vault

package
v1.71.0-rc.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 2, 2025 License: Apache-2.0, BSD-3-Clause, Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

Package vault contains functions to construct or augment an http.Client that will integrate with the github.com/hashicorp/vault/api and collect traces to send to Datadog.

The easiest way to use this package is to create an http.Client with NewHTTPClient, and put it in the Vault API config that is passed to the

If you are already using your own http.Client with the Vault API, you can use the WrapHTTPClient function to wrap the client with the tracer code. Your http.Client will continue to work as before, but will also capture traces.

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewHTTPClient

func NewHTTPClient(opts ...Option) *http.Client

NewHTTPClient returns an http.Client for use in the Vault API config Client. A set of options can be passed in for further configuration.

Example

This is the most basic way to enable tracing with Vault.

package main

import (
	"log"

	vaulttrace "gopkg.in/DataDog/dd-trace-go.v1/contrib/hashicorp/vault"

	"github.com/hashicorp/vault/api"
)

func main() {
	c, err := api.NewClient(&api.Config{
		HttpClient: vaulttrace.NewHTTPClient(),
		Address:    "http://vault.mydomain.com:8200",
	})
	if err != nil {
		log.Fatalf("Failed to create Vault client: %s\n", err)
	}
	// This call wil be traced
	c.Logical().Read("/secret/key")
}
Output:

Example (WithOptions)

NewHTTPClient can be called with additional options for further configuration.

package main

import (
	"log"

	vaulttrace "gopkg.in/DataDog/dd-trace-go.v1/contrib/hashicorp/vault"

	"github.com/hashicorp/vault/api"
)

func main() {
	c, err := api.NewClient(&api.Config{
		HttpClient: vaulttrace.NewHTTPClient(
			vaulttrace.WithServiceName("my.vault"),
			vaulttrace.WithAnalytics(true),
		),
		Address: "http://vault.mydomain.com:8200",
	})
	if err != nil {
		log.Fatalf("Failed to create Vault client: %s\n", err)
	}
	// This call wil be traced
	c.Logical().Read("/secret/key")
}
Output:

func WrapHTTPClient

func WrapHTTPClient(c *http.Client, opts ...Option) *http.Client

WrapHTTPClient takes an existing http.Client and wraps the underlying transport with tracing.

Example

If you already have an http.Client that you're using, you can add tracing to it with WrapHTTPClient.

package main

import (
	"fmt"
	"log"
	"net/http"

	vaulttrace "gopkg.in/DataDog/dd-trace-go.v1/contrib/hashicorp/vault"

	"github.com/hashicorp/vault/api"
)

func main() {
	// We use a custom *http.Client to talk to Vault.
	c := &http.Client{
		CheckRedirect: func(r *http.Request, via []*http.Request) error {
			if len(via) > 5 {
				return fmt.Errorf("won't perform more that 5 redirects")
			}
			return nil
		},
	}
	client, err := api.NewClient(&api.Config{
		HttpClient: vaulttrace.WrapHTTPClient(c),
		Address:    "http://vault.mydomain.com:8200",
	})
	if err != nil {
		log.Fatalf("Failed to create Vault client: %s\n", err)
	}

	// This call wil be traced
	client.Logical().Read("/secret/key")
}
Output:

Example (WithOptions)

WrapHTTPClient can be called with additional options to configure the integration.

package main

import (
	"fmt"
	"log"
	"net/http"

	vaulttrace "gopkg.in/DataDog/dd-trace-go.v1/contrib/hashicorp/vault"

	"github.com/hashicorp/vault/api"
)

func main() {
	// We use a custom *http.Client to talk to Vault.
	c := &http.Client{
		CheckRedirect: func(r *http.Request, via []*http.Request) error {
			if len(via) > 5 {
				return fmt.Errorf("won't perform more that 5 redirects")
			}
			return nil
		},
	}
	client, err := api.NewClient(&api.Config{
		HttpClient: vaulttrace.WrapHTTPClient(
			c,
			vaulttrace.WithServiceName("my.vault"),
			vaulttrace.WithAnalytics(true),
		),
		Address: "http://vault.mydomain.com:8200",
	})
	if err != nil {
		log.Fatalf("Failed to create Vault client: %s\n", err)
	}
	// This call wil be traced
	client.Logical().Read("/secret/key")
}
Output:

Types

type Option

type Option func(*config)

Option can be passed to NewHTTPClient and WrapHTTPClient to configure the integration.

func WithAnalytics

func WithAnalytics(on bool) Option

WithAnalytics enables or disables Trace Analytics for all started spans.

func WithAnalyticsRate

func WithAnalyticsRate(rate float64) Option

WithAnalyticsRate sets the sampling rate for Trace Analytics events correlated to started spans.

func WithServiceName

func WithServiceName(name string) Option

WithServiceName sets the given service name for the http.Client.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL