keyring

package module
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 12, 2024 License: Apache-2.0 Imports: 16 Imported by: 6

README

Launchr Keyring

Keyring is a launchr plugin and a service providing a password storage functionality encrypted with age. The storage is encrypted with a passphrase.

How to use

To add a new item with an interactive shell:

launchr login

If an interactive shell is not available, credentials may be provided with flags:

launchr login \
  --url=https://your.gitlab.com \
  --username=USER \
  --password=SECRETPASSWORD \
  --keyring-passphrase=YOURPASSHRPASE

Flag --keyring-passphrase is available for all launchr commands, for example:

launchr compose --keyring-passphrase=YOURPASSHRPASE

To delete an item from the keyring:

launchr logout URL
launchr logout --all

The file is created in .launchr/keyring.yaml.age.
The content may be viewed/edited with age cli:

age -d .launchr/keyring.yaml.age
age -p .launchr/keyring.yaml > .launchr/keyring.yaml.age

In code

Add a module dependency:

go get -u github.com/launchrctl/keyring

To use the keyring in code, get the service from the app:

package main

import (
	"github.com/launchrctl/keyring"
	"github.com/launchrctl/launchr"
)

func GetPassword(app launchr.App, url string) (keyring.CredentialsItem, error) {
	// Get the service by type from the app.
	var k keyring.Keyring
	app.GetService(k)
	// Get by url. Error if the keyring could not be unlocked.
	// Error keyring.ErrNotFound is returned if an item was not found.
	creds, err := k.GetForURL(url)
	if err != nil {
		return keyring.CredentialsItem{}, err
	}
	return creds, nil
}

Include with launchr build:

launchr build -p github.com/launchrctl/keyring

Documentation

Overview

Package keyring provides password store functionality.

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrNotFound         = errors.New("item not found")            // ErrNotFound if an item was not found
	ErrEmptyFields      = errors.New("item can't be empty")       // ErrEmptyFields if fields are empty
	ErrEmptyPass        = errors.New("passphrase can't be empty") // ErrEmptyPass if a passphrase is empty
	ErrKeyringMalformed = errors.New("the keyring is malformed")  // ErrKeyringMalformed when keyring can't be read.
)

Functions

func AddValueProcessors added in v0.2.0 

func AddValueProcessors(m action.Manager, keyring Keyring)

AddValueProcessors submits new ValueProcessors to action.Manager.

func RequestCredentialsFromTty added in v0.1.1 

func RequestCredentialsFromTty(creds *CredentialsItem) error

RequestCredentialsFromTty gets credentials from tty.

func RequestKeyValueFromTty added in v0.2.0 

func RequestKeyValueFromTty(item *KeyValueItem) error

RequestKeyValueFromTty gets key-value pair from tty.

Types

type AskPass 

type AskPass interface {
	GetPass() (string, error)
	NewPass() (string, error)
}

AskPass defines basic interface to retrieve passphrase.

type AskPassConstFlow 

type AskPassConstFlow string

AskPassConstFlow implements AskPass and returns constant.

func (AskPassConstFlow) GetPass 

func (a AskPassConstFlow) GetPass() (string, error)

GetPass implements AskPass interface.

func (AskPassConstFlow) NewPass 

func (a AskPassConstFlow) NewPass() (string, error)

NewPass implements AskPass interface.

type AskPassWithTerminal 

type AskPassWithTerminal struct{}

AskPassWithTerminal implements AskPass and uses tty to retrieve passphrase. @todo support pipe and stdin

func (AskPassWithTerminal) GetPass 

func (a AskPassWithTerminal) GetPass() (string, error)

GetPass implements AskPass interface.

func (AskPassWithTerminal) NewPass 

func (a AskPassWithTerminal) NewPass() (string, error)

NewPass implements AskPass interface.

type CredentialsFile 

type CredentialsFile interface {
	io.ReadWriteCloser
	// Open opens a file in FS with flag open options and perm for file permissions if the file is new.
	// See os.OpenFile for more info about flag and perm arguments.
	Open(flag int, perm os.FileMode) error
	// Unlock decrypts a file if supported.
	Unlock(new bool) error
	// Lock makes it to request Unlock again.
	Lock()
	// Remove deletes a file from FS.
	Remove() error
}

CredentialsFile is an interface to open and edit credentials file.

type CredentialsItem 

type CredentialsItem struct {
	URL      string `yaml:"url"`
	Username string `yaml:"username"`
	Password string `yaml:"password"`
}

CredentialsItem stores credentials.

type DataStore added in v0.2.0 

type DataStore interface {
	// GetForURL returns a credentials item by a URL.
	// Error is returned if either the keyring could not be unlocked
	// Error ErrNotFound if the credentials were not found.
	GetForURL(url string) (CredentialsItem, error)
	// GetForKey returns a key-value item by a key.
	// Error is returned if either the keyring could not be unlocked
	// Error ErrNotFound if the key was not found.
	GetForKey(key string) (KeyValueItem, error)
	// AddItem adds a new credential item.
	// Error is returned if the vault couldn't be unlocked.
	// Error ErrEmptyFields is returned if item is empty.
	AddItem(SecretItem) error
	// RemoveByURL deletes an item by url.
	// Error is returned if the vault couldn't be unlocked.
	// Error ErrNotFound if the credentials were not found.
	RemoveByURL(url string) error
	// RemoveByKey deletes an item by key.
	// Error is returned if the vault couldn't be unlocked.
	// Error ErrNotFound if the credentials were not found.
	RemoveByKey(key string) error
	// CleanStorage cleanups storage (credentials or key-value).
	// Error is returned if the vault couldn't be unlocked.
	CleanStorage(item SecretItem) error
	// Save saves the keyring to the persistent storage.
	Save() error
	// Destroy removes the keyring from the persistent storage.
	Destroy() error
}

DataStore provides password storage functionality.

type KeyValueItem added in v0.2.0 

type KeyValueItem struct {
	Key   string `yaml:"key"`
	Value string `yaml:"value"`
}

KeyValueItem stores key-value pair.

type Keyring 

type Keyring interface {
	launchr.Service
	DataStore
}

Keyring is a launchr.Service providing password store functionality.

type Plugin 

type Plugin struct {
	// contains filtered or unexported fields
}

Plugin is launchr plugin providing keyring.

func (*Plugin) CobraAddCommands 

func (p *Plugin) CobraAddCommands(rootCmd *cobra.Command) error

CobraAddCommands implements launchr.CobraPlugin interface to provide keyring functionality.

func (*Plugin) OnAppInit added in v0.1.0 

func (p *Plugin) OnAppInit(app launchr.App) error

OnAppInit implements launchr.Plugin interface.

func (*Plugin) PluginInfo 

func (p *Plugin) PluginInfo() launchr.PluginInfo

PluginInfo implements launchr.Plugin interface.

type SecretItem added in v0.2.0 

type SecretItem interface {
	// contains filtered or unexported methods
}

SecretItem is an interface that represents an item saved in a storage. It is used in the DataStore interface for adding and manipulating items.

Source Files

View all Source files

Directories

Path Synopsis
cmd
launchr
Package executes Launchr application.
 Package executes Launchr application.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.