vaultcerthelper

package module

v0.1.0 Latest Latest Go to latest Published: Mar 20, 2020 License: MIT Imports: 4 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/petems/vault-cert-helpers

Links

Open Source Insights

README ¶

vault-cert-helpers

A helper class to iterate through certs from Vault

Mostly an excuse to help me learn go-vcr for testing.

Usage

package main

import (
	"fmt"
	"net/http"

	"github.com/hashicorp/vault/api"

	. "github.com/petems/vault-cert-helpers"
)

func createVaultClient() *api.Client {

	// Create an HTTP client and inject our transport
	client := &http.Client{}

	// Create Vault client with vcr'd http.Client
	vaultClient, err := api.NewClient(&api.Config{Address: "http://127.0.0.1:8200", HttpClient: client})
	if err != nil {
		panic("Failed to get new Vault client")
	}

	// We're using VAULT_DEV_ROOT_TOKEN_ID=ROOT with a vault server -dev
	vaultClient.SetToken("ROOT")

	return vaultClient
}

func main() {

	vaultClient := createVaultClient()

	// Get list of certs from /pki endpoint
	listOfCertsSecret, err := GetListOfCerts(vaultClient, "pki")

	if err != nil {
		panic(err)
	}

	arrayOfCerts, err := GetArrayOfCertsFromVault(vaultClient, listOfCertsSecret, "pki")

	fmt.Printf("First cert CN is: %s\n", arrayOfCerts[0].Subject.CommonName)
	fmt.Printf("Second cert CN is: %s\n", arrayOfCerts[1].Subject.CommonName)

}

Documentation ¶

Index ¶

func GetArrayOfCertsFromVault(client *api.Client, secret *api.Secret, pkiPath string) (arrayOfCerts []*x509.Certificate, err error)
func GetListOfCerts(client *api.Client, pkiPath string) (*api.Secret, error)
func ParseCertFromVaultSecret(secret *api.Secret) (*x509.Certificate, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GetArrayOfCertsFromVault ¶

func GetArrayOfCertsFromVault(client *api.Client, secret *api.Secret, pkiPath string) (arrayOfCerts []*x509.Certificate, err error)

GetArrayOfCertsFromVault iterates through a given list of keys from a vault secret and returns a slice of *x509.Certificate's from the PEM data

arrayOfCerts, err := GetArrayOfCertsFromVault(client, secret, "pki")

func GetListOfCerts ¶

func GetListOfCerts(client *api.Client, pkiPath string) (*api.Secret, error)

GetListOfCerts fetches the list of certs from a given pki backend

listOfCerts, err := GetListOfCerts(client, "pki")

func ParseCertFromVaultSecret ¶

func ParseCertFromVaultSecret(secret *api.Secret) (*x509.Certificate, error)

ParseCertFromVaultSecret parses the value from the "certificate" field in cert data from vault and returns a *x509.Certificate

cert, err := ParseCertFromVaultSecret(secret)

Types ¶

This section is empty.

Source Files ¶

View all Source files

vault_cert_helper.go

Directories ¶

Path	Synopsis
examples

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL