types

package
v3.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 6, 2023 License: Apache-2.0 Imports: 3 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthenticationInfo 

type AuthenticationInfo struct {
	AuthType  string
	AuthToken string
}

AuthenticationInfo contains authentication information to be used when communicating with an HTTP based provider

type BootStrapACLTokenInfo 

type BootStrapACLTokenInfo struct {
	SecretID string   `json:"SecretID"`
	Policies []Policy `json:"Policies"`
}

BootStrapACLTokenInfo is the key portion of the response metadata from consulACLBootstrapAPI

type ConsulRole 

type ConsulRole struct {
	RoleName    string   `json:"name"`
	TokenType   string   `json:"token_type"`
	PolicyNames []string `json:"policies,omitempty"`
	Local       bool     `json:"local,omitempty"`
	TimeToLive  string   `json:"TTL,omitempty"`
}

func NewConsulRole 

func NewConsulRole(name string, tokenType ConsulTokenType, policies []Policy, localUse bool) ConsulRole

type ConsulTokenType 

type ConsulTokenType string
const (
	/*
	 * The following are available Consul token types that can be used for specifying in the role-based tokens
	 * created via /consul/creds secret engine Vault API.
	 * For the details, see reference https://www.vaultproject.io/api/secret/consul#create-update-role
	 */
	// ManagementType is the type of Consul role can be used to create tokens when role-based API /consul/creds is called
	// the management type of created tokens is automatically granted the built-in global management policy
	ManagementType ConsulTokenType = "management"
	// ClientType is the type of Consul role that can be used to create tokens when role-based API /consul/creds is called
	// the regular client type of created tokens is associated with custom policies
	ClientType ConsulTokenType = "client"
)

type InitResponse 

type InitResponse struct {
	Keys          []string `json:"keys,omitempty"`
	KeysBase64    []string `json:"keys_base64,omitempty"`
	EncryptedKeys []string `json:"encrypted_keys,omitempty"`
	Nonces        []string `json:"nonces,omitempty"`
	RootToken     string   `json:"root_token,omitempty"`
}

InitResponse contains a Secret Store init response

type Policy 

type Policy struct {
	ID   string `json:"ID"`
	Name string `json:"Name"`
}

type RuntimeTokenProviderInfo 

type RuntimeTokenProviderInfo struct {
	Enabled        bool
	Protocol       string
	Host           string
	Port           int
	TrustDomain    string
	EndpointSocket string
	// comma-separated list of required secrets for the service
	// currently we have redis in a typical use case
	RequiredSecrets string
}

RuntimeTokenProviderInfo contains the information about the server of a runtime secret token provider

func (RuntimeTokenProviderInfo) BuildProviderURL 

func (provider RuntimeTokenProviderInfo) BuildProviderURL(path string) (string, error)

type SecretConfig 

type SecretConfig struct {
	Type string
	Host string
	Port int
	// BasePath is the base path to the secret's location in the secret store
	BasePath string
	// SecretsFile is path to optional JSON file containing secrets to seed into service's SecretStore
	SecretsFile    string
	Protocol       string
	Namespace      string
	RootCaCertPath string
	ServerName     string
	Authentication AuthenticationInfo
	// RuntimeTokenProvider could be optional if not using delayed start from a runtime token provider
	RuntimeTokenProvider RuntimeTokenProviderInfo
}

SecretConfig contains configuration settings used to communicate with an HTTP based secret provider

func (SecretConfig) BuildRequestURL 

func (c SecretConfig) BuildRequestURL(subPath string) (string, error)

BuildRequestURL constructs a request URL for send the a request to the secrets engine

func (SecretConfig) BuildSecretNameURL 

func (c SecretConfig) BuildSecretNameURL(secretName string) (string, error)

BuildSecretNameURL constructs a URL to the service's secret with in it's secret store secretName is the name of the secret in the service's secret store

func (SecretConfig) BuildURL 

func (c SecretConfig) BuildURL(path string) (string, error)

BuildURL constructs a URL which can be used to identify a HTTP based secret provider

func (SecretConfig) IsRuntimeProviderEnabled 

func (c SecretConfig) IsRuntimeProviderEnabled() bool

IsRuntimeProviderEnabled returns whether the token provider is using runtime token mechanism

type TokenMetadata 

type TokenMetadata struct {
	Accessor   string   `json:"accessor"`
	ExpireTime string   `json:"expire_time"`
	Path       string   `json:"path"`
	Policies   []string `json:"policies"`
	Period     int      `json:"period"` // in seconds
	Renewable  bool     `json:"renewable"`
	Ttl        int      `json:"ttl"` // in seconds
}

TokenMetadata has introspection data about a token and is the "data" sub-structure for token lookup, i.e. TokenLookupResponse, and token self-lookup

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.