Documentation
¶
Overview ¶
Package secret provides functionality for generating and storing secrets both in a remote swarm and locally within supported storage such as pass stores.
Index ¶
- func GeneratePassphrase() (string, error)
- func GeneratePassword(length uint, charset string) (string, error)
- func GenerateSecrets(cl *dockerClient.Client, secrets map[string]Secret, server string) (map[string]string, error)
- func PassInsertSecret(secretValue, secretName, appName, server string) error
- func PassRmSecret(secretName, appName, server string) error
- func PollSecretsStatus(cl *dockerClient.Client, app appPkg.App) (secretStatuses, error)
- func ReadSecretsConfig(appEnvPath string, composeFiles []string, stackName string) (map[string]Secret, error)
- type Secret
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GeneratePassphrase ¶
GeneratePassphrase generates human readable and rememberable passphrases.
func GeneratePassword ¶
GeneratePassword generates passwords.
func GenerateSecrets ¶
func GenerateSecrets(cl *dockerClient.Client, secrets map[string]Secret, server string) (map[string]string, error)
GenerateSecrets generates secrets locally and sends them to a remote server for storage.
func PassInsertSecret ¶
PassInsertSecret inserts a secret into a pass store.
func PassRmSecret ¶
PassRmSecret deletes a secret from a pass store.
func PollSecretsStatus ¶
func PollSecretsStatus(cl *dockerClient.Client, app appPkg.App) (secretStatuses, error)
PollSecretsStatus checks status of secrets by comparing the local recipe config and deployed server state.
func ReadSecretsConfig ¶
func ReadSecretsConfig(appEnvPath string, composeFiles []string, stackName string) (map[string]Secret, error)
ReadSecretsConfig reads secret names/versions from the recipe config. The function generalises appEnv/composeFiles because some times you have an app and some times you don't (as the caller). We need to be able to handle the "app new" case where we pass in the .env.sample and the "secret generate" case where the app is created.
Types ¶
type Secret ¶
type Secret struct {
// Version comes from the secret version environment variable.
// For example:
// SECRET_FOO=v1
Version string
// Length comes from the length modifier at the secret version environment
// variable. For Example:
// SECRET_FOO=v1 # length=12
Length int
// Charset comes from the charset modifier at the secret version environment
// variable. For Example:
// SECRET_FOO=v1 # charset=default,special
Charset string
// Encoding comes from the encoding modifier at the secret version environment
// variable. For Example:
// SECRET_FOO=v1 # encoding=base64
Encoding string
// Prefix comes from the prefix modifier at the secret version environment
// variable. For Example:
// SECRET_FOO=v1 # prefix=base64:
Prefix string
// Whether or not to skip generation of the secret or not
// For example: SECRET_FOO=v1 # generate=false
SkipGenerate bool
// RemoteName is the name of the secret on the server. For example:
// name: ${STACK_NAME}_test_pass_two_${SECRET_TEST_PASS_TWO_VERSION}
// With the following:
// STACK_NAME=test_example_com
// SECRET_TEST_PASS_TWO_VERSION=v2
// Will have this remote name:
// test_example_com_test_pass_two_v2
RemoteName string
// LocalName iis the name of the secret in the recipe config. This is also
// the name that you pass to `abra app secret insert` and is shown on `abra
// app secret list`
LocalName string
}
Secret represents a secret.
Source Files