secret

package
v0.27.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 12, 2025 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// CreateTypeOrgRepo represents a query to create an
	// index on the secrets table for the type, org and repo columns.
	CreateTypeOrgRepo = `
CREATE INDEX
IF NOT EXISTS
secrets_type_org_repo
ON secrets (type, org, repo);
`
	// CreateTypeOrgTeam represents a query to create an
	// index on the secrets table for the type, org and team columns.
	CreateTypeOrgTeam = `
CREATE INDEX
IF NOT EXISTS
secrets_type_org_team
ON secrets (type, org, team);
`
	// CreateTypeOrg represents a query to create an
	// index on the secrets table for the type, and org columns.
	CreateTypeOrg = `
CREATE INDEX
IF NOT EXISTS
secrets_type_org
ON secrets (type, org);
`

	// CreateSecretID represents a query to create an
	// index on the secret_repo_allowlist tabe for the secret_id column.
	//nolint:gosec // not credentials
	CreateSecretID = `
CREATE INDEX
IF NOT EXISTS
secret_repo_allowlists_secret_id
ON secret_repo_allowlists (secret_id)
`
)
View Source 
const (
	// CreatePostgresTable represents a query to create the Postgres secrets table.
	CreatePostgresTable = `` /* 589-byte string literal not displayed */

	// CreatePostgresAllowlistTable represents a query to create the Postgres secrets_repo_allowlist table.
	CreatePostgresAllowlistTable = `` /* 187-byte string literal not displayed */

	// CreateSqliteTable represents a query to create the Sqlite secrets table.
	CreateSqliteTable = `` /* 537-byte string literal not displayed */

	// CreateSqliteAllowlistTable represents a query to create the Sqlite secrets_allowlist table.
	CreateSqliteAllowlistTable = `` /* 179-byte string literal not displayed */

)

Variables

This section is empty.

Functions

func InsertAllowlist added in v0.27.0 

func InsertAllowlist(ctx context.Context, tx *gorm.DB, s *api.Secret) error

InsertAllowlist adds allowlist entries in the database.

func PruneAllowlist added in v0.27.0 

func PruneAllowlist(ctx context.Context, tx *gorm.DB, s *api.Secret) error

PruneAllowlist deletes any allowlist record from the database that belongs to the secret but is not in the active allowlist.

Types

type Engine added in v0.27.0 

type Engine struct {
	// contains filtered or unexported fields
}

Engine represents the secret functionality that implements the SecretInterface interface.

func New 

func New(opts ...EngineOpt) (*Engine, error)

New creates and returns a Vela service for integrating with secrets in the database.

func (*Engine) CountSecrets added in v0.27.0 

func (e *Engine) CountSecrets(ctx context.Context) (int64, error)

CountSecrets gets the count of all secrets from the database.

func (*Engine) CountSecretsForOrg added in v0.27.0 

func (e *Engine) CountSecretsForOrg(ctx context.Context, org string, filters map[string]interface{}) (int64, error)

CountSecretsForOrg gets the count of secrets by org name from the database.

func (*Engine) CountSecretsForRepo added in v0.27.0 

func (e *Engine) CountSecretsForRepo(ctx context.Context, r *api.Repo, filters map[string]interface{}) (int64, error)

CountSecretsForRepo gets the count of secrets by org and repo name from the database.

func (*Engine) CountSecretsForTeam added in v0.27.0 

func (e *Engine) CountSecretsForTeam(ctx context.Context, org, team string, filters map[string]interface{}) (int64, error)

CountSecretsForTeam gets the count of secrets by org and team name from the database.

func (*Engine) CountSecretsForTeams added in v0.27.0 

func (e *Engine) CountSecretsForTeams(ctx context.Context, org string, teams []string, filters map[string]interface{}) (int64, error)

CountSecretsForTeams gets the count of secrets by teams within an org from the database.

func (*Engine) CreateSecret added in v0.27.0 

func (e *Engine) CreateSecret(ctx context.Context, s *api.Secret) (*api.Secret, error)

CreateSecret creates a new secret in the database.

func (*Engine) CreateSecretIndexes added in v0.27.0 

func (e *Engine) CreateSecretIndexes(ctx context.Context) error

CreateSecretIndexes creates the indexes for the secrets table in the database.

func (*Engine) CreateSecretTables added in v0.27.0 

func (e *Engine) CreateSecretTables(ctx context.Context, driver string) error

CreateSecretTables creates the secrets and secret_repo_allowlist tables in the database.

func (*Engine) DeleteSecret added in v0.27.0 

func (e *Engine) DeleteSecret(ctx context.Context, s *api.Secret) error

DeleteSecret deletes an existing secret from the database.

func (*Engine) FillSecretAllowlist added in v0.27.0 

func (e *Engine) FillSecretAllowlist(ctx context.Context, s *api.Secret) (*api.Secret, error)

FillSecretAllowlist gets a secret allowlist by secret id.

func (*Engine) FillSecretsAllowlists added in v0.27.0 

func (e *Engine) FillSecretsAllowlists(ctx context.Context, secrets []*api.Secret) ([]*api.Secret, error)

FillSecretAllowlists fills the allowlists for a slice of secrets.

func (*Engine) GetSecret added in v0.27.0 

func (e *Engine) GetSecret(ctx context.Context, id int64) (*api.Secret, error)

GetSecret gets a secret by ID from the database.

func (*Engine) GetSecretForOrg added in v0.27.0 

func (e *Engine) GetSecretForOrg(ctx context.Context, org, name string) (*api.Secret, error)

GetSecretForOrg gets a secret by org name from the database.

func (*Engine) GetSecretForRepo added in v0.27.0 

func (e *Engine) GetSecretForRepo(ctx context.Context, name string, r *api.Repo) (*api.Secret, error)

GetSecretForRepo gets a secret by org and repo name from the database.

func (*Engine) GetSecretForTeam added in v0.27.0 

func (e *Engine) GetSecretForTeam(ctx context.Context, org, team, name string) (*api.Secret, error)

GetSecretForTeam gets a secret by org and team name from the database.

func (*Engine) ListSecrets added in v0.27.0 

func (e *Engine) ListSecrets(ctx context.Context) ([]*api.Secret, error)

ListSecrets gets a list of all secrets from the database.

func (*Engine) ListSecretsForOrg added in v0.27.0 

func (e *Engine) ListSecretsForOrg(ctx context.Context, org string, filters map[string]interface{}, page, perPage int) ([]*api.Secret, error)

ListSecretsForOrg gets a list of secrets by org name from the database.

func (*Engine) ListSecretsForRepo added in v0.27.0 

func (e *Engine) ListSecretsForRepo(ctx context.Context, r *api.Repo, filters map[string]interface{}, page, perPage int) ([]*api.Secret, error)

ListSecretsForRepo gets a list of secrets by org name from the database.

func (*Engine) ListSecretsForTeam added in v0.27.0 

func (e *Engine) ListSecretsForTeam(ctx context.Context, org, team string, filters map[string]interface{}, page, perPage int) ([]*api.Secret, error)

ListSecretsForTeam gets a list of secrets by org and team name from the database.

func (*Engine) ListSecretsForTeams added in v0.27.0 

func (e *Engine) ListSecretsForTeams(ctx context.Context, org string, teams []string, filters map[string]interface{}, page, perPage int) ([]*api.Secret, error)

ListSecretsForTeams gets a list of secrets by teams within an org from the database.

func (*Engine) MigrateSecrets added in v0.27.0 

func (e *Engine) MigrateSecrets(ctx context.Context, oldOrg, oldRepo, newOrg, newRepo string) error

MigrateSecrets updates repository secrets and allowlist records for a repo name change.

func (*Engine) UpdateSecret added in v0.27.0 

func (e *Engine) UpdateSecret(ctx context.Context, s *api.Secret) (*api.Secret, error)

UpdateSecret updates an existing secret in the database.

type EngineOpt 

type EngineOpt func(*Engine) error

EngineOpt represents a configuration option to initialize the database engine for Secrets.

func WithClient 

func WithClient(client *gorm.DB) EngineOpt

WithClient sets the gorm.io/gorm client in the database engine for Secrets.

func WithContext added in v0.21.0 

func WithContext(ctx context.Context) EngineOpt

WithContext sets the context in the database engine for Secrets.

func WithEncryptionKey 

func WithEncryptionKey(key string) EngineOpt

WithEncryptionKey sets the encryption key in the database engine for Secrets.

func WithLogger 

func WithLogger(logger *logrus.Entry) EngineOpt

WithLogger sets the github.com/sirupsen/logrus logger in the database engine for Secrets.

func WithSkipCreation 

func WithSkipCreation(skipCreation bool) EngineOpt

WithSkipCreation sets the skip creation logic in the database engine for Secrets.

type SecretInterface added in v0.20.0 

type SecretInterface interface {

	// CreateSecretIndexes defines a function that creates the indexes for the secrets table.
	CreateSecretIndexes(context.Context) error
	// CreateSecretTables defines a function that creates the secrets table.
	CreateSecretTables(context.Context, string) error

	// CountSecrets defines a function that gets the count of all secrets.
	CountSecrets(context.Context) (int64, error)
	// CountSecretsForOrg defines a function that gets the count of secrets by org name.
	CountSecretsForOrg(context.Context, string, map[string]interface{}) (int64, error)
	// CountSecretsForRepo defines a function that gets the count of secrets by org and repo name.
	CountSecretsForRepo(context.Context, *api.Repo, map[string]interface{}) (int64, error)
	// CountSecretsForTeam defines a function that gets the count of secrets by org and team name.
	CountSecretsForTeam(context.Context, string, string, map[string]interface{}) (int64, error)
	// CountSecretsForTeams defines a function that gets the count of secrets by teams within an org.
	CountSecretsForTeams(context.Context, string, []string, map[string]interface{}) (int64, error)
	// CreateSecret defines a function that creates a new secret.
	CreateSecret(context.Context, *api.Secret) (*api.Secret, error)
	// DeleteSecret defines a function that deletes an existing secret.
	DeleteSecret(context.Context, *api.Secret) error
	// FillSecretAllowlist defines a function that fills a secret with its allowlist.
	FillSecretAllowlist(context.Context, *api.Secret) (*api.Secret, error)
	// FillSecretsAllowlists defines a function that takes a list of secrets and fills the allowlists on each.
	FillSecretsAllowlists(context.Context, []*api.Secret) ([]*api.Secret, error)
	// GetSecret defines a function that gets a secret by ID.
	GetSecret(context.Context, int64) (*api.Secret, error)
	// GetSecretForOrg defines a function that gets a secret by org name.
	GetSecretForOrg(context.Context, string, string) (*api.Secret, error)
	// GetSecretForRepo defines a function that gets a secret by org and repo name.
	GetSecretForRepo(context.Context, string, *api.Repo) (*api.Secret, error)
	// GetSecretForTeam defines a function that gets a secret by org and team name.
	GetSecretForTeam(context.Context, string, string, string) (*api.Secret, error)
	// ListSecrets defines a function that gets a list of all secrets.
	ListSecrets(context.Context) ([]*api.Secret, error)
	// ListSecretsForOrg defines a function that gets a list of secrets by org name.
	ListSecretsForOrg(context.Context, string, map[string]interface{}, int, int) ([]*api.Secret, error)
	// ListSecretsForRepo defines a function that gets a list of secrets by org and repo name.
	ListSecretsForRepo(context.Context, *api.Repo, map[string]interface{}, int, int) ([]*api.Secret, error)
	// ListSecretsForTeam defines a function that gets a list of secrets by org and team name.
	ListSecretsForTeam(context.Context, string, string, map[string]interface{}, int, int) ([]*api.Secret, error)
	// ListSecretsForTeams defines a function that gets a list of secrets by teams within an org.
	ListSecretsForTeams(context.Context, string, []string, map[string]interface{}, int, int) ([]*api.Secret, error)
	// MigrateSecrets defines a function that updates the org and name of all repo secrets when there is a name change.
	MigrateSecrets(context.Context, string, string, string, string) error
	// UpdateSecret defines a function that updates an existing secret.
	UpdateSecret(context.Context, *api.Secret) (*api.Secret, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.