Documentation
¶
Overview ¶
Package secrets decodes secret values by invoking the configured executable command
Package secrets implements the secret feature of the agent
Index ¶
Constants ¶
const PayloadVersion = "1.1"
PayloadVersion defines the current payload version sent to a secret backend
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Component ¶
type Component interface {
// Configure the executable command that is used for decoding secrets
Configure(config ConfigParams)
// Get debug information and write it to the parameter
GetDebugInfo(w io.Writer)
// Resolve resolves the secrets in the given yaml data by replacing secrets handles by their corresponding secret value
Resolve(data []byte, origin string) ([]byte, error)
// SubscribeToChanges registers a callback to be invoked whenever secrets are resolved or refreshed
SubscribeToChanges(callback SecretChangeCallback)
// Refresh will resolve secret handles again, notifying any subscribers of changed values
Refresh() (string, error)
}
Component is the component type.
type ConfigParams ¶ added in v0.53.0
type ConfigParams struct {
Type string
Config map[string]interface{}
Command string
Arguments []string
Timeout int
MaxSize int
RefreshInterval int
RefreshIntervalScatter bool
GroupExecPerm bool
RemoveLinebreak bool
RunPath string
AuditFileMaxSize int
}
ConfigParams holds parameters for configuration
type Params ¶
type Params struct {
Enabled bool
}
Params contains parameters for secrets, specifically whether the component is enabled
func NewDisabledParams ¶
func NewDisabledParams() Params
NewDisabledParams constructs params for a disabled component
func NewEnabledParams ¶
func NewEnabledParams() Params
NewEnabledParams constructs params for an enabled component
type SecretChangeCallback ¶
SecretChangeCallback is the callback type used by SubscribeToChanges to send notifications This callback will be called once for each time a handle at a particular path is resolved or refreshed `handle`: the handle of the secret (example: `ENC[api_key]` the handle is `api_key`) `origin`: origin file of the configuration `path`: a path into the config file where the secret appears, each part is a level of nesting, arrays will use stringified indexes `oldValue`: the value that the secret used to have, the empty string "" is it hasn't been resolved before `newValue`: the new value that the secret has resolved to
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
def
module
|
|
|
fx
module
|
|
|
impl
module
|
|
|
mock
module
|
|
|
noop-impl
module
|
|
|
Package secretsimpl is the implementation for the secrets component
|
Package secretsimpl is the implementation for the secrets component |
|
test/argument
command
Package main defines the main function
|
Package main defines the main function |
|
test/error
command
Package main defines the main function
|
Package main defines the main function |
|
test/input
command
Package main defines the main function
|
Package main defines the main function |
|
test/response_too_long
command
Package main defines the main function
|
Package main defines the main function |
|
test/simple
command
Package main defines the main function
|
Package main defines the main function |
|
test/timeout
command
Package main defines the main function
|
Package main defines the main function |
|
utils
module
|