package rotation

sdk – github.com/hashicorp/vault/sdk/rotation Index | Files

import "github.com/hashicorp/vault/sdk/rotation"

Index ¶

Constants
type DefaultSchedule

func (d *DefaultSchedule) IsInsideRotationWindow(rs *RotationSchedule, t time.Time) bool
func (d *DefaultSchedule) NextRotationTime(rs *RotationSchedule) time.Time
func (d *DefaultSchedule) NextRotationTimeFromInput(rs *RotationSchedule, input time.Time) time.Time
func (d *DefaultSchedule) Parse(rotationSchedule string) (*cron.SpecSchedule, error)
func (d *DefaultSchedule) SetNextVaultRotation(rs *RotationSchedule, t time.Time)
func (d *DefaultSchedule) ShouldRotate(rs *RotationSchedule, priority int64, t time.Time) bool
func (d *DefaultSchedule) UsesRotationSchedule(rs *RotationSchedule) bool
func (d *DefaultSchedule) UsesTTL(rs *RotationSchedule) bool
func (d *DefaultSchedule) ValidateRotationWindow(s int) error

type RotationJob

func ConfigureRotationJob(configRequest *RotationJobConfigureRequest) (*RotationJob, error)
func (s *RotationJob) Validate() error

type RotationJobConfigureRequest
type RotationJobDeregisterRequest
type RotationOptions
type RotationSchedule
type Scheduler

Constants ¶

const (
	PerformedRegistration   = "registration"
	PerformedDeregistration = "deregistration"
)

Types ¶

type DefaultSchedule ¶

type DefaultSchedule struct{}

func (*DefaultSchedule) IsInsideRotationWindow ¶

func (d *DefaultSchedule) IsInsideRotationWindow(rs *RotationSchedule, t time.Time) bool

IsInsideRotationWindow checks if the current time is before the calculated end of the rotation window, to make sure that t time is within the specified rotation window It returns true if rotation window is not specified

func (*DefaultSchedule) NextRotationTime ¶

func (d *DefaultSchedule) NextRotationTime(rs *RotationSchedule) time.Time

NextRotationTime calculates the next scheduled rotation

func (*DefaultSchedule) NextRotationTimeFromInput ¶

func (d *DefaultSchedule) NextRotationTimeFromInput(rs *RotationSchedule, input time.Time) time.Time

NextRotationTimeFromInput calculates and returns the next rotation time based on the provided schedule and input time

func (*DefaultSchedule) Parse ¶

func (d *DefaultSchedule) Parse(rotationSchedule string) (*cron.SpecSchedule, error)

func (*DefaultSchedule) SetNextVaultRotation ¶

func (d *DefaultSchedule) SetNextVaultRotation(rs *RotationSchedule, t time.Time)

SetNextVaultRotation calculates the next rotation time of a given schedule based on the time.

func (*DefaultSchedule) ShouldRotate ¶

func (d *DefaultSchedule) ShouldRotate(rs *RotationSchedule, priority int64, t time.Time) bool

ShouldRotate checks if the rotation should occur based on priority, current time, and rotation window It returns true if the priority is less than or equal to the current time and the current time is within the rotation window

func (*DefaultSchedule) UsesRotationSchedule ¶

func (d *DefaultSchedule) UsesRotationSchedule(rs *RotationSchedule) bool

func (*DefaultSchedule) UsesTTL ¶

func (d *DefaultSchedule) UsesTTL(rs *RotationSchedule) bool

func (*DefaultSchedule) ValidateRotationWindow ¶

func (d *DefaultSchedule) ValidateRotationWindow(s int) error

type RotationJob ¶

type RotationJob struct {
	RotationOptions

	// RotationID is the ID returned to the user to manage this secret.
	// This is generated by Vault core. Any set value will be ignored.
	// For requests, this will always be blank.
	RotationID string `sentinel:""`
	Path       string
	MountPoint string
	Name       string
}

RotationJob represents the secret part of a response.

func ConfigureRotationJob ¶

func ConfigureRotationJob(configRequest *RotationJobConfigureRequest) (*RotationJob, error)

ConfigureRotationJob builds and returns a configured RotationJob for the mount and request with the given schedule.

func (*RotationJob) Validate ¶

func (s *RotationJob) Validate() error

type RotationJobConfigureRequest ¶

type RotationJobConfigureRequest struct {
	Name             string
	MountPoint       string
	ReqPath          string
	RotationSchedule string
	RotationWindow   time.Duration
	RotationPeriod   time.Duration
}

type RotationJobDeregisterRequest ¶

type RotationJobDeregisterRequest struct {
	MountPoint string
	ReqPath    string
}

type RotationOptions ¶

type RotationOptions struct {
	// Schedule holds the info for the framework.Schedule
	Schedule *RotationSchedule
}

RotationOptions is an embeddable struct to capture common rotation settings between a Secret and Auth

type RotationSchedule ¶

type RotationSchedule struct {
	Schedule          *cron.SpecSchedule `json:"schedule"`
	RotationWindow    time.Duration      `json:"rotation_window"` // seconds of window
	RotationSchedule  string             `json:"rotation_schedule"`
	RotationPeriod    time.Duration      `json:"rotation_period"`
	NextVaultRotation time.Time          `json:"next_vault_rotation"`
	LastVaultRotation time.Time          `json:"last_vault_rotation"`
}

RotationSchedule holds the parsed and unparsed versions of the schedule, along with the projected next rotation time.

type Scheduler ¶

type Scheduler interface {
	Parse(rotationSchedule string) (*cron.SpecSchedule, error)
	ValidateRotationWindow(s int) error
	NextRotationTimeFromInput(rs *RotationSchedule, input time.Time) time.Time
	IsInsideRotationWindow(rs *RotationSchedule, t time.Time) bool
	ShouldRotate(rs *RotationSchedule, priority int64, t time.Time) bool
	NextRotationTime(rs *RotationSchedule) time.Time
	SetNextVaultRotation(rs *RotationSchedule, t time.Time)
	UsesTTL(rs *RotationSchedule) bool
	UsesRotationSchedule(rs *RotationSchedule) bool
}

var DefaultScheduler Scheduler = &DefaultSchedule{}

Source Files ¶

rotation_job.go schedule.go

Version: v0.18.0 (latest)
Published: Jun 5, 2025
Platform: linux/amd64
Imports: 3 packages
Last checked: 1 month ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples