credentials

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 17, 2026 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

* SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved. * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License.

* SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved. * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License.

* SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved. * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License.

* SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved. * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config 

type Config struct {
	DataStoreType DataStoreType
	VaultConfig   *VaultConfig
}

Config holds the selected backend and provider config (Vault).

func (*Config) String 

func (c *Config) String() string

func (*Config) Validate 

func (c *Config) Validate() error

Validate checks if the Config fields are set correctly.

type CredentialManager 

type CredentialManager interface {
	Start(ctx context.Context) error
	Stop(ctx context.Context) error
	Get(ctx context.Context, mac net.HardwareAddr) (*credential.Credential, error)
	Put(ctx context.Context, mac net.HardwareAddr, credentials *credential.Credential) error
	Patch(ctx context.Context, mac net.HardwareAddr, credentials *credential.Credential) error
	Delete(ctx context.Context, mac net.HardwareAddr) error
	Keys(ctx context.Context) ([]net.HardwareAddr, error)
}

CredentialManager defines a key-value store for PMC credentials keyed by MAC address.

func New 

func New(ctx context.Context, config *Config) (CredentialManager, error)

New creates a new Credential Manager based on the given configuration.

type DataStoreType 

type DataStoreType string

DataStoreType selects credential store backend. 

const (
	DatastoreTypeVault    DataStoreType = "Vault"
	DatastoreTypeInMemory DataStoreType = "InMemory"
)

type InMemoryCredentialManager 

type InMemoryCredentialManager struct {
	// contains filtered or unexported fields
}

InMemoryCredentialManager implements the CredentialManager interface with an in-memory store.

func NewInMemoryCredentialManager 

func NewInMemoryCredentialManager() *InMemoryCredentialManager

func (*InMemoryCredentialManager) Delete 

func (m *InMemoryCredentialManager) Delete(ctx context.Context, mac net.HardwareAddr) error

Delete removes the credential for mac (no error if absent).

func (*InMemoryCredentialManager) Get 

func (m *InMemoryCredentialManager) Get(ctx context.Context, mac net.HardwareAddr) (*credential.Credential, error)

Get returns the credential for mac or an error if missing/invalid.

func (*InMemoryCredentialManager) Keys 

func (m *InMemoryCredentialManager) Keys(ctx context.Context) ([]net.HardwareAddr, error)

Keys returns all MACs with stored credentials.

func (*InMemoryCredentialManager) Patch 

func (m *InMemoryCredentialManager) Patch(ctx context.Context, mac net.HardwareAddr, cred *credential.Credential) error

Patch updates the credential for mac (replaces current value).

func (*InMemoryCredentialManager) Put 

func (m *InMemoryCredentialManager) Put(ctx context.Context, mac net.HardwareAddr, cred *credential.Credential) error

Put stores or replaces the credential for mac.

func (*InMemoryCredentialManager) Start 

func (m *InMemoryCredentialManager) Start(ctx context.Context) error

Start InMemoryCredentialManager (NO-OP)

func (*InMemoryCredentialManager) Stop 

func (m *InMemoryCredentialManager) Stop(ctx context.Context) error

Stop InMemoryCredentialManager (NO-OP)

type VaultConfig 

type VaultConfig struct {
	Address string
	Token   string
}

VaultConfig configures access to Vault (address and token). The token should be scoped minimally for KV operations.

func (*VaultConfig) NewManager 

func (c *VaultConfig) NewManager() (*VaultCredentialManager, error)

NewManager initializes a Vault client with the configured address and token. TLS verification is skipped to handle self-signed certificates in Kubernetes environments.

func (VaultConfig) String 

func (c VaultConfig) String() string

String returns the canonical string form of the version.

func (*VaultConfig) Validate 

func (c *VaultConfig) Validate() error

Validate ensures required Vault fields are provided.

type VaultCredentialManager 

type VaultCredentialManager struct {
	// contains filtered or unexported fields
}

VaultCredentialManager implements the CredentialManager interface with a Vault store.

func (*VaultCredentialManager) Delete 

func (m *VaultCredentialManager) Delete(ctx context.Context, mac net.HardwareAddr) error

Delete removes the credential specified by the PMC mac (if it exists) from Vault.

func (*VaultCredentialManager) Get 

func (m *VaultCredentialManager) Get(ctx context.Context, mac net.HardwareAddr) (*credential.Credential, error)

Get retrieves and validates credentials for the given MAC from Vault.

func (*VaultCredentialManager) Keys 

func (m *VaultCredentialManager) Keys(ctx context.Context) ([]net.HardwareAddr, error)

Keys returns a list of PMC MACs for which credential manager has secrets for.

func (*VaultCredentialManager) Patch 

func (m *VaultCredentialManager) Patch(ctx context.Context, mac net.HardwareAddr, cred *credential.Credential) error

Patch replaces the PMC's credentials in Vault (equivalent to Put).

func (*VaultCredentialManager) Put 

func (m *VaultCredentialManager) Put(ctx context.Context, mac net.HardwareAddr, cred *credential.Credential) error

Put writes the credentials of a given PMC (specified by MAC) to Vault.

func (*VaultCredentialManager) Start 

func (m *VaultCredentialManager) Start(ctx context.Context) error

Start ensures the Vault engine is mounted at the configured path.

func (*VaultCredentialManager) Stop 

func (m *VaultCredentialManager) Stop(ctx context.Context) error

Stop performs no cleanup.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.