utils

package

v0.0.0-...-a17cf7f Latest Latest Go to latest Published: Apr 16, 2024 License: Apache-2.0 Imports: 9 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/libopenstorage/secrets

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func Authenticate(client *api.Client, config map[string]interface{}) (token string, autoAuth bool, err error)
func CloseIdleConnections(cfg *api.Config)
func ConfigureTLS(config *api.Config, secretConfig map[string]interface{}) error
func GetAuthToken(client *api.Client, config map[string]interface{}) (string, error)
func GetVaultParam(secretConfig map[string]interface{}, name string) string
func IsValidAddr(address string) error

Constants ¶

View Source

const (

	// AuthMethodKubernetes is a named auth method.
	AuthMethodKubernetes = "kubernetes"
	// AuthMethodApprole
	AuthMethodAppRole = "approle"
	// AuthMethod is a vault authentication method used.
	// https://www.vaultproject.io/docs/auth#auth-methods
	AuthMethod = "VAULT_AUTH_METHOD"
	// AuthMountPath defines a custom auth mount path.
	AuthMountPath = "VAULT_AUTH_MOUNT_PATH"
	// AuthKubernetesRole is the role to authenticate against on Vault
	AuthKubernetesRole = "VAULT_AUTH_KUBERNETES_ROLE"
	// AuthKubernetesTokenPath is the file path to a custom JWT token to use for authentication.
	// If omitted, the default service account token path is used.
	AuthKubernetesTokenPath = "VAULT_AUTH_KUBERNETES_TOKEN_PATH"
	// AuthKubernetesMountPath
	AuthKubernetesMountPath = "kubernetes"
	// AuthAppRoleRoleID
	AuthAppRoleRoleID = "VAULT_APPROLE_ROLE_ID"
	// AuthAppRoleSecretID
	AuthAppRoleSecretID = "VAULT_APPROLE_SECRET_ID"
)

Variables ¶

View Source

var (
	ErrVaultAuthParamsNotSet = errors.New("VAULT_TOKEN or VAULT_AUTH_METHOD not set")
	ErrVaultAddressNotSet    = errors.New("VAULT_ADDR not set")
	ErrInvalidVaultToken     = errors.New("VAULT_TOKEN is invalid")
	ErrInvalidSkipVerify     = errors.New("VAULT_SKIP_VERIFY is invalid")
	ErrAppRoleIDNotSet       = errors.New("VAULT_APPROLE_ROLE_ID or VAULT_APPROLE_SECRET_ID not set")
	ErrInvalidVaultAddress   = errors.New("VAULT_ADDRESS is invalid. " +
		"Should be of the form http(s)://<ip>:<port>")

	ErrAuthMethodUnknown = errors.New("unknown auth method")
	ErrKubernetesRole    = errors.New(AuthKubernetesRole + " not set")
	ErrInCooldown        = errors.New("vault client is in cooldown")
)

Functions ¶

func Authenticate ¶

func Authenticate(client *api.Client, config map[string]interface{}) (token string, autoAuth bool, err error)

Authenticate gets vault authentication parameters for the provided configuration.

func CloseIdleConnections ¶

func CloseIdleConnections(cfg *api.Config)

CloseIdleConnections ensures that the vault idle connections are closed.

func ConfigureTLS ¶

func ConfigureTLS(config *api.Config, secretConfig map[string]interface{}) error

ConfigureTLS adds tls parameters to the vault configuration.

func GetAuthToken ¶

func GetAuthToken(client *api.Client, config map[string]interface{}) (string, error)

GetAuthToken tries to get the vault token for the provided authentication method.

func GetVaultParam ¶

func GetVaultParam(secretConfig map[string]interface{}, name string) string

GetVaultParam retrieves a named parameter from the config or tried to get it from the environment variables.

func IsValidAddr ¶

func IsValidAddr(address string) error

IsValidAddr checks address has the correct format.

Types ¶

This section is empty.

Source Files ¶

View all Source files

utils.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL