github.com/juju/juju@v0.0.0-20240430160146-1752b71fcf00/core/secrets/secretbackend.go (about) 1 // Copyright 2022 Canonical Ltd. 2 // Licensed under the LGPLv3, see LICENCE file for details. 3 4 package secrets 5 6 import ( 7 "fmt" 8 "time" 9 10 "github.com/juju/errors" 11 "github.com/juju/utils/v3" 12 ) 13 14 // IsInternalSecretBackendID returns true if the supplied backend ID is the internal backend ID. 15 func IsInternalSecretBackendID(backendID string) bool { 16 return utils.IsValidUUIDString(backendID) 17 } 18 19 // SecretBackend defines a secrets backend. 20 type SecretBackend struct { 21 ID string 22 Name string 23 BackendType string 24 TokenRotateInterval *time.Duration 25 Config map[string]interface{} 26 } 27 28 // ValueRef represents a reference to a secret 29 // content value stored in a backend. 30 type ValueRef struct { 31 BackendID string 32 RevisionID string 33 } 34 35 func (r *ValueRef) String() string { 36 return fmt.Sprintf("%s:%s", r.BackendID, r.RevisionID) 37 } 38 39 // NextBackendRotateTime returns the next time a token rotate is due, 40 // given the supplied rotate interval. 41 func NextBackendRotateTime(now time.Time, rotateInterval time.Duration) (*time.Time, error) { 42 if rotateInterval > 0 && rotateInterval < time.Hour { 43 return nil, errors.NotValidf("token rotate interval %q less than 1h", rotateInterval) 44 } 45 // Rotate a reasonable time before the token is due to expire. 46 const maxInterval = 24 * time.Hour 47 nextInterval := time.Duration(0.75*rotateInterval.Seconds()) * time.Second 48 if nextInterval > maxInterval { 49 nextInterval = maxInterval 50 } 51 when := now.Add(nextInterval) 52 return &when, nil 53 }