A Golang API and examples for Thycotic DevOps Secrets Vault.
The API requires a Configuration
object containing a ClientID
, ClientSecret
and Tenant
:
type ClientCredential struct {
ClientID, ClientSecret string
}
type Configuration struct {
Credentials ClientCredential
Tenant, TLD, URLTemplate string
}
The unit tests populate Configuration
from test_config.json
:
config := new(Configuration)
if cj, err := ioutil.ReadFile("../test_config.json"); err == nil {
json.Unmarshal(cj, &config)
}
tss := New(*config)
Create test_config.json
:
{
"credentials": {
"clientId": "93d866d4-635f-4d4e-9ce3-0ef7f879f319",
"clientSecret": "xxxxxxxxxxxxxxxxxxxxxxxxx-xxxxxxxxxxx-xxxxx"
},
"tenant": "mytenant"
}
vault/role_test.go
declares:
const roleName = "test-role"
vault/secret_test.go
declares:
const secretName = "/test/secret"
The tests assume that roleName
can exists and has privilege to create, read,
and delete a client, and read secretName
.
Define a Configuration
then use it to create an instance of Vault
:
dsv := vault.New(vault.Configuration{
ClientID: os.Getenv("DSV_CLIENT_ID"),
ClientSecret: os.Getenv("DSV_CLIENT_SECRET"),
Tenant: os.Getenv("DSV_TENANT"),
})
secret, err := dsv.Secret("path:of:the:secret")
if err != nil {
log.Fatal("failure calling vault.Secret", err)
}
fmt.Print("the SSH public key is", secret.Data["public"])