github.com/jenkins-x/jx/v2@v2.1.155/pkg/vault/rule.go

github.com/jenkins-x/jx/v2@v2.1.155/pkg/vault/rule.go (about)

     1  package vault
     2  
     3  import (
     4  	"strings"
     5  
     6  	"github.com/pkg/errors"
     7  	"github.com/rodaine/hclencoder"
     8  )
     9  
    10  const (
    11  	DenyCapability   = "deny"
    12  	CreateCapability = "create"
    13  	ReadCapability   = "read"
    14  	UpdateCapability = "update"
    15  	DeleteCapability = "delete"
    16  	ListCapability   = "list"
    17  	SudoCapability   = "sudo"
    18  	RootCapability   = "root"
    19  
    20  	PathRulesName            = "allow_secrets"
    21  	DefaultSecretsPathPrefix = "secret/*"
    22  	PoliciesName             = "policies"
    23  	DefaultSecretsPath       = "secret"
    24  )
    25  
    26  var (
    27  	DefaultSecretsCapabiltities = []string{CreateCapability, ReadCapability, UpdateCapability, DeleteCapability, ListCapability}
    28  )
    29  
    30  // PathRule defines a path rule
    31  type PathRule struct {
    32  	Path []PathPolicy `hcl:"path" hcle:"omitempty"`
    33  }
    34  
    35  // PathPolicy defiens a vault path policy
    36  type PathPolicy struct {
    37  	Prefix       string   `hcl:",key"`
    38  	Capabilities []string `hcl:"capabilities" hcle:"omitempty"`
    39  }
    40  
    41  // String  encodes a Vault path rule to a string
    42  func (r *PathRule) String() (string, error) {
    43  	output, err := hclencoder.Encode(r)
    44  	if err != nil {
    45  		return "", errors.Wrap(err, "encodeing the path policy")
    46  	}
    47  	return strings.Replace(string(output), "\n", "", -1), nil
    48  }