config

package
v0.1.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 27, 2026 License: MIT Imports: 14 Imported by: 0

Documentation

Overview

Package config handles configuration loading and management for the ctx CLI.

Package config contains shared configuration type definitions for the ctx CLI tool.

Index

Constants

View Source 
const (
	// DefaultConfigDir is the default configuration directory.
	DefaultConfigDir = ".config/ctx"
	// ConfigFileName is the name of the main configuration file.
	ConfigFileName = "config.yaml"
	// ContextsSubdir is the subdirectory for context files.
	ContextsSubdir = "contexts"
	// StateSubdir is the subdirectory for state files.
	StateSubdir = "state"
	// CurrentNameFile is the file that stores the current context name.
	CurrentNameFile = "current.name"
	// CurrentEnvFile is the file that stores the current environment variables.
	CurrentEnvFile = "current.env"
)

Variables

This section is empty.

Functions

func ExpandConfigVars added in v0.1.7 

func ExpandConfigVars(cfg *ContextConfig)

ExpandConfigVars expands ${VAR} references in all string fields of a ContextConfig using the env: map as the variable source. This enables template-based configs where child contexts set variables that get expanded in inherited parent values.

func FormatContextDetails 

func FormatContextDetails(ctx *ContextConfig) string

FormatContextDetails formats a context configuration for detailed display.

func TestContextConfig_GetCloudProviders added in v0.1.3 

func TestContextConfig_GetCloudProviders(t *testing.T)

func TestContextConfig_GetExtras added in v0.1.3 

func TestContextConfig_GetExtras(t *testing.T)

func TestContextConfig_GetOrchestration added in v0.1.3 

func TestContextConfig_GetOrchestration(t *testing.T)

func TestContextConfig_IsProd added in v0.1.3 

func TestContextConfig_IsProd(t *testing.T)

func TestEnvironment_IsProd added in v0.1.3 

func TestEnvironment_IsProd(t *testing.T)

func ValidateContext 

func ValidateContext(ctx *ContextConfig) error

ValidateContext validates a context configuration.

Types

type AKSConfig added in v0.1.3 

type AKSConfig struct {
	Cluster       string `yaml:"cluster" mapstructure:"cluster"`
	ResourceGroup string `yaml:"resource_group" mapstructure:"resource_group"`
}

AKSConfig holds Azure Kubernetes Service configuration for auto-fetching credentials.

type AWSConfig added in v0.1.3 

type AWSConfig struct {
	Profile  string `yaml:"profile" mapstructure:"profile"`
	Region   string `yaml:"region" mapstructure:"region"`
	UseVault bool   `yaml:"use_vault" mapstructure:"use_vault"`
	SSOLogin bool   `yaml:"sso_login,omitempty" mapstructure:"sso_login"`
}

AWSConfig holds AWS-specific configuration.

type AWSCredentials 

type AWSCredentials struct {
	AccessKeyID     string `json:"AccessKeyId"`
	SecretAccessKey string `json:"SecretAccessKey"`
	SessionToken    string `json:"SessionToken"`
	Expiration      string `json:"Expiration"` // RFC3339 format
	Version         int    `json:"Version"`
}

AWSCredentials holds temporary AWS credentials from aws-vault. The JSON field names match aws-vault's exec --json output format.

type AppConfig added in v0.1.3 

type AppConfig struct {
	Deactivate       *DeactivateConfig `yaml:"deactivate,omitempty" mapstructure:"deactivate"`
	Cloud            *CloudConfig      `yaml:"cloud,omitempty" mapstructure:"cloud"`
	DefaultContext   string            `yaml:"default_context" mapstructure:"default_context"`
	PromptFormat     string            `yaml:"prompt_format" mapstructure:"prompt_format"`
	TunnelsDir       string            `yaml:"tunnels_dir" mapstructure:"tunnels_dir"`
	ContextsDir      string            `yaml:"contexts_dir" mapstructure:"contexts_dir"`
	Version          int               `yaml:"version" mapstructure:"version"`
	ShellIntegration bool              `yaml:"shell_integration" mapstructure:"shell_integration"`
	AutoDeactivate   bool              `yaml:"auto_deactivate" mapstructure:"auto_deactivate"`
}

AppConfig represents the main application configuration.

type AzureConfig added in v0.1.3 

type AzureConfig struct {
	SubscriptionID string `yaml:"subscription_id" mapstructure:"subscription_id"`
	TenantID       string `yaml:"tenant_id" mapstructure:"tenant_id"`
	AutoLogin      bool   `yaml:"auto_login,omitempty" mapstructure:"auto_login"`
}

AzureConfig holds Azure-specific configuration.

type BastionConfig added in v0.1.3 

type BastionConfig struct {
	Host         string `yaml:"host" mapstructure:"host"`
	User         string `yaml:"user" mapstructure:"user"`
	IdentityFile string `yaml:"identity_file" mapstructure:"identity_file"`
	Port         int    `yaml:"port" mapstructure:"port"`
}

BastionConfig holds SSH bastion configuration.

type BitwardenConfig added in v0.1.3 

type BitwardenConfig struct {
	Server        string `yaml:"server,omitempty" mapstructure:"server"`                 // Self-hosted Bitwarden server URL
	Email         string `yaml:"email,omitempty" mapstructure:"email"`                   // Email for login (pre-fills prompt)
	OrgIdentifier string `yaml:"org_identifier,omitempty" mapstructure:"org_identifier"` // Organization identifier for SSO login
	AutoLogin     bool   `yaml:"auto_login,omitempty" mapstructure:"auto_login"`         // Auto-run 'bw login' if not authenticated
	SSO           bool   `yaml:"sso,omitempty" mapstructure:"sso"`                       // Use SSO login instead of email/password
}

BitwardenConfig holds Bitwarden authentication configuration.

type BrowserConfig added in v0.1.3 

type BrowserConfig struct {
	Type    BrowserType `yaml:"type" mapstructure:"type"`
	Profile string      `yaml:"profile" mapstructure:"profile"`
}

BrowserConfig holds browser profile configuration.

type BrowserType added in v0.1.3 

type BrowserType string

BrowserType represents the type of browser. 

const (
	BrowserChrome  BrowserType = "chrome"
	BrowserFirefox BrowserType = "firefox"
)

type CloudConfig added in v0.1.3 

type CloudConfig struct {
	ServerURL         string `yaml:"server_url" mapstructure:"server_url"`                 // URL of the ctx-cloud server
	Enabled           bool   `yaml:"enabled" mapstructure:"enabled"`                       // Enable cloud integration
	SendAuditEvents   bool   `yaml:"send_audit_events" mapstructure:"send_audit_events"`   // Send audit events to cloud
	SendHeartbeat     bool   `yaml:"send_heartbeat" mapstructure:"send_heartbeat"`         // Send heartbeat to cloud
	HeartbeatInterval int    `yaml:"heartbeat_interval" mapstructure:"heartbeat_interval"` // Heartbeat interval in seconds (default: 30)
}

CloudConfig holds ctx-cloud integration settings.

type ConsulConfig added in v0.1.3 

type ConsulConfig struct {
	Address    string `yaml:"address" mapstructure:"address"`
	TokenEnv   string `yaml:"token_env" mapstructure:"token_env"`
	SkipVerify bool   `yaml:"skip_verify" mapstructure:"skip_verify"`
}

ConsulConfig holds Consul-specific configuration.

type ContextConfig added in v0.1.3 

type ContextConfig struct {
	// Cloud Providers
	AWS   *AWSConfig   `yaml:"aws,omitempty" mapstructure:"aws"`
	GCP   *GCPConfig   `yaml:"gcp,omitempty" mapstructure:"gcp"`
	Azure *AzureConfig `yaml:"azure,omitempty" mapstructure:"azure"`
	// Orchestration
	Kubernetes *KubernetesConfig `yaml:"kubernetes,omitempty" mapstructure:"kubernetes"`
	Nomad      *NomadConfig      `yaml:"nomad,omitempty" mapstructure:"nomad"`
	Consul     *ConsulConfig     `yaml:"consul,omitempty" mapstructure:"consul"`
	// SSH & Tunnels
	SSH *SSHConfig `yaml:"ssh,omitempty" mapstructure:"ssh"`
	// VPN
	VPN *VPNConfig `yaml:"vpn,omitempty" mapstructure:"vpn"`
	// Secrets & Identity
	Secrets     *SecretsConfig     `yaml:"secrets,omitempty" mapstructure:"secrets"`
	Bitwarden   *BitwardenConfig   `yaml:"bitwarden,omitempty" mapstructure:"bitwarden"`
	OnePassword *OnePasswordConfig `yaml:"onepassword,omitempty" mapstructure:"onepassword"`
	Vault       *VaultConfig       `yaml:"vault,omitempty" mapstructure:"vault"`
	Git         *GitConfig         `yaml:"git,omitempty" mapstructure:"git"`
	// Registries
	Docker *DockerRegistryConfig `yaml:"docker,omitempty" mapstructure:"docker"`
	NPM    *NPMConfig            `yaml:"npm,omitempty" mapstructure:"npm"`
	// Proxy
	Proxy *ProxyConfig `yaml:"proxy,omitempty" mapstructure:"proxy"`
	// Browser
	Browser *BrowserConfig `yaml:"browser,omitempty" mapstructure:"browser"`
	// Editor/IDE
	Editor *EditorConfig `yaml:"editor,omitempty" mapstructure:"editor"`
	// Custom Environment Variables
	Env map[string]string `yaml:"env,omitempty" mapstructure:"env"`
	// URLs for quick access (ctx open)
	URLs map[string]string `yaml:"urls,omitempty" mapstructure:"urls"`
	// Deactivate behavior (overrides global config)
	Deactivate  *DeactivateConfig `yaml:"deactivate,omitempty" mapstructure:"deactivate"`
	Name        string            `yaml:"name" mapstructure:"name"`
	Extends     string            `yaml:"extends,omitempty" mapstructure:"extends"` // Parent context to inherit from
	Description string            `yaml:"description" mapstructure:"description"`
	Environment Environment       `yaml:"environment" mapstructure:"environment"`
	EnvColor    string            `yaml:"env_color,omitempty" mapstructure:"env_color"` // red, yellow, green, blue, cyan, magenta, white
	Cloud       string            `yaml:"cloud,omitempty" mapstructure:"cloud"`         // Custom cloud provider label (e.g., digitalocean, openstack)
	Tags        []string          `yaml:"tags" mapstructure:"tags"`
	Tunnels     []TunnelConfig    `yaml:"tunnels,omitempty" mapstructure:"tunnels"`
	// Databases
	Databases []DatabaseConfig `yaml:"databases,omitempty" mapstructure:"databases"`
	Abstract  bool             `yaml:"abstract,omitempty" mapstructure:"abstract"` // If true, context is a template and cannot be used directly
}

ContextConfig represents a complete context configuration.

func (*ContextConfig) GetCloudProviders added in v0.1.3 

func (c *ContextConfig) GetCloudProviders() []string

GetCloudProviders returns a list of configured cloud providers.

func (*ContextConfig) GetExtras added in v0.1.3 

func (c *ContextConfig) GetExtras() []string

GetExtras returns a list of additional configured tools/features.

func (*ContextConfig) GetOrchestration added in v0.1.3 

func (c *ContextConfig) GetOrchestration() []string

GetOrchestration returns a list of configured orchestration tools.

func (*ContextConfig) IsProd added in v0.1.3 

func (c *ContextConfig) IsProd() bool

IsProd returns true if the context is for a production environment.

func (*ContextConfig) MergeFrom added in v0.1.3 

func (c *ContextConfig) MergeFrom(other *ContextConfig)

MergeFrom merges another context config into this one. Values from 'other' (parent) fill in missing values in 'c' (child). Deep merge: child values take precedence, parent fills in gaps.

Note: Due to Go's type system, boolean fields cannot be "unset" - they default to false. This means a parent's `true` boolean cannot be overridden to `false` by a child. If you need different boolean values, don't set them in the parent/base context.

type ContextSummary 

type ContextSummary struct {
	Name          string
	Environment   Environment
	CloudProvider string
	Orchestration string
	Extras        string
	IsCurrent     bool
}

ContextSummary provides a summary of a context for display purposes.

func GetContextSummary 

func GetContextSummary(ctx *ContextConfig, currentName string) ContextSummary

GetContextSummary returns a summary of a context for display in lists.

type DatabaseConfig added in v0.1.3 

type DatabaseConfig struct {
	Name        string       `yaml:"name" mapstructure:"name"`
	Type        DatabaseType `yaml:"type" mapstructure:"type"`
	Host        string       `yaml:"host" mapstructure:"host"`
	Database    string       `yaml:"database,omitempty" mapstructure:"database"`
	Username    string       `yaml:"username,omitempty" mapstructure:"username"`
	PasswordEnv string       `yaml:"password_env,omitempty" mapstructure:"password_env"`
	SSLMode     string       `yaml:"ssl_mode,omitempty" mapstructure:"ssl_mode"`
	Port        int          `yaml:"port" mapstructure:"port"`
}

DatabaseConfig holds database connection configuration.

type DatabaseType added in v0.1.3 

type DatabaseType string

DatabaseType represents supported database types. 

const (
	DBTypePostgres DatabaseType = "postgres"
	DBTypeMySQL    DatabaseType = "mysql"
	DBTypeMongoDB  DatabaseType = "mongodb"
	DBTypeRedis    DatabaseType = "redis"
)

type DeactivateConfig added in v0.1.3 

type DeactivateConfig struct {
	DisconnectVPN bool `yaml:"disconnect_vpn" mapstructure:"disconnect_vpn"`
	StopTunnels   bool `yaml:"stop_tunnels" mapstructure:"stop_tunnels"`
}

DeactivateConfig controls behavior when deactivating a context.

func NewDeactivateConfigDefaults added in v0.1.3 

func NewDeactivateConfigDefaults() *DeactivateConfig

NewDeactivateConfigDefaults returns default deactivate config (all true).

type DockerRegistryConfig added in v0.1.3 

type DockerRegistryConfig struct {
	URL         string `yaml:"url" mapstructure:"url"`
	Username    string `yaml:"username,omitempty" mapstructure:"username"`
	PasswordEnv string `yaml:"password_env,omitempty" mapstructure:"password_env"`
	// Docker context to use
	Context string `yaml:"context,omitempty" mapstructure:"context"`
}

DockerRegistryConfig holds Docker registry configuration.

type EKSConfig added in v0.1.3 

type EKSConfig struct {
	Cluster string `yaml:"cluster" mapstructure:"cluster"`
	Region  string `yaml:"region,omitempty" mapstructure:"region"` // Optional, falls back to aws.region
}

EKSConfig holds AWS Elastic Kubernetes Service configuration for auto-fetching credentials.

type EditorConfig added in v0.1.9 

type EditorConfig struct {
	Type      EditorType `yaml:"type" mapstructure:"type"`
	Workspace string     `yaml:"workspace,omitempty" mapstructure:"workspace"`
}

EditorConfig holds editor/IDE configuration for per-context workspace management.

type EditorType added in v0.1.9 

type EditorType string

EditorType represents the type of editor/IDE. 

const (
	EditorVSCode  EditorType = "vscode"
	EditorSublime EditorType = "sublime"
	EditorVim     EditorType = "vim"
)

type Environment added in v0.1.3 

type Environment string

Environment represents the deployment environment type (can be any string). 

const (
	EnvProduction  Environment = "production"
	EnvStaging     Environment = "staging"
	EnvDevelopment Environment = "development"
)

Common environment names (not enforced, just for convenience).

func (Environment) IsProd added in v0.1.3 

func (e Environment) IsProd() bool

IsProd returns true if the environment is production.

type GCPConfig added in v0.1.3 

type GCPConfig struct {
	Project    string `yaml:"project" mapstructure:"project"`
	Region     string `yaml:"region" mapstructure:"region"`
	ConfigName string `yaml:"config_name" mapstructure:"config_name"`
	AutoLogin  bool   `yaml:"auto_login,omitempty" mapstructure:"auto_login"`
}

GCPConfig holds GCP-specific configuration.

type GKEConfig added in v0.1.3 

type GKEConfig struct {
	Cluster string `yaml:"cluster" mapstructure:"cluster"`
	Zone    string `yaml:"zone,omitempty" mapstructure:"zone"`       // Zonal cluster
	Region  string `yaml:"region,omitempty" mapstructure:"region"`   // Regional cluster
	Project string `yaml:"project,omitempty" mapstructure:"project"` // Optional, falls back to gcp.project
}

GKEConfig holds Google Kubernetes Engine configuration for auto-fetching credentials.

type GitConfig added in v0.1.3 

type GitConfig struct {
	UserName   string `yaml:"user_name,omitempty" mapstructure:"user_name"`
	UserEmail  string `yaml:"user_email,omitempty" mapstructure:"user_email"`
	SigningKey string `yaml:"signing_key,omitempty" mapstructure:"signing_key"`
	GPGSign    bool   `yaml:"gpg_sign,omitempty" mapstructure:"gpg_sign"`
}

GitConfig holds Git identity configuration for per-client commits.

type KubernetesConfig added in v0.1.3 

type KubernetesConfig struct {
	Context    string     `yaml:"context,omitempty" mapstructure:"context"`
	Namespace  string     `yaml:"namespace,omitempty" mapstructure:"namespace"`
	Kubeconfig string     `yaml:"kubeconfig,omitempty" mapstructure:"kubeconfig"`
	AKS        *AKSConfig `yaml:"aks,omitempty" mapstructure:"aks"`
	EKS        *EKSConfig `yaml:"eks,omitempty" mapstructure:"eks"`
	GKE        *GKEConfig `yaml:"gke,omitempty" mapstructure:"gke"`
}

KubernetesConfig holds Kubernetes-specific configuration.

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

Manager handles configuration operations.

func NewManager 

func NewManager() (*Manager, error)

NewManager creates a new configuration manager.

func NewManagerWithDir 

func NewManagerWithDir(configDir string) *Manager

NewManagerWithDir creates a new configuration manager with a custom config directory.

func (*Manager) AzureConfigDir 

func (m *Manager) AzureConfigDir(contextName string) string

AzureConfigDir returns the Azure config directory for a specific context.

func (*Manager) CleanupSecretFiles added in v0.1.7 

func (m *Manager) CleanupSecretFiles(contextName string) error

CleanupSecretFiles securely deletes all secret files for a context and removes the state file.

func (*Manager) ClearCurrentContext 

func (m *Manager) ClearCurrentContext() error

ClearCurrentContext clears the current context.

func (*Manager) CloudConfigDir 

func (m *Manager) CloudConfigDir() string

CloudConfigDir returns the directory for storing per-context cloud provider configs.

func (*Manager) ConfigDir 

func (m *Manager) ConfigDir() string

ConfigDir returns the configuration directory path.

func (*Manager) ContextExists 

func (m *Manager) ContextExists(name string) bool

ContextExists checks if a context with the given name exists.

func (*Manager) ContextsDir 

func (m *Manager) ContextsDir() string

ContextsDir returns the contexts directory path.

func (*Manager) DeleteAWSCredentials 

func (m *Manager) DeleteAWSCredentials(contextName string) error

DeleteAWSCredentials removes saved AWS credentials for a context.

func (*Manager) DeleteBitwardenSession 

func (m *Manager) DeleteBitwardenSession(contextName string) error

DeleteBitwardenSession removes a saved Bitwarden session for a specific context. It removes from both keychain and file storage.

func (*Manager) DeleteCloudAPIKey added in v0.1.3 

func (m *Manager) DeleteCloudAPIKey() error

DeleteCloudAPIKey removes the saved ctx-cloud API key. It removes from both keychain and file storage.

func (*Manager) DeleteContext 

func (m *Manager) DeleteContext(name string) error

DeleteContext deletes a context configuration.

func (*Manager) DeleteOnePasswordSession 

func (m *Manager) DeleteOnePasswordSession(contextName string) error

DeleteOnePasswordSession removes a saved 1Password session for a specific context.

func (*Manager) DeleteVaultToken 

func (m *Manager) DeleteVaultToken(contextName string) error

DeleteVaultToken removes a saved Vault token for a specific context. It removes from both keychain and file storage.

func (*Manager) EnsureAzureConfigDir 

func (m *Manager) EnsureAzureConfigDir(contextName string) error

EnsureAzureConfigDir creates the Azure config directory for a context if it doesn't exist.

func (*Manager) EnsureDirs 

func (m *Manager) EnsureDirs() error

EnsureDirs creates the configuration directories if they don't exist.

func (*Manager) EnsureGCPConfigDir 

func (m *Manager) EnsureGCPConfigDir(contextName string) error

EnsureGCPConfigDir creates the GCP config directory for a context if it doesn't exist.

func (*Manager) EnsureTokensDir 

func (m *Manager) EnsureTokensDir() error

EnsureTokensDir creates the tokens directory if it doesn't exist.

func (*Manager) GCPConfigDir 

func (m *Manager) GCPConfigDir(contextName string) string

GCPConfigDir returns the GCP config directory for a specific context.

func (*Manager) GenerateEnvVars 

func (m *Manager) GenerateEnvVars(ctx *ContextConfig) map[string]string

GenerateEnvVars generates environment variables for a context.

func (*Manager) GetAppConfig 

func (m *Manager) GetAppConfig() *AppConfig

GetAppConfig returns the cached app config, loading it if necessary.

func (*Manager) GetCurrentContext 

func (m *Manager) GetCurrentContext() (*ContextConfig, error)

GetCurrentContext returns the currently active context configuration.

func (*Manager) GetCurrentContextName 

func (m *Manager) GetCurrentContextName() (string, error)

GetCurrentContextName returns the name of the currently active context.

func (*Manager) ListContextConfigs 

func (m *Manager) ListContextConfigs() ([]*ContextConfig, error)

ListContextConfigs returns all context configurations.

func (*Manager) ListContexts 

func (m *Manager) ListContexts() ([]string, error)

ListContexts returns a list of all available context names.

func (*Manager) LoadAWSCredentials 

func (m *Manager) LoadAWSCredentials(contextName string) *AWSCredentials

LoadAWSCredentials loads saved AWS credentials for a context. Returns nil if no credentials are saved or if they're expired.

func (*Manager) LoadAppConfig 

func (m *Manager) LoadAppConfig() (*AppConfig, error)

LoadAppConfig loads the main application configuration.

func (*Manager) LoadBitwardenSession 

func (m *Manager) LoadBitwardenSession(contextName string) string

LoadBitwardenSession loads a saved Bitwarden session for a specific context. It tries the system keychain first, falling back to file storage. Returns empty string if no session is saved.

func (*Manager) LoadCloudAPIKey added in v0.1.3 

func (m *Manager) LoadCloudAPIKey() string

LoadCloudAPIKey loads the saved ctx-cloud API key. It tries the system keychain first, falling back to file storage. Returns empty string if no API key is saved.

func (*Manager) LoadContext 

func (m *Manager) LoadContext(name string) (*ContextConfig, error)

LoadContext loads a context configuration by name. If the context extends another context, it will be merged with the parent. After merging, ${VAR} references in string fields are expanded using the env: map.

func (*Manager) LoadOnePasswordSession 

func (m *Manager) LoadOnePasswordSession(contextName string) string

LoadOnePasswordSession loads a saved 1Password session for a specific context.

func (*Manager) LoadSecretFilesState added in v0.1.7 

func (m *Manager) LoadSecretFilesState(contextName string) (*SecretFilesState, error)

LoadSecretFilesState loads the secret files state for a context. Returns nil, nil if no state file exists.

func (*Manager) LoadVaultToken 

func (m *Manager) LoadVaultToken(contextName string) string

LoadVaultToken loads a saved Vault token for a specific context. It tries the system keychain first, falling back to file storage. Returns empty string if no token is saved.

func (*Manager) SaveAWSCredentials 

func (m *Manager) SaveAWSCredentials(contextName string, creds *AWSCredentials) error

SaveAWSCredentials saves temporary AWS credentials for a context.

func (*Manager) SaveAppConfig 

func (m *Manager) SaveAppConfig(config *AppConfig) error

SaveAppConfig saves the main application configuration.

func (*Manager) SaveBitwardenSession 

func (m *Manager) SaveBitwardenSession(contextName, session string) error

SaveBitwardenSession saves a Bitwarden session for a specific context. It tries to use the system keychain first, falling back to file storage.

func (*Manager) SaveCloudAPIKey added in v0.1.3 

func (m *Manager) SaveCloudAPIKey(apiKey string) error

SaveCloudAPIKey saves the ctx-cloud API key. It tries to use the system keychain first, falling back to file storage.

func (*Manager) SaveContext 

func (m *Manager) SaveContext(config *ContextConfig) error

SaveContext saves a context configuration.

func (*Manager) SaveOnePasswordSession 

func (m *Manager) SaveOnePasswordSession(contextName, session string) error

SaveOnePasswordSession saves a 1Password session for a specific context.

func (*Manager) SaveSecretFilesState added in v0.1.7 

func (m *Manager) SaveSecretFilesState(state *SecretFilesState) error

SaveSecretFilesState persists the secret files state for a context.

func (*Manager) SaveVaultToken 

func (m *Manager) SaveVaultToken(contextName, token string) error

SaveVaultToken saves a Vault token for a specific context. It tries to use the system keychain first, falling back to file storage.

func (*Manager) SecretFilesStateDir added in v0.1.7 

func (m *Manager) SecretFilesStateDir() string

SecretFilesStateDir returns the directory for storing secret files state.

func (*Manager) SetCurrentContext 

func (m *Manager) SetCurrentContext(name string) error

SetCurrentContext sets the current active context.

func (*Manager) StateDir 

func (m *Manager) StateDir() string

StateDir returns the state directory path.

func (*Manager) TokensDir 

func (m *Manager) TokensDir() string

TokensDir returns the directory for storing per-context tokens.

func (*Manager) WriteEnvFile 

func (m *Manager) WriteEnvFile(ctx *ContextConfig) error

WriteEnvFile writes the environment variables for the current context to a file.

func (*Manager) WriteEnvFileWithSecrets 

func (m *Manager) WriteEnvFileWithSecrets(ctx *ContextConfig, secrets map[string]string) error

WriteEnvFileWithSecrets writes env vars including resolved secrets to a file.

type NPMConfig added in v0.1.3 

type NPMConfig struct {
	Registry     string `yaml:"registry" mapstructure:"registry"`
	AuthTokenEnv string `yaml:"auth_token_env,omitempty" mapstructure:"auth_token_env"`
	Scope        string `yaml:"scope,omitempty" mapstructure:"scope"`
	AlwaysAuth   bool   `yaml:"always_auth,omitempty" mapstructure:"always_auth"`
}

NPMConfig holds NPM registry configuration.

type NomadConfig added in v0.1.3 

type NomadConfig struct {
	Address    string `yaml:"address" mapstructure:"address"`
	Namespace  string `yaml:"namespace" mapstructure:"namespace"`
	Token      string `yaml:"token" mapstructure:"token"`
	TokenEnv   string `yaml:"token_env" mapstructure:"token_env"`
	SkipVerify bool   `yaml:"skip_verify" mapstructure:"skip_verify"`
}

NomadConfig holds Nomad-specific configuration.

type OnePasswordConfig added in v0.1.3 

type OnePasswordConfig struct {
	Account   string `yaml:"account,omitempty" mapstructure:"account"`       // Account shorthand or URL (e.g., "my.1password.com")
	AutoLogin bool   `yaml:"auto_login,omitempty" mapstructure:"auto_login"` // Auto-run 'op signin' if not authenticated
	SSO       bool   `yaml:"sso,omitempty" mapstructure:"sso"`               // Use SSO login instead of email/password
}

OnePasswordConfig holds 1Password authentication configuration.

type ProxyConfig added in v0.1.3 

type ProxyConfig struct {
	HTTP    string `yaml:"http,omitempty" mapstructure:"http"`
	HTTPS   string `yaml:"https,omitempty" mapstructure:"https"`
	NoProxy string `yaml:"no_proxy,omitempty" mapstructure:"no_proxy"`
}

ProxyConfig holds HTTP proxy configuration.

type SSHConfig added in v0.1.3 

type SSHConfig struct {
	ControlMaster     string        `yaml:"control_master" mapstructure:"control_master"`
	ControlPersist    string        `yaml:"control_persist" mapstructure:"control_persist"`
	Bastion           BastionConfig `yaml:"bastion" mapstructure:"bastion"`
	KeepaliveInterval int           `yaml:"keepalive_interval" mapstructure:"keepalive_interval"`
	KeepaliveCountMax int           `yaml:"keepalive_count_max" mapstructure:"keepalive_count_max"`
	Persistent        bool          `yaml:"persistent" mapstructure:"persistent"`
	TunnelTimeout     int           `yaml:"tunnel_timeout" mapstructure:"tunnel_timeout"` // seconds, default 5
}

SSHConfig holds SSH-specific configuration.

type SecretFileEntry added in v0.1.7 

type SecretFileEntry struct {
	Path      string    `json:"path"`
	EnvVar    string    `json:"env_var"`
	Provider  string    `json:"provider"`
	CreatedAt time.Time `json:"created_at"`
}

SecretFileEntry represents a single secret file written to disk.

type SecretFileSource added in v0.1.7 

type SecretFileSource struct {
	Bitwarden         string `yaml:"bitwarden,omitempty" mapstructure:"bitwarden"`
	OnePassword       string `yaml:"onepassword,omitempty" mapstructure:"onepassword"`
	Vault             string `yaml:"vault,omitempty" mapstructure:"vault"`
	AWSSecretsManager string `yaml:"aws_secrets_manager,omitempty" mapstructure:"aws_secrets_manager"`
	AWSSSM            string `yaml:"aws_ssm,omitempty" mapstructure:"aws_ssm"`
	GCPSecretManager  string `yaml:"gcp_secret_manager,omitempty" mapstructure:"gcp_secret_manager"`
}

SecretFileSource specifies which secret provider to use for a secret file. Exactly one provider field must be set.

type SecretFilesState added in v0.1.7 

type SecretFilesState struct {
	ContextName string                     `json:"context_name"`
	CreatedAt   time.Time                  `json:"created_at"`
	Files       map[string]SecretFileEntry `json:"files"` // keyed by env var name
}

SecretFilesState represents the persisted state of secret files for a context.

type SecretsConfig added in v0.1.3 

type SecretsConfig struct {
	// Password Managers
	Bitwarden   map[string]string `yaml:"bitwarden,omitempty" mapstructure:"bitwarden"`     // ENV_VAR: "item-name"
	OnePassword map[string]string `yaml:"onepassword,omitempty" mapstructure:"onepassword"` // ENV_VAR: "item-name"
	Vault       map[string]string `yaml:"vault,omitempty" mapstructure:"vault"`             // ENV_VAR: "path#field"
	// Cloud Secret Managers (use existing cloud auth)
	AWSSecretsManager map[string]string `yaml:"aws_secrets_manager,omitempty" mapstructure:"aws_secrets_manager"` // ENV_VAR: "secret-name" or "secret-name#json-key"
	AWSSSM            map[string]string `yaml:"aws_ssm,omitempty" mapstructure:"aws_ssm"`                         // ENV_VAR: "/param/path"
	GCPSecretManager  map[string]string `yaml:"gcp_secret_manager,omitempty" mapstructure:"gcp_secret_manager"`   // ENV_VAR: "secret-name" or "projects/p/secrets/s/versions/v"
	// Secret Files: fetch secret content and write to a secure temp file, export file path as env var
	Files map[string]SecretFileSource `yaml:"files,omitempty" mapstructure:"files"` // ENV_VAR: SecretFileSource
}

SecretsConfig holds configuration for fetching secrets from various providers. Each provider has its own sub-section with ENV_VAR: "item-name" mappings.

type TunnelConfig added in v0.1.3 

type TunnelConfig struct {
	Name        string `yaml:"name" mapstructure:"name"`
	Description string `yaml:"description" mapstructure:"description"`
	RemoteHost  string `yaml:"remote_host" mapstructure:"remote_host"`
	RemotePort  int    `yaml:"remote_port" mapstructure:"remote_port"`
	LocalPort   int    `yaml:"local_port" mapstructure:"local_port"`
	AutoConnect bool   `yaml:"auto_connect,omitempty" mapstructure:"auto_connect"`
}

TunnelConfig holds configuration for a single tunnel.

type TunnelStatus added in v0.1.3 

type TunnelStatus string

TunnelStatus represents the status of an SSH tunnel. 

const (
	TunnelStatusConnected    TunnelStatus = "connected"
	TunnelStatusDisconnected TunnelStatus = "disconnected"
	TunnelStatusConnecting   TunnelStatus = "connecting"
	TunnelStatusError        TunnelStatus = "error"
)

type VPNConfig added in v0.1.3 

type VPNConfig struct {
	Type VPNType `yaml:"type" mapstructure:"type"`
	// OpenVPN
	ConfigFile   string `yaml:"config_file,omitempty" mapstructure:"config_file"`
	AuthUserPass string `yaml:"auth_user_pass,omitempty" mapstructure:"auth_user_pass"`
	// WireGuard
	Interface string `yaml:"interface,omitempty" mapstructure:"interface"`
	// Tailscale
	ExitNode string `yaml:"exit_node,omitempty" mapstructure:"exit_node"`
	// Custom commands
	ConnectCmd    string `yaml:"connect_cmd,omitempty" mapstructure:"connect_cmd"`
	DisconnectCmd string `yaml:"disconnect_cmd,omitempty" mapstructure:"disconnect_cmd"`
	StatusCmd     string `yaml:"status_cmd,omitempty" mapstructure:"status_cmd"`
	// Common
	AutoConnect    bool `yaml:"auto_connect,omitempty" mapstructure:"auto_connect"`
	AutoDisconnect bool `yaml:"auto_disconnect,omitempty" mapstructure:"auto_disconnect"`
}

VPNConfig holds VPN connection configuration.

type VPNType added in v0.1.3 

type VPNType string

VPNType represents the type of VPN connection. 

const (
	VPNTypeOpenVPN   VPNType = "openvpn"
	VPNTypeWireGuard VPNType = "wireguard"
	VPNTypeTailscale VPNType = "tailscale"
	VPNTypeCustom    VPNType = "custom"
)

type VaultAuthMethod added in v0.1.3 

type VaultAuthMethod string

VaultAuthMethod represents HashiCorp Vault auth methods. 

const (
	VaultAuthToken   VaultAuthMethod = "token"
	VaultAuthOIDC    VaultAuthMethod = "oidc"
	VaultAuthAWS     VaultAuthMethod = "aws"
	VaultAuthK8s     VaultAuthMethod = "kubernetes"
	VaultAuthAppRole VaultAuthMethod = "approle"
)

type VaultConfig added in v0.1.3 

type VaultConfig struct {
	Address    string          `yaml:"address" mapstructure:"address"`
	Namespace  string          `yaml:"namespace,omitempty" mapstructure:"namespace"`
	AuthMethod VaultAuthMethod `yaml:"auth_method,omitempty" mapstructure:"auth_method"`
	TokenEnv   string          `yaml:"token_env,omitempty" mapstructure:"token_env"`
	RoleID     string          `yaml:"role_id,omitempty" mapstructure:"role_id"`
	SecretID   string          `yaml:"secret_id_env,omitempty" mapstructure:"secret_id_env"`
	AutoLogin  bool            `yaml:"auto_login,omitempty" mapstructure:"auto_login"`
	SkipVerify bool            `yaml:"skip_verify,omitempty" mapstructure:"skip_verify"`
}

VaultConfig holds HashiCorp Vault configuration.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.