Documentation
¶
Index ¶
- Constants
- Variables
- func Decrypt(encodedValue string, masterKey []byte) ([]byte, error)
- func Encrypt(plainText []byte, masterKey []byte) (string, error)
- func FormatSecretForStdout(key string, value string, raw bool) string
- func GetSecretKeys(vault *Vault, requestedKeys []string) []string
- func NormalizeEncrypted(encrypted string) string
- func ProcessEnvSecret(envVarName string, value []byte, force bool) error
- func ProcessVault(vault *Vault, opts ProcessOptions) (map[string]string, error)
- func ResolveMasterKey(flagValue string) ([]byte, error)
- func ResolveVaultPath(inputFlag string) (string, error)
- func ValidateSecret(name string, secret VaultSecret) error
- type ProcessOptions
- type Vault
- type VaultSecret
Constants ¶
View Source
const ( Argon2Time = 3 Argon2Memory = 64 * 1024 // 64MB Argon2Threads = 4 Argon2KeyLen = 32 SaltLen = 16 NonceLen = 12 )
View Source
const ( TypeGeneric = "generic" TypeSSH = "ssh" TypeEnv = "env" TypeKubeconfig = "kubeconfig" TypeDockerConfigJSON = "dockerconfigjson" )
Variables ¶
View Source
var DefaultModeByType = map[string]string{ TypeGeneric: "0o600", TypeSSH: "0o600", TypeEnv: "0o644", TypeKubeconfig: "0o600", TypeDockerConfigJSON: "0o600", }
Functions ¶
func FormatSecretForStdout ¶ added in v0.0.38
func GetSecretKeys ¶ added in v0.0.38
func NormalizeEncrypted ¶ added in v0.0.38
func ProcessEnvSecret ¶ added in v0.0.38
func ProcessVault ¶ added in v0.0.38
func ProcessVault(vault *Vault, opts ProcessOptions) (map[string]string, error)
func ResolveMasterKey ¶
func ResolveVaultPath ¶ added in v0.0.38
func ValidateSecret ¶ added in v0.0.38
func ValidateSecret(name string, secret VaultSecret) error
Types ¶
type ProcessOptions ¶ added in v0.0.38
type Vault ¶ added in v0.0.38
type Vault struct {
Secrets map[string]VaultSecret `yaml:"secrets"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.