UNPKG

docker-swarm-secrets

Version:

A manager for Docker secrets that features customizable secret parsing and async I/O.

github.com/carriejv/docker-swarm-secrets

carriejv/docker-swarm-secrets

89 lines 6.21 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
/// <reference types="node" /> /** Defines an interpreter function. */ export declare type DSSInterpreter<T> = (rawSecret: DSSRawSecret) => T; /** Defines an interpreter predicate function. */ export declare type DSSPredicate = (rawSecret: DSSRawSecret) => boolean; /** Defines an interpreter which is only run if a given condition is satisfied. */ export interface DSSPredicatedInterpreter<T> { interpreter: DSSInterpreter<T>; predicate?: DSSPredicate; } /** Defines info about a secret being read, pre-interpretation */ export interface DSSRawSecret { /** The name of the secret. */ name: string; /** The data contents of the secret, if it exists. */ data?: Buffer; } /** Defines a secret that has been interpreted as a specific data type. */ export interface DSSSecret<T> extends DSSRawSecret { /** The calculated value of the secret. */ secret?: T; } /** Defines a Docker Swarm Secrets reader object, which reads secrets from a configured secrets mount point (/run/secrets by default). */ export declare class DSSReader { private secretsDirectory; /** Builds a new DSSReader for a Docker secrets filesystem at a given mount point. */ constructor(secretsDirectory?: string); /** * Reads a single secret by name asynchronously, optionally parsing it into type T using an `interpreter` function. * @param name The name of the secret to read * @param interpreter The interpreter function to run on the secret. * This function will be called on a secret after it is read, setting the calculated value of the secret to its return value. * This may be used to check data for validity, deserialize data, and/or any other work necessary to parse the raw secret data as type T. * If omitted, T is assumed to be Buffer and the secret data is returned as a raw Buffer. * @param callback Optional callback for handling the asynchronous return value, if preferred to async/await. */ readSecret<T = Buffer>(name: string, interpreter?: DSSInterpreter<T>): Promise<DSSSecret<T>>; /** * Reads all available secrets asynchronously, optionally parsing them using `interpreter` and `predicate` functions. * Secrets are returned as an object keyed by secret name. * @param interpreters The interpreter functions to run on secrets. * If a given `predicate` returns true for a secret, the associated `interpreter` will be called. * First matching interpreter wins. Secrets that do not match any interpreter will be ignored. * If no predicate is provided, the interpreter will match all secrets. This will prevent any subsequent interpreters from being checked. * Interpreter functions set the calculated value of the secret to their return value. * This may be used to check data for validity, deserialize data, and/or any other work necessary to parse the raw secret data. * If no interpreters are provided, all available secrets will be returned as raw Buffers. * @param callback Optional callback for handling the asynchronous return value, if preferred to async/await. */ readSecrets<T = Buffer>(interpreters?: DSSPredicatedInterpreter<T> | DSSPredicatedInterpreter<T>[]): Promise<{ [key: string]: DSSSecret<T>; }>; /** * Reads a single secret by name synchronously, optionally parsing it into type T using an `interpreter` function. * @param name The name of the secret to read * @param interpreter The interpreter function to run on the secret. * This function will be called on a secret after it is read, setting the calculated value of the secret to its return value. * This may be used to check data for validity, deserialize data, and/or any other work necessary to parse the raw secret data as type T. * If omitted, T is assumed to be Buffer and the secret data is returned as a raw Buffer. * @param callback Optional callback for handling the asynchronous return value, if preferred to async/await. */ readSecretSync<T = Buffer>(name: string, interpreter?: DSSInterpreter<T>): DSSSecret<T>; /** * Reads all available secrets synchronously, optionally parsing them using `interpreter` and `predicate` functions. * Secrets are returned as an object keyed by secret name. * @param interpreters The interpreter functions to run on secrets. * If a given `predicate` returns true for a secret, the associated `interpreter` will be called. * First matching interpreter wins. Secrets that do not match any interpreter will be ignored. * If no predicate is provided, the interpreter will match all secrets. This will prevent any subsequent interpreters from being checked. * Interpreter functions set the calculated value of the secret to their return value. * This may be used to check data for validity, deserialize data, and/or any other work necessary to parse the raw secret data. * If no interpreters are provided, all available secrets will be returned as raw Buffers. * @param callback Optional callback for handling the asynchronous return value, if preferred to async/await. */ readSecretsSync<T = Buffer>(interpreters?: DSSPredicatedInterpreter<T> | DSSPredicatedInterpreter<T>[]): { [key: string]: DSSSecret<T>; }; /** * Reads a file in the secrets directory by name, returning undefined if it is missing instead of throwing an error. * @param name The file name to read */ private readFileIgnoreMissing; /** * Reads a file in the secrets directory by name synchronously, returning undefined if it is missing instead of throwing an error. * @param name The file name to read */ private readFileIgnoreMissingSync; } //# sourceMappingURL=dss-reader.d.ts.map