credentials

package
v0.147.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 23, 2023 License: Apache-2.0 Imports: 12 Imported by: 6

Documentation

Index

Constants

View Source
const (
	// EksctlGlobalEnableCachingEnvName defines an environment property to enable the cache globally.
	EksctlGlobalEnableCachingEnvName = "EKSCTL_ENABLE_CREDENTIAL_CACHE"
	// EksctlCacheFilenameEnvName defines an environment property to configure where the cache file should live.
	EksctlCacheFilenameEnvName = "EKSCTL_CREDENTIAL_CACHE_FILENAME"
)

Variables

This section is empty.

Functions

func GetCacheFilePath added in v0.90.0

func GetCacheFilePath() (string, error)

GetCacheFilePath gets the filename to use for caching credentials.

Types

type Clock

type Clock interface {
	Now() time.Time
}

Clock implements Now to return the current time.

type FileCacheProvider

type FileCacheProvider struct {
	// contains filtered or unexported fields
}

FileCacheProvider is a file based AWS Credentials Provider implementing expiry and retrieve.

func NewFileCacheProvider

func NewFileCacheProvider(profile string, creds *credentials.Credentials, clock Clock, fs afero.Fs, newFlock FlockFunc, cacheFilePath string) (FileCacheProvider, error)

NewFileCacheProvider creates a new filesystem based AWS credential cache. The cache uses Expiry provided by the AWS Go SDK for providers. It wraps the configured credential provider into a file based cache provider. If the provider does not support caching ( I.e.: it doesn't implement IsExpired ) then this file based caching system is ignored and the default credential provider is used. Caches are per profile.

func (*FileCacheProvider) ExpiresAt

func (f *FileCacheProvider) ExpiresAt() time.Time

ExpiresAt implements the Expirer interface, and gives access to the expiration time of the credential

func (*FileCacheProvider) IsExpired

func (f *FileCacheProvider) IsExpired() bool

IsExpired implements the Provider interface, deferring to the cached credential first, but fall back to the underlying Provider if it is expired.

func (*FileCacheProvider) Retrieve

func (f *FileCacheProvider) Retrieve() (credentials.Value, error)

Retrieve implements the Provider interface, returning the cached credential if is not expired, otherwise fetching the credential from the underlying Provider and caching the results on disk with an expiration time.

type FileCacheV2 added in v0.90.0

type FileCacheV2 struct {
	// contains filtered or unexported fields
}

FileCacheV2 is a file-based credentials cache for AWS credentials that can expire, satisfying the aws.CredentialsProvider interface. It is meant to be wrapped with aws.CredentialsCache. The cache is per profile.

func NewFileCacheV2 added in v0.90.0

func NewFileCacheV2(provider aws.CredentialsProvider, profileName string, fs afero.Fs, newFlock FlockFunc, clock Clock, cacheFilePath string) (*FileCacheV2, error)

NewFileCacheV2 initializes the cache and returns a *FileCacheV2.

func (*FileCacheV2) Retrieve added in v0.90.0

func (f *FileCacheV2) Retrieve(ctx context.Context) (aws.Credentials, error)

Retrieve implements aws.CredentialsProvider.

type Flock added in v0.90.0

type Flock interface {
	// TryRLockContext repeatedly tries to take a shared lock until one of the
	// conditions is met: TryRLock succeeds, TryRLock fails with error, or Context
	// Done channel is closed.
	TryRLockContext(ctx context.Context, retryDelay time.Duration) (bool, error)

	// TryLockContext repeatedly tries to take an exclusive lock until one of the
	// conditions is met: TryLock succeeds, TryLock fails with error, or Context
	// Done channel is closed.
	TryLockContext(ctx context.Context, retryDelay time.Duration) (bool, error)

	// Unlock is unlocks the file.
	Unlock() error
}

Flock provides an interface to handle file locking. It defines an interface for the Flock type from github.com/gofrs/flock. Refer to https://pkg.go.dev/github.com/gofrs/flock?utm_source=godoc#Flock for documentation.

type FlockFunc added in v0.90.0

type FlockFunc func(path string) Flock

type RealClock

type RealClock struct{}

RealClock defines a clock using time.Now()

func (*RealClock) Now

func (r *RealClock) Now() time.Time

Now returns the current time.

Directories

Path Synopsis
Code generated by counterfeiter.
Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL