safe

package

v0.28.0 Latest Latest Go to latest Published: Oct 16, 2024 License: BSD-2-Clause Imports: 19 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/vmware-tanzu/secrets-manager

Links

Open Source Insights

Documentation ¶

Index ¶

func Get(ctx context.Context, r *http.Request, showEncryptedSecrets bool) (string, error)
func Post(parentContext context.Context, r *http.Request, sc data.SentinelCommand) (string, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Get ¶

func Get(
	ctx context.Context, r *http.Request, showEncryptedSecrets bool,
) (string, error)

Get fetches secrets from the VSecM Safe API, optionally including encrypted secrets in the response. This function constructs a secure client and makes a GET request to the API based on the input parameters. The response is then returned as a string, or an error is generated if the process fails at any step.

Parameters:

ctx: a context.Context that must contain a 'correlationId' used for logging.
r: the *http.Request containing the original HTTP request details. Headers from this request may be propagated to the API request.
showEncryptedSecrets: a boolean indicating whether to retrieve encrypted secrets.

Returns:

A string containing the API response if the request is successful.
An error detailing what went wrong during the operation if unsuccessful.

Usage:

response, err := secrets.Get(ctx, req, true)
if err != nil {
    log.Println("Error fetching secrets:", err)
} else {
    log.Println("Fetched secrets:", response)
}

func Post ¶

func Post(
	parentContext context.Context, r *http.Request, sc data.SentinelCommand,
) (string, error)

Post handles the HTTP POST request for secret management using the provided SentinelCommand.

This function performs the following steps:

Creates a context with a timeout based on the parent context and environment settings.
Acquires a workload source and proceeds only if the source acquisition is successful.
Depending on the SentinelCommand, it either posts new secrets or deletes existing ones.

Parameters:

parentContext: The parent context for the request, used for tracing and cancellation.
r: The HTTP request being processed.
sc: The SentinelCommand containing details for the secret management operation.

Returns:

A string representing the response body or an error if the operation fails.

Example usage:

parentContext := context.Background()
r, _ := http.NewRequest("POST", "http://example.com", nil)
sc := data.SentinelCommand{
    WorkloadIds:        []string{"workload1"},
    Secret:             "my-secret",
    Namespaces:         []string{"namespace1"},
    SerializedRootKeys: "key1\nkey2\nkey3",
}
response, err := Post(parentContext, r, sc)
if err != nil {
    log.Fatal(err)
}
fmt.Println(response)

Error Handling:

If the context times out or is canceled, it logs the error and returns an appropriate message.
If there is an error during source acquisition, secret generation, or payload processing, it returns an error with details.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL