secrets

package
v1.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2026 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidSecret = errors.New("invalid secret")
)
View Source 
var ErrSecretRef = errors.New("invalid secret reference")

Functions

func LoadRef 

func LoadRef(ref string) ([]byte, error)

LoadRef loads a secret value from a reference string.

Supported forms: - env:NAME - file:/path/to/secret - raw:literal-value (intended for tests/dev only) - vault:secret/path[#field] (reads from Vault HTTP API using env-configured address/token)

func ValidateRef added in v1.1.0 

func ValidateRef(ref string) error

ValidateRef validates a secret reference format without loading its value.

Supported forms: - env:NAME - file:/path/to/secret - raw:literal-value - vault:secret/path[#field]

Types

type Set 

type Set struct {
	Versions []Version
}

func (Set) SigningAt 

func (s Set) SigningAt(t time.Time) (Version, bool)

SigningAt returns the newest (most recent ValidFrom) secret that is valid at time t.

func (Set) ValidAt 

func (s Set) ValidAt(t time.Time) []Version

ValidAt returns all secrets valid at time t, ordered by ValidFrom descending.

func (Set) Validate 

func (s Set) Validate() error

type Version 

type Version struct {
	ID         string
	Value      []byte
	ValidFrom  time.Time
	ValidUntil time.Time
}

Version is a single secret value with a validity window.

Semantics: - ValidFrom is inclusive. - ValidUntil is exclusive; a zero value means "no end".

func (Version) IsValidAt 

func (v Version) IsValidAt(t time.Time) bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.