Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Agent ¶
type Agent struct {
// contains filtered or unexported fields
}
func (*Agent) Config ¶
func (a *Agent) Config() *RotatedSecretConfig
func (*Agent) CronQueuedSecrets ¶
func (*Agent) Set ¶
func (a *Agent) Set(newConfig *RotatedSecretConfig)
func (*Agent) WatchConfig ¶
WatchConfig will begin watching the config file at the provided configPath. If the first load or valiadate fails, WatchConfig will return the error and abort. Future load or valiadate failures will be logged but continue to attempt loading config.
type Cron ¶
type Cron struct {
// contains filtered or unexported fields
}
Cron is a wrapper for cron.Cron It is responsible for refreshing rotated secrets with cron as refreshStrategy
func (*Cron) HasSecret ¶
HasSecret returns if a secret-refresh has been scheduled in cronAgent or not
func (*Cron) QueuedSecrets ¶
QueuedSecrets returns a set of secret names that need to be triggered and resets trigger in secretStatus
func (*Cron) SyncConfig ¶
func (c *Cron) SyncConfig(cfg *RotatedSecretConfig) error
SyncConfig syncs current cronAgent with input rotation config which adds/deletes secret-refresh crons accordingly.
type RefreshStrategy ¶
type RefreshStrategy struct { Interval time.Duration `yaml:"interval,omitempty"` Cron string `yaml:"cron,omitempty"` }
RefreshStrategy specifies the refeshing strategy for the rotated secret One and only one of its fields can be assigned a value others should be set to nil
type RotatedSecretConfig ¶
type RotatedSecretConfig struct {
Specs []RotatedSecretSpec `yaml:"specs"`
}
RotatedSecretConfig contains the slice of RotatedSecretSpecs
func (*RotatedSecretConfig) LoadFrom ¶
func (config *RotatedSecretConfig) LoadFrom(file string) error
LoadFrom loads the rotated secret configuration from a yaml, returns error if fails.
func (RotatedSecretConfig) String ¶
func (config RotatedSecretConfig) String() string
func (*RotatedSecretConfig) Validate ¶
func (config *RotatedSecretConfig) Validate() error
type RotatedSecretSpec ¶
type RotatedSecretSpec struct { Project string `yaml:"project"` Secret string `yaml:"secret"` Type RotatedSecretType `yaml:"type"` Refresh RefreshStrategy `yaml:"refreshStrategy"` GracePeriod time.Duration `yaml:"gracePeriod"` }
RotatedSecretSpec specifies a single rotated secret
func (RotatedSecretSpec) String ¶
func (secret RotatedSecretSpec) String() string
type RotatedSecretType ¶
type RotatedSecretType struct {
ServiceAccountKey *svckey.ServiceAccountKeySpec `yaml:"serviceAccountKey,omitempty"`
}
RotatedSecretType specifies the type of the rotated secret One and only one of its fields can be assigned a value others should be set to nil
func (RotatedSecretType) Labels ¶
func (secretType RotatedSecretType) Labels() map[string]string
RotatedSecretType.Labels() is used to obtain the labels needed for the provisioner
func (RotatedSecretType) Type ¶
func (secretType RotatedSecretType) Type() string
RotatedSecretType.Type() is used to obtain the provisioner of the type