github.com/m-lab/locate@v0.17.6/secrets/load_local.go (about) 1 package secrets 2 3 import ( 4 "context" 5 "io/ioutil" 6 7 "github.com/m-lab/access/token" 8 "github.com/m-lab/locate/prometheus" 9 "github.com/prometheus/common/config" 10 ) 11 12 // LocalConfig supports loading signer and verifier keys from a local file 13 // rather than from secretmanager. 14 type LocalConfig struct{} 15 16 // NewLocalConfig creates a new instance for loading local signer and verifier keys. 17 func NewLocalConfig() *LocalConfig { 18 return &LocalConfig{} 19 } 20 21 // LoadSigner reads the secret from the named file. The client parameter is ignored. 22 func (c *LocalConfig) LoadSigner(ctx context.Context, name string) (*token.Signer, error) { 23 key, err := ioutil.ReadFile(name) 24 if err != nil { 25 return nil, err 26 } 27 return token.NewSigner(key) 28 } 29 30 // LoadVerifier reads the secret from the named file. The client parameter is ignored. 31 func (c *LocalConfig) LoadVerifier(ctx context.Context, name string) (*token.Verifier, error) { 32 // TODO: consider supporting `name` as glob to load multiple verifier keys. 33 key, err := ioutil.ReadFile(name) 34 if err != nil { 35 return nil, err 36 } 37 return token.NewVerifier(key) 38 } 39 40 // LoadPrometheus reads the username and password secrets from the named files. 41 // The client parameter is ignored. 42 func (c *LocalConfig) LoadPrometheus(ctx context.Context, user, pass string) (*prometheus.Credentials, error) { 43 u, err := ioutil.ReadFile(user) 44 if err != nil { 45 return nil, err 46 } 47 48 p, err := ioutil.ReadFile(pass) 49 if err != nil { 50 return nil, err 51 } 52 53 return &prometheus.Credentials{ 54 Username: string(u), 55 Password: config.Secret(p), 56 }, nil 57 }