README
¶
File Secret Source (file://)
The File secret source retrieves secret values from files on the local filesystem.
Status
Built-in: This source is included and enabled by default in spelunk.
Usage
To use the File source, use the file:// scheme followed by the path to the file.
Syntax
file://<PATH_TO_FILE>
- Type:
file - Location: The file path (absolute or relative).
Examples
Absolute Path:
file:///etc/secrets/db_password.txt
(Note: Three slashes. Two for the scheme file://, one for the root /)
Relative Path:
file://secrets/api_key.txt
Explicit Relative Path:
file://./.env.local
Behavior
- Check Existence: Verifies the file exists using
os.Stat. ReturnsErrSecretNotFoundif missing. - Read: Opens and reads the entire file content using
io.ReadAll. - Result: Returns the file content as a string.
Use Cases
- Docker/Kubernetes: Reading secrets mounted as files (e.g., Kubernetes Secrets mounted to
/var/run/secrets). - Local Development: Reading configuration from local secret files not checked into version control.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrSecretSourceFileFailedOpen = fmt.Errorf("failed to open secret file") ErrSecretSourceFileFailedRead = fmt.Errorf("failed to read secret file") )
Functions ¶
This section is empty.
Types ¶
type SecretSourceFile ¶
type SecretSourceFile struct{}
SecretSourceFile digs up secrets from local files. The URI scheme for this source is "file". Examples:
file:///path/to/secret.txt file://relative/path/to/secret.txt file://./path/to/secret/from/this/directory.txt
This types.SecretSource is built-in to spelunker.Spelunker.
func (*SecretSourceFile) DigUp ¶
func (s *SecretSourceFile) DigUp(_ context.Context, coord types.SecretCoord) (string, error)
func (*SecretSourceFile) Type ¶
func (s *SecretSourceFile) Type() string
Source Files
Click to show internal directories.
Click to hide internal directories.