本文整理汇总了Golang中github.com/hashicorp/vault/api.DefaultConfig函数的典型用法代码示例。如果您正苦于以下问题:Golang DefaultConfig函数的具体用法?Golang DefaultConfig怎么用?Golang DefaultConfig使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了DefaultConfig函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: getConfig
func getConfig(address, cert, key, caCert string) (*vaultapi.Config, error) {
conf := vaultapi.DefaultConfig()
conf.Address = address
tlsConfig := &tls.Config{}
if cert != "" && key != "" {
clientCert, err := tls.LoadX509KeyPair(cert, key)
if err != nil {
return nil, err
}
tlsConfig.Certificates = []tls.Certificate{clientCert}
tlsConfig.BuildNameToCertificate()
}
if caCert != "" {
ca, err := ioutil.ReadFile(caCert)
if err != nil {
return nil, err
}
caCertPool := x509.NewCertPool()
caCertPool.AppendCertsFromPEM(ca)
tlsConfig.RootCAs = caCertPool
}
conf.HttpClient.Transport = &http.Transport{
TLSClientConfig: tlsConfig,
}
return conf, nil
}
开发者ID:kelseyhightower,项目名称:confd,代码行数:30,代码来源:client.go
示例2: mountServer
func (d *driver) mountServer(mountpoint string) (*fuse.Server, error) {
if err := os.MkdirAll(filepath.Dir(mountpoint), 0755); err != nil {
return nil, err
}
conf := api.DefaultConfig()
client, err := api.NewClient(conf)
if err != nil {
return nil, err
}
ownership := keywhizfs.NewOwnership("root", "root")
kwfs, root := NewFs(client, ownership)
mountOptions := &fuse.MountOptions{
AllowOther: true,
Name: kwfs.String(),
Options: []string{"default_permissions"},
}
// Empty Options struct avoids setting a global uid/gid override.
conn := nodefs.NewFileSystemConnector(root, &nodefs.Options{})
server, err := fuse.NewServer(conn.RawFS(), mountpoint, mountOptions)
if err != nil {
log.Printf("Mount fail: %v\n", err)
return nil, err
}
go server.Serve()
return server, nil
}
开发者ID:pshouse,项目名称:global-hack-day-3,代码行数:32,代码来源:driver.go
示例3: remove
func remove(keyname string) error {
TOKEN = vLogin("", "", "ldap")
if TOKEN == "" {
return fmt.Errorf("%s", "User Login failed")
}
// Get element list
EPATH := fmt.Sprint("secret/usr/", ADNAME)
ELIST := getVaultValue(EPATH, TOKEN)
//Split the list into an array
EARRAY := strings.Split(ELIST.Data[LISTNAME].(string), ",")
TNUM := -1
// Search the array for the keyname value
for lup, v := range EARRAY {
if v == keyname {
TNUM = lup
break
}
}
// If value isn't found, report it
if TNUM == -1 {
fmt.Println("Key name was not found in the list")
return &errorString{"KeyError"}
}
// Delete the keyname
config := tls.Config{InsecureSkipVerify: true}
cnfg := vault.DefaultConfig()
cnfg.Address = VAULTSERVER
cnfg.HttpClient.Transport = &http.Transport{
TLSClientConfig: &config,
}
client, err := vault.NewClient(cnfg)
if err != nil {
return err
}
client.SetToken(TOKEN)
SPATH := fmt.Sprint("secret/usr/", ADNAME, "/", keyname)
_, err = client.Logical().Delete(SPATH)
if err != nil {
return err
}
//Remove the key from the key list
var s map[string]interface{}
if TNUM == -1 || TNUM == 0 {
s = map[string]interface{}{LISTNAME: ""}
} else if TNUM > 0 {
elst1 := strings.Join(EARRAY[:TNUM], ",")
elst2 := strings.Join(EARRAY[TNUM+1:], ",")
elst := strings.Join([]string{elst1, elst2}, ",")
s = map[string]interface{}{LISTNAME: elst}
}
// And write it to the Vault
err = putVaultValue(EPATH, TOKEN, s)
return err
}
开发者ID:lcbowen3,项目名称:go,代码行数:59,代码来源:vsecure.go
示例4: TestHTTP_Fallback_Disabled
func TestHTTP_Fallback_Disabled(t *testing.T) {
handler1 := http.NewServeMux()
handler2 := http.NewServeMux()
handler3 := http.NewServeMux()
coreConfig := &vault.CoreConfig{
LogicalBackends: map[string]logical.Factory{
"transit": transit.Factory,
},
ClusterAddr: "empty",
}
// Chicken-and-egg: Handler needs a core. So we create handlers first, then
// add routes chained to a Handler-created handler.
cores := vault.TestCluster(t, []http.Handler{handler1, handler2, handler3}, coreConfig, true)
for _, core := range cores {
defer core.CloseListeners()
}
handler1.Handle("/", Handler(cores[0].Core))
handler2.Handle("/", Handler(cores[1].Core))
handler3.Handle("/", Handler(cores[2].Core))
// make it easy to get access to the active
core := cores[0].Core
vault.TestWaitActive(t, core)
root := cores[0].Root
addrs := []string{
fmt.Sprintf("https://127.0.0.1:%d", cores[1].Listeners[0].Address.Port),
fmt.Sprintf("https://127.0.0.1:%d", cores[2].Listeners[0].Address.Port),
}
for _, addr := range addrs {
config := api.DefaultConfig()
config.Address = addr
config.HttpClient = cleanhttp.DefaultClient()
config.HttpClient.Transport.(*http.Transport).TLSClientConfig = cores[0].TLSConfig
client, err := api.NewClient(config)
if err != nil {
t.Fatal(err)
}
client.SetToken(root)
secret, err := client.Auth().Token().LookupSelf()
if err != nil {
t.Fatal(err)
}
if secret == nil {
t.Fatal("secret is nil")
}
if secret.Data["id"].(string) != root {
t.Fatal("token mismatch")
}
}
}
开发者ID:mhurne,项目名称:vault,代码行数:56,代码来源:forwarding_test.go
示例5: newVaultClient
// newVaultClient creates a new client for connecting to vault.
func newVaultClient(config *Config) (*vaultapi.Client, error) {
log.Printf("[INFO] (runner) creating vault/api client")
vaultConfig := vaultapi.DefaultConfig()
if config.Vault.Address != "" {
log.Printf("[DEBUG] (runner) setting vault address to %s", config.Vault.Address)
vaultConfig.Address = config.Vault.Address
}
if config.Vault.SSL.Enabled {
log.Printf("[DEBUG] (runner) enabling vault SSL")
tlsConfig := &tls.Config{}
if config.Vault.SSL.Cert != "" {
cert, err := tls.LoadX509KeyPair(config.Vault.SSL.Cert, config.Vault.SSL.Cert)
if err != nil {
return nil, err
}
tlsConfig.Certificates = []tls.Certificate{cert}
}
if config.Vault.SSL.CaCert != "" {
cacert, err := ioutil.ReadFile(config.Vault.SSL.CaCert)
if err != nil {
return nil, err
}
caCertPool := x509.NewCertPool()
caCertPool.AppendCertsFromPEM(cacert)
tlsConfig.RootCAs = caCertPool
}
tlsConfig.BuildNameToCertificate()
if !config.Vault.SSL.Verify {
log.Printf("[WARN] (runner) disabling vault SSL verification")
tlsConfig.InsecureSkipVerify = true
}
vaultConfig.HttpClient.Transport = &http.Transport{
TLSClientConfig: tlsConfig,
}
}
client, err := vaultapi.NewClient(vaultConfig)
if err != nil {
return nil, err
}
if config.Vault.Token != "" {
log.Printf("[DEBUG] (runner) setting vault token")
client.SetToken(config.Vault.Token)
}
return client, nil
}
开发者ID:timopek,项目名称:consul-template,代码行数:57,代码来源:runner.go
示例6: testClient
func testClient(t *testing.T, addr string, token string) *api.Client {
config := api.DefaultConfig()
config.Address = addr
client, err := api.NewClient(config)
if err != nil {
t.Fatalf("err: %s", err)
}
client.SetToken(token)
return client
}
开发者ID:vincentaubert,项目名称:vault,代码行数:11,代码来源:command_test.go
示例7: vaultAuthenticate
func (vb *vaultBackend) vaultAuthenticate(vaultURI string, token string) error {
vb.config = api.DefaultConfig()
vb.config.Address = vaultURI
client, err := api.NewClient(vb.config) //can probably be global
if err != nil {
glog.Errorf("Error authenticating %s\n", err.Error())
return err
}
client.SetToken(token) //TODO put here the howler token to be read from file
vb.client = client
return nil
}
开发者ID:zalando-incubator,项目名称:howler,代码行数:12,代码来源:vault.go
示例8: initVault
func initVault() {
// set up vault client
var client *vault.Client
if viper.GetString("vault-cubbyhole-token") != "" || viper.GetString("vault-token") != "" {
config := vault.DefaultConfig()
err := config.ReadEnvironment()
if err != nil {
log.WithError(err).Fatal("Error reading environment for Vault configuration")
}
client, err = vault.NewClient(config)
if err != nil {
log.WithError(err).Fatal("Error initializing Vault client")
}
}
// unwrap real token
if wrapped := viper.GetString("vault-cubbyhole-token"); wrapped != "" {
token, err := client.Logical().Unwrap(wrapped)
if err != nil {
log.WithError(err).Fatal("Error unwrapping token")
} else if token.WrapInfo != nil {
log.Fatal("Secret appears to be doubly wrapped")
} else if token.Auth == nil {
log.Fatal("Secret contained no auth data")
}
viper.Set("vault-token", token.Auth.ClientToken)
}
// read secrets from vault
if token := viper.GetString("vault-token"); token != "" {
client.SetToken(token)
secret, err := client.Logical().Read("secret/mantl-api")
if err != nil {
log.WithError(err).Fatal("Error reading secret/mantl-api")
}
for _, secretName := range []string{
"mesos-principal", "mesos-secret",
"marathon-user", "marathon-password",
} {
secretValue, ok := secret.Data[secretName].(string)
if ok {
viper.Set(secretName, secretValue)
} else {
log.Warnf("secret/mantl-api didn't contain %s", secretName)
}
}
}
}
开发者ID:CiscoCloud,项目名称:mantl-api,代码行数:51,代码来源:main.go
示例9: newConfig
func (s *VaultService) newConfig() (*api.Config, error) {
// Create a vault client
config := api.DefaultConfig()
if err := config.ReadEnvironment(); err != nil {
return nil, maskAny(err)
}
if s.address != "" {
config.Address = s.address
}
if s.certPool != nil {
clientTLSConfig := config.HttpClient.Transport.(*http.Transport).TLSClientConfig
clientTLSConfig.RootCAs = s.certPool
clientTLSConfig.ServerName = s.serverName
}
return config, nil
}
开发者ID:pulcy,项目名称:vault-monkey,代码行数:16,代码来源:service.go
示例10: ApiConfig
// ApiConfig() returns a usable Vault config that can be passed directly to
// hashicorp/vault/api.
func (c *VaultConfig) ApiConfig() (*vault.Config, error) {
conf := vault.DefaultConfig()
tlsConf := &vault.TLSConfig{
CACert: c.TLSCaFile,
CAPath: c.TLSCaPath,
ClientCert: c.TLSCertFile,
ClientKey: c.TLSKeyFile,
TLSServerName: c.TLSServerName,
Insecure: c.TLSSkipVerify,
}
if err := conf.ConfigureTLS(tlsConf); err != nil {
return nil, err
}
conf.Address = c.Addr
return conf, nil
}
开发者ID:achanda,项目名称:nomad,代码行数:19,代码来源:vault.go
示例11: client
func (s *VaultSource) client() (*api.Client, error) {
conf := api.DefaultConfig()
if err := conf.ReadEnvironment(); err != nil {
return nil, err
}
if s.Addr != "" {
conf.Address = s.Addr
}
c, err := api.NewClient(conf)
if err != nil {
return nil, err
}
if err := s.setToken(c); err != nil {
return nil, err
}
return c, nil
}
开发者ID:hilerchyn,项目名称:fabio,代码行数:17,代码来源:vault_source.go
示例12: NewVaultClient
func NewVaultClient(vaultEndpoint string, token string) (interfaces.VaultClient, error) {
cfg := api.DefaultConfig()
cfg.ReadEnvironment()
cfg.Address = vaultEndpoint
vault, err := api.NewClient(cfg)
if err != nil {
return nil, err
}
vault.SetToken(token)
return &VaultClient{
vaultClient: vault,
config: cfg,
}, nil
}
开发者ID:bluestatedigital,项目名称:centralbooking,代码行数:17,代码来源:vault_client.go
示例13: main
func main() {
config := api.DefaultConfig()
client, err := api.NewClient(config)
if err != nil {
log.Fatal("err: %s", err)
}
if token := client.Token(); token != "" {
log.Printf("using token client %s", token)
} else {
log.Fatal("no VAULT_TOKEN supplied!")
}
path := `secret/hello`
_, err = client.Logical().Write(path, map[string]interface{}{"audience": "world"})
if err != nil {
log.Fatal("error writing %s: %s", path, err)
} else {
log.Printf("wrote %s successfully", path)
}
secret, err := client.Logical().Read(path)
if err != nil {
log.Fatal("error reading %s: %s", path, err)
} else {
data, err := json.Marshal(secret.Data)
if err != nil {
log.Fatal("error decoding %s: %s", path, err)
} else {
log.Printf("read %s as: %s", path, data)
}
}
_, err = client.Logical().Delete(path)
if err != nil {
log.Fatal("error deleting %s: %s", path, err)
} else {
secret, _ := client.Logical().Read(path)
if secret != nil {
log.Fatal("error deleting %s: still readable after delete", path)
} else {
log.Printf("deleted %s successfully", path)
}
}
}
开发者ID:sheldonh,项目名称:vault-api-example,代码行数:45,代码来源:main.go
示例14: NewVaultClient
// NewVaultClient creates a new vault client
func NewVaultClient(vaultURL, caFile string, skipTLSVerify bool) (VaultService, error) {
var err error
config := api.DefaultConfig()
config.Address = vaultURL
config.HttpClient.Transport, err = buildTransport(skipTLSVerify, caFile)
if err != nil {
return nil, err
}
client, err := api.NewClient(config)
if err != nil {
return nil, err
}
return &vault{
client: client,
}, nil
}
开发者ID:postfix,项目名称:openvpn-authd,代码行数:20,代码来源:vault.go
示例15: putVaultValue
func putVaultValue(keypath, tokenstr string, s map[string]interface{}) error {
config := tls.Config{InsecureSkipVerify: true}
cnfg := vault.DefaultConfig()
cnfg.Address = VAULTSERVER
cnfg.HttpClient.Transport = &http.Transport{
TLSClientConfig: &config,
}
client, err := vault.NewClient(cnfg)
if err != nil {
panic(err.Error())
}
client.SetToken(tokenstr)
SPATH := keypath
_, err = client.Logical().Write(SPATH, s)
return err
}
开发者ID:lcbowen3,项目名称:go,代码行数:19,代码来源:vsecure.go
示例16: NewVault
func NewVault(srvCfg VaultConfig, log *logging.Logger) (*Vault, error) {
// Create a vault client
config := api.DefaultConfig()
if err := config.ReadEnvironment(); err != nil {
return nil, maskAny(err)
}
var serverName string
if srvCfg.VaultAddr != "" {
log.Debugf("Setting vault address to %s", srvCfg.VaultAddr)
config.Address = srvCfg.VaultAddr
url, err := url.Parse(config.Address)
if err != nil {
return nil, maskAny(err)
}
host, _, err := net.SplitHostPort(url.Host)
if err != nil {
return nil, maskAny(err)
}
serverName = host
}
if srvCfg.VaultCACert != "" || srvCfg.VaultCAPath != "" {
clientTLSConfig := config.HttpClient.Transport.(*http.Transport).TLSClientConfig
if err := rootcerts.ConfigureTLS(clientTLSConfig, &rootcerts.Config{
CAFile: srvCfg.VaultCACert,
CAPath: srvCfg.VaultCAPath,
}); err != nil {
return nil, maskAny(err)
}
clientTLSConfig.ServerName = serverName
}
client, err := api.NewClient(config)
if err != nil {
return nil, maskAny(err)
}
return &Vault{
log: log,
vaultClient: client,
}, nil
}
开发者ID:pulcy,项目名称:j2,代码行数:41,代码来源:vault.go
示例17: Get
func (vaultSource *VaultSource) Get() (map[string]interface{}, error) {
config := api.DefaultConfig()
config.Address = vaultSource.Address
client, err := api.NewClient(config)
if err != nil {
return nil, err
}
client.SetToken(vaultSource.Token)
secret, err := client.Logical().Read(vaultSource.Path)
if err != nil {
return nil, err
}
return secret.Data, nil
}
开发者ID:zeroturnaround,项目名称:configo,代码行数:21,代码来源:vault.go
示例18: getVaultValue
func getVaultValue(keypath, tokenstr string) *vault.Secret {
config := tls.Config{InsecureSkipVerify: true}
cnfg := vault.DefaultConfig()
cnfg.Address = VAULTSERVER
cnfg.HttpClient.Transport = &http.Transport{
TLSClientConfig: &config,
}
client, err := vault.NewClient(cnfg)
if err != nil {
panic(err.Error())
}
client.SetToken(tokenstr)
SPATH := keypath
response, err := client.Logical().Read(SPATH)
if err != nil {
fmt.Println("Error Reading Path")
}
return response
}
开发者ID:lcbowen3,项目名称:go,代码行数:21,代码来源:vsecure.go
示例19: testVaultServer
// testVaultServer is a helper for creating a Vault server and returning the
// appropriate client to connect to it.
func testVaultServer(t *testing.T) (*ClientSet, *vaultServer) {
core, _, token := vault.TestCoreUnsealed(t)
ln, addr := http.TestServer(t, core)
config := vaultapi.DefaultConfig()
config.Address = addr
client, err := vaultapi.NewClient(config)
if err != nil {
defer ln.Close()
t.Fatal(err)
}
client.SetToken(token)
clients := NewClientSet()
if err := clients.Add(client); err != nil {
defer ln.Close()
t.Fatal(err)
}
return clients, &vaultServer{Token: token, core: core, ln: ln}
}
开发者ID:teemupo,项目名称:consul-template,代码行数:24,代码来源:dependency_test.go
示例20: newVaultClient
// newVaultClient creates and authenticates a vault client
func newVaultClient(opts *config) (*api.Client, error) {
var err error
var token string
config := api.DefaultConfig()
config.Address = opts.vaultURL
config.HttpClient.Transport, err = buildHTTPTransport(opts)
if err != nil {
return nil, err
}
// step: create the actual client
client, err := api.NewClient(config)
if err != nil {
return nil, err
}
plugin, _ := opts.vaultAuthOptions[VaultAuth]
switch plugin {
case "userpass":
token, err = NewUserPassPlugin(client).Create(opts.vaultAuthOptions)
case "approle":
token, err = NewAppRolePlugin(client).Create(opts.vaultAuthOptions)
case "token":
opts.vaultAuthOptions["filename"] = options.vaultAuthFile
token, err = NewUserTokenPlugin(client).Create(opts.vaultAuthOptions)
default:
return nil, fmt.Errorf("unsupported authentication plugin: %s", plugin)
}
if err != nil {
return nil, err
}
// step: set the token for the client
client.SetToken(token)
return client, nil
}
开发者ID:UKHomeOffice,项目名称:vault-sidekick,代码行数:40,代码来源:vault.go
注:本文中的github.com/hashicorp/vault/api.DefaultConfig函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论