStored object if the secret exists in the in-memory store. If the secret is not found in memory, it attempts to read it from disk, store it in memory, and return it. If the secret is not found on disk, it returns nil.
func RootKeySet ¶ added in v0.22.5
func RootKeySet() bool
RootKeySet returns true if the root key has been set.
func RootKeyTriplet ¶ added in v0.23.2
RootKeyTriplet splits the RootKey into three components, if it is properly formatted.
The function returns a triplet of strings representing the parts of the RootKey, separated by newlines. If the RootKey is empty or does not contain exactly three parts, the function returns three empty strings.
func SetRootKey ¶ added in v0.22.5
func SetRootKey(k string)
SetRootKey sets the age key to be used for encryption and decryption.
func UpsertSecret ¶
func UpsertSecret(secretStored entity.SecretStored, appendValue bool)
UpsertSecret takes an entity.SecretStored object and inserts it into the in-memory store if it doesn't exist, or updates it if it does. It also handles updating the backing store and Kubernetes secrets if necessary. If appendValue is true, the new value will be appended to the existing values, otherwise it will replace the existing values.
Types ¶
This section is empty.
Source Files
Directories