Documentation

Overview

    Package keyrotation implements the API handlers for running key rotation jobs.

    Package keyrotation implements the API handlers for running key rotation jobs.

    Index

    Constants

    This section is empty.

    Variables

    This section is empty.

    Functions

    This section is empty.

    Types

    type Config

    type Config struct {
    	Database              database.Config
    	SecretManager         secrets.Config
    	ObservabilityExporter observability.Config
    	RevisionToken         revision.Config
    	KeyManager            keys.Config
    
    	Port string `env:"PORT, default=8080"`
    
    	// NewKeyPeriod is the duration after which we will rotate encryption keys. By default we
    	// generate a new key every two weeks.
    	NewKeyPeriod time.Duration `env:"NEW_KEY_PERIOD, default=168h"`
    
    	// DeleteOldKeyPeriod is the duration after which it is safe to delete old keys.
    	// We delete old data after two weeks after which it should be safe to also delete
    	// the associated key - we default to 15d to buffer for potential timezones issues.
    	DeleteOldKeyPeriod time.Duration `env:"DELETE_OLD_KEY_PERIOD, default=360h"`
    }

      Config represents the configuration and associated environment variables for the key rotation components.

      func (*Config) DatabaseConfig

      func (c *Config) DatabaseConfig() *database.Config

      func (*Config) KeyManagerConfig

      func (c *Config) KeyManagerConfig() *keys.Config

      func (*Config) ObservabilityExporterConfig

      func (c *Config) ObservabilityExporterConfig() *observability.Config

      func (*Config) SecretManagerConfig

      func (c *Config) SecretManagerConfig() *secrets.Config

      type Server

      type Server struct {
      	// contains filtered or unexported fields
      }

        Server hosts end points to manage key rotation

        func NewServer

        func NewServer(config *Config, env *serverenv.ServerEnv) (*Server, error)

          NewServer creates a Server that manages deletion of old export files that are no longer needed by clients for download.

          func (*Server) Routes

          func (s *Server) Routes(ctx context.Context) *mux.Router

            Routes defines and returns the routes for this server.