Central access to resources, locally or from secret managers.
go-majordomo
is a standard Go module which can be installed with:
go get github.com/wealdtech/go-majordomo
Majordomo manages confidants. A confidant is a module that holds secrets that can be accessed through a custom URL. Confidants includes in this module are:
direct
secrets that are simple valuesfile
secrets that are held in a named fileasm
secrets that are stored on Amazon secrets managergsm
secrets that are stored on Google secrets managerhttp
secrets that are stored on a remote server accessed by HTTP or HTTPS
Details about how to configure each confidant are in the relevant confidant's go docs.
Creating new confidants should be a relatively simple task; all that is required is to implement the Confidant
interface.
Majordomo itself is defined as an interface. This is to allow more complicated implementations (load balancing, retries, caching etc.) if required. The standard implementation is in 'standard'
package main
import (
"context"
"fmt"
"github.com/wealdtech/go-majordomo/confidants/file"
standardmajordomo "github.com/wealdtech/go-majordomo/standard"
)
func main() {
ctx := context.Background()
// Create the majordomo service.
service, err := standardmajordomo.New(ctx)
if err != nil {
panic(err)
}
// Create and register the file confidant.
confidant, err := file.New(ctx)
if err != nil {
panic(err)
}
err = service.RegisterConfidant(ctx, confidant)
if err != nil {
panic(err)
}
// Fetch a value from the service.
value, err := service.Fetch(ctx, "file:///home/me/secrets/password.txt")
if err != nil {
panic(err)
}
fmt.Printf("Value is %s\n", string(value))
}
Jim McDonald: @mcdee.
Contributions welcome. Please check out the issues.
Apache-2.0 © 2019 - 2022 Weald Technology Trading Ltd