vault

package

v0.0.11 Latest Latest Go to latest Published: Jan 19, 2026 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/dirathea/sstart

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type VaultAuthConfig
type VaultConfig
type VaultProvider
- func (p *VaultProvider) Fetch(secretContext provider.SecretContext, mapID string, ...) ([]provider.KeyValue, error)
- func (p *VaultProvider) Name() string

Constants ¶

View Source

const (
	// AuthMethodToken uses a static Vault token for authentication
	AuthMethodToken = "token"
	// AuthMethodOIDC uses OIDC/JWT authentication via SSO
	AuthMethodOIDC = "oidc"
	// AuthMethodJWT is an alias for OIDC authentication
	AuthMethodJWT = "jwt"

	// DefaultJWTAuthMount is the default mount path for JWT auth
	DefaultJWTAuthMount = "jwt"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type VaultAuthConfig ¶ added in v0.0.6

type VaultAuthConfig struct {
	// Method specifies the authentication method: "token" (default), "oidc", or "jwt"
	Method string `json:"method,omitempty" yaml:"method,omitempty"`
	// Role is the Vault role to authenticate as (required when using oidc/jwt auth)
	Role string `json:"role,omitempty" yaml:"role,omitempty"`
	// Mount is the mount path for the auth backend (optional, defaults to "jwt" for oidc/jwt)
	Mount string `json:"mount,omitempty" yaml:"mount,omitempty"`
	// Token is the Vault authentication token (optional, defaults to VAULT_TOKEN env var)
	Token string `json:"token,omitempty" yaml:"token,omitempty"`
}

VaultAuthConfig represents authentication configuration for Vault

type VaultConfig ¶

type VaultConfig struct {
	// Address is the Vault server address (optional, defaults to VAULT_ADDR env var)
	Address string `json:"address,omitempty" yaml:"address,omitempty"`
	// Path is the path to the secret in Vault (required)
	Path string `json:"path" yaml:"path"`
	// Mount is the secret engine mount path (optional, defaults to "secret")
	Mount string `json:"mount,omitempty" yaml:"mount,omitempty"`
	// Auth contains authentication configuration
	Auth *VaultAuthConfig `json:"auth,omitempty" yaml:"auth,omitempty"`

	// Internal: SSO tokens injected by the collector
	SSOAccessToken string `json:"-" yaml:"-"`
	SSOIDToken     string `json:"-" yaml:"-"`
}

VaultConfig represents the configuration for HashiCorp Vault provider

type VaultProvider ¶

type VaultProvider struct {
	// contains filtered or unexported fields
}

VaultProvider implements the provider interface for HashiCorp Vault

func (*VaultProvider) Fetch ¶

func (p *VaultProvider) Fetch(secretContext provider.SecretContext, mapID string, config map[string]interface{}, keys map[string]string) ([]provider.KeyValue, error)

Fetch fetches secrets from HashiCorp Vault

func (*VaultProvider) Name ¶

func (p *VaultProvider) Name() string

Name returns the provider name

Source Files ¶

View all Source files

vault.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL