Documentation
¶
Index ¶
Constants ¶
const ( DefaultSecretDirectory = "/tmp/vault" DefaultSecretFile = "secret.json" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthConfig ¶
type AuthConfig struct {
Role string
Provider string
IAMServerID string
STSEndpointRegion string
VaultAddress string
}
AuthConfig holds config required for logging in to Vault.
func AuthConfigFromEnv ¶
func AuthConfigFromEnv() AuthConfig
AuthConfigFromEnv reads config from the environment for authenticating to Vault.
type ConfiguredSecret ¶
type ConfiguredSecret struct {
VaultPath string // The path to read from in Vault
FilePath string // The path to write to in the file system
// contains filtered or unexported fields
}
ConfiguredSecret represents a pair of environment variables of the form:
VAULT_SECRET_PATH_FOO=/kv/data/foo VAULT_SECRET_FILE_FOO=/tmp/vault/secret/foo
Where FOO is the name, and must match across both env vars to form a valid secret configuration. The name can also be empty.
func ParseConfiguredSecrets ¶
func ParseConfiguredSecrets() ([]ConfiguredSecret, error)
ParseConfiguredSecrets reads environment variables to determine which secrets to read from Vault, and where to write them on disk.
func (ConfiguredSecret) Name ¶
func (cs ConfiguredSecret) Name() string
Name is the name parsed from the environment variable name. This name is used as a key to match secrets with file paths.
func (ConfiguredSecret) Valid ¶
func (cs ConfiguredSecret) Valid() bool
Valid checks that both a secret path and a destination path are given.
Source Files