MasterKey is a Vault Transit backend path used to Encrypt and Decrypt SOPS' data key.
| 120 | // MasterKey is a Vault Transit backend path used to Encrypt and Decrypt |
| 121 | // SOPS' data key. |
| 122 | type MasterKey struct { |
| 123 | // VaultAddress is the address of the Vault server. |
| 124 | VaultAddress string |
| 125 | // EnginePath is the path to the Vault Transit Secret engine relative |
| 126 | // to the VaultAddress. |
| 127 | EnginePath string |
| 128 | // KeyName is the name of the key in the Vault Transit engine. |
| 129 | KeyName string |
| 130 | // EncryptedKey contains the SOPS data key encrypted with the Vault Transit |
| 131 | // key. |
| 132 | EncryptedKey string |
| 133 | // CreationDate of the MasterKey, used to determine if the EncryptedKey |
| 134 | // needs rotation. |
| 135 | CreationDate time.Time |
| 136 | |
| 137 | // token is the token used for authenticating against the VaultAddress |
| 138 | // server. It can be injected by a (local) keyservice.KeyServiceServer |
| 139 | // Token.ApplyToMasterKey. If empty, the default client configuration |
| 140 | // is used, before falling back to the token stored in defaultTokenFile. |
| 141 | token string |
| 142 | // httpClient is used to override the default HTTP client used by the Vault client. |
| 143 | httpClient *http.Client |
| 144 | } |
| 145 | |
| 146 | // NewMasterKeysFromURIs creates a list of MasterKeys from a list of Vault |
| 147 | // URIs. |
nothing calls this directly
no outgoing calls
no test coverage detected