amanar

package module
v0.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 18, 2020 License: MPL-2.0 Imports: 26 Imported by: 0

README

Amanar

A tool to programmatically insert refreshed HashiCorp Vault credentials into desktop database application configurations, allowing you to use database GUIs and CLIs seamlessly with time-limited access credentials.

You should create backup copies of all configuration files before using this tool.

Supported Output Applications and Formats

With in-place updating of existing data
  • Datagrip (tested with 2017.2)
  • Intellij IDEA Databases (in theory)
  • IntelliJ Run Configurations (tested with 2017.2)
  • Querious 2
  • Sequel Pro (tested with 1.1.1)
  • Postico (tested with 1.2.2)
  • Shell script environment variable exports (tested with Bash)
  • JSON
To stdout without updating existing data
  • Golang templates

Usage

The usage of this program depends on two environment variables:

  • GITHUB_TOKEN, specifying the personal Github token which will allow refreshed Vault credentials to be retrieved
  • CONFIG_FILEPATH, specifying the location of your configuration file

The program makes certain assumptions about the state of your keychain and configuration files. It cannot be used to create new keychain or configuration entries, only update them. In addition, there should be only one keychain entry per unique identifier (usually the database UUID) so that the correct keychain item to update can be selected without reference to a particular user account.

Multiple vault addresses may now be specified in your configuration file.

Configuration

An Overview of the Schema

The configuration file that must be provided is a JSON or YAML file conforming to the JSON Schema set forth in amanar_config_schema.json. Information on each of the options is given as the description attribute in the schema.

Note that IntelliJ-specific paths can be found with this guide to IntelliJ storage locations for global configurations, and usually the .idea directory for project-specific storage.

Miscellaneous Notes

  • For best results, close applications before running Amanar. Many applications do not take kindly to their data being modified while they are in use.
  • Do not edit numbers in plists using XCode. XCode will conveniently change your data types for you.
  • A reiteration: back up your data before using this tool. There are no known cases of data loss, but if formats change over time this may occur.

Building

Dependencies

Dependencies are managed by Go modules. Run make build to build this project. cgo is also used to interface with OSX Foundation and Security libraries as well as for SQLite support for Querious. You may require CGO_ENABLED=1 to build this project.

This is a Mac OS-specific project. It may be possible to make this work with a Linux keychain, but no such attempt has been or will be made.

The project has been successfully built on Go 1.13.6 on Mac OS 10.13.6. The mininum possible Go version required is 1.13.

Developing: Extending

To add support for a new data source, do the following:

  1. Create a struct that satisfies the Flower interface. This will act to parse and change the required information on disk.
  2. Modify the JSON Schema in accordance with the configuration struct and document the required parameters.
  3. Regenerate the binary data (see below) that bundles the schema in the Go binary
  4. Regenerate the configuration types (see below) from the JSON schema to allow Go to parse the schema.
  5. Add the lines in ProcessConfigItem to process the new Flower that you have created

Developing: Regenerating Configuration Struct types

We use quicktype to generate the configuration types from the provided JSON schema. Quicktype can be installed from NPM with npm install -g quicktype.

To regenerate this file when the data is updated, run go generate (located in amanar_yaml_configuration.go)

Developing: Regenerating Bindata

We compile the JSON Schema for the Amanar configuration into the Go binary for convenience using go-bindata (brew install go-bindata, https://github.com/kevinburke/go-bindata)

To regenerate this file when the data is updated, run go generate (located in process_config.go).

Documentation

Index

Constants

View Source 
const SEQUEL_PRO_PLIST_FORMAT = plist.XMLFormat

Variables

This section is empty.

Functions

func Asset 

func Asset(name string) ([]byte, error)

Asset loads and returns the asset for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetDigest 

func AssetDigest(name string) ([sha256.Size]byte, error)

AssetDigest returns the digest of the file with the given name. It returns an error if the asset could not be found or the digest could not be loaded.

func AssetDir 

func AssetDir(name string) ([]string, error)

AssetDir returns the file names below a certain directory embedded in the file by go-bindata. For example if you run go-bindata on data/... and data contains the following hierarchy: 

data/
  foo.txt
  img/
    a.png
    b.png

then AssetDir("data") would return []string{"foo.txt", "img"}, AssetDir("data/img") would return []string{"a.png", "b.png"}, AssetDir("foo.txt") and AssetDir("notexist") would return an error, and AssetDir("") will return []string{"data"}.

func AssetInfo 

func AssetInfo(name string) (os.FileInfo, error)

AssetInfo loads and returns the asset info for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetNames 

func AssetNames() []string

AssetNames returns the names of the assets.

func AssetString 

func AssetString(name string) (string, error)

AssetString returns the asset contents as a string (instead of a []byte).

func CreateKeychainEntryForService 

func CreateKeychainEntryForService(service, account, password string, trustedApplications []string) error

Creates a new keychain entry and

func CreateOrUpdateKeychainEntriesForService 

func CreateOrUpdateKeychainEntriesForService(service, account, password string, trustedApplications []string) error

Deletion poses problems because there does not seem to be a way to make deletion prompt for access, which means it will fail. trustedApplications is only set when creating a new keychain entry. Q: what happens when updating?

func Digests 

func Digests() (map[string][sha256.Size]byte, error)

Digests returns a map of all known files and their checksums.

func DynamicUnmarshalYamlAmanarConfiguration 

func DynamicUnmarshalYamlAmanarConfiguration(data []byte) (map[interface{}]interface{}, error)

func HandleResultErrors 

func HandleResultErrors(resultErrors []gojsonschema.ResultError)

func MustAsset 

func MustAsset(name string) []byte

MustAsset is like Asset but panics when Asset would return an error. It simplifies safe initialization of global variables.

func MustAssetString 

func MustAssetString(name string) string

MustAssetString is like AssetString but panics when Asset would return an error. It simplifies safe initialization of global variables.

func ProcessAmanar 

func ProcessAmanar(githubToken string, a *Amanar)

This is the main entrypoint for Amanar. Given a Github Token and a valid Amanar configuration, performs the necessary side effects.

func ProcessAmanarWithWriter 

func ProcessAmanarWithWriter(githubToken string, a *Amanar, writer io.Writer)

func ProcessConstantConfigItem 

func ProcessConstantConfigItem(constant Constant, writer io.Writer)

func ProcessVaultConfigItem 

func ProcessVaultConfigItem(configurables *Configurables, credentials *Credentials, writer io.Writer)

func RestoreAsset 

func RestoreAsset(dir, name string) error

RestoreAsset restores an asset under the given directory.

func RestoreAssets 

func RestoreAssets(dir, name string) error

RestoreAssets restores an asset under the given directory recursively.

func UpdateCredentials 

func UpdateCredentials(flows []Flower, credentials *Credentials)

func ValidateConfiguration 

func ValidateConfiguration(documentLoader gojsonschema.JSONLoader) (err error, re []gojsonschema.ResultError)

Types

type Amanar 

type Amanar struct {
	AmanarConfiguration []AmanarConfiguration `json:"amanar_configuration" yaml:"amanar_configuration"`
}

func LoadConfiguration 

func LoadConfiguration(configFilepath string) (*Amanar, error, []gojsonschema.ResultError)

func UnmarshalAmanar 

func UnmarshalAmanar(data []byte) (Amanar, error)

func UnmarshalYamlAmanarConfiguration 

func UnmarshalYamlAmanarConfiguration(data []byte) (Amanar, error)

func (*Amanar) Marshal 

func (r *Amanar) Marshal() ([]byte, error)

type AmanarConfiguration 

type AmanarConfiguration struct {
	Constant           *Constant            `json:"constant,omitempty" yaml:"constant,omitempty"`           // Amanar is able to render constants, which are pieces of information that do not depend on; Vault. This allows Amanar to be used to configure local static credentials in addition to; Vault-derived ones.
	VaultAddress       *string              `json:"vault_address,omitempty" yaml:"vault_address,omitempty"` // The address to a particular vault. Vault addresses usually differ for different; environments. For example, we may have one vault address for production and another for; staging.
	VaultConfiguration []VaultConfiguration `json:"vault_configuration" yaml:"vault_configuration"`
}

func (*AmanarConfiguration) MarshalYaml 

func (cs *AmanarConfiguration) MarshalYaml() ([]byte, error)

type Configurables 

type Configurables struct {
	IntellijDatasources       []IntellijDatasource       `json:"intellij_datasources" yaml:"intellij_datasources"`               // Allows IntelliJ datasource usernames and passwords to be changed. Most useful for; DataGrip and databases within IntelliJ Ultimate.
	IntellijRunConfigurations []IntellijRunConfiguration `json:"intellij_run_configurations" yaml:"intellij_run_configurations"` // Allows changes to database access credentials within IntelliJ run configurations.
	JSONDatasources           []JSONDatasource           `json:"json_datasources" yaml:"json_datasources"`                       // Allows a JSON file to be generated containing usernames and passwords.
	PosticoDatasources        []PosticoDatasource        `json:"postico_datasources" yaml:"postico_datasources"`                 // Allows changes to database access credentials stored in a Postico SQLite database.
	Querious2Datasources      []Querious2Datasource      `json:"querious2_datasources" yaml:"querious2_datasources"`             // Allows changes to database access credentials stored in a Querious 2 SQLite database.
	SequelProDatasources      []SequelProDatasource      `json:"sequel_pro_datasources" yaml:"sequel_pro_datasources"`           // Allows changes to database access credentials for Sequel Pro plists.
	ShellDatasources          []ShellDatasource          `json:"shell_datasources" yaml:"shell_datasources"`                     // Allows a file to be generated in a shell script that contains exports of environment; variables containing the new credentials.
	TemplateDatasources       []TemplateDatasource       `json:"template_datasources" yaml:"template_datasources"`               // Fills credentials into a provided Go template string or template file and prints the; result to stdout. The Credentials object is set as the dot context and its fields; (.Username and .Password) are available. Unlike the other datasources, templates are; generated anew each time and do not attempt to find previously existing keys to modify.; Go templates are documented here: https://golang.org/pkg/text/template/
}

type ConfigurationProcessor 

type ConfigurationProcessor interface {
	ProcessConfig()
}

func NewConfigurationProcessor 

func NewConfigurationProcessor(githubToken string, ac AmanarConfiguration, writer io.Writer) (ConfigurationProcessor, error)

type Constant 

type Constant struct {
	Template     *string `json:"template,omitempty" yaml:"template,omitempty"`           // A constant Go template string that will be rendered.
	TemplatePath *string `json:"template_path,omitempty" yaml:"template_path,omitempty"` // A path to a Go template file that will be rendered.
}

Amanar is able to render constants, which are pieces of information that do not depend on Vault. This allows Amanar to be used to configure local static credentials in addition to Vault-derived ones.

func (*Constant) GetTemplate 

func (c *Constant) GetTemplate() *string

func (*Constant) GetTemplatePath 

func (c *Constant) GetTemplatePath() *string

type ConstantConfigurationProcessor 

type ConstantConfigurationProcessor struct {
	// contains filtered or unexported fields
}

func (ConstantConfigurationProcessor) ProcessConfig 

func (c ConstantConfigurationProcessor) ProcessConfig()

type Credentials 

type Credentials struct {
	Username string
	Password string
}

func CreateCredentialsFromSecret 

func CreateCredentialsFromSecret(secret *api.Secret) (*Credentials, error)

type Flower 

type Flower interface {
	Name() string
	UpdateWithCredentials(credentials *Credentials) error
	PersistChanges() error
}

type GithubLoginBody 

type GithubLoginBody struct {
	Token string `json:"token"`
}

type IntellijDatasource 

type IntellijDatasource struct {
	DatabaseUUID       string `json:"database_uuid" yaml:"database_uuid"`               // The IntelliJ UUID for the database you want to update. You can find this by examining the; dataSources.local.xml file.
	DatasourceFilePath string `json:"datasource_file_path" yaml:"datasource_file_path"` // The path to IntelliJ data sources file. The file is typically called; dataSources.local.xml.
}

type IntellijDatasourceFile 

type IntellijDatasourceFile struct {
	Document *etree.Document
	Fullpath string
}

A IntellijDatasourceFile is an XML document containing This struct and methods allows updating of the username in such a configuration. DataGrip can store usernames in its configuration and passwords in the Keyring, or it can store both a username and password in a URL-like format in its config files. This updater assumes that the former is the case.

func NewIntellijDatasourceFile 

func NewIntellijDatasourceFile(filepath string) (*IntellijDatasourceFile, error)

Tested with DataGrip 2017.2

func (*IntellijDatasourceFile) UpdateUsername 

func (dc *IntellijDatasourceFile) UpdateUsername(databaseUuid string, newUsername string) (oldUsername string, err error)

func (*IntellijDatasourceFile) WriteToFile 

func (dc *IntellijDatasourceFile) WriteToFile() error

type IntellijDatasourceFlow 

type IntellijDatasourceFlow struct {
	IntellijDatasource
	// contains filtered or unexported fields
}

An IntellijDatasourceFlow knows how to update the username and password for a single database with a particular IntelliJ UUID. It does this by using dataSources.local.xml files.

func NewIntellijDatasourceFlow 

func NewIntellijDatasourceFlow(config *IntellijDatasource) (*IntellijDatasourceFlow, error)

func (*IntellijDatasourceFlow) Name 

func (ds *IntellijDatasourceFlow) Name() string

func (*IntellijDatasourceFlow) PersistChanges 

func (ds *IntellijDatasourceFlow) PersistChanges() (err error)

func (*IntellijDatasourceFlow) UpdateWithCredentials 

func (ds *IntellijDatasourceFlow) UpdateWithCredentials(credentials *Credentials) (err error)

type IntellijRunConfig 

type IntellijRunConfig struct {
	Document *etree.Document
	Fullpath string
}

func NewIntellijRunConfig 

func NewIntellijRunConfig(filepath string) (*IntellijRunConfig, error)

func (*IntellijRunConfig) UpdateEnvironmentVariable 

func (rc *IntellijRunConfig) UpdateEnvironmentVariable(environmentVariable, databaseHost string, credentials *Credentials) (err error)

func (*IntellijRunConfig) WriteToFile 

func (rc *IntellijRunConfig) WriteToFile() (err error)

type IntellijRunConfigsFlow 

type IntellijRunConfigsFlow struct {
	IntellijRunConfiguration
	// contains filtered or unexported fields
}

func NewIntellijRunConfigsFlow 

func NewIntellijRunConfigsFlow(config *IntellijRunConfiguration) (*IntellijRunConfigsFlow, error)

func (*IntellijRunConfigsFlow) Name 

func (rc *IntellijRunConfigsFlow) Name() string

func (*IntellijRunConfigsFlow) PersistChanges 

func (rc *IntellijRunConfigsFlow) PersistChanges() (err error)

func (*IntellijRunConfigsFlow) UpdateWithCredentials 

func (rc *IntellijRunConfigsFlow) UpdateWithCredentials(credentials *Credentials) (err error)

type IntellijRunConfiguration 

type IntellijRunConfiguration struct {
	DatabaseHost                string `json:"database_host" yaml:"database_host"`                                   // The username and password for the URL will only be updated if the host of URL in the; environment variable matches this string.
	EnvironmentVariable         string `json:"environment_variable" yaml:"environment_variable"`                     // The environment variable in the run configuration under which the database connection
	RunConfigurationsFolderPath string `json:"run_configurations_folder_path" yaml:"run_configurations_folder_path"` // A directory containing all IntelliJ run configurations to be examined. Usually located in; .idea/runConfigurations. Run configurations may need to be shared before becoming visible; in this folder.
}

type JSONCredential 

type JSONCredential struct {
	Identifier string `json:"identifier"`
	Username   string `json:"username"`
	Password   string `json:"password"`
}

type JSONCredentials 

type JSONCredentials []JSONCredential

func UnmarshalJSONCredentials 

func UnmarshalJSONCredentials(data []byte) (JSONCredentials, error)

func (*JSONCredentials) Marshal 

func (r *JSONCredentials) Marshal() ([]byte, error)

type JSONDatasource 

type JSONDatasource struct {
	Filepath   string `json:"filepath" yaml:"filepath"`     // The path the JSON file should be generated to.
	Identifier string `json:"identifier" yaml:"identifier"` // The name of this vault role and vault path pair to be used as an identifier for this JSON; object.
}

type JSONFlow 

type JSONFlow struct {
	JSONDatasource
	// contains filtered or unexported fields
}

func NewJSONFlow 

func NewJSONFlow(config *JSONDatasource) (*JSONFlow, error)

func (*JSONFlow) Name 

func (sf *JSONFlow) Name() string

func (*JSONFlow) PersistChanges 

func (sf *JSONFlow) PersistChanges() error

func (*JSONFlow) UpdateWithCredentials 

func (sf *JSONFlow) UpdateWithCredentials(credentials *Credentials) error

type JsonBytesSchemaValidator 

type JsonBytesSchemaValidator struct {
	// contains filtered or unexported fields
}

func NewJsonBytesSchemaValidator 

func NewJsonBytesSchemaValidator(jsonBytes []byte) *JsonBytesSchemaValidator

func (JsonBytesSchemaValidator) Validate 

func (j JsonBytesSchemaValidator) Validate() (err error, re []gojsonschema.ResultError)

type PosticoDatasource 

type PosticoDatasource struct {
	DatabaseUUID      string `json:"database_uuid" yaml:"database_uuid"`             // The unique identifier for the Postico database to update. Can be found by looking in the; SQLite database.
	PosticoSqlitePath string `json:"postico_sqlite_path" yaml:"postico_sqlite_path"` // Path to the SQLite database in which Postico stores its data. The file is typically; called ConnectionFavorites.db
}

type PosticoFavorite 

type PosticoFavorite struct {
	UUID     string
	User     sql.NullString
	Nickname sql.NullString
	Host     sql.NullString
	Database sql.NullString
	Port     sql.NullInt64
}

type PosticoFlow 

type PosticoFlow struct {
	PosticoDatasource
	// contains filtered or unexported fields
}

func NewPosticoFlow 

func NewPosticoFlow(config *PosticoDatasource) (*PosticoFlow, error)

func (*PosticoFlow) Name 

func (pf *PosticoFlow) Name() string

func (*PosticoFlow) PersistChanges 

func (pf *PosticoFlow) PersistChanges() (err error)

func (*PosticoFlow) UpdateWithCredentials 

func (pf *PosticoFlow) UpdateWithCredentials(credentials *Credentials) error

type PosticoSQLiteDatabase 

type PosticoSQLiteDatabase struct {
	Database *sql.DB
}

func NewPosticoSQLiteDatabase 

func NewPosticoSQLiteDatabase(filepath string) (*PosticoSQLiteDatabase, error)

func (*PosticoSQLiteDatabase) GetFavoriteFromUUID 

func (pdb *PosticoSQLiteDatabase) GetFavoriteFromUUID(uuid string) (*PosticoFavorite, error)

func (*PosticoSQLiteDatabase) UpdateUsername 

func (pdb *PosticoSQLiteDatabase) UpdateUsername(databaseUuid string, username string) error

type Querious2Datasource 

type Querious2Datasource struct {
	DatabaseUUID        string `json:"database_uuid" yaml:"database_uuid"`                 // The unique identifier for the Querious database to update. Can be found by looking in the; SQLite database.
	Querious2SqlitePath string `json:"querious2_sqlite_path" yaml:"querious2_sqlite_path"` // Path to the SQLite database in which Querious 2 stores its data. The file is typically; called Connections.sqlite.
}

type Querious2Flow 

type Querious2Flow struct {
	Querious2Datasource
	// contains filtered or unexported fields
}

func NewQuerious2Flow 

func NewQuerious2Flow(config *Querious2Datasource) (*Querious2Flow, error)

func (*Querious2Flow) Name 

func (qf *Querious2Flow) Name() string

func (*Querious2Flow) PersistChanges 

func (qf *Querious2Flow) PersistChanges() (err error)

func (*Querious2Flow) UpdateWithCredentials 

func (qf *Querious2Flow) UpdateWithCredentials(credentials *Credentials) error

type Querious2SQLiteDatabase 

type Querious2SQLiteDatabase struct {
	Filepath string
}

func NewQuerious2SQLiteDatabase 

func NewQuerious2SQLiteDatabase(filepath string) (*Querious2SQLiteDatabase, error)

func (*Querious2SQLiteDatabase) UpdateUsername 

func (qdb *Querious2SQLiteDatabase) UpdateUsername(databaseUuid string, username string) error

type SchemaValidator 

type SchemaValidator interface {
	Validate() (err error, re []gojsonschema.ResultError)
	// contains filtered or unexported methods
}

type SequelProDatasource 

type SequelProDatasource struct {
	DatabaseUUID       string `json:"database_uuid" yaml:"database_uuid"`                 // The unique identifier for the Sequel Pro database to update. Can be found by looking in; the plist.
	SequelProPlistPath string `json:"sequel_pro_plist_path" yaml:"sequel_pro_plist_path"` // Path to the plist in which Sequel Pro stores its data. The file is typically called; Favorites.plist
}

type SequelProFlow 

type SequelProFlow struct {
	SequelProDatasource
	// contains filtered or unexported fields
}

func NewSequelProFlow 

func NewSequelProFlow(config *SequelProDatasource) (spf *SequelProFlow, err error)

func (*SequelProFlow) Name 

func (sp *SequelProFlow) Name() string

func (*SequelProFlow) PersistChanges 

func (sp *SequelProFlow) PersistChanges() (err error)

func (*SequelProFlow) UpdateWithCredentials 

func (sp *SequelProFlow) UpdateWithCredentials(credentials *Credentials) (err error)

type SequelProPlistItem 

type SequelProPlistItem struct {
	ColorIndex                        int64  `plist:"colorIndex"`
	Database                          string `plist:"database"`
	Host                              string `plist:"host"`
	Id                                int64  `plist:"id"`
	Name                              string `plist:"name"`
	Port                              string `plist:"port"`
	Socket                            string `plist:"socket"`
	SSHHost                           string `plist:"sshHost"`
	SSHKeyLocation                    string `plist:"sshKeyLocation"`
	SSHKeyLocationEnabled             int    `plist:"sshKeyLocationEnabled"`
	SSHPort                           string `plist:"sshPort"`
	SSHUser                           string `plist:"sshUser"`
	SSLCACertFileLocation             string `plist:"sslcaCertFileLocation"`
	SSLCACertFileLocationEnabled      int    `plist:"sslcaCertFileLocationEnabled"`
	SSLCertificateFileLocation        string `plist:"sslCertificateFileLocation"`
	SSLCertificateFileLocationEnabled int    `plist:"sslCertificateFileLocationEnabled"`
	SSLKeyFileLocation                string `plist:"sslKeyFileLocation"`
	SSLKeyFileLocationEnabled         int    `plist:"sslKeyFileLocationEnabled"`
	Type                              int    `plist:"type"`
	UseSSL                            int    `plist:"useSSL"`
	User                              string `plist:"user"`
}

type SequelProRootPlist 

type SequelProRootPlist struct {
	FavoritesRoot struct {
		IsExpanded bool                 `plist:"IsExpanded"`
		Name       string               `plist:"Name"`
		Children   []SequelProPlistItem `plist:"Children"`
	} `plist:"Favorites Root"`
}

type ShellDatasource 

type ShellDatasource struct {
	Filepath         string `json:"filepath" yaml:"filepath"`                   // The path the shell script should be generated to.
	PasswordVariable string `json:"password_variable" yaml:"password_variable"` // The name of the environment variable that should contain the password
	UsernameVariable string `json:"username_variable" yaml:"username_variable"` // The name of the environment variable that should contain the username
}

type ShellFile 

type ShellFile struct {
	AST *syntax.File
	// contains filtered or unexported fields
}

func NewShellFile 

func NewShellFile(filepath string) (*ShellFile, error)

func (*ShellFile) UpdateCredentials 

func (sf *ShellFile) UpdateCredentials(usernameVariable, passwordVariable string, credentials *Credentials)

func (*ShellFile) WriteToDisk 

func (sf *ShellFile) WriteToDisk() error

type ShellFlow 

type ShellFlow struct {
	ShellDatasource
	// contains filtered or unexported fields
}

func NewShellFlow 

func NewShellFlow(config *ShellDatasource) (*ShellFlow, error)

func (*ShellFlow) Name 

func (sf *ShellFlow) Name() string

func (*ShellFlow) PersistChanges 

func (sf *ShellFlow) PersistChanges() error

func (*ShellFlow) UpdateWithCredentials 

func (sf *ShellFlow) UpdateWithCredentials(credentials *Credentials) error

type StructSchemaValidator 

type StructSchemaValidator struct {
	// contains filtered or unexported fields
}

func NewStructSchemaValidator 

func NewStructSchemaValidator(goStruct *Amanar) *StructSchemaValidator

func (StructSchemaValidator) Validate 

func (s StructSchemaValidator) Validate() (err error, re []gojsonschema.ResultError)

type TemplateDatasource 

type TemplateDatasource struct {
	Template     *string `json:"template,omitempty" yaml:"template,omitempty"`           // A Go template string that will be filled in with credentials.
	TemplatePath *string `json:"template_path,omitempty" yaml:"template_path,omitempty"` // The path to the Go template file that will be filled in with credentials.
}

func (*TemplateDatasource) GetTemplate 

func (tds *TemplateDatasource) GetTemplate() *string

func (*TemplateDatasource) GetTemplatePath 

func (tds *TemplateDatasource) GetTemplatePath() *string

type TemplateDefiner 

type TemplateDefiner interface {
	GetTemplate() *string
	GetTemplatePath() *string
}

type TemplateFlow 

type TemplateFlow struct {
	// contains filtered or unexported fields
}

func NewTemplateFlow 

func NewTemplateFlow(config *TemplateDatasource, writer io.Writer) (*TemplateFlow, error)

func (*TemplateFlow) Name 

func (tf *TemplateFlow) Name() string

func (*TemplateFlow) PersistChanges 

func (tf *TemplateFlow) PersistChanges() error

func (*TemplateFlow) UpdateWithCredentials 

func (tf *TemplateFlow) UpdateWithCredentials(credentials *Credentials) error

type TemplateSource 

type TemplateSource struct {
	// contains filtered or unexported fields
}

func NewTemplateSource 

func NewTemplateSource(definer TemplateDefiner, writer io.Writer) (source *TemplateSource, err error)

func NewTemplateSourceFromFile 

func NewTemplateSourceFromFile(templateFilepath *string, writer io.Writer) (*TemplateSource, error)

func NewTemplateSourceFromString 

func NewTemplateSourceFromString(templateString *string, writer io.Writer) (*TemplateSource, error)

func (TemplateSource) WriteToDisk 

func (t TemplateSource) WriteToDisk(credentials Credentials) error

func (TemplateSource) WriteToDiskWithoutContext 

func (t TemplateSource) WriteToDiskWithoutContext() error

type VaultConfiguration 

type VaultConfiguration struct {
	Configurables Configurables `json:"configurables" yaml:"configurables"`
	VaultPath     string        `json:"vault_path" yaml:"vault_path"` // The path representing the datastore in the Vault. This is equivalent to $VAULT_PATH in; the CLI command `vault read $VAULT_PATH/creds/$VAULT_ROLE`.
	VaultRole     string        `json:"vault_role" yaml:"vault_role"` // The role representing the permissions that are sought to the Vault datastore. This is; equivalent to $VAULT_ROLE in the CLI command `vault read $VAULT_PATH/creds/$VAULT_ROLE`.
}

A list of vault roles and paths and configuration options for output to data sources within a particular vault environment.

type VaultConfigurationProcessor 

type VaultConfigurationProcessor struct {
	// contains filtered or unexported fields
}

func (VaultConfigurationProcessor) ProcessConfig 

func (v VaultConfigurationProcessor) ProcessConfig()

type VaultGithubAuthClient 

type VaultGithubAuthClient struct {
	GithubToken  string
	VaultAddress string
	// contains filtered or unexported fields
}

func (*VaultGithubAuthClient) GetCredential 

func (vc *VaultGithubAuthClient) GetCredential(vaultPath, vaultRole string) (*api.Secret, error)

func (*VaultGithubAuthClient) LoginWithGithub 

func (vc *VaultGithubAuthClient) LoginWithGithub() error

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.