mirror of
https://github.com/ceph/ceph-csi.git
synced 2025-01-21 20:29:29 +00:00
57 lines
1.3 KiB
Go
57 lines
1.3 KiB
Go
|
package secrets
|
||
|
|
||
|
import (
|
||
|
"fmt"
|
||
|
"sync"
|
||
|
)
|
||
|
|
||
|
var (
|
||
|
instance Secrets
|
||
|
secretBackends = make(map[string]BackendInit)
|
||
|
lock sync.RWMutex
|
||
|
)
|
||
|
|
||
|
// Instance returns the instance set via SetInstance. nil if not set.
|
||
|
func Instance() Secrets {
|
||
|
return instance
|
||
|
}
|
||
|
|
||
|
// SetInstance sets the singleton instance of the secrets backend.
|
||
|
func SetInstance(secretsInstance Secrets) error {
|
||
|
if secretsInstance != nil {
|
||
|
lock.Lock()
|
||
|
defer lock.Unlock()
|
||
|
instance = secretsInstance
|
||
|
return nil
|
||
|
}
|
||
|
return fmt.Errorf("Secrets instance cannot be nil")
|
||
|
}
|
||
|
|
||
|
// New returns a new instance of Secrets backend KMS identified by
|
||
|
// the supplied name. SecretConfig is a map of key value pairs which could
|
||
|
// be used for authenticating with the backend
|
||
|
func New(
|
||
|
name string,
|
||
|
secretConfig map[string]interface{},
|
||
|
) (Secrets, error) {
|
||
|
lock.RLock()
|
||
|
defer lock.RUnlock()
|
||
|
|
||
|
if bInit, exists := secretBackends[name]; exists {
|
||
|
return bInit(secretConfig)
|
||
|
}
|
||
|
return nil, ErrNotSupported
|
||
|
}
|
||
|
|
||
|
// Register adds a new backend KMS
|
||
|
func Register(name string, bInit BackendInit) error {
|
||
|
lock.Lock()
|
||
|
defer lock.Unlock()
|
||
|
if _, exists := secretBackends[name]; exists {
|
||
|
return fmt.Errorf("Secrets Backend provider %v is already"+
|
||
|
" registered", name)
|
||
|
}
|
||
|
secretBackends[name] = bInit
|
||
|
return nil
|
||
|
}
|