Documentation
¶
Index ¶
- type VaultClient
- func (vc *VaultClient) GetKVSecret(s string) (map[string]interface{}, error)
- func (vc *VaultClient) GetKVSecretRetry(s string) (map[string]interface{}, error)
- func (vc *VaultClient) Login() (string, error)
- func (vc *VaultClient) NewClient() (*api.Client, error)
- func (vc *VaultClient) NewToken() (string, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type VaultClient ¶
type VaultClient struct {
VaultAddr string `yaml:"vaultAddr"`
CIDR string `yaml:"cidr"`
AuthMethod string `yaml:"authMethod"`
Role string `yaml:"role"`
Path string `yaml:"path"`
KubeToken string // auto-filled
Client *api.Client // auto-filled
Token string // auto-filled
}
VaultClient is a single self-contained vault client
var (
Client *VaultClient
)
func (*VaultClient) GetKVSecret ¶
func (vc *VaultClient) GetKVSecret(s string) (map[string]interface{}, error)
GetKVSecret retrieves a kv secret from vault
func (*VaultClient) GetKVSecretRetry ¶
func (vc *VaultClient) GetKVSecretRetry(s string) (map[string]interface{}, error)
GetKVSecretRetry will login and retry secret access on failure to gracefully handle token expiration
func (*VaultClient) Login ¶
func (vc *VaultClient) Login() (string, error)
Login creates a vault token with the k8s auth provider
func (*VaultClient) NewClient ¶
func (vc *VaultClient) NewClient() (*api.Client, error)
NewClients creates and returns a new vault client with a valid token or error
func (*VaultClient) NewToken ¶
func (vc *VaultClient) NewToken() (string, error)
NewToken generate a new token for session. If LOCAL env var is set and the token is as well, the login is skipped and the token is used instead.
Source Files
Click to show internal directories.
Click to hide internal directories.