Documentation ¶
Index ¶
- Variables
- type AWSSecretsManager
- func (a *AWSSecretsManager) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)
- func (a *AWSSecretsManager) GetSecrets(path string, version string, annotations map[string]string) (map[string]interface{}, error)
- func (a *AWSSecretsManager) Login() error
- type AzureKeyVault
- type GCPSecretManager
- func (a *GCPSecretManager) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)
- func (a *GCPSecretManager) GetSecrets(path string, version string, annotations map[string]string) (map[string]interface{}, error)
- func (a *GCPSecretManager) Login() error
- type IBMSecretsManager
- func (i *IBMSecretsManager) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)
- func (i *IBMSecretsManager) GetSecrets(path string, version string, annotations map[string]string) (map[string]interface{}, error)
- func (i *IBMSecretsManager) Login() error
- type IBMSecretsManagerClient
- type SecretManagerClient
- type Vault
Constants ¶
This section is empty.
Variables ¶
var GCPPath, _ = regexp.Compile(`projects/(?P<projectid>.+)/secrets/(?P<secretid>.+)`)
var IBMPath, _ = regexp.Compile(`ibmcloud/(?P<type>.+)/secrets/groups/(?P<groupid>.+)`)
Functions ¶
This section is empty.
Types ¶
type AWSSecretsManager ¶ added in v1.0.0
type AWSSecretsManager struct {
Client secretsmanageriface.SecretsManagerAPI
}
AWSSecretsManager is a struct for working with a AWS Secrets Manager backend
func NewAWSSecretsManagerBackend ¶ added in v1.0.0
func NewAWSSecretsManagerBackend(client secretsmanageriface.SecretsManagerAPI) *AWSSecretsManager
NewAWSSecretsManagerBackend initializes a new AWS Secrets Manager backend
func (*AWSSecretsManager) GetIndividualSecret ¶ added in v1.4.0
func (a *AWSSecretsManager) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)
GetIndividualSecret will get the specific secret (placeholder) from the SM backend For AWS, we only support placeholders replaced from the k/v pairs of a secret which cannot be individually addressed So, we use GetSecrets and extract the specific placeholder we want
func (*AWSSecretsManager) GetSecrets ¶ added in v1.0.0
func (a *AWSSecretsManager) GetSecrets(path string, version string, annotations map[string]string) (map[string]interface{}, error)
GetSecrets gets secrets from aws secrets manager and returns the formatted data
func (*AWSSecretsManager) Login ¶ added in v1.0.0
func (a *AWSSecretsManager) Login() error
Login does nothing as a "login" is handled on the instantiation of the aws sdk
type AzureKeyVault ¶ added in v1.4.0
type AzureKeyVault struct {
Client keyvault.BaseClient
}
AzureKeyVault is a struct for working with an Azure Key Vault backend
func NewAzureKeyVaultBackend ¶ added in v1.4.0
func NewAzureKeyVaultBackend(client keyvault.BaseClient) *AzureKeyVault
NewAzureKeyVaultBackend initializes a new Azure Key Vault backend
func (*AzureKeyVault) GetIndividualSecret ¶ added in v1.4.0
func (a *AzureKeyVault) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)
GetIndividualSecret will get the specific secret (placeholder) from the SM backend For Azure Key Vault, `kvpath` is the unique name of your vault Secrets (placeholders) are directly addressable via the API, so only one call is needed here
func (*AzureKeyVault) GetSecrets ¶ added in v1.4.0
func (a *AzureKeyVault) GetSecrets(kvpath string, version string, _ map[string]string) (map[string]interface{}, error)
GetSecrets gets secrets from Azure Key Vault and returns the formatted data For Azure Key Vault, `kvpath` is the unique name of your vault
func (*AzureKeyVault) Login ¶ added in v1.4.0
func (a *AzureKeyVault) Login() error
Login does nothing as a "login" is handled on the instantiation of the Azure SDK
type GCPSecretManager ¶ added in v1.3.0
type GCPSecretManager struct { Context context.Context Client SecretManagerClient }
GCPSecretManager is a struct for working with a GCP Secret Manager backend
func NewGCPSecretManagerBackend ¶ added in v1.3.0
func NewGCPSecretManagerBackend(ctx context.Context, client SecretManagerClient) *GCPSecretManager
NewGCPSecretManagerBackend initializes a new GCP Secret Manager backend
func (*GCPSecretManager) GetIndividualSecret ¶ added in v1.4.0
func (a *GCPSecretManager) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)
GetIndividualSecret will get the specific secret (placeholder) from the SM backend For GCP, the path is specific to the secret So, we just forward the value from the k/v result of GetSecrets
func (*GCPSecretManager) GetSecrets ¶ added in v1.3.0
func (a *GCPSecretManager) GetSecrets(path string, version string, annotations map[string]string) (map[string]interface{}, error)
GetSecrets gets secrets from GCP Secret Manager and returns the formatted data The path is of format `projects/project-id/secrets/secret-id`
func (*GCPSecretManager) Login ¶ added in v1.3.0
func (a *GCPSecretManager) Login() error
Login does nothing as a "login" is handled on the instantiation of the Google SDK
type IBMSecretsManager ¶ added in v1.0.0
type IBMSecretsManager struct {
Client IBMSecretsManagerClient
}
IBMSecretsManager is a struct for working with IBM Secret Manager
func NewIBMSecretsManagerBackend ¶ added in v1.0.0
func NewIBMSecretsManagerBackend(client IBMSecretsManagerClient) *IBMSecretsManager
NewIBMSecretsManagerBackend initializes a new IBM Secret Manager backend
func (*IBMSecretsManager) GetIndividualSecret ¶ added in v1.4.0
func (i *IBMSecretsManager) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)
GetIndividualSecret will get the specific secret (placeholder) from the SM backend For IBM, we only support placeholders replaced from secrets in a group, which cannot be individually addressed by placeholder (secret name) So, we use GetSecrets and extract the specific placeholder we want
func (*IBMSecretsManager) GetSecrets ¶ added in v1.0.0
func (i *IBMSecretsManager) GetSecrets(path string, version string, annotations map[string]string) (map[string]interface{}, error)
GetSecrets returns the data for the secrets of a group in IBM Secrets Manager
func (*IBMSecretsManager) Login ¶ added in v1.0.0
func (i *IBMSecretsManager) Login() error
Login does nothing since the IBM Secrets Manager client is setup on instantiation
type IBMSecretsManagerClient ¶ added in v1.3.0
type IBMSecretsManagerClient interface { ListAllSecrets(listAllSecretsOptions *ibmsm.ListAllSecretsOptions) (result *ibmsm.ListSecrets, response *core.DetailedResponse, err error) GetSecret(getSecretOptions *ibmsm.GetSecretOptions) (result *ibmsm.GetSecret, response *core.DetailedResponse, err error) GetSecretVersion(getSecretOptions *ibmsm.GetSecretVersionOptions) (result *ibmsm.GetSecretVersion, response *core.DetailedResponse, err error) }
IBMSecretsManagerClient is an interface for any client to the IBM Secrets Manager These are only the methods we need
type SecretManagerClient ¶ added in v1.3.0
type SecretManagerClient interface {
AccessSecretVersion(ctx context.Context, req *secretmanagerpb.AccessSecretVersionRequest, opts ...gax.CallOption) (*secretmanagerpb.AccessSecretVersionResponse, error)
}
type Vault ¶
Vault is a struct for working with a Vault backend
func NewVaultBackend ¶
NewVaultBackend initializes a new Vault Backend
func (*Vault) GetIndividualSecret ¶ added in v1.4.0
func (v *Vault) GetIndividualSecret(kvpath, secret, version string, annotations map[string]string) (interface{}, error)
GetIndividualSecret will get the specific secret (placeholder) from the SM backend For Vault, we only support placeholders replaced from the k/v pairs of a secret which cannot be individually addressed So, we use GetSecrets and extract the specific placeholder we want