Documentation
¶
Overview ¶
Package secret provides a layer for storing secretes.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrNotFound is returned when a secret is not found. ErrNotFound = errors.New("secret not found") // ErrKeyringUnsupported indicates that secure storage // via the system keychain is not supported on the current platform. ErrKeyringUnsupported = keyring.ErrUnsupportedPlatform )
Functions ¶
This section is empty.
Types ¶
type FallbackStash ¶ added in v0.3.0
type FallbackStash struct {
Primary, Secondary Stash // required
}
FallbackStash is a secret stash that falls back to a secondary stash if the primary stash fails.
func (*FallbackStash) DeleteSecret ¶ added in v0.3.0
func (f *FallbackStash) DeleteSecret(service, key string) error
DeleteSecret deletes a secret from the primary stash, and if that fails, from the secondary stash.
func (*FallbackStash) LoadSecret ¶ added in v0.3.0
func (f *FallbackStash) LoadSecret(service, key string) (string, error)
LoadSecret loads a secret from the primary stash. If the operation fails NOT because the secret is not found, it falls back to the secondary stash.
func (*FallbackStash) SaveSecret ¶ added in v0.3.0
func (f *FallbackStash) SaveSecret(service, key, secret string) error
SaveSecret saves a secret to the primary stash. If the operation fails, it falls back to the secondary stash.
type InsecureStash ¶ added in v0.3.0
type InsecureStash struct {
// Destination path to the secrets file.
Path string // required
// Log is the logger used by the stash.
Log *log.Logger // required
}
InsecureStash is a secrets stash that stores secrets in plain text. It prints a warning to stderr the first time it creates the file.
func (*InsecureStash) DeleteSecret ¶ added in v0.3.0
func (f *InsecureStash) DeleteSecret(service, key string) error
DeleteSecret deletes a secret from the stash. It is a no-op if the secret does not exist.
func (*InsecureStash) LoadSecret ¶ added in v0.3.0
func (f *InsecureStash) LoadSecret(service, key string) (string, error)
LoadSecret retrieves a secret from the stash. It returns ErrNotFound if the secret does not exist.
func (*InsecureStash) SaveSecret ¶ added in v0.3.0
func (f *InsecureStash) SaveSecret(service, key, secret string) error
SaveSecret stores a secret in the stash. The first time it creates the file, it prints a warning to stderr.
type Keyring ¶
type Keyring struct{}
Keyring is a secure secret store that uses the system's keychain if available.
Its zero value is ready for use.
func (*Keyring) DeleteSecret ¶
DeleteSecret deletes a secret from the keyring.
func (*Keyring) LoadSecret ¶
LoadSecret loads a secret from the keyring.
func (*Keyring) SaveSecret ¶
SaveSecret saves a secret in the keyring.
type MemoryStash ¶
type MemoryStash struct {
// contains filtered or unexported fields
}
MemoryStash is an in-memory secret store for testing. Its zero value is ready for use.
func (*MemoryStash) DeleteSecret ¶
func (m *MemoryStash) DeleteSecret(service string, key string) error
DeleteSecret deletes a secret from the memory stash.
func (*MemoryStash) LoadSecret ¶
func (m *MemoryStash) LoadSecret(service string, key string) (string, error)
LoadSecret loads a secret from the memory stash.
func (*MemoryStash) SaveSecret ¶
func (m *MemoryStash) SaveSecret(service string, key string, secret string) error
SaveSecret saves a secret in the memory stash.
type Stash ¶
type Stash interface {
SaveSecret(service, key, secret string) error
LoadSecret(service, key string) (string, error)
// DeleteSecret deletes a secret from the stash.
// It is a no-op if the secret does not exist.
DeleteSecret(service, key string) error
}
Stash stores and retrieves secrets.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package secrettest provides a cross-process testable secret.Stash.
|
Package secrettest provides a cross-process testable secret.Stash. |