-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
client: add a StaticWatcher utility constructor
This helps with migration of secrets that need a Watcher in production, but which still need static values for development and testing. The resulting Watcher never notifies an update, but is valid and vends the provided secret. While here, pull all the static constructors out into their own file, as the store file is getting a bit unwieldy. Updates tailscale/corp#22445
- Loading branch information
1 parent
35a7d55
commit 1d1e9a0
Showing
2 changed files
with
53 additions
and
37 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
// Copyright (c) Tailscale Inc & AUTHORS | ||
// SPDX-License-Identifier: BSD-3-Clause | ||
|
||
package setec | ||
|
||
import ( | ||
"bytes" | ||
"fmt" | ||
"os" | ||
) | ||
|
||
// StaticSecret returns a Secret that vends a static string value. | ||
// This is useful as a placeholder for development, migration, and testing. | ||
// The value reported by a static secret never changes. | ||
func StaticSecret(value string) Secret { | ||
return func() []byte { return []byte(value) } | ||
} | ||
|
||
// StaticWatcher returns a Watcher that vends a static string value. | ||
// This is useful as a placeholder for development, migration, and testing. | ||
// The value reported by a static watcher never changes, and the watcher | ||
// channel is never ready. | ||
func StaticWatcher(value string) Watcher { | ||
return Watcher{secret: StaticSecret(value)} | ||
} | ||
|
||
// StaticFile returns a Secret that vends the contents of path. The contents | ||
// of the file are returned exactly as stored. | ||
// | ||
// This is useful as a placeholder for development, migration, and testing. | ||
// The value reported by this secret is the contents of path at the | ||
// time this function is called, and never changes. | ||
func StaticFile(path string) (Secret, error) { | ||
bs, err := os.ReadFile(path) | ||
if err != nil { | ||
return nil, fmt.Errorf("reading static secret: %w", err) | ||
} | ||
return func() []byte { return bs }, nil | ||
} | ||
|
||
// StaticTextFile returns a secret that vends the contents of path, which are | ||
// treated as text with leading and trailing whitespace trimmed. | ||
// | ||
// This is useful as a placeholder for development, migration, and testing. | ||
// The value reported by a static secret never changes. | ||
func StaticTextFile(path string) (Secret, error) { | ||
bs, err := os.ReadFile(path) | ||
if err != nil { | ||
return nil, fmt.Errorf("reading static secret: %w", err) | ||
} | ||
text := bytes.TrimSpace(bs) | ||
return func() []byte { return text }, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters