go-majordomo
Central access to resources, locally or from secret managers.
Table of Contents
Install
go-majordomo is a standard Go module which can be installed with:
go get github.com/wealdtech/go-majordomoUsage
Majordomo manages confidants. A confidant is a module that holds secrets that can be accessed through a custom URL. Confidants includes in this module are:
directsecrets that are simple valuesfilesecrets that are held in a named fileasmsecrets that are stored on Amazon secrets managergsmsecrets that are stored on Google secrets managerhttpsecrets that are stored on a remote server accessed by HTTP or HTTPS
Details about how to configure each confidant are in the relevant confidant's go docs.
Creating new confidants should be a relatively simple task; all that is required is to implement the Confidant interface.
Majordomo itself is defined as an interface. This is to allow more complicated implementations (load balancing, retries, caching etc.) if required. The standard implementation is in 'standard'
Example
Fetching a secret using the file confidant.
package main
import (
"context"
"fmt"
"github.com/wealdtech/go-majordomo/confidants/file"
standardmajordomo "github.com/wealdtech/go-majordomo/standard"
)
func main() {
ctx := context.Background()
// Create the majordomo service.
service, err := standardmajordomo.New(ctx)
if err != nil {
panic(err)
}
// Create and register the file confidant.
confidant, err := file.New(ctx)
if err != nil {
panic(err)
}
err = service.RegisterConfidant(ctx, confidant)
if err != nil {
panic(err)
}
// Fetch a value from the service.
value, err := service.Fetch(ctx, "file:///home/me/secrets/password.txt")
if err != nil {
panic(err)
}
fmt.Printf("Value is %s\n", string(value))
}Maintainers
Jim McDonald: @mcdee.
Contribute
Contributions welcome. Please check out the issues.
License
Apache-2.0 © 2019 - 2022 Weald Technology Trading Ltd