go-majordomo

Central access to resources, locally or from secret managers.

Table of Contents

• Install
• Usage
• Maintainers
• Contribute
• License

Install

go-majordomo is a standard Go module which can be installed with:

go get github.com/wealdtech/go-majordomo

Usage

Majordomo manages confidants. A confidant is a module that holds secrets that can be accessed through a custom URL. Confidants includes in this module are:

• direct secrets that are simple values
• file secrets that are held in a named file
• asm secrets that are stored on Amazon secrets manager
• gsm secrets that are stored on Google secrets manager
• http secrets that are stored on a remote server accessed by HTTP or HTTPS

Details about how to configure each confidant are in the relevant confidant's go docs.

Creating new confidants should be a relatively simple task; all that is required is to implement the Confidant interface.

Majordomo itself is defined as an interface. This is to allow more complicated implementations (load balancing, retries, caching etc.) if required. The standard implementation is in 'standard'

Example

Fetching a secret using the file confidant.

package main

import (
	"context"
	"fmt"

	"github.com/wealdtech/go-majordomo/confidants/file"
	standardmajordomo "github.com/wealdtech/go-majordomo/standard"
)

func main() {
	ctx := context.Background()
	// Create the majordomo service.
	service, err := standardmajordomo.New(ctx)
	if err != nil {
		panic(err)
	}

	// Create and register the file confidant.
	confidant, err := file.New(ctx)
	if err != nil {
		panic(err)
	}
	err = service.RegisterConfidant(ctx, confidant)
	if err != nil {
		panic(err)
	}

	// Fetch a value from the service.
	value, err := service.Fetch(ctx, "file:///home/me/secrets/password.txt")
	if err != nil {
		panic(err)
	}
	fmt.Printf("Value is %s\n", string(value))
}

Maintainers

Jim McDonald: @mcdee.

Contribute

Contributions welcome. Please check out the issues.

License

Apache-2.0 © 2019 - 2022 Weald Technology Trading Ltd