github.hscsec.cn/hashicorp/consul@v1.4.5/api/operator_keyring.go (about)

     1  package api
     2  
     3  // keyringRequest is used for performing Keyring operations
     4  type keyringRequest struct {
     5  	Key string
     6  }
     7  
     8  // KeyringResponse is returned when listing the gossip encryption keys
     9  type KeyringResponse struct {
    10  	// Whether this response is for a WAN ring
    11  	WAN bool
    12  
    13  	// The datacenter name this request corresponds to
    14  	Datacenter string
    15  
    16  	// Segment has the network segment this request corresponds to.
    17  	Segment string
    18  
    19  	// Messages has information or errors from serf
    20  	Messages map[string]string `json:",omitempty"`
    21  
    22  	// A map of the encryption keys to the number of nodes they're installed on
    23  	Keys map[string]int
    24  
    25  	// The total number of nodes in this ring
    26  	NumNodes int
    27  }
    28  
    29  // KeyringInstall is used to install a new gossip encryption key into the cluster
    30  func (op *Operator) KeyringInstall(key string, q *WriteOptions) error {
    31  	r := op.c.newRequest("POST", "/v1/operator/keyring")
    32  	r.setWriteOptions(q)
    33  	r.obj = keyringRequest{
    34  		Key: key,
    35  	}
    36  	_, resp, err := requireOK(op.c.doRequest(r))
    37  	if err != nil {
    38  		return err
    39  	}
    40  	resp.Body.Close()
    41  	return nil
    42  }
    43  
    44  // KeyringList is used to list the gossip keys installed in the cluster
    45  func (op *Operator) KeyringList(q *QueryOptions) ([]*KeyringResponse, error) {
    46  	r := op.c.newRequest("GET", "/v1/operator/keyring")
    47  	r.setQueryOptions(q)
    48  	_, resp, err := requireOK(op.c.doRequest(r))
    49  	if err != nil {
    50  		return nil, err
    51  	}
    52  	defer resp.Body.Close()
    53  
    54  	var out []*KeyringResponse
    55  	if err := decodeBody(resp, &out); err != nil {
    56  		return nil, err
    57  	}
    58  	return out, nil
    59  }
    60  
    61  // KeyringRemove is used to remove a gossip encryption key from the cluster
    62  func (op *Operator) KeyringRemove(key string, q *WriteOptions) error {
    63  	r := op.c.newRequest("DELETE", "/v1/operator/keyring")
    64  	r.setWriteOptions(q)
    65  	r.obj = keyringRequest{
    66  		Key: key,
    67  	}
    68  	_, resp, err := requireOK(op.c.doRequest(r))
    69  	if err != nil {
    70  		return err
    71  	}
    72  	resp.Body.Close()
    73  	return nil
    74  }
    75  
    76  // KeyringUse is used to change the active gossip encryption key
    77  func (op *Operator) KeyringUse(key string, q *WriteOptions) error {
    78  	r := op.c.newRequest("PUT", "/v1/operator/keyring")
    79  	r.setWriteOptions(q)
    80  	r.obj = keyringRequest{
    81  		Key: key,
    82  	}
    83  	_, resp, err := requireOK(op.c.doRequest(r))
    84  	if err != nil {
    85  		return err
    86  	}
    87  	resp.Body.Close()
    88  	return nil
    89  }