go-majordomo
Central access to resources, locally or from secret managers.
Table of Contents
Install
go-majordomo
is a standard Go module which can be installed with:
go get github.com/wealdtech/go-majordomo
Usage
Majordomo manages confidants. A confidant is a module that holds secrets that can be accessed through a custom URL. Confidants includes in this module are:
direct
secrets that are simple valuesfile
secrets that are held in a named fileasm
secrets that are stored on Amazon secrets managergsm
secrets that are stored on Google secrets managerhttp
secrets that are stored on a remote server accessed by HTTP or HTTPS
Details about how to configure each confidant are in the relevant confidant's go docs.
Creating new confidants should be a relatively simple task; all that is required is to implement the Confidant
interface.
Majordomo itself is defined as an interface. This is to allow more complicated implementations (load balancing, retries, caching etc.) if required. The standard implementation is in 'standard'
Example
Fetching a secret using the file confidant.
package main
import (
"context"
"fmt"
"github.com/wealdtech/go-majordomo/confidants/file"
standardmajordomo "github.com/wealdtech/go-majordomo/standard"
)
func main() {
ctx := context.Background()
// Create the majordomo service.
service, err := standardmajordomo.New(ctx)
if err != nil {
panic(err)
}
// Create and register the file confidant.
confidant, err := file.New(ctx)
if err != nil {
panic(err)
}
err = service.RegisterConfidant(ctx, confidant)
if err != nil {
panic(err)
}
// Fetch a value from the service.
value, err := service.Fetch(ctx, "file:///home/me/secrets/password.txt")
if err != nil {
panic(err)
}
fmt.Printf("Value is %s\n", string(value))
}
Maintainers
Jim McDonald: @mcdee.
Contribute
Contributions welcome. Please check out the issues.
License
Apache-2.0 © 2019 - 2022 Weald Technology Trading Ltd