vault

Documentation

Index

• type Client
  • func NewClient(config *Config, opts ...ClientOption) (*Client, error)
  • func (c *Client) Delete(ctx context.Context, path string) (*vault.Secret, error)
  • func (c *Client) Get(ctx context.Context, path string) (*vault.Secret, error)
  • func (c *Client) List(ctx context.Context, path string) (*vault.Secret, error)
  • func (c *Client) Post(ctx context.Context, path string, data []byte) (*vault.Secret, error)
  • func (c *Client) Put(ctx context.Context, path string, data []byte) (*vault.Secret, error)
  • func (c *Client) Transit() Transit
• type ClientOption
  • func WithClientAuthFunction(authFunction func(context.Context, *Client) error) ClientOption
• type Config
  • func (c Config) ValidateConfigFields() error
• type Transit
• type TransitKey
• type TransitKeyRing

Types

type Client

type Client struct {
	*vault.Client
	// contains filtered or unexported fields
}

func NewClient

func NewClient(config *Config, opts ...ClientOption) (*Client, error)

func (*Client) Delete

func (c *Client) Delete(ctx context.Context, path string) (*vault.Secret, error)

func (*Client) Get

func (c *Client) Get(ctx context.Context, path string) (*vault.Secret, error)

func (*Client) List

func (c *Client) List(ctx context.Context, path string) (*vault.Secret, error)

func (*Client) Post

func (c *Client) Post(ctx context.Context, path string, data []byte) (*vault.Secret, error)

func (*Client) Put

func (c *Client) Put(ctx context.Context, path string, data []byte) (*vault.Secret, error)

func (*Client) Transit

func (c *Client) Transit() Transit

type ClientOption

type ClientOption func(*Client)

func WithClientAuthFunction

func WithClientAuthFunction(authFunction func(context.Context, *Client) error) ClientOption

type Config

type Config struct {
	Address string `yaml:"address"`
	Token   string `yaml:"token"`
}

func (Config) ValidateConfigFields

func (c Config) ValidateConfigFields() error

type Transit

type Transit interface {
	Enable(ctx context.Context) error
	ListKeys(ctx context.Context) ([]string, error)
	ReadKeyRing(ctx context.Context, key string) (TransitKey, error)
	AddKeyRing(ctx context.Context, key string) error
	DeleteKeyRing(ctx context.Context, key string) error
	TransitKeyRing(key string) TransitKeyRing
}

type TransitKey

type TransitKey struct {
	Name                 string              `json:"name"`
	Type                 string              `json:"type"`
	Keys                 map[any]interface{} `json:"keys"`
	MinDecryptionVersion int                 `json:"min_decrytion_version"`
	MinEncryptionVersion int                 `json:"min_encryption_version"`
	LatestVersion        int                 `json:"latest_version"`
	DeletionAllowed      bool                `json:"deletion_allowed"`
	Derived              bool                `json:"derived"`
	Exportable           bool                `json:"exportable"`
	AllowPlaintextBackup bool                `json:"allow_plaintext_backup"`
	SupportsEncryption   bool                `json:"supports_encryption"`
	SupportsDecryption   bool                `json:"supports_decryption"`
	SupportsDerivation   bool                `json:"supports_derivation"`
	SupportsSigning      bool                `json:"supports_signing"`
	AutoRotatePeriod     int                 `json:"auto_rotate_period"`
	ImportedKey          bool                `json:"imported_key"`
	MinAvailableVersion  int                 `json:"min_available_version"`
}

type TransitKeyRing

type TransitKeyRing interface {
	RotateEncryptionKey(ctx context.Context) error
	SetAutoRotateEncryptionKey(ctx context.Context, duration time.Duration) error
	Encrypt(ctx context.Context, data any) (string, error)
	Decrypt(ctx context.Context, cipherText string, result any) error
}