cloudsecrets

package module
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 10, 2024 License: MIT Imports: 8 Imported by: 0

README

go-cloudsecrets

Go package to hydrate runtime secrets from Cloud providers

  • "gcp", GCP Secret Manager
  • "aws", AWS Secrets Manager
cloudsecrets.Hydrate(ctx, "gcp", &Config{})

Hydrate() recursively walks a given config (struct pointer) and hydrates all string values matching "$SECRET:" prefix using a given Cloud secrets provider.

The secret values to be replaced must have a format of "$SECRET:{name|path}".

Usage

import "github.com/0xsequence/go-cloudsecrets/cloudsecrets"

func main() {
	var cfg := &config.Config{
		DB: &config.DB{
			Database: "postgres",
			Host:     "localhost:5432",
			Username: "sequence",
			DPassword: "$SECRET:dbPassword", // to be hydrated
		},
	}

	err := cloudsecrets.Hydrate(context.Background(), "gcp", cfg)
	if err != nil {
		log.Fatalf("failed to hydrate config secrets: %v", err)
	}

	// cfg.DB.Password now contains value of "dbPassword" GCP secret (latest version)
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Hydrate 

func Hydrate(ctx context.Context, providerName string, config interface{}) error

Hydrate recursively walks a given config (struct pointer) and hydrates all string values matching "$SECRET:" prefix using a given Cloud secrets provider.

The secret values to be replaced must have a format of "$SECRET:{name|path}".

Supported providers: - "gcp": Google Cloud Secret Manager - "": If no provider is given, walk the config and fail on any "$SECRET:".

Types

This section is empty.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.