Documentation
¶
Overview ¶
Package secret provides functionality for generating and storing secrets both in a remote swarm and locally within supported storage such as pass stores.
Index ¶
- func GeneratePassphrases(count uint) ([]string, error)
- func GeneratePasswords(count, length uint) ([]string, error)
- func GenerateSecrets(cl *dockerClient.Client, secrets map[string]Secret, server string) (map[string]string, error)
- func PassInsertSecret(secretValue, secretName, appName, server string) error
- func PassRmSecret(secretName, appName, server string) error
- func PollSecretsStatus(cl *dockerClient.Client, app appPkg.App) (secretStatuses, error)
- func ReadSecretsConfig(appEnvPath string, composeFiles []string, stackName string) (map[string]Secret, error)
- type Secret
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GeneratePassphrases ¶
GeneratePassphrases generates human readable and rememberable passphrases.
func GeneratePasswords ¶
GeneratePasswords generates passwords.
func GenerateSecrets ¶
func GenerateSecrets(cl *dockerClient.Client, secrets map[string]Secret, server string) (map[string]string, error)
GenerateSecrets generates secrets locally and sends them to a remote server for storage.
func PassInsertSecret ¶
PassInsertSecret inserts a secret into a pass store.
func PassRmSecret ¶
PassRmSecret deletes a secret from a pass store.
func PollSecretsStatus ¶
func PollSecretsStatus(cl *dockerClient.Client, app appPkg.App) (secretStatuses, error)
PollSecretsStatus checks status of secrets by comparing the local recipe config and deploymend server state.
func ReadSecretsConfig ¶
func ReadSecretsConfig(appEnvPath string, composeFiles []string, stackName string) (map[string]Secret, error)
ReadSecretsConfig reads secret names/versions from the recipe config. The function generalises appEnv/composeFiles because some times you have an app and some times you don't (as the caller). We need to be able to handle the "app new" case where we pass in the .env.sample and the "secret generate" case where the app is created.
Types ¶
type Secret ¶
type Secret struct {
// Version comes from the secret version environment variable.
// For example:
// SECRET_FOO=v1
Version string
// Length comes from the length modifier at the secret version environment
// variable. For Example:
// SECRET_FOO=v1 # length=12
Length int
// RemoteName is the name of the secret on the server. For example:
// name: ${STACK_NAME}_test_pass_two_${SECRET_TEST_PASS_TWO_VERSION}
// With the following:
// STACK_NAME=test_example_com
// SECRET_TEST_PASS_TWO_VERSION=v2
// Will have this remote name:
// test_example_com_test_pass_two_v2
RemoteName string
}
Secret represents a secret.
Source Files