externalsecrets

package
v0.2.0-alpha.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 5, 2026 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Overview

Package externalsecrets contains helpers for constructing resources used by the External Secrets Operator.

Example (ComposeSecretStoreAndExternalSecret)

This example demonstrates composing a SecretStore backed by AWS Secrets Manager and an ExternalSecret that syncs credentials into a Kubernetes Secret. 

package main

import (
	"fmt"

	esv1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1"

	"github.com/go-kure/kure/internal/externalsecrets"
)

func main() {
	// --- SecretStore (AWS Secrets Manager) ---
	store := externalsecrets.CreateSecretStore("aws-store", "default", esv1.SecretStoreSpec{})
	externalsecrets.SetSecretStoreProvider(store, &esv1.SecretStoreProvider{
		AWS: &esv1.AWSProvider{
			Service: esv1.AWSServiceSecretsManager,
			Region:  "eu-west-1",
		},
	})
	externalsecrets.AddSecretStoreLabel(store, "env", "production")

	// --- ExternalSecret referencing the store ---
	es := externalsecrets.CreateExternalSecret("db-credentials", "default", esv1.ExternalSecretSpec{})
	externalsecrets.SetExternalSecretSecretStoreRef(es, esv1.SecretStoreRef{
		Name: store.Name,
		Kind: "SecretStore",
	})
	externalsecrets.AddExternalSecretData(es, esv1.ExternalSecretData{
		SecretKey: "username",
		RemoteRef: esv1.ExternalSecretDataRemoteRef{Key: "prod/db/username"},
	})
	externalsecrets.AddExternalSecretData(es, esv1.ExternalSecretData{
		SecretKey: "password",
		RemoteRef: esv1.ExternalSecretDataRemoteRef{Key: "prod/db/password"},
	})
	externalsecrets.AddExternalSecretLabel(es, "app", "backend")

	fmt.Println("Store:", store.Name)
	fmt.Println("Store Kind:", store.Kind)
	fmt.Println("Store Namespace:", store.Namespace)
	fmt.Println("ExternalSecret:", es.Name)
	fmt.Println("ExternalSecret Namespace:", es.Namespace)
	fmt.Println("Store Ref:", es.Spec.SecretStoreRef.Name)
	fmt.Println("Data Keys:", es.Spec.Data[0].SecretKey, es.Spec.Data[1].SecretKey)
}

Output:
Store: aws-store
Store Kind: SecretStore
Store Namespace: default
ExternalSecret: db-credentials
ExternalSecret Namespace: default
Store Ref: aws-store
Data Keys: username password

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func AddClusterSecretStoreAnnotation 

func AddClusterSecretStoreAnnotation(obj *esv1.ClusterSecretStore, key, value string)

AddClusterSecretStoreAnnotation adds or updates an annotation on the ClusterSecretStore.

func AddClusterSecretStoreLabel 

func AddClusterSecretStoreLabel(obj *esv1.ClusterSecretStore, key, value string)

AddClusterSecretStoreLabel adds or updates a label on the ClusterSecretStore.

func AddExternalSecretAnnotation 

func AddExternalSecretAnnotation(obj *esv1.ExternalSecret, key, value string)

AddExternalSecretAnnotation adds or updates an annotation on the ExternalSecret.

func AddExternalSecretData 

func AddExternalSecretData(obj *esv1.ExternalSecret, data esv1.ExternalSecretData)

AddExternalSecretData appends a data entry to the ExternalSecret spec.

func AddExternalSecretLabel 

func AddExternalSecretLabel(obj *esv1.ExternalSecret, key, value string)

AddExternalSecretLabel adds or updates a label on the ExternalSecret.

func AddSecretStoreAnnotation 

func AddSecretStoreAnnotation(obj *esv1.SecretStore, key, value string)

AddSecretStoreAnnotation adds or updates an annotation on the SecretStore.

func AddSecretStoreLabel 

func AddSecretStoreLabel(obj *esv1.SecretStore, key, value string)

AddSecretStoreLabel adds or updates a label on the SecretStore.

func CreateClusterSecretStore 

func CreateClusterSecretStore(name string, spec esv1.SecretStoreSpec) *esv1.ClusterSecretStore

CreateClusterSecretStore returns a ClusterSecretStore object with the given name and spec.

func CreateExternalSecret 

func CreateExternalSecret(name, namespace string, spec esv1.ExternalSecretSpec) *esv1.ExternalSecret

CreateExternalSecret returns a new ExternalSecret object with the provided name, namespace and spec.

func CreateSecretStore 

func CreateSecretStore(name, namespace string, spec esv1.SecretStoreSpec) *esv1.SecretStore

CreateSecretStore returns a SecretStore object with the given name, namespace and spec.

func SetClusterSecretStoreController 

func SetClusterSecretStoreController(obj *esv1.ClusterSecretStore, controller string)

SetClusterSecretStoreController sets the controller name on the ClusterSecretStore spec.

func SetClusterSecretStoreProvider 

func SetClusterSecretStoreProvider(obj *esv1.ClusterSecretStore, provider *esv1.SecretStoreProvider)

SetClusterSecretStoreProvider sets the provider field on the ClusterSecretStore spec.

func SetExternalSecretSecretStoreRef 

func SetExternalSecretSecretStoreRef(obj *esv1.ExternalSecret, ref esv1.SecretStoreRef)

SetExternalSecretSecretStoreRef sets the secret store reference on the ExternalSecret spec.

func SetSecretStoreController 

func SetSecretStoreController(obj *esv1.SecretStore, controller string)

SetSecretStoreController sets the controller name on the SecretStore spec.

func SetSecretStoreProvider 

func SetSecretStoreProvider(obj *esv1.SecretStore, provider *esv1.SecretStoreProvider)

SetSecretStoreProvider sets the provider field on the SecretStore spec.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.