Documentation
¶
Overview ¶
Package config loads and validates cr's non-secret configuration.
Index ¶
- Constants
- Variables
- func EffectiveModelMap(llm LLMConfig) map[ModelTier]ModelMapResolution
- func IsOnePasswordSecretsBackend(kind SecretsBackendKind) bool
- func NormalizeHost(raw string) string
- func Path() (string, error)
- func PinnedGitHubAppInstallationIDForGit(profile Profile, git GitConfig) string
- func Save(path string, cfg File) error
- func Validate(cfg File) error
- func ValidateRetention(retention RetentionConfig) error
- func ValidateSecrets(secrets SecretsConfig) error
- type CredentialLocation
- type CredentialRef
- type DataConfig
- type EffectiveSecretsProfile
- type EffectiveSecretsProfileSource
- type EffectiveSecretsStore
- type EffectiveSecretsStoreSource
- type File
- type GitAuthMode
- type GitConfig
- type GitHubAppConfig
- type KeyringConfig
- type LLMAdapter
- type LLMAuth
- type LLMConfig
- type LLMProvider
- type ModelMap
- type ModelMapResolution
- type ModelMapSource
- type ModelTier
- type Profile
- type ProfileReviewer
- type ProfileReviewerGitHubAppInstallation
- type ProfileReviewerGitHubAppInstallationMode
- type ProfileReviewerKind
- type RepositoryAccessConfig
- type RepositoryProfile
- type RepositoryProfileAmbiguityError
- type RepositoryProfileMatch
- type RepositoryProfileResolution
- type RepositoryProfileResolutionSource
- type RepositoryTarget
- type ResolveThreadsPolicy
- type RetentionConfig
- type RetentionEnforcement
- type ReviewMajorEvent
- type ReviewPolicy
- type ReviewerCredentials
- type ReviewerEntity
- type SecretsBackendKind
- type SecretsConfig
- type SecretsProfile
- type SecretsProfileBackend
- type SecretsProfileOnePasswordConfig
- type SecretsStore
- type SecretsStoreBackend
- type SecretsStoreOnePasswordConfig
Constants ¶
const (
LocalOSCredentialStoreID = "local-os"
)
Credential store constants.
Variables ¶
var ( // ErrNotConfigured means config.yml does not exist. ErrNotConfigured = errors.New("config: not configured") // ErrProfileNotFound means the requested profile is absent. ErrProfileNotFound = errors.New("config: profile not found") // ErrRepositoryProfileAmbiguous means repository routing matched multiple profiles. ErrRepositoryProfileAmbiguous = errors.New("config: repository profile ambiguous") // ErrSecretsStoreNotFound means the requested credential store is absent. ErrSecretsStoreNotFound = errors.New("config: credential store not found") // ErrSecretsProfileNotFound is the old name for ErrSecretsStoreNotFound. ErrSecretsProfileNotFound = ErrSecretsStoreNotFound // ErrInvalid means the config file is malformed or violates the schema. ErrInvalid = errors.New("config: invalid") // ErrUnsupported means the config uses a known v2-only option. ErrUnsupported = errors.New("config: not supported in v1") )
Functions ¶
func EffectiveModelMap ¶ added in v0.3.64
func EffectiveModelMap(llm LLMConfig) map[ModelTier]ModelMapResolution
EffectiveModelMap merges built-in defaults with profile model_map overrides.
func IsOnePasswordSecretsBackend ¶ added in v0.3.149
func IsOnePasswordSecretsBackend(kind SecretsBackendKind) bool
IsOnePasswordSecretsBackend reports whether kind is one of cr's supported 1Password-backed secrets-profile variants.
func NormalizeHost ¶ added in v0.3.81
NormalizeHost applies the same host normalization used by config validation and repository route resolution.
func PinnedGitHubAppInstallationIDForGit ¶ added in v0.9.175
PinnedGitHubAppInstallationIDForGit returns the profile-level pinned installation id that applies to git when git is the selected GitHub App reviewer entity for profile.
func ValidateRetention ¶ added in v0.3.87
func ValidateRetention(retention RetentionConfig) error
ValidateRetention checks retention after applying omitted-field defaults.
func ValidateSecrets ¶ added in v0.3.146
func ValidateSecrets(secrets SecretsConfig) error
ValidateSecrets checks non-secret named credential store config.
Types ¶
type CredentialLocation ¶ added in v0.6.174
type CredentialLocation struct {
Store string `yaml:"store" json:"store"`
Name string `yaml:"name" json:"name"`
}
CredentialLocation names where one credential bundle is stored.
type CredentialRef ¶
type CredentialRef struct {
Purpose string `json:"purpose"`
Store string `json:"store,omitempty"`
Ref string `json:"ref"`
Mode string `json:"mode"`
Provider string `json:"provider,omitempty"`
}
CredentialRef is one declared non-secret pointer into a credential store. It is derived from CredentialLocation for readiness/status helpers.
func CredentialRefs ¶
func CredentialRefs(profile Profile) ([]CredentialRef, error)
CredentialRefs returns all credential-store refs declared by profile.
type DataConfig ¶
type DataConfig struct {
Retention RetentionConfig `yaml:"retention,omitempty" json:"retention"`
}
DataConfig carries non-secret durable data policy.
type EffectiveSecretsProfile ¶ added in v0.3.146
type EffectiveSecretsProfile = EffectiveSecretsStore
EffectiveSecretsProfile is the old in-memory name for EffectiveSecretsStore.
func EffectiveSecretsProfiles ¶ added in v0.3.146
func EffectiveSecretsProfiles(cfg File) []EffectiveSecretsProfile
EffectiveSecretsProfiles is the old in-memory name for EffectiveSecretsStores.
type EffectiveSecretsProfileSource ¶ added in v0.3.146
type EffectiveSecretsProfileSource = EffectiveSecretsStoreSource
EffectiveSecretsProfileSource is a compatibility alias retained during the staged rewrite.
const ( // EffectiveSecretsProfileSourceConfigured is the compatibility name for a configured credential store. EffectiveSecretsProfileSourceConfigured EffectiveSecretsProfileSource = EffectiveSecretsStoreSourceConfigured // EffectiveSecretsProfileSourceProjectedLegacy is the compatibility name for the built-in OS store. EffectiveSecretsProfileSourceProjectedLegacy EffectiveSecretsProfileSource = EffectiveSecretsStoreSourceBuiltIn // ProjectedOSCredentialStoreBackendKind is the presentation backend for the built-in OS store. ProjectedOSCredentialStoreBackendKind = "auto" )
type EffectiveSecretsStore ¶ added in v0.6.174
type EffectiveSecretsStore struct {
ID string `json:"id"`
DisplayName string `json:"display_name,omitempty"`
Backend string `json:"backend"`
ReadOnly bool `json:"read_only,omitempty"`
Source EffectiveSecretsStoreSource `json:"source"`
// Compatibility fields for old callers while UI/runtime are rewritten.
Label string `json:"label,omitempty"`
}
EffectiveSecretsStore is the presentation-safe credential-store inventory shape used by callers that need to summarize the config.
func EffectiveSecretsStores ¶ added in v0.6.174
func EffectiveSecretsStores(cfg File) []EffectiveSecretsStore
EffectiveSecretsStores returns the read-only built-in OS credential store followed by configured credential stores in stable order.
type EffectiveSecretsStoreSource ¶ added in v0.6.174
type EffectiveSecretsStoreSource string
EffectiveSecretsStoreSource distinguishes configured stores from the read-only projected built-in OS store.
const ( EffectiveSecretsStoreSourceBuiltIn EffectiveSecretsStoreSource = "built_in" EffectiveSecretsStoreSourceConfigured EffectiveSecretsStoreSource = "configured" )
Effective credential-store inventory sources.
type File ¶
type File struct {
Secrets SecretsConfig `yaml:"secrets,omitempty" json:"secrets,omitempty"`
RepositoryAccess map[string]RepositoryAccessConfig `yaml:"repository_access,omitempty" json:"repository_access,omitempty"`
LLMRuntimes map[string]LLMConfig `yaml:"llm_runtimes,omitempty" json:"llm_runtimes,omitempty"`
ReviewerEntities map[string]ReviewerEntity `yaml:"reviewer_entities,omitempty" json:"reviewer_entities,omitempty"`
RepositoryProfiles []RepositoryProfile `yaml:"repository_profiles,omitempty" json:"repository_profiles,omitempty"`
Profiles map[string]Profile `yaml:"profiles,omitempty" json:"profiles,omitempty"`
Data DataConfig `yaml:"data,omitempty" json:"data"`
// Keyring is retained as an ignored in-memory compatibility field while
// credential-store runtime selection is rewritten. It is not config schema.
Keyring KeyringConfig `yaml:"-" json:"-"`
}
File is the root config.yml schema.
type GitAuthMode ¶
type GitAuthMode string
GitAuthMode identifies how git-host credentials are obtained.
const ( GitAuthModePAT GitAuthMode = "pat" GitAuthModeOAuthDevice GitAuthMode = "oauth_device" GitAuthModeGitHubApp GitAuthMode = "github_app" )
Git auth modes.
func (GitAuthMode) Supported ¶
func (m GitAuthMode) Supported() bool
Supported reports whether m is implemented in v1.
func (GitAuthMode) Valid ¶
func (m GitAuthMode) Valid() bool
Valid reports whether m is a known git auth mode.
type GitConfig ¶
type GitConfig struct {
Host string `yaml:"host" json:"host"`
AuthMode GitAuthMode `yaml:"auth_mode" json:"auth_mode"`
Credential CredentialLocation `yaml:"credential" json:"credential"`
GitHubApp *GitHubAppConfig `yaml:"github_app,omitempty" json:"github_app,omitempty"`
IdentityCache string `yaml:"identity_cache,omitempty" json:"identity_cache,omitempty"`
// CredentialRef is retained as an ignored in-memory compatibility field.
CredentialRef string `yaml:"-" json:"-"`
}
GitConfig identifies the user's git-host credentials.
type GitHubAppConfig ¶ added in v0.9.175
type GitHubAppConfig struct {
AppID string `yaml:"app_id" json:"app_id"`
}
GitHubAppConfig stores non-secret GitHub App identifiers.
type KeyringConfig ¶
type KeyringConfig struct {
Backend string `yaml:"backend,omitempty" json:"backend,omitempty"`
}
KeyringConfig carries non-secret keyring backend preferences.
type LLMAdapter ¶
type LLMAdapter string
LLMAdapter identifies the concrete LLM adapter.
const ( LLMAdapterClaudeCLI LLMAdapter = "claude_cli" LLMAdapterAnthropicAPI LLMAdapter = "anthropic_api" LLMAdapterCodexCLI LLMAdapter = "codex_cli" LLMAdapterOpenAIAPI LLMAdapter = "openai_api" LLMAdapterPiRPC LLMAdapter = "pi_rpc" )
LLM adapters.
func (LLMAdapter) Valid ¶
func (a LLMAdapter) Valid() bool
Valid reports whether a is a known LLM adapter.
type LLMAuth ¶
type LLMAuth string
LLMAuth identifies how the LLM adapter authenticates.
LLM auth modes.
type LLMConfig ¶
type LLMConfig struct {
Provider LLMProvider `yaml:"provider" json:"provider"`
Auth LLMAuth `yaml:"auth" json:"auth"`
Adapter LLMAdapter `yaml:"adapter" json:"adapter"`
Credential CredentialLocation `yaml:"credential,omitempty" json:"credential,omitempty"`
ModelMap ModelMap `yaml:"model_map,omitempty" json:"model_map,omitempty"`
ReviewerModelTier ModelTier `yaml:"reviewer_model_tier,omitempty" json:"reviewer_model_tier,omitempty"`
// CredentialRef is retained as an ignored in-memory compatibility field.
CredentialRef string `yaml:"-" json:"-"`
}
LLMConfig identifies the LLM provider and adapter.
type LLMProvider ¶
type LLMProvider string
LLMProvider identifies the model provider family.
const ( LLMProviderAnthropic LLMProvider = "anthropic" LLMProviderOpenAI LLMProvider = "openai" LLMProviderPi LLMProvider = "pi" )
LLM providers.
func (LLMProvider) Valid ¶
func (p LLMProvider) Valid() bool
Valid reports whether p is a known LLM provider.
type ModelMap ¶ added in v0.3.64
ModelMap maps portable model tiers to provider-specific model identifiers.
func BuiltInModelMap ¶ added in v0.3.64
func BuiltInModelMap(provider LLMProvider, adapter LLMAdapter) ModelMap
BuiltInModelMap returns this CLI's provider+adapter model-tier defaults.
type ModelMapResolution ¶ added in v0.3.64
type ModelMapResolution struct {
Tier ModelTier `json:"tier"`
Model string `json:"model"`
Source ModelMapSource `json:"source"`
}
ModelMapResolution is one effective tier mapping.
func ResolveModelTier ¶ added in v0.3.64
func ResolveModelTier(llm LLMConfig, tier ModelTier) (ModelMapResolution, bool)
ResolveModelTier resolves one portable tier under the active LLM config.
type ModelMapSource ¶ added in v0.3.64
type ModelMapSource string
ModelMapSource identifies where a resolved model map value came from.
const ( ModelMapSourceConfig ModelMapSource = "config" ModelMapSourceBuiltIn ModelMapSource = "built_in" )
Model map sources.
type ModelTier ¶ added in v0.3.64
type ModelTier string
ModelTier is a provider-neutral model slot.
const ( ModelTierSmall ModelTier = "small" ModelTierMedium ModelTier = "medium" ModelTierLarge ModelTier = "large" )
Model tiers.
func ModelTiers ¶ added in v0.3.64
func ModelTiers() []ModelTier
ModelTiers returns model tiers in stable display order.
type Profile ¶
type Profile struct {
RepositoryAccess string `yaml:"repository_access,omitempty" json:"repository_access,omitempty"`
Git GitConfig `yaml:"-" json:"-"`
Reviewer ProfileReviewer `yaml:"reviewer" json:"reviewer"`
LLMRuntime string `yaml:"llm_runtime" json:"llm_runtime"`
AgentSources []string `yaml:"agent_sources,omitempty" json:"agent_sources,omitempty"`
ReviewPolicy ReviewPolicy `yaml:"review_policy,omitempty" json:"review_policy"`
// SecretsProfile is retained as an ignored in-memory compatibility field.
SecretsProfile string `yaml:"-" json:"-"`
// ReviewerCredentials is the resolved effective reviewer credential block
// derived from ReviewerEntities for runtime callers. It is not config schema.
ReviewerCredentials *ReviewerCredentials `yaml:"-" json:"-"`
// LLM is the resolved effective runtime derived from LLMRuntime for runtime
// callers. It is not config schema.
LLM LLMConfig `yaml:"-" json:"-"`
}
Profile is one named review profile.
func ResolveProfile ¶
ResolveProfile returns the requested profile.
func ResolveProfileForRepository ¶ added in v0.3.77
func ResolveProfileForRepository(cfg File, requestedName string, explicitProfile bool, target RepositoryTarget) (string, Profile, error)
ResolveProfileForRepository resolves the active profile for a repository. Explicit profile selection bypasses repository routing.
func (Profile) MarshalYAML ¶ added in v0.9.175
MarshalYAML writes only the durable profile composition fields. Git is resolved from repository_access at load/runtime boundaries.
type ProfileReviewer ¶ added in v0.9.175
type ProfileReviewer struct {
Kind ProfileReviewerKind `yaml:"kind" json:"kind"`
Entity string `yaml:"entity,omitempty" json:"entity,omitempty"`
GitHubAppInstallation *ProfileReviewerGitHubAppInstallation `yaml:"github_app_installation,omitempty" json:"github_app_installation,omitempty"`
}
ProfileReviewer selects the identity used to post review comments.
type ProfileReviewerGitHubAppInstallation ¶ added in v0.9.175
type ProfileReviewerGitHubAppInstallation struct {
Mode ProfileReviewerGitHubAppInstallationMode `yaml:"mode" json:"mode"`
InstallationID string `yaml:"installation_id,omitempty" json:"installation_id,omitempty"`
}
ProfileReviewerGitHubAppInstallation selects the GitHub App installation a profile uses when its reviewer entity is a GitHub App.
type ProfileReviewerGitHubAppInstallationMode ¶ added in v0.9.175
type ProfileReviewerGitHubAppInstallationMode string
ProfileReviewerGitHubAppInstallationMode identifies how a profile resolves a GitHub App installation.
const ( ProfileReviewerGitHubAppInstallationDiscoverFromRepository ProfileReviewerGitHubAppInstallationMode = "discover_from_repository" ProfileReviewerGitHubAppInstallationPinned ProfileReviewerGitHubAppInstallationMode = "pinned" )
GitHub App installation resolution modes.
func (ProfileReviewerGitHubAppInstallationMode) Valid ¶ added in v0.9.175
func (m ProfileReviewerGitHubAppInstallationMode) Valid() bool
Valid reports whether m is a known GitHub App installation resolution mode.
type ProfileReviewerKind ¶ added in v0.9.175
type ProfileReviewerKind string
ProfileReviewerKind identifies how a profile chooses its posting identity.
const ( ProfileReviewerKindGitIdentity ProfileReviewerKind = "git_identity" ProfileReviewerKindEntity ProfileReviewerKind = "entity" )
Profile reviewer kinds.
func (ProfileReviewerKind) Valid ¶ added in v0.9.175
func (k ProfileReviewerKind) Valid() bool
Valid reports whether k is a known profile reviewer selector.
type RepositoryAccessConfig ¶ added in v0.9.175
type RepositoryAccessConfig struct {
DisplayName string `yaml:"display_name,omitempty" json:"display_name,omitempty"`
Git GitConfig `yaml:"git" json:"git"`
}
RepositoryAccessConfig is one reusable Git host/user credential definition.
type RepositoryProfile ¶ added in v0.3.77
type RepositoryProfile struct {
Profile string `yaml:"profile" json:"profile"`
Match RepositoryProfileMatch `yaml:"match" json:"match"`
}
RepositoryProfile routes repositories to profiles when --profile is omitted.
type RepositoryProfileAmbiguityError ¶ added in v0.9.192
type RepositoryProfileAmbiguityError struct {
Target RepositoryTarget
Profiles []string
}
RepositoryProfileAmbiguityError describes an ambiguous repository route match.
func (RepositoryProfileAmbiguityError) Error ¶ added in v0.9.192
func (e RepositoryProfileAmbiguityError) Error() string
Error returns an actionable ambiguity message with --profile choices.
func (RepositoryProfileAmbiguityError) Unwrap ¶ added in v0.9.192
func (e RepositoryProfileAmbiguityError) Unwrap() error
Unwrap supports errors.Is(err, ErrRepositoryProfileAmbiguous).
type RepositoryProfileMatch ¶ added in v0.3.77
type RepositoryProfileMatch struct {
Host string `yaml:"host" json:"host"`
Namespace string `yaml:"namespace" json:"namespace"`
Repos []string `yaml:"repos,omitempty" json:"repos,omitempty"`
}
RepositoryProfileMatch identifies a provider namespace and optional repos.
type RepositoryProfileResolution ¶ added in v0.3.82
type RepositoryProfileResolution struct {
ProfileName string
Profile Profile
Source RepositoryProfileResolutionSource
MatchedRoute *RepositoryProfile
}
RepositoryProfileResolution describes the resolved profile plus the source of that decision.
func ResolveProfileForRepositoryWithSource ¶ added in v0.3.82
func ResolveProfileForRepositoryWithSource(cfg File, requestedName string, explicitProfile bool, target RepositoryTarget) (RepositoryProfileResolution, error)
ResolveProfileForRepositoryWithSource resolves the active profile for a repository and reports why that profile was selected.
type RepositoryProfileResolutionSource ¶ added in v0.3.82
type RepositoryProfileResolutionSource string
RepositoryProfileResolutionSource identifies why a profile was selected for a repository target.
const ( // RepositoryProfileResolutionSourceExplicit means the inherited global // --profile flag explicitly bypassed repository routing. RepositoryProfileResolutionSourceExplicit RepositoryProfileResolutionSource = "explicit_profile" // RepositoryProfileResolutionSourceRoute means a repository_profiles route // selected the profile. RepositoryProfileResolutionSourceRoute RepositoryProfileResolutionSource = "repository_route" )
type RepositoryTarget ¶ added in v0.3.77
RepositoryTarget identifies the pull-request repository used for route lookup.
type ResolveThreadsPolicy ¶
type ResolveThreadsPolicy string
ResolveThreadsPolicy identifies profile-level thread-resolution behavior.
const ( ResolveThreadsAuto ResolveThreadsPolicy = "auto" ResolveThreadsNever ResolveThreadsPolicy = "never" )
Thread-resolution policies.
func (ResolveThreadsPolicy) Valid ¶
func (p ResolveThreadsPolicy) Valid() bool
Valid reports whether p is a known thread-resolution policy.
type RetentionConfig ¶
type RetentionConfig struct {
MaxAgeDays *int `yaml:"max_age_days,omitempty" json:"max_age_days"`
Enforcement RetentionEnforcement `yaml:"enforcement,omitempty" json:"enforcement"`
}
RetentionConfig controls run-data lifecycle behavior.
func DefaultRetentionConfig ¶ added in v0.3.87
func DefaultRetentionConfig() RetentionConfig
DefaultRetentionConfig returns the normalized durable retention defaults.
func (RetentionConfig) MaxAgeDaysValue ¶
func (r RetentionConfig) MaxAgeDaysValue() int
MaxAgeDaysValue returns the configured max age, applying the default when max_age_days was omitted. A configured zero still means keep forever.
type RetentionEnforcement ¶
type RetentionEnforcement string
RetentionEnforcement identifies when retention is applied.
const ( RetentionAtWrite RetentionEnforcement = "at_write" RetentionManualOnly RetentionEnforcement = "manual_only" )
Retention enforcement policies.
func (RetentionEnforcement) Valid ¶
func (e RetentionEnforcement) Valid() bool
Valid reports whether e is a known retention enforcement policy.
type ReviewMajorEvent ¶
type ReviewMajorEvent string
ReviewMajorEvent identifies how major findings affect the review event.
const ( ReviewMajorEventComment ReviewMajorEvent = "comment" ReviewMajorEventRequestChanges ReviewMajorEvent = "request_changes" )
Review major-event policies.
func (ReviewMajorEvent) Valid ¶
func (e ReviewMajorEvent) Valid() bool
Valid reports whether e is a known major-event policy.
type ReviewPolicy ¶
type ReviewPolicy struct {
MajorEvent ReviewMajorEvent `yaml:"major_event,omitempty" json:"major_event"`
AllowSelfApprove bool `yaml:"allow_self_approve,omitempty" json:"allow_self_approve"`
ResolveThreads ResolveThreadsPolicy `yaml:"resolve_threads,omitempty" json:"resolve_threads,omitempty"`
}
ReviewPolicy carries profile-level review policy toggles.
type ReviewerCredentials ¶
type ReviewerCredentials struct {
AuthMode GitAuthMode `yaml:"auth_mode" json:"auth_mode"`
Credential CredentialLocation `yaml:"credential" json:"credential"`
GitHubApp *GitHubAppConfig `yaml:"github_app,omitempty" json:"github_app,omitempty"`
DisplayName string `yaml:"display_name,omitempty" json:"display_name,omitempty"`
IdentityCache string `yaml:"identity_cache,omitempty" json:"identity_cache,omitempty"`
// CredentialRef is retained as an ignored in-memory compatibility field.
CredentialRef string `yaml:"-" json:"-"`
}
ReviewerCredentials optionally identifies separate posting credentials.
type ReviewerEntity ¶ added in v0.9.175
type ReviewerEntity struct {
Host string `yaml:"host" json:"host"`
AuthMode GitAuthMode `yaml:"auth_mode" json:"auth_mode"`
Credential CredentialLocation `yaml:"credential" json:"credential"`
GitHubApp *GitHubAppConfig `yaml:"github_app,omitempty" json:"github_app,omitempty"`
DisplayName string `yaml:"display_name,omitempty" json:"display_name,omitempty"`
IdentityCache string `yaml:"identity_cache,omitempty" json:"identity_cache,omitempty"`
// CredentialRef is retained as an ignored in-memory compatibility field.
CredentialRef string `yaml:"-" json:"-"`
}
ReviewerEntity is one reusable configured posting identity.
type SecretsBackendKind ¶ added in v0.3.146
type SecretsBackendKind string
SecretsBackendKind is the durable non-secret backend selector for a named credential store.
type SecretsConfig ¶ added in v0.3.146
type SecretsConfig struct {
Stores map[string]SecretsStore `yaml:"stores,omitempty" json:"stores,omitempty"`
// Deprecated compatibility alias. It is intentionally not part of the
// YAML/JSON schema.
Profiles map[string]SecretsProfile `yaml:"-" json:"-"`
}
SecretsConfig carries named credential store configuration.
type SecretsProfile ¶ added in v0.3.146
type SecretsProfile = SecretsStore
SecretsProfile is the old in-memory name for SecretsStore.
type SecretsProfileBackend ¶ added in v0.3.146
type SecretsProfileBackend = SecretsStoreBackend
SecretsProfileBackend is the old in-memory name for SecretsStoreBackend.
type SecretsProfileOnePasswordConfig ¶ added in v0.3.149
type SecretsProfileOnePasswordConfig = SecretsStoreOnePasswordConfig
SecretsProfileOnePasswordConfig is the old in-memory name for SecretsStoreOnePasswordConfig.
type SecretsStore ¶ added in v0.6.174
type SecretsStore struct {
DisplayName string `yaml:"display_name,omitempty" json:"display_name,omitempty"`
Backend SecretsStoreBackend `yaml:"backend" json:"backend"`
// Label is an ignored compatibility alias for DisplayName.
Label string `yaml:"-" json:"-"`
}
SecretsStore is one named configured credential store.
type SecretsStoreBackend ¶ added in v0.6.174
type SecretsStoreBackend struct {
Kind SecretsBackendKind `yaml:"kind" json:"kind"`
OnePassword *SecretsStoreOnePasswordConfig `yaml:"onepassword,omitempty" json:"onepassword,omitempty"`
}
SecretsStoreBackend carries one typed backend choice.
type SecretsStoreOnePasswordConfig ¶ added in v0.6.174
type SecretsStoreOnePasswordConfig struct {
Timeout string `yaml:"timeout,omitempty" json:"timeout,omitempty"`
AccountID string `yaml:"account_id,omitempty" json:"account_id,omitempty"`
AccountURL string `yaml:"account_url,omitempty" json:"account_url,omitempty"`
VaultID string `yaml:"vault_id,omitempty" json:"vault_id,omitempty"`
VaultName string `yaml:"vault_name,omitempty" json:"vault_name,omitempty"`
ConnectHost string `yaml:"connect_host,omitempty" json:"connect_host,omitempty"`
ConnectTokenEnv string `yaml:"connect_token_env,omitempty" json:"connect_token_env,omitempty"`
ServiceTokenEnv string `yaml:"service_token_env,omitempty" json:"service_token_env,omitempty"`
// Ignored compatibility aliases while callers are rewritten.
DesktopAccountID string `yaml:"-" json:"-"`
}
SecretsStoreOnePasswordConfig carries non-secret 1Password backend settings.