The highest tagged major version is
Documentation
¶
Index ¶
- Constants
- Variables
- func AdminSecretPath(secret AdminSecret) string
- func AuthSecretPath(secret string) string
- func GitOpsSecretPath(secret string) string
- func ReadBasicAuth(client Client, path string) (*config.BasicAuth, error)
- func WriteBasicAuth(client Client, path string, auth config.BasicAuth) error
- func WriteYamlFiles(client Client, path string, files ...string) error
- type AdminSecret
- type Client
- type PathPolicy
- type PathRule
Constants ¶
View Source
const ( // SystemVaultName name of the system vault used by the jenkins-x platfrom SystemVaultName = "jx-vault" // GitOpsSecretsPath the path of secrets generated for GitOps GitOpsSecretsPath = "gitops/" // GitOpsTemplatesPath the path of gitops templates secrets GitOpsTemplatesPath = "templates/" // AdminSecretsPath the path of admin secrets AdminSecretsPath = "admin/" // AuthSecretsPath the path of auth secrets AuthSecretsPath = "auth/" )
View Source
const ( // JenkinsAdminSecret the secret name for Jenkins admin password JenkinsAdminSecret = "jenkins" // NexusAdminSecret the secret name for Nexus credentials NexusAdminSecret = "nexus" // ChartmuseumAdminSecret the secret name for Chartmuseum credentials ChartmuseumAdminSecret = "chartmuseum" // GrafanaAdminSecret the secret name for Grafana credentials GrafanaAdminSecret = "grafana" // IngressAdminSecret the secret name for Ingress basic authentication IngressAdminSecret = "ingress" )
View Source
const ( DenyCapability = "deny" CreateCapability = "create" ReadCapability = "read" UpdateCapability = "update" DeleteCapability = "delete" ListCapability = "list" SudoCapability = "sudo" RootCapability = "root" PathRulesName = "allow_secrets" DefaultSecretsPathPrefix = "secret/*" PoliciesName = "policies" )
Variables ¶
View Source
var (
DefaultSecretsCapabiltities = []string{CreateCapability, ReadCapability, UpdateCapability, DeleteCapability, ListCapability}
)
Functions ¶
func AdminSecretPath ¶
func AdminSecretPath(secret AdminSecret) string
AdminSecretPath returns the admin secret path for a given admin secret
func AuthSecretPath ¶
AuthSecretPath returns the path of an auth secret
func GitOpsSecretPath ¶
GitOpsSecretsPath returns the path of an install secret
func ReadBasicAuth ¶
ReadBasicAuth reads the basic authentication credentials from vault at the given path.
func WriteBasicAuth ¶
WriteBasicAuth stores the basic authentication credentials in vault at the given path.
Types ¶
type Client ¶
type Client interface {
// Write writes a named secret to the vault
Write(secretName string, data map[string]interface{}) (map[string]interface{}, error)
// WriteObject writes a generic named object to the vault.
// The secret _must_ be serializable to JSON.
WriteObject(secretName string, secret interface{}) (map[string]interface{}, error)
// WriteYaml writes a yaml object to a named secret
WriteYaml(secretName string, yamlstring string) (map[string]interface{}, error)
// List lists the secrets under the specified path
List(path string) ([]string, error)
// Read reads a named secret from the vault
Read(secretName string) (map[string]interface{}, error)
// ReadObject reads a generic named objec from vault.
// The secret _must_ be serializable to JSON.
ReadObject(secretName string, secret interface{}) error
// Config gets the config required for configuring the official Vault CLI
Config() (vaultURL url.URL, vaultToken string, err error)
}
Client is an interface for interacting with Vault
func NewVaultClient ¶
NewVaultClient creates a new Vault Client wrapping the api.client
type PathPolicy ¶
type PathPolicy struct {
Prefix string `hcl:",key"`
Capabilities []string `hcl:"capabilities" hcle:"omitempty"`
}
PathPolicy defiens a vault path policy
Source Files
Click to show internal directories.
Click to hide internal directories.