gcp

package

v0.17.2 Latest Latest Go to latest Published: Oct 12, 2021 License: AGPL-3.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/minio/kes

Links

Open Source Insights

Documentation ¶

Index ¶

type Credentials
- func (c Credentials) MarshalJSON() ([]byte, error)
type SecretManager

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Credentials ¶

type Credentials struct {

	// ClientID is the client ID of the GCP service account.
	ClientID string

	// Client is the client email of the GCP service account.
	Client string

	// Key is the private key ID of the GCP service account.
	KeyID string

	// Key is the encoded private key of the GCP service account.
	Key string
	// contains filtered or unexported fields
}

Credentials represent GCP service account credentials.

func (Credentials) MarshalJSON ¶

func (c Credentials) MarshalJSON() ([]byte, error)

MarshalJSON returns a JSON representation of the GCP credentials.

The returned JSON contains extra fields to match the JSON credentials returned by GCP. Those additional fields are set to default values.

type SecretManager ¶

type SecretManager struct {
	// Endpoint is the HTTP endpoint of the GCP SecretManager.
	// The endpoint for the GCP SecretManager is:
	//    secretmanager.googleapis.com:443
	Endpoint string

	// The project ID is a unique, user-assigned ID that can be used by Google APIs.
	// The project ID must be a unique string of 6 to 30 lowercase letters, digits, or hyphens.
	// It must start with a letter, and cannot have a trailing hyphen.
	ProjectID string

	// ErrorLog specifies an optional logger for errors
	// when files cannot be opened, deleted or contain
	// invalid content.
	// If nil, logging is done via the log package's
	// standard logger.
	ErrorLog *log.Logger
	// contains filtered or unexported fields
}

SecretManager is a secret store that uses a GCP SecretManager for storing secrets.

func (*SecretManager) Authenticate ¶

func (s *SecretManager) Authenticate(credentials Credentials) error

Authenticate tries to auth and connect to GCP secret manager using the given credentials.

func (*SecretManager) Create ¶

func (s *SecretManager) Create(ctx context.Context, name string, key key.Key) error

Create stores the given key-value pair at GCP secret manager if and only if it doesn't exists. If such an entry already exists it returns kes.ErrKeyExists.

Creating a secret at the GCP SecretManager requires first creating secret itself and then adding a secret version with some payload data. The payload data contains the actual value.

func (*SecretManager) Delete ¶

func (s *SecretManager) Delete(ctx context.Context, name string) error

Delete remove the key-value pair from GCP SecretManager.

Delete will remove all versions of the GCP secret. Even though CreateKey will create only one version and fails if the secret already exists a user may create more secrets versions through e.g. the GCP CLI. However, KES does not support multiple secret versions and expects a different mechanism for "key-rotation".

func (*SecretManager) Get ¶

func (s *SecretManager) Get(ctx context.Context, name string) (key.Key, error)

Get returns the value associated with the given key.

func (*SecretManager) List ¶ added in v0.13.0

func (s *SecretManager) List(ctx context.Context) (key.Iterator, error)

List returns a new Iterator over the names of all stored keys.

Source Files ¶

View all Source files

secret-manager.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL