Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ExecScript

func ExecScript(script string) (*exec.Cmd, error)

    ExecScript returns a command to execute a script

    func ExternalTokenHelperPath

    func ExternalTokenHelperPath(path string) (string, error)

      ExternalTokenHelperPath takes the configured path to a helper and expands it to a full absolute path that can be executed. As of 0.5, the default token helper is internal, to avoid problems running in dev mode (see GH-850 and GH-783), so special assumptions of prepending "vault token-" no longer apply.

      As an additional result, only absolute paths are now allowed. Looking in the path or a current directory for an arbitrary executable could allow someone to switch the expected binary for one further up the path (or in the current directory), potentially opening up execution of an arbitrary binary.

      func Test

      func Test(t *testing.T, h TokenHelper)

        Test is a public function that can be used in other tests to test that a helper is functioning properly.

        func TestExternalTokenHelperProcessCLI

        func TestExternalTokenHelperProcessCLI(t *testing.T, cmd cli.Command)

          TestExternalTokenHelperProcessCLI can be called to implement TestExternalTokenHelperProcess for TestProcess that just executes a CLI command.

          func TestProcess

          func TestProcess(t *testing.T, s ...string)

            TestProcess is used to re-execute this test in order to use it as the helper process. For this to work, the TestExternalTokenHelperProcess function must exist.

            func TestProcessPath

            func TestProcessPath(t *testing.T, s ...string) string

              TestProcessPath returns the path to the test process.

              Types

              type ExternalTokenHelper

              type ExternalTokenHelper struct {
              	BinaryPath string
              	Env        []string
              }

                ExternalTokenHelper is the struct that has all the logic for storing and retrieving tokens from the token helper. The API for the helpers is simple: the BinaryPath is executed within a shell with environment Env. The last argument appended will be the operation, which is:

                * "get" - Read the value of the token and write it to stdout.
                * "store" - Store the value of the token which is on stdin. Output
                    nothing.
                * "erase" - Erase the contents stored. Output nothing.
                

                Any errors can be written on stdout. If the helper exits with a non-zero exit code then the stderr will be made part of the error value.

                func (*ExternalTokenHelper) Erase

                func (h *ExternalTokenHelper) Erase() error

                  Erase deletes the contents from the helper.

                  func (*ExternalTokenHelper) Get

                  func (h *ExternalTokenHelper) Get() (string, error)

                    Get gets the token value from the helper.

                    func (*ExternalTokenHelper) Path

                    func (h *ExternalTokenHelper) Path() string

                    func (*ExternalTokenHelper) Store

                    func (h *ExternalTokenHelper) Store(v string) error

                      Store stores the token value into the helper.

                      type InternalTokenHelper

                      type InternalTokenHelper struct {
                      	// contains filtered or unexported fields
                      }

                        InternalTokenHelper fulfills the TokenHelper interface when no external token-helper is configured, and avoids shelling out

                        func (*InternalTokenHelper) Erase

                        func (i *InternalTokenHelper) Erase() error

                          Erase erases the value of the token

                          func (*InternalTokenHelper) Get

                          func (i *InternalTokenHelper) Get() (string, error)

                            Get gets the value of the stored token, if any

                            func (*InternalTokenHelper) Path

                            func (i *InternalTokenHelper) Path() string

                            func (*InternalTokenHelper) Store

                            func (i *InternalTokenHelper) Store(input string) error

                              Store stores the value of the token to the file

                              type TestingTokenHelper

                              type TestingTokenHelper struct {
                              	// contains filtered or unexported fields
                              }

                                TestingTokenHelper implements token.TokenHelper which runs entirely in-memory. This should not be used outside of testing.

                                func NewTestingTokenHelper

                                func NewTestingTokenHelper() *TestingTokenHelper

                                func (*TestingTokenHelper) Erase

                                func (t *TestingTokenHelper) Erase() error

                                func (*TestingTokenHelper) Get

                                func (t *TestingTokenHelper) Get() (string, error)

                                func (*TestingTokenHelper) Path

                                func (t *TestingTokenHelper) Path() string

                                func (*TestingTokenHelper) Store

                                func (t *TestingTokenHelper) Store(token string) error

                                type TokenHelper

                                type TokenHelper interface {
                                	// Path displays a method-specific path; for the internal helper this
                                	// is the location of the token stored on disk; for the external helper
                                	// this is the location of the binary being invoked
                                	Path() string
                                
                                	Erase() error
                                	Get() (string, error)
                                	Store(string) error
                                }

                                  TokenHelper is an interface that contains basic operations that must be implemented by a token helper