vault

package
v0.3.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 9, 2017 License: MPL-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// for authenticating this web server with vault
	VaultAddress = ""

	VaultSkipTLS = false
	ConfigPath   = ""
)
View Source
var (
	GithubCurrentCommit = ""
)

Functions

func DeleteFromCubbyhole

func DeleteFromCubbyhole(name string) (*api.Secret, error)

func GenerateRootCancel

func GenerateRootCancel() error

func GenerateRootInit

func GenerateRootInit(otp string) (*api.GenerateRootStatusResponse, error)

func GenerateRootStatus

func GenerateRootStatus() (*api.GenerateRootStatusResponse, error)

lookup current root generation status

func GenerateRootUpdate

func GenerateRootUpdate(shard, nonce string) (*api.GenerateRootStatusResponse, error)

func LoadConfig added in v0.2.5

func LoadConfig(devMode bool, errorChannel chan error) error

func NewVaultClient added in v0.3.0

func NewVaultClient() (*api.Client, error)

func ReadFromCubbyhole

func ReadFromCubbyhole(name string) (*api.Secret, error)

func StartGoldfishWrapper added in v0.3.0

func StartGoldfishWrapper(wrappingToken, roleID, rolePath string) error

func UnwrapData added in v0.2.5

func UnwrapData(wrappingToken string) (map[string]interface{}, error)

func VaultHealth

func VaultHealth() (string, error)

func WrapData added in v0.2.5

func WrapData(wrapttl string, data map[string]interface{}) (string, error)

func WriteToCubbyhole

func WriteToCubbyhole(name string, data map[string]interface{}) (interface{}, error)

Types

type AuthInfo

type AuthInfo struct {
	Type string `json:"Type" form:"Type" query:"Type"`
	ID   string `json:"ID" form:"ID" query:"ID"`
	Pass string `json:"password" form:"Password" query:"Password"`
}

func (*AuthInfo) CapabilitiesSelf added in v0.3.2

func (auth *AuthInfo) CapabilitiesSelf(path string) ([]string, error)

returns a list of capabilities the current auth has on a given path

func (*AuthInfo) Clear

func (auth *AuthInfo) Clear()

zeros out credentials, call by defer

func (AuthInfo) Client

func (auth AuthInfo) Client() (*api.Client, error)

constructs a client with server's vault address and client access token

func (AuthInfo) CreateToken

func (auth AuthInfo) CreateToken(opts *api.TokenCreateRequest, wrapttl string) (*api.Secret, error)

func (*AuthInfo) DecryptAuth

func (auth *AuthInfo) DecryptAuth() error

decrypt auth details with transit backend

func (AuthInfo) DecryptTransit

func (auth AuthInfo) DecryptTransit(key string, cipher string) (string, error)

decrypt given cipher with userTransitKey

func (AuthInfo) DeletePolicy

func (auth AuthInfo) DeletePolicy(name string) error

func (AuthInfo) DeleteUser

func (auth AuthInfo) DeleteUser(backend string, deleteID string) error

func (*AuthInfo) EncryptAuth

func (auth *AuthInfo) EncryptAuth() error

encrypt auth details with transit backend

func (AuthInfo) EncryptTransit

func (auth AuthInfo) EncryptTransit(key string, plaintext string) (string, error)

encrypt given string with userTransitKey

func (AuthInfo) GetBulletins

func (auth AuthInfo) GetBulletins() ([]map[string]interface{}, error)

func (AuthInfo) GetMount

func (auth AuthInfo) GetMount(path string) (*api.MountConfigOutput, error)

func (AuthInfo) GetPolicy

func (auth AuthInfo) GetPolicy(name string) (string, error)

func (AuthInfo) GetRole

func (auth AuthInfo) GetRole(rolename string) (interface{}, error)

func (AuthInfo) GetTokenCount

func (auth AuthInfo) GetTokenCount() (int, error)

func (AuthInfo) ListMounts

func (auth AuthInfo) ListMounts() (map[string]*api.MountOutput, error)

returns list of current mounts, if authorized

func (AuthInfo) ListPolicies

func (auth AuthInfo) ListPolicies() ([]string, error)

func (AuthInfo) ListRoles

func (auth AuthInfo) ListRoles() (interface{}, error)

func (AuthInfo) ListSecret

func (auth AuthInfo) ListSecret(path string) ([]interface{}, error)

func (AuthInfo) ListUsers

func (auth AuthInfo) ListUsers(backend string, offset int) (interface{}, error)

func (*AuthInfo) Login

func (auth *AuthInfo) Login() (map[string]interface{}, error)

verifies whether auth ID and password are valid if valid, creates a client access token and returns the metadata

func (AuthInfo) LookupSelf

func (auth AuthInfo) LookupSelf() (*api.Secret, error)

func (AuthInfo) PutPolicy

func (auth AuthInfo) PutPolicy(name, rules string) error

func (AuthInfo) ReadSecret

func (auth AuthInfo) ReadSecret(path string) (map[string]interface{}, error)

func (AuthInfo) RenewSelf

func (auth AuthInfo) RenewSelf() (*api.Secret, error)

func (AuthInfo) RevokeSelf

func (auth AuthInfo) RevokeSelf() error

func (AuthInfo) TuneMount

func (auth AuthInfo) TuneMount(path string, config api.MountConfigInput) error

func (*AuthInfo) UnwrapData added in v0.3.2

func (auth *AuthInfo) UnwrapData(wrappingToken string) (map[string]interface{}, error)

to do: Find an optimal way to allow unauthenticated users to unwrap data

func (*AuthInfo) WrapData added in v0.3.2

func (auth *AuthInfo) WrapData(wrapttl string, raw string) (string, error)

func (AuthInfo) WriteSecret

func (auth AuthInfo) WriteSecret(path string, raw string) (interface{}, error)

type Config

type Config struct {
	ServerTransitKey  string
	UserTransitKey    string
	TransitBackend    string
	DefaultSecretPath string
	BulletinPath      string

	SlackWebhook string
	SlackChannel string

	GithubAccessToken  string
	GithubRepoOwner    string
	GithubRepo         string
	GithubPoliciesPath string
	GithubTargetBranch string

	// fields that goldfish will write
	LastUpdated         string `hash:"ignore"`
	GithubCurrentCommit string
}

func GetConfig

func GetConfig() Config

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL