secrets

package

v0.0.0-...-ac56535 Latest Latest Go to latest Published: Apr 26, 2024 License: AGPL-3.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/juju/juju

Documentation ¶

Overview ¶

Package secrets provides the service layer for the various secrets backends.

Index ¶

Constants
Variables
func NewClient(jujuAPI JujuAPIClient) (*secretsClient, error)
type BackendsClient
type ContentParams
- func (p *ContentParams) Validate() error
type CreateParams
- func (p *CreateParams) Validate() error
type JujuAPIClient
type UpdateParams
- func (p *UpdateParams) Validate() error

Constants ¶

View Source

const PermissionDenied = errors.ConstError("permission denied")

PermissionDenied is returned when an api fails due to a permission issue.

View Source

const (
	// Version describes the secret format.
	Version = 1
)

Variables ¶

View Source

var (
	GetBackend = getBackend
)

For testing.

Functions ¶

func NewClient ¶

func NewClient(jujuAPI JujuAPIClient) (*secretsClient, error)

NewClient returns a new secret client configured to use the specified secret backend as a content backend.

Types ¶

type BackendsClient ¶

type BackendsClient interface {
	// GetContent returns the content of a secret, either from an external backend if
	// one is configured, or from Juju.
	GetContent(uri *secrets.URI, label string, refresh, peek bool) (secrets.SecretValue, error)

	// GetRevisionContent returns the content of a secret revision, either from an external backend if
	// one is configured, or from Juju.
	GetRevisionContent(uri *secrets.URI, revision int) (secrets.SecretValue, error)

	// SaveContent saves the content of a secret to an external backend returning the backend id.
	SaveContent(uri *secrets.URI, revision int, value secrets.SecretValue) (secrets.ValueRef, error)

	// DeleteContent deletes a secret from an external backend
	// if it exists there.
	DeleteContent(uri *secrets.URI, revision int) error

	// DeleteExternalContent deletes a secret from an external backend.
	DeleteExternalContent(ref secrets.ValueRef) error

	// GetBackend returns the secret client for the provided backend ID.
	GetBackend(backendID *string, forDrain bool) (provider.SecretsBackend, string, error)
}

BackendsClient provides access to a client which can access secret backends.

type ContentParams ¶

type ContentParams struct {
	secrets.SecretValue
	ValueRef *secrets.ValueRef
}

ContentParams represents the content of a secret, which is either a secret value or a reference used to access the content from an external provider like vault.

func (*ContentParams) Validate ¶

func (p *ContentParams) Validate() error

Validate returns an error if the content is invalid.

type CreateParams ¶

type CreateParams struct {
	Version int

	secrets.SecretConfig
	Content ContentParams
	Owner   names.Tag

	LeaderToken leadership.Token
}

CreateParams are used to create a secret.

func (*CreateParams) Validate ¶

func (p *CreateParams) Validate() error

Validate returns an error if params are invalid.

type JujuAPIClient ¶

type JujuAPIClient interface {
	// GetContentInfo returns info about the content of a secret and the backend config
	// needed to make a backend client if necessary.
	GetContentInfo(uri *secrets.URI, label string, refresh, peek bool) (*ContentParams, *provider.ModelBackendConfig, bool, error)
	// GetRevisionContentInfo returns info about the content of a secret revision and the backend config
	// needed to make a backend client if necessary.
	// If pendingDelete is true, the revision is marked for deletion.
	GetRevisionContentInfo(uri *secrets.URI, revision int, pendingDelete bool) (*ContentParams, *provider.ModelBackendConfig, bool, error)
	// GetSecretBackendConfig fetches the config needed to make secret backend clients.
	// If backendID is nil, return the current active backend (if any).
	GetSecretBackendConfig(backendID *string) (*provider.ModelBackendConfigInfo, error)

	// GetBackendConfigForDrain fetches the config needed to make a secret backend client for the drain worker.
	GetBackendConfigForDrain(backendID *string) (*provider.ModelBackendConfig, string, error)
}

JujuAPIClient provides access to the SecretsManager facade.

type UpdateParams ¶

type UpdateParams struct {
	secrets.SecretConfig
	Content ContentParams

	LeaderToken leadership.Token
}

UpdateParams are used to update a secret.

func (*UpdateParams) Validate ¶

func (p *UpdateParams) Validate() error

Validate returns an error if params are invalid.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.
provider
all
juju Package juju provides the juju secrets backend.	Package juju provides the juju secrets backend.
kubernetes Package kubernetes provides the kubernetes secrets backend.	Package kubernetes provides the kubernetes secrets backend.
kubernetes/mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.
vault Package vault provides the vault secrets backend.	Package vault provides the vault secrets backend.
vault/mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL