v1

package
v0.24.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 25, 2024 License: BSD-2-Clause Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	Memory  BackingStore       = "memory"
	File    BackingStore       = "file"
	Json    SecretFormat       = "json"
	Yaml    SecretFormat       = "yaml"
	Raw     SecretFormat       = "raw"
	Pending KeystoneInitStatus = "pending"
	Ready   KeystoneInitStatus = "ready"
)

Functions

This section is empty.

Types

type BackingStore 

type BackingStore string

type JsonTime 

type JsonTime time.Time

func (*JsonTime) MarshalJSON 

func (t *JsonTime) MarshalJSON() ([]byte, error)

func (*JsonTime) String added in v0.22.0 

func (t *JsonTime) String() string

func (*JsonTime) UnmarshalJSON added in v0.22.1 

func (t *JsonTime) UnmarshalJSON(data []byte) error

type KeystoneInitStatus added in v0.24.5 

type KeystoneInitStatus string

type Secret 

type Secret struct {
	Name         string   `json:"name"`
	Created      JsonTime `json:"created"`
	Updated      JsonTime `json:"updated"`
	NotBefore    JsonTime `json:"notBefore"`
	ExpiresAfter JsonTime `json:"expiresAfter"`
}

type SecretEncrypted added in v0.22.0 

type SecretEncrypted struct {
	Name           string   `json:"name"`
	EncryptedValue []string `json:"value"`
	Created        JsonTime `json:"created"`
	Updated        JsonTime `json:"updated"`
	NotBefore      JsonTime `json:"notBefore"`
	ExpiresAfter   JsonTime `json:"expiresAfter"`
}

type SecretFormat 

type SecretFormat string

type SecretMeta 

type SecretMeta struct {
	// Overrides Env.SafeBackingStoreType()
	BackingStore BackingStore `json:"storage"`
	// Defaults to "default"
	Namespaces []string `json:"namespaces"`
	// Go template used to transform the secret.
	// Sample secret:
	// '{"username":"admin","password":"VSecMRocks"}'
	// Sample template:
	// '{"USER":"{{.username}}", "PASS":"{{.password}}"}"
	Template string `json:"template"`
	// Defaults to None
	Format SecretFormat
	// For tracking purposes
	CorrelationId string `json:"correlationId"`
}

type SecretStored 

type SecretStored struct {
	// Name of the secret.
	Name string
	// Raw values. A secret can have multiple values. Sentinel returns
	// a single value if there is a single value in this array. Sentinel
	// will return an array of values if there are multiple values in the array.
	Values []string `json:"values"`
	// Transformed values. This value is the value that workloads see.
	//
	// Apply transformation (if needed) and then store the value in
	// one of the supported formats. If the format is json, ensure that
	// a valid JSON is stored here. If the format is yaml, ensure that
	// a valid YAML is stored here. If the format is none, then just
	// apply transformation (if needed) and do not do any validity check.
	ValueTransformed string `json:"valuesTransformed"`
	// Additional information that helps format and store the secret.
	Meta SecretMeta
	// Timestamps
	Created time.Time
	Updated time.Time
	// Invalid before this time.
	NotBefore time.Time `json:"notBefore"`
	// Invalid after this time.
	ExpiresAfter time.Time `json:"expiresAfter"`
}

func (SecretStored) Parse 

func (secret SecretStored) Parse() (string, error)

Parse takes a data.SecretStored type as input and returns the parsed string or an error.

It parses all the `.Values` of the secret, and for each value tries to apply a template transformation.

Here is how the template transformation is applied:

  1. Compute parsedString: If the Meta.Template field is empty, then parsedString is the original value. Otherwise, parsedString is the result of applying the template transformation to the original value.

2. Compute the output string:

  • If the Meta.Format field is Json, then the output string is parsedString if parsedString is a valid JSON, otherwise it's the original value.
  • If the Meta.Format field is Yaml, then the output string is the result of transforming parsedString into Yaml if parsedString is a valid JSON, otherwise it's parsedString.
  • If the Meta.Format field is Raw, then the output string is simply the parsedString, without any specific format checks or transformations.

func (SecretStored) ToMap 

func (secret SecretStored) ToMap() map[string]any

ToMap converts the SecretStored struct to a map[string]any. The resulting map contains the following key-value pairs: 

"Name": the Name field of the SecretStored struct
"Values": the Values field of the SecretStored struct
"Created": the Created field of the SecretStored struct
"Updated": the Updated field of the SecretStored struct

func (SecretStored) ToMapForK8s 

func (secret SecretStored) ToMapForK8s() map[string][]byte

ToMapForK8s returns a map that can be used to create a Kubernetes secret.

  1. If there is no template, attempt to unmarshal the secret'ss value into a map. If that fails, store the secret's value under the "VALUE" key.
  2. If there is a template, attempt to parse it. If parsing is successful, create a new map with the parsed data. If parsing fails, follow the same logic as in case 1, attempting to unmarshal the secret's value into a map, and if that fails, storing the secret's value under the "VALUE" key.

type SecretStringTime added in v0.22.0 

type SecretStringTime struct {
	Name           string   `json:"name"`
	EncryptedValue []string `json:"value"`
	Created        string   `json:"created"`
	Updated        string   `json:"updated"`
	NotBefore      JsonTime `json:"notBefore"`
	ExpiresAfter   JsonTime `json:"expiresAfter"`
}

type SentinelCommand added in v0.22.3 

type SentinelCommand struct {
	WorkloadIds        []string
	Namespaces         []string
	Secret             string
	Template           string
	DeleteSecret       bool
	AppendSecret       bool
	BackingStore       string
	Format             string
	Encrypt            bool
	NotBefore          string
	Expires            string
	SerializedRootKeys string
	ShouldSleep        bool
	SleepIntervalMs    int
}

type VSecMInternalCommand added in v0.23.2 

type VSecMInternalCommand struct {
	LogLevel int `json:"logLevel"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.