vault

package

v1.15.3 Latest Latest Go to latest Published: Apr 5, 2022 License: Apache-2.0 Imports: 25 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/banzaicloud/bank-vaults

Links

Open Source Insights

Documentation ¶

Overview ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index ¶

Constants
func XORBase64(a, b string) ([]byte, error)
func XORBytes(a, b []byte) ([]byte, error)
type Config
type KVService
type Vault
- func New(k KVService, cl *api.Client, config Config) (Vault, error)

Constants ¶

View Source

const DefaultConfigFile = "vault-config.yml"

DefaultConfigFile is the name of the default config file

Variables ¶

This section is empty.

Functions ¶

func XORBase64 ¶ added in v1.15.3

func XORBase64(a, b string) ([]byte, error)

XORBase64 takes two base64-encoded strings and XORs the decoded byte slices together, returning the final byte slice. It is an error to pass in two strings that do not have the same length to their base64-decoded byte slice.

func XORBytes ¶ added in v1.15.3

func XORBytes(a, b []byte) ([]byte, error)

XORBytes takes two byte slices and XORs them together, returning the final byte slice. It is an error to pass in two byte slices that do not have the same length.

Types ¶

type Config ¶

type Config struct {
	// how many key parts exist
	SecretShares int
	// how many of these parts are needed to unseal Vault (secretThreshold <= secretShares)
	SecretThreshold int

	// if this root token is set, the dynamic generated will be invalidated and this created instead
	InitRootToken string
	// should the root token be stored in the keyStore
	StoreRootToken bool

	// should the KV backend be tested first to validate access rights
	PreFlightChecks bool
}

Config holds the configuration of the Vault initialization

type KVService ¶

type KVService interface {
	Set(key string, value []byte) error
	Get(key string) ([]byte, error)
}

type Vault ¶

type Vault interface {
	Init() error
	RaftInitialized() (bool, error)
	RaftJoin(string) error
	Sealed() (bool, error)
	Active() (bool, error)
	Unseal() error
	Leader() (bool, error)
	LeaderAddress() (string, error)
	Configure(config *viper.Viper) error
}

Vault is an interface that can be used to attempt to perform actions against a Vault server.

func New ¶

func New(k KVService, cl *api.Client, config Config) (Vault, error)

New returns a new vault Vault, or an error.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL