credstore

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 6, 2026 License: MIT Imports: 9 Imported by: 0

Documentation

Overview

Package credstore persists provider API keys outside config.json so secrets are not written to disk in cleartext. It resolves one backend at construction: the OS keyring on macOS (the `security` keychain), otherwise an AES-256-GCM encrypted file (the Linux secret-tool keyring needs a running secret service that is absent on headless/CI machines, so it is opt-in via ZERO_CRED_STORAGE=keyring). A plaintext file is available only as an explicit ZERO_CRED_STORAGE=file opt-out. OAuth tokens stay in internal/oauth; this store is for raw API keys.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type KeyringClient

type KeyringClient interface {
	Available() bool
	Set(service, account, secret string) error
	Get(service, account string) (string, bool, error)
	Delete(service, account string) (bool, error)
}

KeyringClient is the minimal OS-keyring surface the store needs; *keyring.Keyring satisfies it. Injectable for tests.

type Options

type Options struct {
	// Dir is the per-user data directory for the file backends.
	Dir string
	// Storage selects the backend: "" (auto), "keyring", "encrypted-file", or "file"
	// (plaintext opt-out). When empty it falls back to ZERO_CRED_STORAGE, then auto:
	// keyring on macOS (the `security` keychain is reliable and needs no daemon),
	// encrypted-file everywhere else (Linux `secret-tool` needs a running secret
	// service that is absent on headless/CI boxes and would block/error). Linux/other
	// users can still opt into the keyring with ZERO_CRED_STORAGE=keyring.
	Storage string
	// Keyring is the keyring client; nil => keyring.New().
	Keyring KeyringClient
	// Env reads environment variables; nil => os.Getenv.
	Env func(string) string
	// GOOS overrides the platform for auto backend resolution; "" => runtime.GOOS.
	// Exists so tests can exercise the per-OS default deterministically.
	GOOS string
}

Options configures the credential store.

type Store

type Store struct {
	// contains filtered or unexported fields
}

Store reads/writes provider API keys via the resolved backend.

func New

func New(options Options) (*Store, error)

New resolves the backend. It never silently downgrades to plaintext: "file" must be chosen explicitly; auto mode picks keyring then encrypted-file.

func (*Store) Backend

func (s *Store) Backend() string

Backend reports the resolved backend ("keyring", "encrypted-file", "file"), for display ("how is this key stored").

func (*Store) Delete

func (s *Store) Delete(provider string) (bool, error)

Delete removes the API key for provider, reporting whether one existed.

func (*Store) Encrypted

func (s *Store) Encrypted() bool

Encrypted reports whether secrets are protected at rest (keyring or AES file).

func (*Store) Get

func (s *Store) Get(provider string) (string, bool, error)

Get returns the API key for provider and whether one is stored.

func (*Store) Providers

func (s *Store) Providers() ([]string, error)

Providers lists providers with a stored key (sorted), for display/audit.

func (*Store) Set

func (s *Store) Set(provider, key string) error

Set stores (or overwrites) the API key for provider.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL