configutil

package module
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 12, 2021 License: MPL-2.0 Imports: 26 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ParseTelemetry    = func(*ast.ObjectList) (interface{}, error) { return nil, nil }
	SanitizeTelemetry = func(interface{}) map[string]interface{} { return nil }
)

These two functions are overridden if metricsutil is invoked, but keep this module from needing to depend on metricsutil and its various deps otherwise. Import the metricsutil module, e.g.

_ "github.com/hashicorp/shared-secure-libs/metricsutil"

in order to have telemetry be parsed.

View Source 
var (
	ConfigureWrapper             = configureWrapper
	CreateSecureRandomReaderFunc = createSecureRandomReader
)
View Source 
var GetAWSKMSFunc = func(opts *wrapping.WrapperOptions, kms *KMS) (wrapping.Wrapper, map[string]string, error) {
	wrapper := awskms.NewWrapper(opts)
	wrapperInfo, err := wrapper.SetConfig(kms.Config)
	if err != nil {
		return nil, nil, err
	}
	info := make(map[string]string)
	if wrapperInfo != nil {
		info["AWS KMS Region"] = wrapperInfo["region"]
		info["AWS KMS KeyID"] = wrapperInfo["kms_key_id"]
		if endpoint, ok := wrapperInfo["endpoint"]; ok {
			info["AWS KMS Endpoint"] = endpoint
		}
	}
	return wrapper, info, nil
}
View Source 
var GetTransitKMSFunc = func(opts *wrapping.WrapperOptions, kms *KMS) (wrapping.Wrapper, map[string]string, error) {
	wrapper := transit.NewWrapper(opts)
	wrapperInfo, err := wrapper.SetConfig(kms.Config)
	if err != nil {
		return nil, nil, err
	}
	info := make(map[string]string)
	if wrapperInfo != nil {
		info["Transit Address"] = wrapperInfo["address"]
		info["Transit Mount Path"] = wrapperInfo["mount_path"]
		info["Transit Key Name"] = wrapperInfo["key_name"]
		if namespace, ok := wrapperInfo["namespace"]; ok {
			info["Transit Namespace"] = namespace
		}
	}
	return wrapper, info, nil
}

Functions

func EncryptDecrypt 

func EncryptDecrypt(rawStr string, decrypt, strip bool, wrapper wrapping.Wrapper) (string, error)

func GetAEADKMSFunc 

func GetAEADKMSFunc(opts *wrapping.WrapperOptions, kms *KMS) (wrapping.Wrapper, map[string]string, error)

func GetAliCloudKMSFunc 

func GetAliCloudKMSFunc(opts *wrapping.WrapperOptions, kms *KMS) (wrapping.Wrapper, map[string]string, error)

func GetAzureKeyVaultKMSFunc 

func GetAzureKeyVaultKMSFunc(opts *wrapping.WrapperOptions, kms *KMS) (wrapping.Wrapper, map[string]string, error)

func GetGCPCKMSKMSFunc 

func GetGCPCKMSKMSFunc(opts *wrapping.WrapperOptions, kms *KMS) (wrapping.Wrapper, map[string]string, error)

func GetOCIKMSKMSFunc 

func GetOCIKMSKMSFunc(opts *wrapping.WrapperOptions, kms *KMS) (wrapping.Wrapper, map[string]string, error)

func ParseEntropy 

func ParseEntropy(result *SharedConfig, list *ast.ObjectList, blockName string) error

Types

type EntSharedConfig 

type EntSharedConfig struct {
}

func (*EntSharedConfig) ParseConfig 

func (ec *EntSharedConfig) ParseConfig(list *ast.ObjectList) error

type Entropy 

type Entropy struct {
	Mode EntropyMode
}

type EntropyMode 

type EntropyMode int

Entropy contains Entropy configuration for the server 

const (
	EntropyUnknown EntropyMode = iota
	EntropyAugmentation
)

type KMS 

type KMS struct {
	Type string
	// Purpose can be used to allow a string-based specification of what this
	// KMS is designated for, in situations where we want to allow more than
	// one KMS to be specified
	Purpose []string `hcl:"-"`

	Disabled bool
	Config   map[string]string
}

KMS contains KMS configuration for the server

func LoadConfigKMSes 

func LoadConfigKMSes(path string) ([]*KMS, error)

func ParseKMSes 

func ParseKMSes(d string) ([]*KMS, error)

func (*KMS) GoString 

func (k *KMS) GoString() string

type SharedConfig 

type SharedConfig struct {
	EntSharedConfig

	Listeners []*listenerutil.ListenerConfig `hcl:"-"`

	Seals   []*KMS   `hcl:"-"`
	Entropy *Entropy `hcl:"-"`

	DisableMlock    bool        `hcl:"-"`
	DisableMlockRaw interface{} `hcl:"disable_mlock"`

	Telemetry interface{} `hcl:"telemetry"`

	DefaultMaxRequestDuration    time.Duration `hcl:"-"`
	DefaultMaxRequestDurationRaw interface{}   `hcl:"default_max_request_duration"`

	// LogFormat specifies the log format. Valid values are "standard" and
	// "json". The values are case-insenstive. If no log format is specified,
	// then standard format will be used.
	LogFormat string `hcl:"log_format"`
	LogLevel  string `hcl:"log_level"`

	PidFile string `hcl:"pid_file"`

	ClusterName string `hcl:"cluster_name"`
}

SharedConfig contains some shared values

func LoadConfigFile 

func LoadConfigFile(path string) (*SharedConfig, error)

LoadConfigFile loads the configuration from the given file.

func ParseConfig 

func ParseConfig(d string) (*SharedConfig, error)

func (*SharedConfig) Merge 

func (c *SharedConfig) Merge(c2 *SharedConfig) *SharedConfig

func (*SharedConfig) Sanitized 

func (c *SharedConfig) Sanitized() map[string]interface{}

Sanitized returns a copy of the config with all values that are considered sensitive stripped. It also strips all `*Raw` values that are mainly used for parsing.

Specifically, the fields that this method strips are: - KMS.Config - Telemetry.CirconusAPIToken

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.