secrets

package
v1.67.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 27, 2025 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrNoPath                 = errors.New("secrets gatherer command must have a path parameter in order to be executed")
	ErrEmptyResponse          = errors.New("the command returned an empty response")
	ErrInvalidResponse        = errors.New("the command returned an invalid response")
	ErrParseResNoData         = errors.New("missing required field 'data'")
	ErrParseResInvalidData    = errors.New("invalid type for field 'data'")
	ErrParseResTTLInvalidType = errors.New("invalid type for field 'ttl'")
	ErrValidation             = errors.New("validation error")
	ErrCommandRun             = errors.New("failed to run command")
	ErrParseCommandResponse   = errors.New("failed to parse command response")
	ErrTTLNotFound            = errors.New("TTL value not found")
	ErrTTLInvalid             = errors.New("TTL value is not valid")
)

Error handling.

Functions

func CommandGatherer added in v1.67.3 

func CommandGatherer(cmd *Command) func() (any, error)

CommandGatherer instantiates a Command variable gatherer from the given configuration. The fetching process will return either a map containing access paths to the stored JSON or a byte string value E.g. if the stored Secret is `{"account":{"user":"test1","password":"test2"}}`, the returned Map contents will be: "account.user" -> "test1" "account.password" -> "test2". For command return values that include a "data" field and an optional "ttl" field, the access paths will consider the "data" field as the root of the JSON. E.g. if the stored Secret is `{"data":{"user":"test1","password":"test2"}}`, the returned Map contents will be: "user" -> "test1" "password" -> "test2".

func CyberArkAPIGatherer 

func CyberArkAPIGatherer(cyberArkAPI *CyberArkAPI) func() (interface{}, error)

CyberArkAPIGatherer instantiates a CyberArkAPI variable gatherer from the given configuration. The result is a map with a single "password" key value pair

func CyberArkCLIGatherer 

func CyberArkCLIGatherer(cyberArkCLI *CyberArkCLI) func() (interface{}, error)

CyberArkCLIGatherer instantiates a CyberArkCLI variable gatherer from the given configuration. The result is a map with a single "password" key value pair

func KMSGatherer 

func KMSGatherer(kms *KMS) func() (interface{}, error)

KMSGatherer instantiates a KMS variable gatherer from the given configuration. The fetching process // will return either a map containing access paths to the stored JSON or ShortHand, or a string if the // stored secret is just a string. E.g. if the stored secret is `{"car":{"brand":"Opel","model":"Corsa"}}`, the returned Map contents will be: "car.brand" -> "Opel" "car.model" -> "Corsa"

func ObfuscateGatherer 

func ObfuscateGatherer(obfuscated *Obfuscated) func() (interface{}, error)

ObfuscateGatherer instantiates a Obfuscate variable gatherer from the given configuration. The fetching process will return either a map containing access paths to the stored JSON. E.g. if the stored Secret is `{"account":{"user":"test1","password":"test2"}}`, the returned Map contents will be: "account.user" -> "test1" "account.password" -> "test2"

func VaultGatherer 

func VaultGatherer(vault *Vault) func() (interface{}, error)

VaultGatherer instantiates a Vault variable gatherer from the given configuration. The fetching process will return either a map containing access paths to the stored JSON. E.g. if the stored secret is `{"person":{"name":"Matias","surname":"Burni"}}`, the returned Map contents will be: "person.name" -> "Matias" "person.surname" -> "Burni"

Types

type Command added in v1.67.3 

type Command struct {
	Path           string   `yaml:"path"`
	Args           []string `yaml:"args,omitempty"`
	PassthroughEnv []string `yaml:"passthrough_environment,omitempty"`
}

func (*Command) Validate added in v1.67.3 

func (cmd *Command) Validate() error

type CyberArkAPI 

type CyberArkAPI struct {
	HTTP *http
}

func (*CyberArkAPI) Validate 

func (g *CyberArkAPI) Validate() error

type CyberArkCLI 

type CyberArkCLI struct {
	CLI    string `yaml:"cli"`
	AppID  string `yaml:"app-id"`
	Safe   string `yaml:"safe"`
	Folder string `yaml:"folder"`
	Object string `yaml:"object"`
}

func (*CyberArkCLI) Validate 

func (g *CyberArkCLI) Validate() error

type KMS 

type KMS struct {
	Data           string
	File           string
	HTTP           *http
	CredentialFile string `yaml:"credential_file"`
	ConfigFile     string `yaml:"config_file"`
	Region         string `yaml:"region"`
	Endpoint       string `yaml:"endpoint"`
	DisableSSL     bool   `yaml:"disableSSL"`
	Type           string `yaml:"type,omitempty"` // can be 'json', 'equal' and 'plain' (default)
}

KMS defines the AWS-KMS data source

func (*KMS) Validate 

func (k *KMS) Validate() error

Validate checks if the KMS configuration is correct

type Obfuscated 

type Obfuscated struct {
	Key    string `yaml:"key"`
	Secret string `yaml:"secret"`
}

func (*Obfuscated) Validate 

func (o *Obfuscated) Validate() error

type Vault 

type Vault struct {
	HTTP *http
}

func (*Vault) Validate 

func (g *Vault) Validate() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.