client

package
v1.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 18, 2025 License: CC0-1.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var DefaultPasswordCallbacks = struct {
	// TerminalPrompt prompts the user for a password via terminal input.
	TerminalPrompt PasswordCallback
	// EnvVar returns a callback that reads the password from an environment variable.
	EnvVar func(envVarName string) PasswordCallback
	// Static returns a callback that returns a static password (not recommended for production).
	Static func(password string) PasswordCallback
}{
	TerminalPrompt: func() (string, error) {
		fmt.Print("Enter P12 password: ")
		passwordBytes, err := term.ReadPassword(int(syscall.Stdin))
		fmt.Println()
		if err != nil {
			return "", fmt.Errorf("failed to read password: %w", err)
		}
		return string(passwordBytes), nil
	},
	EnvVar: func(envVarName string) PasswordCallback {
		return func() (string, error) {
			password := os.Getenv(envVarName)
			if password == "" {
				return "", fmt.Errorf("environment variable %s not set or empty", envVarName)
			}
			return password, nil
		}
	},
	Static: func(password string) PasswordCallback {
		return func() (string, error) {
			return password, nil
		}
	},
}

DefaultPasswordCallbacks provides common password input methods.

View Source 
var GRPCDialContextFunc = grpc.NewClient

GRPCDialContextFunc is a function variable that can be replaced for testing. It defaults to the standard grpc.NewClient function.

Functions

func GrpcSimpleRetrieve added in v1.0.9 

func GrpcSimpleRetrieve(ctx context.Context, ServerAddress string, AuthenticationPassword string, key string, opts ...grpc.DialOption) (val string, err error)

GrpcSimpleRetrieve retrieves a value from the parameter store using gRPC. It accepts a context for timeout/cancellation control and optional grpc.DialOptions.

func GrpcSimpleRetrieveWithPrebuiltTLS added in v1.2.2 

func GrpcSimpleRetrieveWithPrebuiltTLS(ctx context.Context, ServerAddress string, AuthenticationPassword string, key string, tlsConf *tls.Config, opts ...grpc.DialOption) (val string, err error)

GrpcSimpleRetrieveWithPrebuiltTLS retrieves a value from the parameter store using gRPC with pre-built TLS config. This version accepts a pre-built *tls.Config to avoid password prompts within timeout context.

func GrpcSimpleRetrieveWithTLS added in v1.2.0 

func GrpcSimpleRetrieveWithTLS(ctx context.Context, ServerAddress string, AuthenticationPassword string, key string, tlsConfig *TLSConfig, opts ...grpc.DialOption) (val string, err error)

GrpcSimpleRetrieveWithTLS retrieves a value from the parameter store using gRPC with TLS. It accepts a context, server details, credentials, a key, and TLS configuration.

func GrpcSimpleStore 

func GrpcSimpleStore(ctx context.Context, ServerAddress string, AuthenticationPassword string, key string, value string, opts ...grpc.DialOption) (err error)

GrpcSimpleStore stores a key-value pair using gRPC. Accepts a context for timeout/cancellation and optional grpc.DialOptions.

func GrpcSimpleStoreWithPrebuiltTLS added in v1.2.2 

func GrpcSimpleStoreWithPrebuiltTLS(ctx context.Context, ServerAddress string, AuthenticationPassword string, key string, value string, tlsConf *tls.Config, opts ...grpc.DialOption) (err error)

GrpcSimpleStoreWithPrebuiltTLS stores a key-value pair using gRPC with pre-built TLS config. This version accepts a pre-built *tls.Config to avoid password prompts within timeout context.

func GrpcSimpleStoreWithTLS added in v1.2.0 

func GrpcSimpleStoreWithTLS(ctx context.Context, ServerAddress string, AuthenticationPassword string, key string, value string, tlsConfig *TLSConfig, opts ...grpc.DialOption) (err error)

GrpcSimpleStoreWithTLS stores a key-value pair using gRPC with TLS. It accepts a context, server details, credentials, key-value pair, and TLS configuration.

Types

type CertificateSource added in v1.1.0 

type CertificateSource struct {
	FilePath string
	Bytes    []byte
}

CertificateSource holds either a file path to a certificate/key or its raw byte content.

func (*CertificateSource) GetData added in v1.1.0 

func (cs *CertificateSource) GetData() ([]byte, error)

GetData returns the certificate/key data. It prioritizes Bytes if available, otherwise reads from FilePath.

func (*CertificateSource) IsProvided added in v1.1.0 

func (cs *CertificateSource) IsProvided() bool

IsProvided checks if either a file path or byte content has been supplied.

type Client added in v1.1.0 

type Client struct {
	Host      string
	Port      int
	Timeout   time.Duration
	TLSConfig *TLSConfig
}

Client is the main parameter store client

func NewClient added in v1.1.0 

func NewClient(host string, port int, opts ...ClientOption) (*Client, error)

NewClient creates a new parameter store client with sensible defaults

func (*Client) Retrieve added in v1.1.0 

func (c *Client) Retrieve(key, secret string) (string, error)

Retrieve fetches a value for the given key using the provided secret. It automatically uses mTLS if certificate sources are properly configured.

func (*Client) Store added in v1.1.0 

func (c *Client) Store(key, secret, value string) error

Store stores a key-value pair in the parameter store. It automatically uses mTLS if certificate sources are properly configured.

type ClientOption added in v1.1.0 

type ClientOption func(*Client)

ClientOption is a function that configures a Client

func WithTLS added in v1.2.0 

func WithTLS(tlsConfig *TLSConfig) ClientOption

WithTLS configures the client with TLS settings.

func WithTimeout added in v1.1.0 

func WithTimeout(timeout time.Duration) ClientOption

WithTimeout sets a custom timeout for the client

type PasswordCallback added in v1.2.0 

type PasswordCallback func() (string, error)

PasswordCallback is a function type for securely obtaining passwords. It should return the password and any error that occurred during retrieval.

type TLSConfig added in v1.2.0 

type TLSConfig struct {
	// Separate certificate and key (PEM format)
	ClientCert CertificateSource
	ClientKey  CertificateSource
	CACert     CertificateSource

	// PKCS#12 (.p12/.pfx) support
	P12File       string
	P12Bytes      []byte
	P12PasswordFn PasswordCallback

	// ServerName for TLS verification (optional)
	ServerName string

	// InsecureSkipVerify disables certificate verification (for testing only)
	InsecureSkipVerify bool
}

TLSConfig holds TLS configuration for the client, supporting multiple certificate formats.

func NewTLSConfigFromP12Bytes added in v1.2.0 

func NewTLSConfigFromP12Bytes(p12Data []byte, passwordFn PasswordCallback) *TLSConfig

NewTLSConfigFromP12Bytes creates a TLS config using PKCS#12 data.

func NewTLSConfigFromP12File added in v1.2.0 

func NewTLSConfigFromP12File(p12File string, passwordFn PasswordCallback) *TLSConfig

NewTLSConfigFromP12File creates a TLS config using a PKCS#12 file.

func NewTLSConfigFromSeparateCertBytes added in v1.2.0 

func NewTLSConfigFromSeparateCertBytes(clientCertData, clientKeyData, caCertData []byte) *TLSConfig

NewTLSConfigFromSeparateCertBytes creates a TLS config using separate cert/key data.

func NewTLSConfigFromSeparateCerts added in v1.2.0 

func NewTLSConfigFromSeparateCerts(clientCertFile, clientKeyFile, caCertFile string) *TLSConfig

NewTLSConfigFromSeparateCerts creates a TLS config using separate cert/key files.

func (*TLSConfig) GetTLSConfig added in v1.2.0 

func (tc *TLSConfig) GetTLSConfig() (*tls.Config, error)

GetTLSConfig builds and returns a *tls.Config based on the configuration.

func (*TLSConfig) IsConfigured added in v1.2.0 

func (tc *TLSConfig) IsConfigured() bool

IsConfigured returns true if any TLS configuration is provided.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.