Documentation
¶
Index ¶
- Constants
- func AadEndpointForType(t esv1beta1.AzureEnvironmentType) string
- func FetchSAToken(ctx context.Context, ns, name string, audiences []string, ...) (string, error)
- func NewTokenProvider(ctx context.Context, token, clientID, tenantID, aadEndpoint, kvResource string) (adal.OAuthTokenProvider, error)
- func ServiceManagementEndpointForType(t esv1beta1.AzureEnvironmentType) string
- type Azure
- func (a *Azure) Capabilities() esv1beta1.SecretStoreCapabilities
- func (a *Azure) Close(_ context.Context) error
- func (a *Azure) DeleteSecret(ctx context.Context, remoteRef esv1beta1.PushSecretRemoteRef) error
- func (a *Azure) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecretFind) (map[string][]byte, error)
- func (a *Azure) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) ([]byte, error)
- func (a *Azure) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
- func (a *Azure) NewClient(ctx context.Context, store esv1beta1.GenericStore, kube client.Client, ...) (esv1beta1.SecretsClient, error)
- func (a *Azure) PushSecret(ctx context.Context, secret *corev1.Secret, data esv1beta1.PushSecretData) error
- func (a *Azure) SecretExists(ctx context.Context, remoteRef esv1beta1.PushSecretRemoteRef) (bool, error)
- func (a *Azure) Validate() (esv1beta1.ValidationResult, error)
- func (a *Azure) ValidateStore(store esv1beta1.GenericStore) (admission.Warnings, error)
- type SecretClient
Constants ¶
View Source
const ( AzureDefaultAudience = "api://AzureADTokenExchange" AnnotationClientID = "azure.workload.identity/client-id" AnnotationTenantID = "azure.workload.identity/tenant-id" )
Variables ¶
This section is empty.
Functions ¶
func AadEndpointForType ¶ added in v0.6.0
func AadEndpointForType(t esv1beta1.AzureEnvironmentType) string
func FetchSAToken ¶ added in v0.6.0
func NewTokenProvider ¶ added in v0.6.0
func ServiceManagementEndpointForType ¶ added in v0.9.10
func ServiceManagementEndpointForType(t esv1beta1.AzureEnvironmentType) string
Types ¶
type Azure ¶
type Azure struct {
// contains filtered or unexported fields
}
func (*Azure) Capabilities ¶ added in v0.7.0
func (a *Azure) Capabilities() esv1beta1.SecretStoreCapabilities
Capabilities return the provider supported capabilities (ReadOnly, WriteOnly, ReadWrite).
func (*Azure) DeleteSecret ¶ added in v0.7.0
func (*Azure) GetAllSecrets ¶ added in v0.5.0
func (a *Azure) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecretFind) (map[string][]byte, error)
Implements store.Client.GetAllSecrets Interface. Retrieves a map[string][]byte with the secret names as key and the secret itself as the calue.
func (*Azure) GetSecret ¶
func (a *Azure) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) ([]byte, error)
Implements store.Client.GetSecret Interface. Retrieves a secret/Key/Certificate/Tag with the secret name defined in ref.Name The Object Type is defined as a prefix in the ref.Name , if no prefix is defined , we assume a secret is required.
func (*Azure) GetSecretMap ¶
func (a *Azure) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
Implements store.Client.GetSecretMap Interface. New version of GetSecretMap.
func (*Azure) NewClient ¶ added in v0.4.0
func (a *Azure) NewClient(ctx context.Context, store esv1beta1.GenericStore, kube client.Client, namespace string) (esv1beta1.SecretsClient, error)
NewClient constructs a new secrets client based on the provided store.
func (*Azure) PushSecret ¶ added in v0.7.0
func (a *Azure) PushSecret(ctx context.Context, secret *corev1.Secret, data esv1beta1.PushSecretData) error
PushSecret stores secrets into a Key vault instance.
func (*Azure) SecretExists ¶ added in v0.9.14
func (*Azure) Validate ¶ added in v0.4.2
func (a *Azure) Validate() (esv1beta1.ValidationResult, error)
func (*Azure) ValidateStore ¶ added in v0.5.0
type SecretClient ¶
type SecretClient interface {
GetKey(ctx context.Context, vaultBaseURL string, keyName string, keyVersion string) (result keyvault.KeyBundle, err error)
GetSecret(ctx context.Context, vaultBaseURL string, secretName string, secretVersion string) (result keyvault.SecretBundle, err error)
GetSecretsComplete(ctx context.Context, vaultBaseURL string, maxresults *int32) (result keyvault.SecretListResultIterator, err error)
GetCertificate(ctx context.Context, vaultBaseURL string, certificateName string, certificateVersion string) (result keyvault.CertificateBundle, err error)
SetSecret(ctx context.Context, vaultBaseURL string, secretName string, parameters keyvault.SecretSetParameters) (result keyvault.SecretBundle, err error)
ImportKey(ctx context.Context, vaultBaseURL string, keyName string, parameters keyvault.KeyImportParameters) (result keyvault.KeyBundle, err error)
ImportCertificate(ctx context.Context, vaultBaseURL string, certificateName string, parameters keyvault.CertificateImportParameters) (result keyvault.CertificateBundle, err error)
DeleteCertificate(ctx context.Context, vaultBaseURL string, certificateName string) (result keyvault.DeletedCertificateBundle, err error)
DeleteKey(ctx context.Context, vaultBaseURL string, keyName string) (result keyvault.DeletedKeyBundle, err error)
DeleteSecret(ctx context.Context, vaultBaseURL string, secretName string) (result keyvault.DeletedSecretBundle, err error)
}
interface to keyvault.BaseClient.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.