vaultop

package

v0.0.0-...-293828d Latest Latest Go to latest Published: Mar 26, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/levente-simon/terraform-elastic-backend

Links

Open Source Insights

Documentation ¶

Constants ¶

View Source

const (
	VaultClientKey contextKey = "vaultClient"
)

VaultClientKey is a context key used to store and retrieve the Vault client from context.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Vault ¶

type Vault struct {
	// Client is the instance of the Vault client.
	Client *vault.Client

	// Address is the URL where the Vault server is accessible.
	Address string

	// CA path of vault
	CaCertPath string

	// Enable Insecure HTTPS communication
	Insecure bool

	// UserPassPath is the path to the userpass authentication backend in Vault.
	UserPassPath string

	// KvMountPath is the mount path for the configuration.
	KvMountPath string

	// TransitPath is the path for the transit secret engine.
	TransitPath string

	// Logger is the zap logger instance for logging Vault-related operations.
	Logger *zap.Logger
}

Vault struct represents a Vault client and contains fields for configuration, paths, and a zap logger for logging activities related to Vault operations.

func (*Vault) BasicAuth ¶

func (v *Vault) BasicAuth(username, password, pathUserPass string) (bool, error)

BasicAuth authenticates a user against Vault using the userpass authentication backend. It takes in a username, password, and the path to the userpass backend in Vault. On successful authentication, the client token is set in the Vault client. The method returns true on successful authentication, and false otherwise.

func (*Vault) DecryptWithVault ¶

func (v *Vault) DecryptWithVault(ciphertext, key string) (string, error)

DecryptWithVault uses Vault's Transit secret engine to decrypt the given ciphertext. The function requires a key name to perform the decryption. It returns the decrypted plaintext or an error if unsuccessful.

func (*Vault) EncryptWithVault ¶

func (v *Vault) EncryptWithVault(value, key string) (string, error)

EncryptWithVault uses Vault's Transit secret engine to encrypt the given value. The function requires a key name to perform the encryption. It returns the encrypted ciphertext or an error if unsuccessful.

func (*Vault) GetConfig ¶

func (v *Vault) GetConfig(secretPath string, config interface{}) error

GetConfig maps configuration data from Vault into the provided 'config' structure. It dynamically reads the 'vault' and 'default' struct tags to know where to pull data from Vault and where to set default values if the data is missing in Vault. The function updates the fields in the 'config' structure in place.

func (*Vault) GetKv2Secret ¶

func (v *Vault) GetKv2Secret(mountPath string, secretPath string) (map[string]interface{}, error)

GetKv2Secret retrieves a KV version 2 secret stored in Vault. The function requires the mount path and the secret path in Vault. Returns a map containing the secret data or an error if unsuccessful.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL