Documentation
¶
Overview ¶
Package ghkeys fetches a GitHub user's SSH public keys and converts the supported ones into age recipients. FetchRecipients GETs https://github.com/<username>.keys through a caller-supplied HTTPClient (so the transport is injectable and testable), parses the authorized-keys body, and skips — with a warning logged to an injectable Logger — any key age cannot represent. Failures carry a sentinel (ErrFetchKeys or ErrNoValidKeys) recoverable with errors.Is.
Index ¶
Constants ¶
const ( // ErrFetchKeys is the leading sentinel wrapped when the GitHub keys endpoint // cannot be requested, returns a non-200 status, or its body cannot be read. ErrFetchKeys errs.Const = "failed to fetch keys" // ErrNoValidKeys is returned when the response contains no SSH public key // that could be parsed into an age recipient. ErrNoValidKeys errs.Const = "no valid keys found" )
Variables ¶
This section is empty.
Functions ¶
func FetchRecipients ¶
func FetchRecipients( ctx context.Context, client HTTPClient, username Username, options ...Option, ) ([]age.Recipient, error)
FetchRecipients fetches SSH public keys for a GitHub user and returns age recipients.
Types ¶
type HTTPClient ¶
HTTPClient is the interface for making HTTP requests.
type Logger ¶
Logger is an Option that routes the skip warning (emitted for keys age cannot represent) to a specific slog.Logger instead of slog.Default.
type Option ¶
type Option interface {
// contains filtered or unexported methods
}
Option configures a FetchRecipients call. Options are type-based so the compiler verifies each one and the public surface stays additive. The interface is sealed (config is package-private, so only this package can implement it) and apply is a pure value transform — it receives the current config and returns the updated one — so options never mutate shared state through a pointer.