Documentation ¶
Index ¶
Constants ¶
View Source
const ( DefaultFileMode = os.FileMode(0600) SecretRetryPeriod = 5 * time.Second )
View Source
const ( DefaultStatePath = "/var/lib/pouch/state" DefaultStateMode = os.FileMode(0600) DefaultStateDirMode = os.FileMode(0700) DefaultSecretDurationRatio = 0.75 PreviousStateFilePostfix = "-prev" )
View Source
const (
DefaultNotifyTimeout = 5 * time.Minute
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CommandNotifier ¶ added in v0.5.0
type CommandNotifier struct {
Command string
}
type FileConfig ¶
type NotifierConfig ¶ added in v0.4.0
type NotifierRunner ¶ added in v0.5.0
type Pouch ¶
type Pouch interface { Run(context.Context) error Watch(path string) error AddStatusNotifier(StatusNotifier) ServiceReloader(Reloader) }
func NewPouch ¶
func NewPouch(s *PouchState, vc vault.Vault, sc map[string]SecretConfig, fc []FileConfig, nc map[string]NotifierConfig) Pouch
type PouchState ¶ added in v0.4.0
type PouchState struct { // Last known token Token string `json:"token,omitempty"` // Secrets state Secrets map[string]*SecretState `json:"secrets,omitempty"` // Path from where this state was read Path string `json:"-"` }
func LoadState ¶ added in v0.4.0
func LoadState(path string) (*PouchState, error)
func NewState ¶ added in v0.4.0
func NewState(path string) *PouchState
func (*PouchState) DeleteSecret ¶ added in v0.4.0
func (s *PouchState) DeleteSecret(name string)
func (*PouchState) NextUpdate ¶ added in v0.4.0
func (s *PouchState) NextUpdate() (secret *SecretState, minTTU time.Time)
func (*PouchState) Save ¶ added in v0.4.0
func (s *PouchState) Save() error
type Pouchfile ¶
type Pouchfile struct { WrappedSecretIDPath string `json:"wrapped_secret_id_path,omitempty"` StatePath string `json:"state_path,omitempty"` Vault vault.Config `json:"vault,omitempty"` Systemd SystemdConfig `json:"systemd,omitempty"` Notifiers map[string]NotifierConfig `json:"notifiers,omitempty"` Secrets map[string]SecretConfig `json:"secrets,omitempty"` Files []FileConfig `json:"files,omitempty"` }
func LoadPouchfile ¶
type PriorityFile ¶ added in v0.6.0
func (*PriorityFile) MarshalJSON ¶ added in v0.6.0
func (pf *PriorityFile) MarshalJSON() ([]byte, error)
type PriorityFileSortedList ¶ added in v0.6.0
type PriorityFileSortedList []PriorityFile
func (PriorityFileSortedList) Len ¶ added in v0.6.0
func (p PriorityFileSortedList) Len() int
func (PriorityFileSortedList) Less ¶ added in v0.6.0
func (p PriorityFileSortedList) Less(i, j int) bool
func (PriorityFileSortedList) Swap ¶ added in v0.6.0
func (p PriorityFileSortedList) Swap(i, j int)
func (*PriorityFileSortedList) UnmarshalJSON ¶ added in v0.6.0
func (s *PriorityFileSortedList) UnmarshalJSON(data []byte) error
type SecretConfig ¶
type SecretConfig struct { VaultURL string `json:"vault_url,omitempty"` HTTPMethod string `json:"http_method,omitempty"` Data SecretData `json:"data,omitempty"` }
type SecretData ¶ added in v0.6.0
type SecretData map[string]interface{}
type SecretState ¶ added in v0.4.0
type SecretState struct { // Secret name Name string `json:"name,omitempty"` // Time when the secret was read Timestamp time.Time `json:"creation_time,omitempty"` // Lease duration, in seconds, if any when the secret was read LeaseDuration int `json:"lease_duration,omitempty"` // Secret will be renewed after this portion of its life has passed DurationRatio float64 `json:"duration_ratio,omitempty"` // If the secret has no expiration data, don't try to update it DisableAutoUpdate bool `json:"disable_auto_uptdate,omitempty"` // Actual secret Data SecretData `json:"data,omitempty"` // Files using this secret FilesUsing PriorityFileSortedList `json:"files_using,omitempty"` }
func (*SecretState) Ratio ¶ added in v0.6.0
func (s *SecretState) Ratio() float64
func (*SecretState) RegisterUsage ¶ added in v0.5.0
func (s *SecretState) RegisterUsage(path string, priority int)
func (*SecretState) TTL ¶ added in v0.4.0
func (s *SecretState) TTL() (int, bool)
func (*SecretState) TimeToUpdate ¶ added in v0.4.0
func (s *SecretState) TimeToUpdate() (minTTU time.Time, known bool)
type ServiceNotifier ¶ added in v0.5.0
type StatusNotifier ¶
type StatusNotifier interface {
NotifyReady() error
}
type SystemdConfig ¶
type SystemdConfig struct { // If pouch should enable systemd support. Defaults to true // if systemd is available Enabled *bool `json:"enabled,omitempty"` }
func (*SystemdConfig) Configurer ¶ added in v0.3.0
func (s *SystemdConfig) Configurer() *systemdConfigurer
Click to show internal directories.
Click to hide internal directories.