Documentation
¶
Index ¶
- Constants
- func AppendElements(old []interface{}, new ...interface{}) []interface{}
- func ConvertStringArrayToInterfaceArray(in []string) []interface{}
- type CleanOption
- type CreateOption
- type NautesVault
- func (self *NautesVault) CleanUP(opt CleanOption) (map[string]error, bool)
- func (vc *NautesVault) CreateAppRole(auth VaultAuthAppRole) (*roleAccessInfo, error)
- func (self *NautesVault) CreateAuth(auth *VaultAuth, opt CreateOption) error
- func (self *NautesVault) CreateAuthByName(authName string, opt CreateOption) error
- func (self *NautesVault) CreateKVEngine(secEngine *VaultKVEngine, opt CreateOption) error
- func (self *NautesVault) CreateKVEngineByName(name string, opt CreateOption) error
- func (self *NautesVault) CreatePolicy(policy *VaultPolicy, opt CreateOption) error
- func (self *NautesVault) CreatePolicyByName(name string, opt CreateOption) error
- func (self *NautesVault) CreateRole(role *VaultRole, kubeconfig string, opt CreateOption) error
- func (self *NautesVault) CreateRoleByName(name string, opt CreateOption) error
- func (self *NautesVault) DeleteAuth(auth *VaultAuth, opt CleanOption) error
- func (self *NautesVault) DeleteAuthByName(name string, opt CleanOption) error
- func (self *NautesVault) DeleteKVEngine(secEngine *VaultKVEngine, opt CleanOption) error
- func (self *NautesVault) DeleteKVEngineByName(name string, opt CleanOption) error
- func (self *NautesVault) DeletePolicy(policy *VaultPolicy, opt CleanOption) error
- func (self *NautesVault) DeletePolicyByName(name string, opt CleanOption) error
- func (self *NautesVault) DeleteRole(role *VaultRole, kubeconfig string, opt CleanOption) error
- func (self *NautesVault) DeleteRoleByName(name string, opt CleanOption) error
- func (self *NautesVault) GetAuth(name string) *VaultAuth
- func (self *NautesVault) GetClient(role *VaultRole, kubeconfig string) (*vault.Client, error)
- func (self *NautesVault) GetClientByName(roleName string) (*vault.Client, error)
- func (self *NautesVault) GetPolicy(name string) *VaultPolicy
- func (self *NautesVault) GetRole(roleName string) *VaultRole
- func (self *NautesVault) GetSecretEngine(kvName string) *VaultKVEngine
- func (self *NautesVault) InitVault(opt CreateOption) (map[string]error, bool)
- func (self *NautesVault) PatchRoleConfig(path string, newConfig map[string]interface{}) map[string]interface{}
- func (vc *NautesVault) SetCA() error
- func (self *NautesVault) SetClient() error
- func (self *NautesVault) SetClientWithOutLogin() error
- func (vc *NautesVault) SetupNautesVault(path string) error
- func (self *NautesVault) Unseal() ([]string, string, error)
- type VaultAuth
- type VaultAuthAppRole
- type VaultKV
- type VaultKVEngine
- type VaultPolicy
- type VaultRole
Constants ¶
View Source
const ( ROLE_POLICY_KEY = "token_policies" ROLE_NAMESPACE_KEY = "bound_service_account_namespaces" ROLE_SERVICE_ACCOUNT_KEY = "bound_service_account_names" )
Variables ¶
This section is empty.
Functions ¶
func AppendElements ¶
func AppendElements(old []interface{}, new ...interface{}) []interface{}
func ConvertStringArrayToInterfaceArray ¶
func ConvertStringArrayToInterfaceArray(in []string) []interface{}
Types ¶
type CleanOption ¶
type CreateOption ¶
type CreateOption struct {
InitKubernetes bool
}
type NautesVault ¶
type NautesVault struct {
Client *vault.Client
Host string `yaml:"host"`
CA string `yaml:"ca"`
CAPath string `yaml:"capath"`
Token string `yaml:"token"`
KVEngineList []VaultKVEngine `yaml:"kvEngineList"`
AppRoleList []VaultAuthAppRole `yaml:"appRoleList"`
AuthList []VaultAuth `yaml:"authList"`
RoleList []VaultRole `yaml:"roleList"`
PolicyList []VaultPolicy `yaml:"policyList"`
// contains filtered or unexported fields
}
func (*NautesVault) CleanUP ¶
func (self *NautesVault) CleanUP(opt CleanOption) (map[string]error, bool)
func (*NautesVault) CreateAppRole ¶
func (vc *NautesVault) CreateAppRole(auth VaultAuthAppRole) (*roleAccessInfo, error)
Only support one role in app role now
func (*NautesVault) CreateAuth ¶
func (self *NautesVault) CreateAuth(auth *VaultAuth, opt CreateOption) error
1. Get auth from auth list 2. Create vault sa and rolebinding in k8s 3. Create auth in vault
func (*NautesVault) CreateAuthByName ¶
func (self *NautesVault) CreateAuthByName(authName string, opt CreateOption) error
func (*NautesVault) CreateKVEngine ¶
func (self *NautesVault) CreateKVEngine(secEngine *VaultKVEngine, opt CreateOption) error
func (*NautesVault) CreateKVEngineByName ¶
func (self *NautesVault) CreateKVEngineByName(name string, opt CreateOption) error
func (*NautesVault) CreatePolicy ¶
func (self *NautesVault) CreatePolicy(policy *VaultPolicy, opt CreateOption) error
func (*NautesVault) CreatePolicyByName ¶
func (self *NautesVault) CreatePolicyByName(name string, opt CreateOption) error
func (*NautesVault) CreateRole ¶
func (self *NautesVault) CreateRole(role *VaultRole, kubeconfig string, opt CreateOption) error
func (*NautesVault) CreateRoleByName ¶
func (self *NautesVault) CreateRoleByName(name string, opt CreateOption) error
func (*NautesVault) DeleteAuth ¶
func (self *NautesVault) DeleteAuth(auth *VaultAuth, opt CleanOption) error
func (*NautesVault) DeleteAuthByName ¶
func (self *NautesVault) DeleteAuthByName(name string, opt CleanOption) error
func (*NautesVault) DeleteKVEngine ¶
func (self *NautesVault) DeleteKVEngine(secEngine *VaultKVEngine, opt CleanOption) error
func (*NautesVault) DeleteKVEngineByName ¶
func (self *NautesVault) DeleteKVEngineByName(name string, opt CleanOption) error
func (*NautesVault) DeletePolicy ¶
func (self *NautesVault) DeletePolicy(policy *VaultPolicy, opt CleanOption) error
func (*NautesVault) DeletePolicyByName ¶
func (self *NautesVault) DeletePolicyByName(name string, opt CleanOption) error
func (*NautesVault) DeleteRole ¶
func (self *NautesVault) DeleteRole(role *VaultRole, kubeconfig string, opt CleanOption) error
func (*NautesVault) DeleteRoleByName ¶
func (self *NautesVault) DeleteRoleByName(name string, opt CleanOption) error
func (*NautesVault) GetAuth ¶
func (self *NautesVault) GetAuth(name string) *VaultAuth
func (*NautesVault) GetClientByName ¶
func (self *NautesVault) GetClientByName(roleName string) (*vault.Client, error)
func (*NautesVault) GetPolicy ¶
func (self *NautesVault) GetPolicy(name string) *VaultPolicy
func (*NautesVault) GetRole ¶
func (self *NautesVault) GetRole(roleName string) *VaultRole
func (*NautesVault) GetSecretEngine ¶
func (self *NautesVault) GetSecretEngine(kvName string) *VaultKVEngine
func (*NautesVault) InitVault ¶
func (self *NautesVault) InitVault(opt CreateOption) (map[string]error, bool)
func (*NautesVault) PatchRoleConfig ¶
func (self *NautesVault) PatchRoleConfig(path string, newConfig map[string]interface{}) map[string]interface{}
func (*NautesVault) SetCA ¶
func (vc *NautesVault) SetCA() error
func (*NautesVault) SetClient ¶
func (self *NautesVault) SetClient() error
func (*NautesVault) SetClientWithOutLogin ¶
func (self *NautesVault) SetClientWithOutLogin() error
func (*NautesVault) SetupNautesVault ¶
func (vc *NautesVault) SetupNautesVault(path string) error
Make the NautesVault to be usable , must run once befor use it
type VaultAuth ¶
type VaultAuth struct {
Name string `yaml:"name"`
Kubeconfig string `yaml:"kubeconfig"`
KubeconfigPath string `yaml:"kubeconfigPath"`
KubernetesHost string
KubernetesCABundle string
K8sServiceAccount KubernetesServiceAccount `yaml:"k8sServiceAccount"`
}
func (*VaultAuth) GetKubernetesCABundle ¶
func (*VaultAuth) GetKubernetesHost ¶
func (*VaultAuth) GetVaultUserToken ¶
func (*VaultAuth) SetKubeConfig ¶
Load kubeconfig priority: write kubeconfig in vault > give a kubeconfig path > read from user home
type VaultAuthAppRole ¶
type VaultKVEngine ¶
type VaultPolicy ¶
type VaultRole ¶
Source Files
Click to show internal directories.
Click to hide internal directories.