vault

package

v0.0.0-...-8d63230 Latest Latest Go to latest Published: Feb 19, 2024 License: GPL-3.0 Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/notapipeline/thor

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type Result
type Vault
- func NewVault(c *config.VaultConfig) *Vault

Constants ¶

View Source

const (
	TTL     = "5m"
	MAX_TTL = "5m"
	STANDBY = "standby"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Result ¶

type Result struct {
	Path string
}

type Vault ¶

type Vault struct {
	// contains filtered or unexported fields
}

func NewVault ¶

func NewVault(c *config.VaultConfig) *Vault

func (*Vault) ClearRotation ¶

func (v *Vault) ClearRotation(token, namespace, path string)

func (*Vault) CreateAndStoreChildCreationToken ¶

func (v *Vault) CreateAndStoreChildCreationToken(token, namespace string, policyPaths []string) error

Store an orphaned child token based on the token used to request rotation

This token will have a specific read only policy created against it but the ability to create child tokens.

func (*Vault) CreateEncryptionKey ¶

func (v *Vault) CreateEncryptionKey(policy *config.Policy) (string, error)

func (*Vault) Decrypt ¶

func (v *Vault) Decrypt(what, key string) string

Decrypt an encrypted string and return the plaintext

func (*Vault) Encrypt ¶

func (v *Vault) Encrypt(what, key string) string

encrypt a string and return the result

func (*Vault) GetEncryptionKey ¶

func (v *Vault) GetEncryptionKey() (string, error)

func (*Vault) GetToken ¶

func (v *Vault) GetToken(namespace, encryptionKey string) (string, error)

Get a response wrapped token for client usage

func (*Vault) Init ¶

func (v *Vault) Init() error

func (*Vault) Read ¶

func (v *Vault) Read(path, token, namespace string) (map[string]string, error)

Gets a list of credentials that need to be rotated on a machine

func (*Vault) Rotate ¶

func (v *Vault) Rotate(path, token, search, namespace string, compromised bool, logChannel *chan loki.SimpleMessage) []error

Rotates the contents of a path matching `search`

`search` can be either a key at a given path, or the secret value at a given path

If a match is found, the value stored at that key will be updated

func (*Vault) Search ¶

func (v *Vault) Search(password, token, namespace string, results *[]Result) error

/ Searches a vault namespace for a given password

func (*Vault) StoreEncryptionKey ¶

func (v *Vault) StoreEncryptionKey(key string) error

func (*Vault) Unwrap ¶

func (v *Vault) Unwrap(token, namespace string) (string, error)

Unwrap a response wrapped token - used in the agent

func (*Vault) Wrap ¶

func (v *Vault) Wrap(what interface{}) (string, error)

response wrap a given piece of information and return the secret assigned to that wrap.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL