infisical

package module
v0.5.99 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 16, 2025 License: Apache-2.0 Imports: 31 Imported by: 31

README

infisical

Infisical Go SDK

Slack | Infisical Cloud | Self-Hosting | SDK Docs | Website

Infisical is released under the MIT license. PRs welcome! git commit activity Slack community channel Infisical Twitter

Introduction

Infisical is the open source secret management platform that teams use to centralize their secrets like API keys, database credentials, and configurations.

The Infisical Go SDK provides a robust and efficient way for Go developers to integrate Infisical's secret management capabilities into their applications. With our SDK, you can seamlessly retrieve, update, delete, and manage your application's secrets. The SDK offers a simple API, making it easy to integrate Infisical's core features into your Go projects with minimal effort. Whether you are building microservices, cloud-native applications, or any other Go-based systems.

For detailed documentation on how to get started with the Infisical Go SDK, check out our SDK Docs.

Security

Please do not file GitHub issues or post on our public forum for security vulnerabilities, as they are public!

Infisical takes security issues very seriously. If you have any concerns about Infisical or believe you have uncovered a vulnerability, please get in touch via the e-mail address security@infisical.com. In the message, try to provide a description of the issue and ideally a way of reproducing it. The security team will get back to you as soon as possible.

Note that this security address should be used only for undisclosed vulnerabilities. Please report any security problems to us before disclosing it publicly.

Contributing

Whether it's big or small, we love contributions. Check out our guide to see how to get started.

Not sure where to get started? Join our Slack, and ask us any questions there.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type APIError added in v0.1.7

type APIError = errors.APIError

type AddSshHostOptions added in v0.5.5

type AddSshHostOptions = api.AddSshHostV1Request

type Auth

type Auth struct {
	// contains filtered or unexported fields
}

func (*Auth) AwsIamAuthLogin

func (a *Auth) AwsIamAuthLogin(identityId string) (credential MachineIdentityCredential, err error)

func (*Auth) AzureAuthLogin

func (a *Auth) AzureAuthLogin(identityID string, resource string) (credential MachineIdentityCredential, err error)

func (*Auth) GcpIamAuthLogin

func (a *Auth) GcpIamAuthLogin(identityID string, serviceAccountKeyFilePath string) (credential MachineIdentityCredential, err error)

func (*Auth) GcpIdTokenAuthLogin

func (a *Auth) GcpIdTokenAuthLogin(identityID string) (credential MachineIdentityCredential, err error)

func (*Auth) GetAccessToken added in v0.4.4

func (a *Auth) GetAccessToken() string

func (*Auth) JwtAuthLogin added in v0.5.94

func (a *Auth) JwtAuthLogin(identityID string, jwt string) (credential MachineIdentityCredential, err error)

func (*Auth) KubernetesAuthLogin

func (a *Auth) KubernetesAuthLogin(identityID string, serviceAccountTokenPath string) (credential MachineIdentityCredential, err error)

func (*Auth) KubernetesRawServiceAccountTokenLogin added in v0.1.8

func (a *Auth) KubernetesRawServiceAccountTokenLogin(identityID string, serviceAccountToken string) (credential MachineIdentityCredential, err error)

func (*Auth) LdapAuthLogin added in v0.5.98

func (a *Auth) LdapAuthLogin(identityID string, username string, password string) (credential MachineIdentityCredential, err error)

func (*Auth) OciAuthLogin added in v0.5.98

func (a *Auth) OciAuthLogin(options OciAuthLoginOptions) (credential MachineIdentityCredential, err error)

func (*Auth) OidcAuthLogin added in v0.3.0

func (a *Auth) OidcAuthLogin(identityId string, jwt string) (credential MachineIdentityCredential, err error)

func (*Auth) RevokeAccessToken added in v0.5.93

func (a *Auth) RevokeAccessToken() error

func (*Auth) SetAccessToken

func (a *Auth) SetAccessToken(accessToken string)

func (*Auth) UniversalAuthLogin

func (a *Auth) UniversalAuthLogin(clientID string, clientSecret string) (credential MachineIdentityCredential, err error)

type AuthInterface

type AuthInterface interface {
	SetAccessToken(accessToken string)
	GetAccessToken() string
	UniversalAuthLogin(clientID string, clientSecret string) (credential MachineIdentityCredential, err error)
	JwtAuthLogin(identityID string, jwt string) (credential MachineIdentityCredential, err error)
	KubernetesAuthLogin(identityID string, serviceAccountTokenPath string) (credential MachineIdentityCredential, err error)
	KubernetesRawServiceAccountTokenLogin(identityID string, serviceAccountToken string) (credential MachineIdentityCredential, err error)
	AzureAuthLogin(identityID string, resource string) (credential MachineIdentityCredential, err error)
	GcpIdTokenAuthLogin(identityID string) (credential MachineIdentityCredential, err error)
	GcpIamAuthLogin(identityID string, serviceAccountKeyFilePath string) (credential MachineIdentityCredential, err error)
	AwsIamAuthLogin(identityId string) (credential MachineIdentityCredential, err error)
	OidcAuthLogin(identityId string, jwt string) (credential MachineIdentityCredential, err error)
	OciAuthLogin(options OciAuthLoginOptions) (credential MachineIdentityCredential, err error)
	LdapAuthLogin(identityID string, username string, password string) (credential MachineIdentityCredential, err error)
	RevokeAccessToken() error
}

func NewAuth

func NewAuth(client *InfisicalClient) AuthInterface

type BatchCreateSecret added in v0.5.0

type BatchCreateSecret = api.BatchCreateSecret

type BatchCreateSecretsOptions added in v0.5.0

type BatchCreateSecretsOptions = api.BatchCreateSecretsV3RawRequest

type BatchSecrets added in v0.5.0

type BatchSecrets struct {
	// contains filtered or unexported fields
}

func (*BatchSecrets) Create added in v0.5.0

func (bs *BatchSecrets) Create(options BatchCreateSecretsOptions) ([]models.Secret, error)

type BatchSecretsInterface added in v0.5.0

type BatchSecretsInterface interface {
	Create(options BatchCreateSecretsOptions) ([]models.Secret, error)
}

type Config

type Config struct {
	SiteUrl              string `default:"https://app.infisical.com"`
	CaCertificate        string
	UserAgent            string `default:"infisical-go-sdk"` // User-Agent header to be used on requests sent by the SDK. Defaults to `infisical-go-sdk`. Do not modify this unless you have a reason to do so.
	AutoTokenRefresh     bool   `default:"true"`             // Wether or not to automatically refresh the auth token after using one of the .Auth() methods. Defaults to `true`.
	SilentMode           bool   `default:"false"`            // If enabled, the SDK will not print any warnings to the console.
	CacheExpiryInSeconds int    // Defines how long certain API responses should be cached in memory, in seconds. When set to a positive value, responses from specific fetch API requests (like secret fetching) will be cached for this duration. Set to 0 to disable caching. Defaults to 0.
	CustomHeaders        map[string]string
}

type CreateDynamicSecretLeaseOptions added in v0.3.9

type CreateDynamicSecretLeaseOptions = api.CreateDynamicSecretLeaseV1Request

type CreateFolderOptions added in v0.1.6

type CreateFolderOptions = api.CreateFolderV1Request

type CreateSecretOptions

type CreateSecretOptions = api.CreateSecretV3RawRequest

type DeleteDynamicSecretLeaseOptions added in v0.3.9

type DeleteDynamicSecretLeaseOptions = api.DeleteDynamicSecretLeaseV1Request

type DeleteFolderOptions added in v0.1.6

type DeleteFolderOptions = api.DeleteFolderV1Request

type DeleteSecretOptions

type DeleteSecretOptions = api.DeleteSecretV3RawRequest

type DynamicSecretLeases added in v0.3.9

type DynamicSecretLeases struct {
	// contains filtered or unexported fields
}

func (*DynamicSecretLeases) Create added in v0.3.9

func (*DynamicSecretLeases) DeleteById added in v0.3.9

func (*DynamicSecretLeases) GetById added in v0.3.9

func (*DynamicSecretLeases) List added in v0.3.9

func (*DynamicSecretLeases) RenewById added in v0.3.9

type DynamicSecrets added in v0.3.9

type DynamicSecrets struct {
	// contains filtered or unexported fields
}

func (*DynamicSecrets) GetByName added in v0.3.9

func (*DynamicSecrets) Leases added in v0.3.9

func (*DynamicSecrets) List added in v0.3.9

type DynamicSecretsInterface added in v0.3.9

func NewDynamicSecrets added in v0.3.9

func NewDynamicSecrets(client *InfisicalClient) DynamicSecretsInterface

type Folders added in v0.1.6

type Folders struct {
	// contains filtered or unexported fields
}

func (*Folders) Create added in v0.1.6

func (f *Folders) Create(options CreateFolderOptions) (models.Folder, error)

func (*Folders) Delete added in v0.1.6

func (f *Folders) Delete(options DeleteFolderOptions) (models.Folder, error)

func (*Folders) List added in v0.1.6

func (f *Folders) List(options ListFoldersOptions) ([]models.Folder, error)

func (*Folders) Update added in v0.1.6

func (f *Folders) Update(options UpdateFolderOptions) (models.Folder, error)

type FoldersInterface added in v0.1.6

type FoldersInterface interface {
	List(options ListFoldersOptions) ([]models.Folder, error)
	Update(options UpdateFolderOptions) (models.Folder, error)
	Create(options CreateFolderOptions) (models.Folder, error)
	Delete(options DeleteFolderOptions) (models.Folder, error)
}

func NewFolders added in v0.1.6

func NewFolders(client *InfisicalClient) FoldersInterface

type GetDynamicSecretLeaseByIdOptions added in v0.3.9

type GetDynamicSecretLeaseByIdOptions = api.GetDynamicSecretLeaseByIdV1Request

type GetDynamicSecretRootCredentialByNameOptions added in v0.3.9

type GetDynamicSecretRootCredentialByNameOptions = api.GetDynamicSecretByNameV1Request

type GetSshHostsOptions added in v0.5.2

type GetSshHostsOptions = api.GetSshHostsV1Request

type InfisicalClient

type InfisicalClient struct {
	// contains filtered or unexported fields
}

func (*InfisicalClient) Auth

func (c *InfisicalClient) Auth() AuthInterface

func (*InfisicalClient) DynamicSecrets added in v0.3.9

func (c *InfisicalClient) DynamicSecrets() DynamicSecretsInterface

func (*InfisicalClient) Folders added in v0.1.6

func (c *InfisicalClient) Folders() FoldersInterface

func (*InfisicalClient) Kms added in v0.4.2

func (c *InfisicalClient) Kms() KmsInterface

func (*InfisicalClient) Secrets

func (c *InfisicalClient) Secrets() SecretsInterface

func (*InfisicalClient) Ssh added in v0.4.5

func (c *InfisicalClient) Ssh() SshInterface

func (*InfisicalClient) UpdateConfiguration

func (c *InfisicalClient) UpdateConfiguration(config Config)

type InfisicalClientInterface

type InfisicalClientInterface interface {
	UpdateConfiguration(config Config)
	Secrets() SecretsInterface
	Folders() FoldersInterface
	Auth() AuthInterface
	DynamicSecrets() DynamicSecretsInterface
	Kms() KmsInterface
	Ssh() SshInterface
}

func NewInfisicalClient

func NewInfisicalClient(context context.Context, config Config) InfisicalClientInterface

type IssueSshCredsOptions added in v0.4.5

type IssueSshCredsOptions = api.IssueSshCredsV1Request

type IssueSshHostHostCertOptions added in v0.5.4

type IssueSshHostHostCertOptions = api.IssueSshHostHostCertV1Request

type IssueSshHostUserCertOptions added in v0.5.4

type IssueSshHostUserCertOptions = api.IssueSshHostUserCertV1Request

type Kms added in v0.4.2

type Kms struct {
	// contains filtered or unexported fields
}

func (*Kms) DecryptData added in v0.4.2

func (f *Kms) DecryptData(options KmsDecryptDataOptions) (string, error)

func (*Kms) EncryptData added in v0.4.2

func (f *Kms) EncryptData(options KmsEncryptDataOptions) (string, error)

func (*Kms) Keys added in v0.5.9

func (f *Kms) Keys() KmsKeysInterface

func (*Kms) Signing added in v0.5.9

func (f *Kms) Signing() KmsSigningInterface

type KmsCreateKeyOptions added in v0.5.9

type KmsCreateKeyOptions = api.KmsCreateKeyV1Request

type KmsCreateKeyResult added in v0.5.9

type KmsCreateKeyResult = api.KmsKey

type KmsDecryptDataOptions added in v0.4.2

type KmsDecryptDataOptions = api.KmsDecryptDataV1Request

type KmsDeleteKeyOptions added in v0.5.9

type KmsDeleteKeyOptions = api.KmsDeleteKeyV1Request

type KmsDeleteKeyResult added in v0.5.9

type KmsDeleteKeyResult = api.KmsKey

type KmsEncryptDataOptions added in v0.4.2

type KmsEncryptDataOptions = api.KmsEncryptDataV1Request

Options

type KmsGetKeyByNameOptions added in v0.5.9

type KmsGetKeyByNameOptions = api.KmsGetKeyByNameV1Request

type KmsGetKeyResult added in v0.5.9

type KmsGetKeyResult = api.KmsKey

type KmsGetPublicKeyOptions added in v0.5.9

type KmsGetPublicKeyOptions = api.KmsGetPublicKeyV1Request

type KmsInterface added in v0.4.2

type KmsInterface interface {
	EncryptData(options KmsEncryptDataOptions) (string, error)
	DecryptData(options KmsDecryptDataOptions) (string, error)

	Keys() KmsKeysInterface
	Signing() KmsSigningInterface
}

func NewKms added in v0.4.2

func NewKms(client *InfisicalClient) KmsInterface

type KmsKeys added in v0.5.9

type KmsKeys struct {
	// contains filtered or unexported fields
}

func (*KmsKeys) Create added in v0.5.9

func (k *KmsKeys) Create(options KmsCreateKeyOptions) (KmsCreateKeyResult, error)

func (*KmsKeys) Delete added in v0.5.9

func (k *KmsKeys) Delete(options KmsDeleteKeyOptions) (KmsDeleteKeyResult, error)

func (*KmsKeys) GetByName added in v0.5.9

func (k *KmsKeys) GetByName(options KmsGetKeyByNameOptions) (KmsGetKeyResult, error)

type KmsKeysInterface added in v0.5.9

type KmsKeysInterface interface {
	Create(options KmsCreateKeyOptions) (KmsCreateKeyResult, error)
	Delete(options KmsDeleteKeyOptions) (KmsDeleteKeyResult, error)
	GetByName(options KmsGetKeyByNameOptions) (KmsGetKeyResult, error)
}

type KmsListSigningAlgorithmsOptions added in v0.5.9

type KmsListSigningAlgorithmsOptions = api.KmsListSigningAlgorithmsV1Request

type KmsSignDataOptions added in v0.5.9

type KmsSignDataOptions = api.KmsSignDataV1Request

type KmsSignDataResult added in v0.5.9

type KmsSignDataResult = api.KmsSignDataV1Response

type KmsSigning added in v0.5.9

type KmsSigning struct {
	// contains filtered or unexported fields
}

func (*KmsSigning) GetPublicKey added in v0.5.9

func (k *KmsSigning) GetPublicKey(options KmsGetPublicKeyOptions) (string, error)

func (*KmsSigning) ListSigningAlgorithms added in v0.5.9

func (k *KmsSigning) ListSigningAlgorithms(options KmsListSigningAlgorithmsOptions) ([]string, error)

func (*KmsSigning) SignData added in v0.5.9

func (k *KmsSigning) SignData(options KmsSignDataOptions) ([]byte, error)

func (*KmsSigning) VerifyData added in v0.5.9

func (k *KmsSigning) VerifyData(options KmsVerifyDataOptions) (KmsVerifyDataResult, error)

type KmsSigningInterface added in v0.5.9

type KmsSigningInterface interface {
	SignData(options KmsSignDataOptions) ([]byte, error)
	VerifyData(options KmsVerifyDataOptions) (KmsVerifyDataResult, error)
	ListSigningAlgorithms(options KmsListSigningAlgorithmsOptions) ([]string, error)
	GetPublicKey(options KmsGetPublicKeyOptions) (string, error)
}

type KmsVerifyDataOptions added in v0.5.9

type KmsVerifyDataOptions = api.KmsVerifyDataV1Request

type KmsVerifyDataResult added in v0.5.9

type KmsVerifyDataResult = api.KmsVerifyDataV1Response

Results

type KubernetesAuthLoginOptions

type KubernetesAuthLoginOptions struct {
	IdentityID              string
	ServiceAccountTokenPath string
}

type ListDynamicSecretLeasesOptions added in v0.3.9

type ListDynamicSecretLeasesOptions = api.ListDynamicSecretLeaseV1Request

type ListDynamicSecretsRootCredentialsOptions added in v0.3.9

type ListDynamicSecretsRootCredentialsOptions = api.ListDynamicSecretsV1Request

type ListFoldersOptions added in v0.1.6

type ListFoldersOptions = api.ListFoldersV1Request

type ListSecretsOptions

type ListSecretsOptions = api.ListSecretsV3RawRequest

type MachineIdentityCredential added in v0.2.0

type MachineIdentityCredential = api.MachineIdentityAuthLoginResponse

type OciAuthLoginOptions added in v0.5.98

type OciAuthLoginOptions struct {
	IdentityID  string
	PrivateKey  string
	Fingerprint string
	UserID      string
	TenancyID   string
	Region      string
	Passphrase  *string
}

type RenewDynamicSecretLeaseOptions added in v0.3.9

type RenewDynamicSecretLeaseOptions = api.RenewDynamicSecretLeaseV1Request

type RequestError added in v0.1.7

type RequestError = errors.RequestError

type RetrieveSecretOptions

type RetrieveSecretOptions = api.RetrieveSecretV3RawRequest

type Secret

type Secret = models.Secret

type SecretImport

type SecretImport = models.SecretImport

type SecretMetadata added in v0.5.0

type SecretMetadata = models.SecretMetadata

type Secrets

type Secrets struct {
	// contains filtered or unexported fields
}

func (*Secrets) Batch added in v0.5.0

func (s *Secrets) Batch() BatchSecretsInterface

func (*Secrets) Create

func (s *Secrets) Create(options CreateSecretOptions) (models.Secret, error)

func (*Secrets) Delete

func (s *Secrets) Delete(options DeleteSecretOptions) (models.Secret, error)

func (*Secrets) List

func (s *Secrets) List(options ListSecretsOptions) ([]models.Secret, error)

func (*Secrets) Retrieve

func (s *Secrets) Retrieve(options RetrieveSecretOptions) (models.Secret, error)

func (*Secrets) Update

func (s *Secrets) Update(options UpdateSecretOptions) (models.Secret, error)

type SecretsInterface

type SecretsInterface interface {
	List(options ListSecretsOptions) ([]models.Secret, error)
	Retrieve(options RetrieveSecretOptions) (models.Secret, error)
	Update(options UpdateSecretOptions) (models.Secret, error)
	Create(options CreateSecretOptions) (models.Secret, error)
	Delete(options DeleteSecretOptions) (models.Secret, error)
	Batch() BatchSecretsInterface
}

func NewSecrets

func NewSecrets(client *InfisicalClient) SecretsInterface

type SignSshPublicKeyOptions added in v0.4.5

type SignSshPublicKeyOptions = api.SignSshPublicKeyV1Request

type Ssh added in v0.4.5

type Ssh struct {
	// contains filtered or unexported fields
}

func (*Ssh) AddSshHost added in v0.5.5

func (f *Ssh) AddSshHost(options AddSshHostOptions) (api.AddSshHostV1Response, error)

func (*Ssh) GetSshHostHostCaPublicKey added in v0.5.8

func (f *Ssh) GetSshHostHostCaPublicKey(sshHostId string) (string, error)

func (*Ssh) GetSshHostUserCaPublicKey added in v0.5.2

func (f *Ssh) GetSshHostUserCaPublicKey(sshHostId string) (string, error)

func (*Ssh) GetSshHosts added in v0.5.2

func (f *Ssh) GetSshHosts(options GetSshHostsOptions) (api.GetSshHostsV1Response, error)

func (*Ssh) IssueCredentials added in v0.4.5

func (f *Ssh) IssueCredentials(options IssueSshCredsOptions) (api.IssueSshCredsV1Response, error)

func (*Ssh) IssueSshHostHostCert added in v0.5.4

func (f *Ssh) IssueSshHostHostCert(sshHostId string, options IssueSshHostHostCertOptions) (api.IssueSshHostHostCertV1Response, error)

func (*Ssh) IssueSshHostUserCert added in v0.5.4

func (f *Ssh) IssueSshHostUserCert(sshHostId string, options IssueSshHostUserCertOptions) (api.IssueSshHostUserCertV1Response, error)

func (*Ssh) SignKey added in v0.4.5

type SshInterface added in v0.4.5

type SshInterface interface {
	SignKey(options SignSshPublicKeyOptions) (api.SignSshPublicKeyV1Response, error)
	IssueCredentials(options IssueSshCredsOptions) (api.IssueSshCredsV1Response, error)
	GetSshHosts(options GetSshHostsOptions) (api.GetSshHostsV1Response, error)
	GetSshHostUserCaPublicKey(sshHostId string) (string, error)
	GetSshHostHostCaPublicKey(sshHostId string) (string, error)
	IssueSshHostUserCert(sshHostId string, options IssueSshHostUserCertOptions) (api.IssueSshHostUserCertV1Response, error)
	IssueSshHostHostCert(sshHostId string, options IssueSshHostHostCertOptions) (api.IssueSshHostHostCertV1Response, error)
	AddSshHost(options AddSshHostOptions) (api.AddSshHostV1Response, error)
}

func NewSsh added in v0.4.5

func NewSsh(client *InfisicalClient) SshInterface

type UpdateFolderOptions added in v0.1.6

type UpdateFolderOptions = api.UpdateFolderV1Request

type UpdateSecretOptions

type UpdateSecretOptions = api.UpdateSecretV3RawRequest

Directories

Path Synopsis
packages

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL