backends

package
v1.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 1, 2021 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var GCPPath, _ = regexp.Compile(`projects/(?P<projectid>.+)/secrets/(?P<secretid>.+)`)
View Source 
var IBMPath, _ = regexp.Compile(`ibmcloud/(?P<type>.+)/secrets/groups/(?P<groupid>.+)`)

Functions

This section is empty.

Types

type AWSSecretsManager added in v1.0.0 

type AWSSecretsManager struct {
	Client secretsmanageriface.SecretsManagerAPI
}

AWSSecretsManager is a struct for working with a AWS Secrets Manager backend

func NewAWSSecretsManagerBackend added in v1.0.0 

func NewAWSSecretsManagerBackend(client secretsmanageriface.SecretsManagerAPI) *AWSSecretsManager

NewAWSSecretsManagerBackend initializes a new AWS Secrets Manager backend

func (*AWSSecretsManager) GetIndividualSecret added in v1.4.0 

func (a *AWSSecretsManager) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)

GetIndividualSecret will get the specific secret (placeholder) from the SM backend For AWS, we only support placeholders replaced from the k/v pairs of a secret which cannot be individually addressed So, we use GetSecrets and extract the specific placeholder we want

func (*AWSSecretsManager) GetSecrets added in v1.0.0 

func (a *AWSSecretsManager) GetSecrets(path string, version string, annotations map[string]string) (map[string]interface{}, error)

GetSecrets gets secrets from aws secrets manager and returns the formatted data

func (*AWSSecretsManager) Login added in v1.0.0 

func (a *AWSSecretsManager) Login() error

Login does nothing as a "login" is handled on the instantiation of the aws sdk

type AzureKeyVault added in v1.4.0 

type AzureKeyVault struct {
	Client keyvault.BaseClient
}

AzureKeyVault is a struct for working with an Azure Key Vault backend

func NewAzureKeyVaultBackend added in v1.4.0 

func NewAzureKeyVaultBackend(client keyvault.BaseClient) *AzureKeyVault

NewAzureKeyVaultBackend initializes a new Azure Key Vault backend

func (*AzureKeyVault) GetIndividualSecret added in v1.4.0 

func (a *AzureKeyVault) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)

GetIndividualSecret will get the specific secret (placeholder) from the SM backend For Azure Key Vault, `kvpath` is the unique name of your vault Secrets (placeholders) are directly addressable via the API, so only one call is needed here

func (*AzureKeyVault) GetSecrets added in v1.4.0 

func (a *AzureKeyVault) GetSecrets(kvpath string, version string, _ map[string]string) (map[string]interface{}, error)

GetSecrets gets secrets from Azure Key Vault and returns the formatted data For Azure Key Vault, `kvpath` is the unique name of your vault

func (*AzureKeyVault) Login added in v1.4.0 

func (a *AzureKeyVault) Login() error

Login does nothing as a "login" is handled on the instantiation of the Azure SDK

type GCPSecretManager added in v1.3.0 

type GCPSecretManager struct {
	Context context.Context
	Client  SecretManagerClient
}

GCPSecretManager is a struct for working with a GCP Secret Manager backend

func NewGCPSecretManagerBackend added in v1.3.0 

func NewGCPSecretManagerBackend(ctx context.Context, client SecretManagerClient) *GCPSecretManager

NewGCPSecretManagerBackend initializes a new GCP Secret Manager backend

func (*GCPSecretManager) GetIndividualSecret added in v1.4.0 

func (a *GCPSecretManager) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)

GetIndividualSecret will get the specific secret (placeholder) from the SM backend For GCP, the path is specific to the secret So, we just forward the value from the k/v result of GetSecrets

func (*GCPSecretManager) GetSecrets added in v1.3.0 

func (a *GCPSecretManager) GetSecrets(path string, version string, annotations map[string]string) (map[string]interface{}, error)

GetSecrets gets secrets from GCP Secret Manager and returns the formatted data The path is of format `projects/project-id/secrets/secret-id`

func (*GCPSecretManager) Login added in v1.3.0 

func (a *GCPSecretManager) Login() error

Login does nothing as a "login" is handled on the instantiation of the Google SDK

type IBMSecretsManager added in v1.0.0 

type IBMSecretsManager struct {
	Client IBMSecretsManagerClient
}

IBMSecretsManager is a struct for working with IBM Secret Manager

func NewIBMSecretsManagerBackend added in v1.0.0 

func NewIBMSecretsManagerBackend(client IBMSecretsManagerClient) *IBMSecretsManager

NewIBMSecretsManagerBackend initializes a new IBM Secret Manager backend

func (*IBMSecretsManager) GetIndividualSecret added in v1.4.0 

func (i *IBMSecretsManager) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)

GetIndividualSecret will get the specific secret (placeholder) from the SM backend For IBM, we only support placeholders replaced from secrets in a group, which cannot be individually addressed by placeholder (secret name) So, we use GetSecrets and extract the specific placeholder we want

func (*IBMSecretsManager) GetSecrets added in v1.0.0 

func (i *IBMSecretsManager) GetSecrets(path string, version string, annotations map[string]string) (map[string]interface{}, error)

GetSecrets returns the data for the secrets of a group in IBM Secrets Manager

func (*IBMSecretsManager) Login added in v1.0.0 

func (i *IBMSecretsManager) Login() error

Login does nothing since the IBM Secrets Manager client is setup on instantiation

type IBMSecretsManagerClient added in v1.3.0 

type IBMSecretsManagerClient interface {
	ListAllSecrets(listAllSecretsOptions *ibmsm.ListAllSecretsOptions) (result *ibmsm.ListSecrets, response *core.DetailedResponse, err error)
	GetSecret(getSecretOptions *ibmsm.GetSecretOptions) (result *ibmsm.GetSecret, response *core.DetailedResponse, err error)
	GetSecretVersion(getSecretOptions *ibmsm.GetSecretVersionOptions) (result *ibmsm.GetSecretVersion, response *core.DetailedResponse, err error)
}

IBMSecretsManagerClient is an interface for any client to the IBM Secrets Manager These are only the methods we need

type SecretManagerClient added in v1.3.0 

type SecretManagerClient interface {
	AccessSecretVersion(ctx context.Context, req *secretmanagerpb.AccessSecretVersionRequest, opts ...gax.CallOption) (*secretmanagerpb.AccessSecretVersionResponse, error)
}

type Vault 

type Vault struct {
	types.AuthType
	VaultClient *api.Client
	KvVersion   string
}

Vault is a struct for working with a Vault backend

func NewVaultBackend 

func NewVaultBackend(auth types.AuthType, client *api.Client, kv string) *Vault

NewVaultBackend initializes a new Vault Backend

func (*Vault) GetIndividualSecret added in v1.4.0 

func (v *Vault) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)

GetIndividualSecret will get the specific secret (placeholder) from the SM backend For Vault, we only support placeholders replaced from the k/v pairs of a secret which cannot be individually addressed So, we use GetSecrets and extract the specific placeholder we want

func (*Vault) GetSecrets 

func (v *Vault) GetSecrets(path string, version string, annotations map[string]string) (map[string]interface{}, error)

GetSecrets gets secrets from vault and returns the formatted data

func (*Vault) Login 

func (v *Vault) Login() error

Login authenticates with the auth type provided

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.