util

package
v0.0.0-...-ac0d6be Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 7, 2025 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (

	// Universal auth:
	INFISICAL_UNIVERSAL_AUTH_CLIENT_ID_ENV_NAME     = "INFISICAL_UNIVERSAL_AUTH_CLIENT_ID"
	INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET_ENV_NAME = "INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET"

	// GCP auth:
	INFISICAL_GCP_AUTH_IDENTITY_ID_ENV_NAME                  = "INFISICAL_GCP_AUTH_IDENTITY_ID"
	INFISICAL_GCP_IAM_SERVICE_ACCOUNT_KEY_FILE_PATH_ENV_NAME = "INFISICAL_GCP_IAM_SERVICE_ACCOUNT_KEY_FILE_PATH"

	// AWS auth:
	INFISICAL_AWS_IAM_AUTH_IDENTITY_ID_ENV_NAME = "INFISICAL_AWS_IAM_AUTH_IDENTITY_ID"

	// Azure auth:
	INFISICAL_AZURE_AUTH_IDENTITY_ID_ENV_NAME = "INFISICAL_AZURE_AUTH_IDENTITY_ID"

	// OCI auth:
	INFISICAL_OCI_AUTH_IDENTITY_ID_ENV_NAME = "INFISICAL_OCI_AUTH_IDENTITY_ID"

	// LDAP auth:
	INFISICAL_LDAP_AUTH_IDENTITY_ID_ENV_NAME = "INFISICAL_LDAP_AUTH_IDENTITY_ID"

	// Kubernetes auth:
	INFISICAL_KUBERNETES_IDENTITY_ID_ENV_NAME                = "INFISICAL_KUBERNETES_IDENTITY_ID"
	INFISICAL_KUBERNETES_SERVICE_ACCOUNT_TOKEN_PATH_ENV_NAME = "INFISICAL_KUBERNETES_SERVICE_ACCOUNT_TOKEN_PATH"

	// OIDC auth:
	INFISICAL_OIDC_AUTH_IDENTITY_ID_ENV_NAME = "INFISICAL_OIDC_AUTH_IDENTITY_ID"

	// Access token:
	INFISICAL_ACCESS_TOKEN_ENV_NAME = "INFISICAL_ACCESS_TOKEN"

	// AWS metadata service:
	AWS_EC2_METADATA_TOKEN_URL             = "http://169.254.169.254/latest/api/token"
	AWS_EC2_INSTANCE_IDENTITY_DOCUMENT_URL = "http://169.254.169.254/latest/dynamic/instance-identity/document"

	// Azure metadata service:
	AZURE_METADATA_SERVICE_URL = "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=" // End of the URL needs to be appended with the resource
	AZURE_DEFAULT_RESOURCE     = "https%3A%2F%2Fmanagement.azure.com/"
)

Auth related:

View Source 
const (
	DEFAULT_INFISICAL_API_URL                     = "https://app.lux.network/api"
	DEFAULT_KUBERNETES_SERVICE_ACCOUNT_TOKEN_PATH = "/var/run/secrets/kubernetes.io/serviceaccount/token"
)

General:

Variables

View Source 
var ErrContextCanceled = errors.New("context canceled")
View Source 
var ErrContextDeadlineExceeded error = context.DeadlineExceeded

Functions

func AppendAPIEndpoint 

func AppendAPIEndpoint(siteUrl string) string

func ComputeCacheKeyFromBytes 

func ComputeCacheKeyFromBytes(bytes []byte, feature string) string

func ContainsSecret 

func ContainsSecret(secrets []models.Secret, key string) bool

containsSecret checks if the given key exists in the slice of secrets

func EnsureUniqueSecretsByKey 

func EnsureUniqueSecretsByKey(secrets *[]models.Secret)

func GetAwsEC2IdentityDocumentRegion 

func GetAwsEC2IdentityDocumentRegion(timeout int) (string, error)

func GetAwsRegion 

func GetAwsRegion() (string, error)

func GetAzureMetadataToken 

func GetAzureMetadataToken(httpClient *resty.Client, customResource string) (string, error)

func GetGCPIamServiceAccountToken 

func GetGCPIamServiceAccountToken(identityID string, serviceAccountKeyPath string) (string, error)

func GetGCPMetadataToken 

func GetGCPMetadataToken(httpClient *resty.Client, identityID string) (string, error)

func GetKubernetesServiceAccountToken 

func GetKubernetesServiceAccountToken(serviceAccountTokenPath string) (string, error)

func PrintWarning 

func PrintWarning(message string)

func RetrieveAwsCredentials 

func RetrieveAwsCredentials() (credentials aws.Credentials, region string, err error)

func SleepWithContext 

func SleepWithContext(ctx context.Context, duration time.Duration) error

func SortSecretsByKeys 

func SortSecretsByKeys(secrets []models.Secret) []models.Secret

Helper function to sort the secrets by key so we can create a consistent output

func TryExtractReqId 

func TryExtractReqId(res *resty.Response) string

func TryParseErrorBody 

func TryParseErrorBody(res *resty.Response) string

If the status code is 400, there will most likely always be a body. The body is a json object with a message key. we need to try to parse it, but if it fails, we can just return an empty string. But if the status code is 500, there may not be a body. if there is, it will be a json object with a message key. we need to try to parse it, but if it fails, we can just return an empty string

Types

type AuthMethod 

type AuthMethod string
const (
	ACCESS_TOKEN   AuthMethod = "ACCESS_TOKEN"
	UNIVERSAL_AUTH AuthMethod = "UNIVERSAL_AUTH"
	GCP_ID_TOKEN   AuthMethod = "GCP_ID_TOKEN"
	GCP_IAM        AuthMethod = "GCP_IAM"
	AWS_IAM        AuthMethod = "AWS_IAM"
	KUBERNETES     AuthMethod = "KUBERNETES"
	AZURE          AuthMethod = "AZURE"
	OIDC_AUTH      AuthMethod = "OIDC_AUTH"
	JWT_AUTH       AuthMethod = "JWT_AUTH"
	LDAP_AUTH      AuthMethod = "LDAP_AUTH"
	OCI_AUTH       AuthMethod = "OCI_AUTH"
)

type CertKeyAlgorithm 

type CertKeyAlgorithm string

SSH related: 

const (
	RSA2048   CertKeyAlgorithm = "RSA_2048"
	RSA4096   CertKeyAlgorithm = "RSA_4096"
	ECDSAP256 CertKeyAlgorithm = "EC_prime256v1"
	ECDSAP384 CertKeyAlgorithm = "EC_secp384r1"
)

type SshCertType 

type SshCertType string
const (
	UserCert SshCertType = "user"
	HostCert SshCertType = "host"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.