types

package
v3.0.0-dev.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 6, 2023 License: Apache-2.0 Imports: 3 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthenticationInfo 

type AuthenticationInfo struct {
	AuthType  string
	AuthToken string
}

AuthenticationInfo contains authentication information to be used when communicating with an HTTP based provider

type BootStrapACLTokenInfo 

type BootStrapACLTokenInfo struct {
	SecretID string   `json:"SecretID"`
	Policies []Policy `json:"Policies"`
}

BootStrapACLTokenInfo is the key portion of the response metadata from consulACLBootstrapAPI

type ConsulRole 

type ConsulRole struct {
	RoleName    string   `json:"name"`
	TokenType   string   `json:"token_type"`
	PolicyNames []string `json:"policies,omitempty"`
	Local       bool     `json:"local,omitempty"`
	TimeToLive  string   `json:"TTL,omitempty"`
}

func NewConsulRole 

func NewConsulRole(name string, tokenType ConsulTokenType, policies []Policy, localUse bool) ConsulRole

type ConsulTokenType 

type ConsulTokenType string
const (
	/*
	 * The following are available Consul token types that can be used for specifying in the role-based tokens
	 * created via /consul/creds secret engine Vault API.
	 * For the details, see reference https://www.vaultproject.io/api/secret/consul#create-update-role
	 */
	// ManagementType is the type of Consul role can be used to create tokens when role-based API /consul/creds is called
	// the management type of created tokens is automatically granted the built-in global management policy
	ManagementType ConsulTokenType = "management"
	// ClientType is the type of Consul role that can be used to create tokens when role-based API /consul/creds is called
	// the regular client type of created tokens is associated with custom policies
	ClientType ConsulTokenType = "client"
)

type InitResponse 

type InitResponse struct {
	Keys          []string `json:"keys,omitempty"`
	KeysBase64    []string `json:"keys_base64,omitempty"`
	EncryptedKeys []string `json:"encrypted_keys,omitempty"`
	Nonces        []string `json:"nonces,omitempty"`
	RootToken     string   `json:"root_token,omitempty"`
}

InitResponse contains a Secret Store init response

type Policy 

type Policy struct {
	ID   string `json:"ID"`
	Name string `json:"Name"`
}

type RuntimeTokenProviderInfo 

type RuntimeTokenProviderInfo struct {
	Enabled        bool
	Protocol       string
	Host           string
	Port           int
	TrustDomain    string
	EndpointSocket string
	// comma-separated list of required secrets for the service
	// currently we have redis in a typical use case
	RequiredSecrets string
}

RuntimeTokenProviderInfo contains the information about the server of a runtime secret token provider

func (RuntimeTokenProviderInfo) BuildProviderURL 

func (provider RuntimeTokenProviderInfo) BuildProviderURL(path string) (string, error)

type SecretConfig 

type SecretConfig struct {
	Type string
	Host string
	Port int
	// Path is the base path to the secret's location in the secret store
	Path string
	// SecretsFile is path to optional JSON file containing secrets to seed into service's SecretStore
	SecretsFile    string
	Protocol       string
	Namespace      string
	RootCaCertPath string
	ServerName     string
	Authentication AuthenticationInfo
	// RuntimeTokenProvider could be optional if not using delayed start from a runtime token provider
	RuntimeTokenProvider RuntimeTokenProviderInfo
}

SecretConfig contains configuration settings used to communicate with an HTTP based secret provider

func (SecretConfig) BuildSecretsPathURL 

func (c SecretConfig) BuildSecretsPathURL(subPath string) (string, error)

BuildSecretsPathURL constructs a URL which can be used to identify a secret's path subPath is the location of the secrets in the secrets engine

func (SecretConfig) BuildURL 

func (c SecretConfig) BuildURL(path string) (string, error)

BuildURL constructs a URL which can be used to identify a HTTP based secret provider

func (SecretConfig) IsRuntimeProviderEnabled 

func (c SecretConfig) IsRuntimeProviderEnabled() bool

IsRuntimeProviderEnabled returns whether the token provider is using runtime token mechanism

type TokenMetadata 

type TokenMetadata struct {
	Accessor   string   `json:"accessor"`
	ExpireTime string   `json:"expire_time"`
	Path       string   `json:"path"`
	Policies   []string `json:"policies"`
	Period     int      `json:"period"` // in seconds
	Renewable  bool     `json:"renewable"`
	Ttl        int      `json:"ttl"` // in seconds
}

TokenMetadata has introspection data about a token and is the "data" sub-structure for token lookup, i.e. TokenLookupResponse, and token self-lookup

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.