rotation

package

v0.18.0 Latest Latest Go to latest Published: Jun 5, 2025 License: MPL-2.0 Imports: 3 Imported by: 5

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hashicorp/vault

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type DefaultSchedule
type RotationJob
- func ConfigureRotationJob(configRequest *RotationJobConfigureRequest) (*RotationJob, error)
- func (s *RotationJob) Validate() error
type RotationJobConfigureRequest
type RotationJobDeregisterRequest
type RotationOptions
type RotationSchedule
type Scheduler

Constants ¶

View Source

const (
	PerformedRegistration   = "registration"
	PerformedDeregistration = "deregistration"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type DefaultSchedule ¶

type DefaultSchedule struct{}

func (*DefaultSchedule) IsInsideRotationWindow ¶

func (d *DefaultSchedule) IsInsideRotationWindow(rs *RotationSchedule, t time.Time) bool

IsInsideRotationWindow checks if the current time is before the calculated end of the rotation window, to make sure that t time is within the specified rotation window It returns true if rotation window is not specified

func (*DefaultSchedule) NextRotationTime ¶

func (d *DefaultSchedule) NextRotationTime(rs *RotationSchedule) time.Time

NextRotationTime calculates the next scheduled rotation

func (*DefaultSchedule) NextRotationTimeFromInput ¶

func (d *DefaultSchedule) NextRotationTimeFromInput(rs *RotationSchedule, input time.Time) time.Time

NextRotationTimeFromInput calculates and returns the next rotation time based on the provided schedule and input time

func (*DefaultSchedule) Parse ¶

func (d *DefaultSchedule) Parse(rotationSchedule string) (*cron.SpecSchedule, error)

func (*DefaultSchedule) SetNextVaultRotation ¶

func (d *DefaultSchedule) SetNextVaultRotation(rs *RotationSchedule, t time.Time)

SetNextVaultRotation calculates the next rotation time of a given schedule based on the time.

func (*DefaultSchedule) ShouldRotate ¶

func (d *DefaultSchedule) ShouldRotate(rs *RotationSchedule, priority int64, t time.Time) bool

ShouldRotate checks if the rotation should occur based on priority, current time, and rotation window It returns true if the priority is less than or equal to the current time and the current time is within the rotation window

func (*DefaultSchedule) UsesRotationSchedule ¶

func (d *DefaultSchedule) UsesRotationSchedule(rs *RotationSchedule) bool

func (*DefaultSchedule) UsesTTL ¶

func (d *DefaultSchedule) UsesTTL(rs *RotationSchedule) bool

func (*DefaultSchedule) ValidateRotationWindow ¶

func (d *DefaultSchedule) ValidateRotationWindow(s int) error

type RotationJob ¶

type RotationJob struct {
	RotationOptions

	// RotationID is the ID returned to the user to manage this secret.
	// This is generated by Vault core. Any set value will be ignored.
	// For requests, this will always be blank.
	RotationID string `sentinel:""`
	Path       string
	MountPoint string
	Name       string
}

RotationJob represents the secret part of a response.

func ConfigureRotationJob ¶

func ConfigureRotationJob(configRequest *RotationJobConfigureRequest) (*RotationJob, error)

ConfigureRotationJob builds and returns a configured RotationJob for the mount and request with the given schedule.

func (*RotationJob) Validate ¶

func (s *RotationJob) Validate() error

type RotationJobConfigureRequest ¶

type RotationJobConfigureRequest struct {
	Name             string
	MountPoint       string
	ReqPath          string
	RotationSchedule string
	RotationWindow   time.Duration
	RotationPeriod   time.Duration
}

type RotationJobDeregisterRequest ¶ added in v0.15.0

type RotationJobDeregisterRequest struct {
	MountPoint string
	ReqPath    string
}

type RotationOptions ¶

type RotationOptions struct {
	// Schedule holds the info for the framework.Schedule
	Schedule *RotationSchedule
}

RotationOptions is an embeddable struct to capture common rotation settings between a Secret and Auth

type RotationSchedule ¶

type RotationSchedule struct {
	Schedule          *cron.SpecSchedule `json:"schedule"`
	RotationWindow    time.Duration      `json:"rotation_window"` // seconds of window
	RotationSchedule  string             `json:"rotation_schedule"`
	RotationPeriod    time.Duration      `json:"rotation_period"`
	NextVaultRotation time.Time          `json:"next_vault_rotation"`
	LastVaultRotation time.Time          `json:"last_vault_rotation"`
}

RotationSchedule holds the parsed and unparsed versions of the schedule, along with the projected next rotation time.

type Scheduler ¶

type Scheduler interface {
	Parse(rotationSchedule string) (*cron.SpecSchedule, error)
	ValidateRotationWindow(s int) error
	NextRotationTimeFromInput(rs *RotationSchedule, input time.Time) time.Time
	IsInsideRotationWindow(rs *RotationSchedule, t time.Time) bool
	ShouldRotate(rs *RotationSchedule, priority int64, t time.Time) bool
	NextRotationTime(rs *RotationSchedule) time.Time
	SetNextVaultRotation(rs *RotationSchedule, t time.Time)
	UsesTTL(rs *RotationSchedule) bool
	UsesRotationSchedule(rs *RotationSchedule) bool
}

var DefaultScheduler Scheduler = &DefaultSchedule{}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL