vault

package

v0.0.0-...-b274fa0 Latest Latest Go to latest Published: Jan 16, 2022 License: MIT Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ncabatoff/yurt

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func AnyVault(ctx context.Context, servers []runner.Harness, f func(*vaultapi.Client) error) error
func HarnessToAPI(r runner.Harness) (*vaultapi.Client, error)
func Initialize(ctx context.Context, cli *vaultapi.Client, seal *Seal) (string, []string, error)
func Leader(servers []runner.Harness) (string, error)
func LeadersHealthy(ctx context.Context, servers []runner.Harness) error
func RaftAutopilotHealthy(ctx context.Context, servers []runner.Harness, token string) error
func Status(ctx context.Context, cli *vaultapi.Client) (*vaultapi.SealStatusResponse, error)
func Unseal(ctx context.Context, cli *vaultapi.Client, key string, migrate bool) error
type Ports
- func DefPorts() Ports
- func (c Ports) RunnerPorts() yurt.Ports
type Seal
- func NewSealSource(ctx context.Context, cli *vaultapi.Client, uniqueID string) (*Seal, error)
type VaultConfig
- func NewConsulConfig(consulAddr, consulPath string, tls *pki.TLSConfigPEM) VaultConfig
- func NewRaftConfig(joinAddrs []string, tls *pki.TLSConfigPEM, raftPerfMultiplier int) VaultConfig

Constants ¶

This section is empty.

Variables ¶

View Source

var PortNames = struct {
	HTTP    string
	Cluster string
}{
	"http",
	"cluster",
}

View Source

var ServerScrapeConfig = prometheus.ScrapeConfig{
	JobName:     "vault",
	Params:      url.Values{"format": []string{"prometheus"}},
	MetricsPath: "/v1/sys/metrics",
}

Functions ¶

func AnyVault ¶

func AnyVault(ctx context.Context, servers []runner.Harness, f func(*vaultapi.Client) error) error

AnyVault returns nil if f returns a non-nil result for any of the given servers. Errors will be retried with a short constant delay so long as ctx.Err() returns nil.

func HarnessToAPI ¶

func HarnessToAPI(r runner.Harness) (*vaultapi.Client, error)

func Initialize ¶

func Initialize(ctx context.Context, cli *vaultapi.Client, seal *Seal) (string, []string, error)

func Leader ¶

func Leader(servers []runner.Harness) (string, error)

func LeadersHealthy ¶

func LeadersHealthy(ctx context.Context, servers []runner.Harness) error

func RaftAutopilotHealthy ¶

func RaftAutopilotHealthy(ctx context.Context, servers []runner.Harness, token string) error

RaftAutopilotHealthy returns nil if any of the servers report Autopilot healthy, or the errors obtained. Autopilot health requests are always forwarded to the leader, and the leader won't report a healthy cluster if any peers fail health checks. Health checks are usually thresholds for replication lag and last-contact.

func Status ¶

func Status(ctx context.Context, cli *vaultapi.Client) (*vaultapi.SealStatusResponse, error)

func Unseal ¶

func Unseal(ctx context.Context, cli *vaultapi.Client, key string, migrate bool) error

Types ¶

type Ports ¶

type Ports struct {
	HTTP    int
	Cluster int
}

func DefPorts ¶

func DefPorts() Ports

func (Ports) RunnerPorts ¶

func (c Ports) RunnerPorts() yurt.Ports

type Seal ¶

type Seal struct {
	Type   string
	Config map[string]string
}

func NewSealSource ¶

func NewSealSource(ctx context.Context, cli *vaultapi.Client, uniqueID string) (*Seal, error)

type VaultConfig ¶

type VaultConfig struct {
	Common runner.Config
	// JoinAddrs specifies the addresses of the Vault servers in the cluster.
	// If they have a :port suffix, it should be the API address, otherwise
	// 8200 is assumed. Only used when joining new Raft nodes to the cluster.
	JoinAddrs []string
	// ConsulAddr gives the host:port for this node's Consul agent.
	// Only needed for Consul storage or service registration.
	ConsulAddr string
	// ConsulPath gives the Consul KV prefix where Vault will store its data.
	// Only needed for Consul storage.
	ConsulPath string
	// Seal is used for non-Shamir seals, i.e. AutoUnseal.
	Seal *Seal
	// OldSeal is used in seal migration scenarios. When migrating away from
	// a non-Shamir seal, the old seal's config stanza must be kept in the
	// config file, with a new disabled="true" keyval.  Once migration has
	// completed successfully on all nodes, the old seal stanza should be removed.
	OldSeal            *Seal
	RaftPerfMultiplier int
}

VaultConfig describes how to run a single Vault node.

func NewConsulConfig ¶

func NewConsulConfig(consulAddr, consulPath string, tls *pki.TLSConfigPEM) VaultConfig

func NewRaftConfig ¶

func NewRaftConfig(joinAddrs []string, tls *pki.TLSConfigPEM, raftPerfMultiplier int) VaultConfig

func (VaultConfig) Args ¶

func (vc VaultConfig) Args() []string

func (VaultConfig) Config ¶

func (vc VaultConfig) Config() runner.Config

func (VaultConfig) Env ¶

func (vc VaultConfig) Env() []string

func (VaultConfig) Files ¶

func (vc VaultConfig) Files() map[string]string

func (VaultConfig) Name ¶

func (vc VaultConfig) Name() string

func (VaultConfig) WithConfig ¶

func (vc VaultConfig) WithConfig(cfg runner.Config) runner.Command

Source Files ¶

View all Source files

vault.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL