secrets

package
v0.30.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 20, 2026 License: Apache-2.0 Imports: 4 Imported by: 0

README

secrets package

A pluggable system for resolving secrets from multiple providers (GCP, AWS, etc.) into your Viper configuration.

Features

  • Register one or more secret providers (GCP, AWS, Vault, ...)
  • Automatically resolve and inject secrets into your Viper config
  • Easy to extend with new providers

Use the CLI config loader to automatically register providers and resolve secrets:

import (
    "github.com/zondax/golem/pkg/cli"
    "github.com/zondax/golem/pkg/secrets/providers"
)

type MyConfig struct {
    // ... your config fields ...
}

func (c *MyConfig) SetDefaults() { /* ... */ }
func (c *MyConfig) Validate() error { return nil }

func main() {
    cfg, err := cli.LoadConfig[MyConfig](
        cli.WithSecretProviders(providers.GcpProvider{}),
    )
    if err != nil {
        // handle error
    }
    // Use cfg as usual
}

Manual Usage (Advanced)

If you are not using the CLI config loader, you can register providers and resolve secrets manually:

import (
    "github.com/zondax/golem/pkg/secrets"
    "github.com/zondax/golem/pkg/secrets/providers"
)

func main() {
    // Register the GCP provider (or others)
    secrets.RegisterProvider(providers.GcpProvider{})

    // Load your Viper config as usual
    // ...

    // Resolve secrets (replaces secret keys with their real values)
    secrets.ResolveSecrets(ctx)

    // Use your config as usual
    // ...
}

Adding a new provider

  1. Implement the SecretProvider interface: 
    type SecretProvider interface {
    IsSecretKey(ctx context.Context, key string) bool
    GetSecret(ctx context.Context, secretPath string) (string, error)
}
  2. Register your provider with cli.WithSecretProviders(...) (recommended) or secrets.RegisterProvider(...) before calling ResolveSecrets(ctx).

GCP Provider

See providers/gcp.go for the GCP Secret Manager implementation.

Documentation

Overview

Package secrets provides a pluggable system for resolving secrets from multiple providers (GCP, AWS, etc.) into your Viper configuration. Register one or more providers, then call ResolveSecrets after loading your config.

Example usage: 

import (
    "github.com/zondax/golem/pkg/secrets"
    "github.com/zondax/golem/pkg/secrets/providers"
)

func main() {
    secrets.RegisterProvider(providers.GcpProvider{})
    // ... load your Viper config ...
    secrets.ResolveSecrets(context.Background())
    // ... use your config as usual ...
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RegisterProvider 

func RegisterProvider(p SecretProvider)

func ResetProviders 

func ResetProviders()

func ResolveSecrets 

func ResolveSecrets(ctx context.Context) error

ResolveSecrets scans all Viper keys, and for each key that matches a provider, it fetches the secret and replaces the value in Viper.

Types

type SecretProvider 

type SecretProvider interface {
	IsSecretKey(ctx context.Context, key string) bool
	GetSecret(ctx context.Context, secretPath string) (string, error)
}

SecretProvider defines the interface for secret providers (GCP, AWS, etc.)

Source Files

View all Source files

Directories

Path Synopsis
Package providers contains implementations of the SecretProvider interface for different secret backends.
 Package providers contains implementations of the SecretProvider interface for different secret backends.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.