secretstores

package
v0.0.0-...-ebb33e4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 18, 2023 License: Apache-2.0 Imports: 5 Imported by: 0

README

Secret Stores

Secret Stores provide a common way to interact with different secret stores, cloud/edge/commercial or open-source.

Implementing a new Secret Store

A compliant secret store needs to implement the SecretStore interface included in the secret_store.go file.

Documentation

Index

Constants

View Source 
const DefaultSecretRefKeyName = "_value"

DefaultSecretRefKeyName is the default key if secretKeyRef.key is not given.

Variables

This section is empty.

Functions

func Ping 

func Ping(ctx context.Context, secretStore SecretStore) error

Types

type BulkGetSecretRequest 

type BulkGetSecretRequest struct {
	Metadata map[string]string `json:"metadata"`
}

BulkGetSecretRequest describes a bulk get secret request from a secret store.

type BulkGetSecretResponse 

type BulkGetSecretResponse struct {
	Data map[string]map[string]string `json:"data"`
}

BulkGetSecretResponse describes the response object for all the secrets returned from a secret store.

type Feature 

type Feature string

Feature names a feature that can be implemented by Secret Store components. 

const (
	// FeatureMultipleKeyValuesPerSecret advertises that this SecretStore supports multiple keys-values under a single secret.
	FeatureMultipleKeyValuesPerSecret Feature = "MULTIPLE_KEY_VALUES_PER_SECRET"
)

func (Feature) IsPresent 

func (f Feature) IsPresent(features []Feature) bool

IsPresent checks if a given feature is present in the list.

type GetSecretRequest 

type GetSecretRequest struct {
	Name     string            `json:"name"`
	Metadata map[string]string `json:"metadata"`
}

GetSecretRequest describes a get secret request from a secret store.

type GetSecretResponse 

type GetSecretResponse struct {
	Data map[string]string `json:"data"`
}

GetSecretResponse describes the response object for a secret returned from a secret store.

type Metadata 

type Metadata struct {
	metadata.Base `json:",inline"`
}

Metadata contains a secretstore specific set of metadata properties.

type SecretStore 

type SecretStore interface {
	// Init authenticates with the actual secret store and performs other init operation
	Init(ctx context.Context, metadata Metadata) error
	// GetSecret retrieves a secret using a key and returns a map of decrypted string/string values.
	GetSecret(ctx context.Context, req GetSecretRequest) (GetSecretResponse, error)
	// BulkGetSecret retrieves all secrets in the store and returns a map of decrypted string/string values.
	BulkGetSecret(ctx context.Context, req BulkGetSecretRequest) (BulkGetSecretResponse, error)
	// Features lists the features supported by the secret store.
	Features() []Feature
	// GetComponentMetadata returns the metadata options for the secret store.
	GetComponentMetadata() map[string]string
}

SecretStore is the interface for a component that handles secrets management.

Source Files

View all Source files

Directories

Path Synopsis
alicloud
parameterstore
aws
parameterstore
secretmanager
azure
keyvault
gcp
secretmanager
hashicorp
vault
huaweicloud
csms
local
env
file
tencentcloud
ssm

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.