mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-10 08:20:23 +00:00
91774fc936
Uses github.com/libopenstorage/secrets to communicate with Vault. This removes the need for maintaining our own limited Vault APIs. By adding the new dependency, several other packages got updated in the process. Unused indirect dependencies have been removed from go.mod. Signed-off-by: Niels de Vos <ndevos@redhat.com>
57 lines
1.3 KiB
Go
57 lines
1.3 KiB
Go
package secrets
|
|
|
|
import (
|
|
"fmt"
|
|
"sync"
|
|
)
|
|
|
|
var (
|
|
instance Secrets
|
|
secretBackends = make(map[string]BackendInit)
|
|
lock sync.RWMutex
|
|
)
|
|
|
|
// Instance returns the instance set via SetInstance. nil if not set.
|
|
func Instance() Secrets {
|
|
return instance
|
|
}
|
|
|
|
// SetInstance sets the singleton instance of the secrets backend.
|
|
func SetInstance(secretsInstance Secrets) error {
|
|
if secretsInstance != nil {
|
|
lock.Lock()
|
|
defer lock.Unlock()
|
|
instance = secretsInstance
|
|
return nil
|
|
}
|
|
return fmt.Errorf("Secrets instance cannot be nil")
|
|
}
|
|
|
|
// New returns a new instance of Secrets backend KMS identified by
|
|
// the supplied name. SecretConfig is a map of key value pairs which could
|
|
// be used for authenticating with the backend
|
|
func New(
|
|
name string,
|
|
secretConfig map[string]interface{},
|
|
) (Secrets, error) {
|
|
lock.RLock()
|
|
defer lock.RUnlock()
|
|
|
|
if bInit, exists := secretBackends[name]; exists {
|
|
return bInit(secretConfig)
|
|
}
|
|
return nil, ErrNotSupported
|
|
}
|
|
|
|
// Register adds a new backend KMS
|
|
func Register(name string, bInit BackendInit) error {
|
|
lock.Lock()
|
|
defer lock.Unlock()
|
|
if _, exists := secretBackends[name]; exists {
|
|
return fmt.Errorf("Secrets Backend provider %v is already"+
|
|
" registered", name)
|
|
}
|
|
secretBackends[name] = bInit
|
|
return nil
|
|
}
|