Documentation
¶
Index ¶
- Variables
- func ChooseStack(ctx context.Context, sink diag.Sink, ws pkgWorkspace.Context, ...) (backend.Stack, error)
- func CopyEntireConfigMap(ctx context.Context, ssml SecretsManagerLoader, currentStack backend.Stack, ...) (bool, error)
- func CreateSecretsManagerForExistingStack(ctx context.Context, sink diag.Sink, ws pkgWorkspace.Context, ...) error
- func CreateStack(ctx context.Context, sink diag.Sink, ws pkgWorkspace.Context, ...) (backend.Stack, error)
- func InitStack(ctx context.Context, sink diag.Sink, ws pkgWorkspace.Context, ...) (backend.Stack, error)
- func LoadProjectStack(ctx context.Context, sink diag.Sink, project *workspace.Project, ...) (*workspace.ProjectStack, error)
- func Log3rdPartySecretsProviderDecryptionEvent(ctx context.Context, backend backend.Stack, secretName, commandName string)
- func NewStackCmd() *cobra.Command
- func RequireStack(ctx context.Context, sink diag.Sink, ws pkgWorkspace.Context, ...) (backend.Stack, error)
- func SaveProjectStack(ctx context.Context, stack backend.Stack, ps *workspace.ProjectStack) error
- func SaveSnapshot(ctx context.Context, s backend.Stack, snapshot *deploy.Snapshot, force bool) error
- func ValidateSecretsProvider(typ string) error
- type LoadOption
- type SecretsManagerLoader
- func (l *SecretsManagerLoader) GetDecrypter(ctx context.Context, s backend.Stack, ps *workspace.ProjectStack) (config.Decrypter, SecretsManagerState, error)
- func (l *SecretsManagerLoader) GetEncrypter(ctx context.Context, s backend.Stack, ps *workspace.ProjectStack) (config.Encrypter, SecretsManagerState, error)
- func (l *SecretsManagerLoader) GetSecretsManager(ctx context.Context, s backend.Stack, ps *workspace.ProjectStack) (secrets.Manager, SecretsManagerState, error)
- type SecretsManagerState
Constants ¶
This section is empty.
Variables ¶
var ConfigFile string
Functions ¶
func ChooseStack ¶
func ChooseStack(ctx context.Context, sink diag.Sink, ws pkgWorkspace.Context, b backend.Backend, lopt LoadOption, opts display.Options, ) (backend.Stack, error)
ChooseStack will prompt the user to choose amongst the full set of stacks in the given backend. If offerNew is true, then the option to create an entirely new stack is provided and will create one as desired.
func CopyEntireConfigMap ¶
func CopyEntireConfigMap( ctx context.Context, ssml SecretsManagerLoader, currentStack backend.Stack, currentProjectStack *workspace.ProjectStack, destinationStack backend.Stack, destinationProjectStack *workspace.ProjectStack, ) (bool, error)
func CreateSecretsManagerForExistingStack ¶
func CreateSecretsManagerForExistingStack( ctx context.Context, sink diag.Sink, ws pkgWorkspace.Context, stack backend.Stack, secretsProvider string, rotateSecretsProvider, creatingStack bool, ) error
Creates a secrets manager for an existing stack, using the stack to pick defaults if necessary and writing any changes back to the stack's configuration where applicable.
func CreateStack ¶
func CreateStack(ctx context.Context, sink diag.Sink, ws pkgWorkspace.Context, b backend.Backend, stackRef backend.StackReference, root string, teams []string, setCurrent bool, secretsProvider string, useRemoteConfig bool, ) (backend.Stack, error)
CreateStack creates a stack with the given name, and optionally selects it as the current.
func InitStack ¶
func InitStack( ctx context.Context, sink diag.Sink, ws pkgWorkspace.Context, b backend.Backend, stackName string, root string, setCurrent bool, secretsProvider string, useRemoteConfig bool, ) (backend.Stack, error)
InitStack creates the stack.
func LoadProjectStack ¶
func Log3rdPartySecretsProviderDecryptionEvent ¶
func Log3rdPartySecretsProviderDecryptionEvent(ctx context.Context, backend backend.Stack, secretName, commandName string, )
we only want to log a secrets decryption for a Pulumi Cloud backend project we will allow any secrets provider to be used (Pulumi Cloud or passphrase/cloud/etc) we will log the message and not worry about the response. The types of messages we will log here will range from single secret decryption events to requesting a list of secrets in an individual event e.g. stack export the logging event will only happen during the `--show-secrets` path within the cli
func NewStackCmd ¶
func RequireStack ¶
func RequireStack(ctx context.Context, sink diag.Sink, ws pkgWorkspace.Context, lm cmdBackend.LoginManager, stackName string, lopt LoadOption, opts display.Options, ) (backend.Stack, error)
RequireStack will require that a stack exists. If stackName is blank, the currently selected stack from the workspace is returned. If no stack with either the given name, or a currently selected stack, exists, and we are in an interactive terminal, the user will be prompted to create a new stack.
func SaveProjectStack ¶
func SaveSnapshot ¶
func ValidateSecretsProvider ¶
Types ¶
type LoadOption ¶
type LoadOption int
const ( // LoadOnly specifies that we should stop after loading the stack. LoadOnly LoadOption = 1 << iota // OfferNew is set if we want to allow the user // to create a stack if one was not found. OfferNew // SetCurrent is set if we want to change the current stack // once one is found or created. SetCurrent )
func (LoadOption) OfferNew ¶
func (o LoadOption) OfferNew() bool
OfferNew reports whether the stackOfferNew flag is set.
func (LoadOption) SetCurrent ¶
func (o LoadOption) SetCurrent() bool
SetCurrent reports whether the stackSetCurrent flag is set.
type SecretsManagerLoader ¶
type SecretsManagerLoader struct {
// True if the loader should fallback to the stack state if there is no
// secrets manager configured in the project stack.
FallbackToState bool
}
A SecretsManagerLoader provides methods for loading secrets managers and their encrypters and decrypters for a given stack and project stack. A loader encapsulates the logic for determining which secrets manager to use based on a given configuration, such as whether or not to fallback to the stack state if there is no secrets manager configured in the project stack.
func NewStackSecretsManagerLoaderFromEnv ¶
func NewStackSecretsManagerLoaderFromEnv() SecretsManagerLoader
Creates a new stack secrets manager loader from the environment.
func (*SecretsManagerLoader) GetDecrypter ¶
func (l *SecretsManagerLoader) GetDecrypter( ctx context.Context, s backend.Stack, ps *workspace.ProjectStack, ) (config.Decrypter, SecretsManagerState, error)
Returns a decrypter for the given stack and project stack.
func (*SecretsManagerLoader) GetEncrypter ¶
func (l *SecretsManagerLoader) GetEncrypter( ctx context.Context, s backend.Stack, ps *workspace.ProjectStack, ) (config.Encrypter, SecretsManagerState, error)
Returns an encrypter for the given stack and project stack.
func (*SecretsManagerLoader) GetSecretsManager ¶
func (l *SecretsManagerLoader) GetSecretsManager( ctx context.Context, s backend.Stack, ps *workspace.ProjectStack, ) (secrets.Manager, SecretsManagerState, error)
Returns a secrets manager for the given stack and project stack.
type SecretsManagerState ¶
type SecretsManagerState string
The state of a stack's secret manager configuration following an operation.
const ( // The state of the stack's secret manager configuration is unchanged. SecretsManagerUnchanged SecretsManagerState = "unchanged" // The stack's secret manager configuration has changed and should be saved to // the stack configuration file if possible. If saving is not possible, the // configuration can be restored by falling back to the state file. SecretsManagerShouldSave SecretsManagerState = "should-save" // The stack's secret manager configuration has changed and must be saved to the // stack configuration file. Changes have been made that do not align with the // state and so the state file cannot be used to restore the configuration. SecretsManagerMustSave SecretsManagerState = "must-save" )
Source Files