integrations

package

v5.2.1 Latest Latest Go to latest Published: Jan 21, 2026 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

codeberg.org/crowci/crow.git

Links

Open Source Insights

Documentation ¶

Overview ¶

Package integrations provides interfaces and implementations for external secret store integrations such as HashiCorp Vault, AWS Secrets Manager, etc.

Index ¶

Variables
func SetGlobalFactory(factory ProviderFactory)
type DefaultFactory
- func NewDefaultFactory(vaultFactory func(*model.Integration) (Provider, error)) *DefaultFactory
- func (f *DefaultFactory) Create(integration *model.Integration) (Provider, error)
- func (f *DefaultFactory) SupportedTypes() []model.IntegrationType
type Provider
type ProviderFactory
- func GetFactory() ProviderFactory
type SecretRequest
- func NewSecretRequest(ref *model.ExternalSecretRef) SecretRequest

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrProviderNotSupported   = errors.New("integration provider type not supported")
	ErrProviderNotConfigured  = errors.New("integration provider not properly configured")
	ErrProviderConnectionFail = errors.New("failed to connect to secret store")
	ErrSecretNotFound         = errors.New("secret not found")
	ErrSecretKeyNotFound      = errors.New("secret key not found")
	ErrAuthenticationFailed   = errors.New("authentication failed")
)

Common provider errors.

Functions ¶

func SetGlobalFactory ¶

func SetGlobalFactory(factory ProviderFactory)

SetGlobalFactory sets the global provider factory. This should be called during server initialization.

Types ¶

type DefaultFactory ¶

type DefaultFactory struct {
	// contains filtered or unexported fields
}

DefaultFactory is the standard provider factory implementation.

func NewDefaultFactory ¶

func NewDefaultFactory(vaultFactory func(*model.Integration) (Provider, error)) *DefaultFactory

NewDefaultFactory creates a new DefaultFactory. The vault factory function should be provided by the vault package.

func (*DefaultFactory) Create ¶

func (f *DefaultFactory) Create(integration *model.Integration) (Provider, error)

Create creates a new provider instance for the given integration.

func (*DefaultFactory) SupportedTypes ¶

func (f *DefaultFactory) SupportedTypes() []model.IntegrationType

SupportedTypes returns the list of integration types this factory supports.

type Provider ¶

type Provider interface {
	// Type returns the integration type this provider handles.
	Type() model.IntegrationType

	// GetSecret retrieves a single secret value.
	// path: The path to the secret in the store (e.g., "database/prod/mysql")
	// key: The specific key within the secret (e.g., "password")
	// version: The secret version (0 = latest)
	GetSecret(ctx context.Context, path, key string, version int) (string, error)

	// GetSecretsBatch retrieves multiple secrets efficiently.
	// Implementations should optimize for batch operations when possible.
	GetSecretsBatch(ctx context.Context, requests []SecretRequest) (map[string]string, error)

	// TestConnection validates that the provider can connect and authenticate.
	// This is used when creating/updating integrations to verify credentials.
	TestConnection(ctx context.Context) error

	// Close releases any resources held by the provider.
	// This should revoke any temporary tokens and close connections.
	Close() error
}

Provider defines the interface for external secret store providers. Each secret store type (Vault, AWS, Azure, etc.) implements this interface.

type ProviderFactory ¶

type ProviderFactory interface {
	// Create creates a new provider instance for the given integration.
	// The integration's Config field is parsed and used to configure the provider.
	Create(integration *model.Integration) (Provider, error)

	// SupportedTypes returns the list of integration types this factory supports.
	SupportedTypes() []model.IntegrationType
}

ProviderFactory creates provider instances from integration configurations.

func GetFactory ¶

func GetFactory() ProviderFactory

GetFactory returns the global provider factory. Returns nil if SetGlobalFactory has not been called.

type SecretRequest ¶

type SecretRequest struct {
	// ID is a unique identifier for this request (used as map key in response)
	ID string

	// Path is the secret path in the store
	Path string

	// Key is the specific key within the secret
	Key string

	// Version is the secret version (0 = latest)
	Version int
}

SecretRequest represents a single secret fetch request.

func NewSecretRequest ¶

func NewSecretRequest(ref *model.ExternalSecretRef) SecretRequest

NewSecretRequest creates a new SecretRequest from an ExternalSecretRef.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cache Package cache provides a per-pipeline caching decorator for secret providers.	Package cache provides a per-pipeline caching decorator for secret providers.
mocks
vault Package vault provides a HashiCorp Vault/OpenBao secret store provider.	Package vault provides a HashiCorp Vault/OpenBao secret store provider.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL