secrets

package
v0.0.0-...-b0bff92 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 7, 2021 License: AGPL-3.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	RoleView   = SecretRole("view")
	RoleRotate = SecretRole("rotate")
	RoleManage = SecretRole("manage")
)
View Source 
const (
	StatusStaged = SecretStatus("staged")
	StatusActive = SecretStatus("active")
)
View Source 
const (
	TypeBlob     = SecretType("blob")
	TypePassword = SecretType("password")
)
View Source 
const (
	PasswordLength       = "password-length"
	PasswordSpecialChars = "password-special-chars"
)

TODO(wallyworld) - use a schema to describe the config

View Source 
const (
	// AppSnippet denotes a secret belonging to an application.
	AppSnippet = "app"
)
View Source 
const (

	// SecretScheme is the URL prefix for a secret.
	SecretScheme = "secret"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type SecretConfig 

type SecretConfig struct {
	Path           string
	RotateInterval *time.Duration
	Status         *SecretStatus
	Description    *string
	Tags           *map[string]string
	Params         map[string]interface{}
}

SecretConfig is used when creating a secret.

func NewPasswordSecretConfig 

func NewPasswordSecretConfig(length int, specialChars bool, nameParts ...string) *SecretConfig

NewPasswordSecretConfig is used to create an application scoped password secret.

func NewSecretConfig 

func NewSecretConfig(nameParts ...string) *SecretConfig

NewSecretConfig is used to create an application scoped blob secret.

func (*SecretConfig) Validate 

func (c *SecretConfig) Validate() error

Validate returns an error if the config is not valid.

type SecretData 

type SecretData map[string]string

SecretData holds secret key values.

func CreatSecretData 

func CreatSecretData(asBase64 bool, args []string) (SecretData, error)

CreatSecretData creates a secret data bag from a list of arguments. The arguments are either all key=value or a singular value. If base64 is true, then the supplied value(s) are already base64 encoded, otherwise the values are base64 encoded as they are added to the data bag.

type SecretMetadata 

type SecretMetadata struct {
	// Read only after creation.
	URL  *URL
	Path string

	// Version starts at 1 and is incremented
	// whenever an incompatible change is made.
	Version int

	// These can be updated after creation.
	Status         SecretStatus
	Description    string
	Tags           map[string]string
	RotateInterval time.Duration

	// ID is a Juju ID for the secret.
	ID int

	// Provider is the name of the backend secrets store.
	Provider string
	// ProviderID is the ID used by the underlying secrets provider.
	ProviderID string
	// Revision is incremented each time the corresponding
	// secret value is changed.
	Revision int

	CreateTime time.Time
	UpdateTime time.Time
}

SecretMetadata holds metadata about a secret.

type SecretRole 

type SecretRole string

SecretRole is an access role on a secret.

type SecretStatus 

type SecretStatus string

SecretStatus is the status of a secret.

func (SecretStatus) IsValid 

func (s SecretStatus) IsValid() bool

IsValid returns true if s is a valid secret status.

type SecretType 

type SecretType string

SecretType is the type of a secret. This is used when creating a secret.

func (SecretType) IsValid 

func (t SecretType) IsValid() bool

IsValid returns true if t is a valid secret type.

type SecretValue 

type SecretValue interface {
	// EncodedValues returns the key values of a secret as
	// the raw base64 encoded strings.
	// For the special case where the secret only has a
	// single key value "data", then use BinaryValue()
	//to get the result.
	EncodedValues() map[string]string

	// Values returns the key values of a secret as strings.
	// For the special case where the secret only has a
	// single key value "data", then use StringValue()
	//to get the result.
	Values() (map[string]string, error)

	// Singular returns true if the secret value represents a
	// single data value rather than key values.
	Singular() bool

	// EncodedValue returns the value of the secret as the raw
	// base64 encoded string.
	// The secret must be a singular value.
	EncodedValue() (string, error)

	// Value returns the value of the secret as a string.
	// The secret must be a singular value.
	Value() (string, error)
}

SecretValue holds the value of a secret. Instances of SecretValue are returned by a secret store when a secret look up is performed. The underlying value is a map of base64 encoded values represented as []byte. Convenience methods exist to retrieve singular decoded string and encoded base64 string values.

func NewSecretValue 

func NewSecretValue(data map[string]string) SecretValue

NewSecretValue returns a secret using the specified map of values. The map values are assumed to be already base64 encoded.

type URL 

type URL struct {
	ControllerUUID string
	ModelUUID      string
	Path           string
	Attribute      string
	Revision       int
}

URL represents a reference to a secret.

func NewSimpleURL 

func NewSimpleURL(path string) *URL

NewSimpleURL returns a URL with the specified path.

func ParseURL 

func ParseURL(str string) (*URL, error)

ParseURL parses the specified URL string into a URL.

func (*URL) ID 

func (u *URL) ID() string

ID returns the URL string without any Attribute.

func (*URL) OwnerApplication 

func (u *URL) OwnerApplication() (string, bool)

OwnerApplication returns the application part of a secret URL.

func (*URL) ShortString 

func (u *URL) ShortString() string

ShortString prints the URL without controller or model UUID.

func (*URL) String 

func (u *URL) String() string

String prints the URL as a string.

func (*URL) WithAttribute 

func (u *URL) WithAttribute(attr string) *URL

WithAttribute returns the URL with the specified attribute.

func (*URL) WithRevision 

func (u *URL) WithRevision(revision int) *URL

WithRevision returns the URL with the specified revision.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.