volume

package

v0.0.0-...-f01516d Latest Latest Go to latest Published: Oct 24, 2016 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/negz/secret-volume

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

Package volume manages the creation, deletion, and inspection of secret volumes.

Index ¶

type ErrExists
- func (e ErrExists) Error() string
type ErrNonExist
- func (e ErrNonExist) Error() string
- func (e ErrNonExist) NotFound() bool
type Manager
- func NewManager(m Mounter, sp secrets.Producers, mo ...ManagerOption) (Manager, error)
type ManagerOption
type Mounter
- func NewNoopMounter(root string) Mounter
- func NewTmpFsMounter(root string, mo ...TmpFsMounterOption) (Mounter, error)
type TmpFsMounterOption

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ErrExists ¶

type ErrExists string

ErrExists is returned when when attempting to create a volume whose mount point exists. Note this does not mean the volume already exists, just that a conflicting path exists.

func (ErrExists) Error ¶

func (e ErrExists) Error() string

type ErrNonExist ¶

type ErrNonExist string

ErrNonExist is returned when attempting to get or destroy a volume that does not exist.

func (ErrNonExist) Error ¶

func (e ErrNonExist) Error() string

func (ErrNonExist) NotFound ¶

func (e ErrNonExist) NotFound() bool

NotFound signals that this error should return a HTTP 404 not found if it causes a HTTP request to fail.

type Manager ¶

type Manager interface {
	// Create mounts and populates the requested secret volume.
	Create(v *api.Volume) error
	// Destroy destroys the secret volume specified by id.
	Destroy(id string) error
	// Gets returns secret volumes by their id.
	Get(id string) (*api.Volume, error)
	// List lists all extant secret volumes.
	List() (api.Volumes, error)
	// MetadataFile returns the metadata filename. Each api.Volume is encoded as
	// JSON in a metadata file at the root of its mountpoint.
	MetadataFile() string
}

A Manager manages CRD operations for secret volumes.

func NewManager ¶

func NewManager(m Mounter, sp secrets.Producers, mo ...ManagerOption) (Manager, error)

NewManager creates a new Manager backed by the provided secret producers.

type ManagerOption ¶

type ManagerOption func(*manager) error

A ManagerOption represents an argument to NewManager.

func DirMode ¶

func DirMode(m os.FileMode) ManagerOption

DirMode specifies the octal mode with which to create directories beneath the root of a secret volume. It defaults to 0700.

func FileMode ¶

func FileMode(m os.FileMode) ManagerOption

FileMode specifies the octal mode with which to create files in a secret volume. It defaults to 0600.

func Filesystem ¶

func Filesystem(fs afero.Fs) ManagerOption

Filesystem allows a Manager to be backed by any filesystem implementation supported by https://github.com/spf13/afero. The OS filesystem is used by default.

func MetadataFile ¶

func MetadataFile(f string) ManagerOption

MetadataFile specifies an alternative metadata filename in which to store JSON encoded representations of each api.Volume at their root directory. It defaults to '.meta'.

func WriteJSONSecrets ¶

func WriteJSONSecrets(filename string) ManagerOption

WriteJSONSecrets will cause the manager to merge all secrets produced for a volume into a file containing a JSON encoded map. The provided filename is relative to the volume's root.

type Mounter ¶

type Mounter interface {
	// Mount mounts the requested secret volume.
	Mount(*api.Volume) error
	// Unmount unmounts the secret volume specified by id.
	Unmount(id string) error
	// Path is a convenience function that returns the (theoretical) mountpoint
	// of the secret volume specified by id. Note that it does not guarantee a
	// volume with that id is currently or has ever been mounted.
	Path(id string) string
	// Root returns the parent directory of all the mounts managed by this
	// Mounter.
	Root() string
}

A Mounter mounts and unmounts secret volumes.

func NewNoopMounter ¶

func NewNoopMounter(root string) Mounter

NewNoopMounter creates a Mounter that simply logs mount and unmount requests. It is primarily used for testing when run in virtual mode..

func NewTmpFsMounter ¶

func NewTmpFsMounter(root string, mo ...TmpFsMounterOption) (Mounter, error)

NewTmpFsMounter creates a Mounter that mounts a tmpfs (i.e. in-memory) volume in which to store secrets. This Mounter is only supported on Linux and as such is only built when GOOS=linux.

type TmpFsMounterOption ¶

type TmpFsMounterOption func(*tmpFsMounter) error

A TmpFsMounterOption represents an argument to NewTmpFsMounter.

func MaxSizeMB ¶

func MaxSizeMB(mb uint) TmpFsMounterOption

MaxSizeMB specifies the maximum size in megabytes each secret volume will be allowed to grow to. It corresponds to the size= tmpfs option and defaults to 100MB.

func MountFlags ¶

func MountFlags(flags uintptr) TmpFsMounterOption

MountFlags specifies the mount flags for each secret volume. It defaults to MS_NOSUID, MS_NODEV, and MS_NOEXEC.

func MountpointMode ¶

func MountpointMode(md uint32) TmpFsMounterOption

MountpointMode specifies the octal permissions with which all mounts will be mounted. It corresponds to the mode= tmpfs option and defaults to 700.

func UnmountFlags ¶

func UnmountFlags(flags int) TmpFsMounterOption

UnmountFlags specifies the umount flags for each secret volume. No flags are set by default.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL