internal

package

v0.4.0 Latest Latest Go to latest Published: Jun 20, 2020 License: MIT Imports: 25 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/dschniepp/sealit

Links

Open Source Insights

Documentation ¶

Index ¶

func Init(sealitconfig string, force bool) (err error)
func Template(sealedSecretPath string) (err error)
type Cert
type Config
- func ExampleConfig() Config
- func LoadConfig(file []byte) (config Config, err error)
type File
- func NewValueFile(d []byte) (*File, error)
- func (f *File) ApplyFuncToValues(manipulator func(*yaml.Node, *yaml.Node) error) error
- func (f *File) Export() ([]byte, error)
type KubernetesCertSource
type Metadata
type PathCertSource
type Resealer
- func NewResealer(srs *SealingRuleSet, m *Metadata) (s *Resealer, err error)
- func (r *Resealer) Reseal(key *yaml.Node, value *yaml.Node) error
type Sealer
- func NewSealer(srs *SealingRuleSet, m *Metadata, fetchCert bool) (s *Sealer, err error)
- func (s *Sealer) Seal(key *yaml.Node, value *yaml.Node) error
- func (s *Sealer) Verify(key *yaml.Node, value *yaml.Node) error
type SealingRuleSet
- func (cs *SealingRuleSet) GetCert() (string, error)
- func (srs *SealingRuleSet) GetSecretsRegex() *regexp.Regexp
type Sealit
- func New(sealitconfig string, kubeconfig string, fetchCert bool) (*Sealit, error)
- func (s *Sealit) Reseal() (err error)
- func (s *Sealit) Seal(force bool) (err error)
- func (s *Sealit) Verify() (err error)
type Sources
type UrlCertSource

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Init ¶

func Init(sealitconfig string, force bool) (err error)

func Template ¶

func Template(sealedSecretPath string) (err error)

Types ¶

type Cert ¶ added in v0.3.0

type Cert struct {
	MaxAge  time.Duration `yaml:"maxAge"`
	Sources *Sources      `yaml:"sources"`
}

type Config ¶

type Config struct {
	SealingRuleSets []SealingRuleSet `yaml:"sealingRules"`
}

func ExampleConfig ¶

func ExampleConfig() Config

ExampleConfig Provide an example config of the `.sealit.yaml`

func LoadConfig ¶

func LoadConfig(file []byte) (config Config, err error)

type File ¶

type File struct {
	Metadata *Metadata `yaml:"sealit,omitempty"`
	// contains filtered or unexported fields
}

func NewValueFile ¶

func NewValueFile(d []byte) (*File, error)

func (*File) ApplyFuncToValues ¶

func (f *File) ApplyFuncToValues(manipulator func(*yaml.Node, *yaml.Node) error) error

func (*File) Export ¶

func (f *File) Export() ([]byte, error)

type KubernetesCertSource ¶ added in v0.3.0

type KubernetesCertSource struct {
	Context   string `yaml:"context"`
	Name      string `yaml:"name"`
	Namespace string `yaml:"namespace"`
}

type Metadata ¶

type Metadata struct {
	Name      string `yaml:"name"`
	Namespace string `yaml:"namespace"`
	SealedAt  string `yaml:"sealedAt"`
	Cert      string `yaml:"cert"`
}

type PathCertSource ¶ added in v0.3.0

type PathCertSource string

type Resealer ¶ added in v0.4.0

type Resealer struct {
	// contains filtered or unexported fields
}

func NewResealer ¶ added in v0.4.0

func NewResealer(srs *SealingRuleSet, m *Metadata) (s *Resealer, err error)

func (*Resealer) Reseal ¶ added in v0.4.0

func (r *Resealer) Reseal(key *yaml.Node, value *yaml.Node) error

type Sealer ¶

type Sealer struct {
	// contains filtered or unexported fields
}

func NewSealer ¶

func NewSealer(srs *SealingRuleSet, m *Metadata, fetchCert bool) (s *Sealer, err error)

func (*Sealer) Seal ¶ added in v0.3.0

func (s *Sealer) Seal(key *yaml.Node, value *yaml.Node) error

func (*Sealer) Verify ¶ added in v0.3.0

func (s *Sealer) Verify(key *yaml.Node, value *yaml.Node) error

type SealingRuleSet ¶

type SealingRuleSet struct {
	FileRegex    string `yaml:"fileRegex"`
	Name         string `yaml:"name"`
	Namespace    string `yaml:"namespace"`
	SecretsRegex string `yaml:"secretsRegex"`
	Cert         *Cert  `yaml:"cert"`
}

func (*SealingRuleSet) GetCert ¶ added in v0.3.0

func (cs *SealingRuleSet) GetCert() (string, error)

GetCert fetches the cert from different sources Prio: 1. fetch from Kubernetes cluster 2. fetch from url 3. fetch from file path

func (*SealingRuleSet) GetSecretsRegex ¶ added in v0.4.0

func (srs *SealingRuleSet) GetSecretsRegex() *regexp.Regexp

type Sealit ¶

type Sealit struct {
	// contains filtered or unexported fields
}

func New ¶

func New(sealitconfig string, kubeconfig string, fetchCert bool) (*Sealit, error)

func (*Sealit) Reseal ¶ added in v0.4.0

func (s *Sealit) Reseal() (err error)

func (*Sealit) Seal ¶

func (s *Sealit) Seal(force bool) (err error)

func (*Sealit) Verify ¶

func (s *Sealit) Verify() (err error)

type Sources ¶ added in v0.3.0

type Sources struct {
	Url        UrlCertSource        `yaml:"url,omitempty"`
	Path       PathCertSource       `yaml:"path,omitempty"`
	Kubernetes KubernetesCertSource `yaml:"kubernetes,omitempty"`
}

type UrlCertSource ¶ added in v0.3.0

type UrlCertSource string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL