vault

package module

v0.17.1 Latest Latest Go to latest Published: Feb 19, 2024 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nunchistudio/helix.go

Links

Open Source Insights

README ¶

helix.go - Vault integration

The Vault integration provides an opinionated way to interact with Vault as secret manager for helix services.

Documentation ¶

Overview ¶

Package vault exposes an opinionated way to interact with Vault.

Index ¶

type Config
type KeyValue
type Vault
- func Connect(cfg Config) (Vault, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {

	// Address is the Vault server address to connect to. This should be a complete
	// URL.
	//
	// Default:
	//
	//   "http://127.0.0.1:8200"
	Address string `json:"address"`

	// AgentAddress is the local Vault agent address to connect to. This should be
	// a complete URL.
	//
	// Example:
	//
	//   "http://127.0.0.1:8200"
	AgentAddress string `json:"agent_address"`

	// Namespace sets the namespace to connect to, if not already set via environment
	// variable.
	Namespace string `json:"namespace"`

	// Token sets the token to use, if not already set via environment variable.
	Token string `json:"-"`

	// TLSConfig configures TLS to communicate with the Vault server.
	//
	// Important: Only the first Root CA file will be used and applied.
	TLS integration.ConfigTLS `json:"tls"`
}

Config is used to configure the Vault integration.

type KeyValue ¶

type KeyValue interface {
	Delete(ctx context.Context, secretpath string) error
	DeleteMetadata(ctx context.Context, secretpath string) error
	DeleteVersions(ctx context.Context, secretpath string, versions []int) error
	Destroy(ctx context.Context, secretpath string, versions []int) error
	Get(ctx context.Context, secretpath string) (*api.KVSecret, error)
	GetMetadata(ctx context.Context, secretpath string) (*api.KVMetadata, error)
	GetVersion(ctx context.Context, secretpath string, version int) (*api.KVSecret, error)
	GetVersionsAsList(ctx context.Context, secretpath string) ([]api.KVVersionMetadata, error)
	Patch(ctx context.Context, secretpath string, data map[string]any) (*api.KVSecret, error)
	PatchMetadata(ctx context.Context, secretpath string, metadata api.KVMetadataPatchInput) error
	Put(ctx context.Context, secretpath string, data map[string]any) (*api.KVSecret, error)
	PutMetadata(ctx context.Context, secretpath string, metadata api.KVMetadataPutInput) error
	Rollback(ctx context.Context, secretpath string, toVersion int) (*api.KVSecret, error)
	Undelete(ctx context.Context, secretpath string, versions []int) error
}

KeyValue exposes an opinionated way to interact with Vault Key-Value v2. All functions automatically handle distributed tracing as well as error recording within traces.

type Vault ¶

type Vault interface {
	KeyValue(ctx context.Context, path string) KeyValue
}

Vault exposes an opinionated way to interact with Vault, by bringing automatic distributed tracing as well as error recording within traces.

func Connect ¶

func Connect(cfg Config) (Vault, error)

Connect tries to connect to the Vault server given the Config. Returns an error if Config is not valid or if the connection failed.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL