Package com.netflix.spinnaker.kork.secrets

Class SecretManager

  • @Component
public class SecretManager
extends java.lang.Object

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected java.nio.file.Path createTempFile​(java.lang.String prefix, byte[] decryptedContents)  
      java.lang.String decrypt​(java.lang.String configValue)
      Decrypt will deserialize the configValue into an EncryptedSecret object and decrypted based on the secretEngine referenced in the configValue.
      byte[] decryptAsBytes​(java.lang.String encryptedString)  
      java.nio.file.Path decryptAsFile​(java.lang.String filePathOrEncrypted)
      DecryptAsFile deserializes the configValue into an EncryptedSecret object, decrypts the EncryptedSecret based on the secretEngine referenced in the configValue, writes the decrypted value into a temporary file, and returns the absolute path to the temporary file.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • decrypt

        public java.lang.String decrypt​(java.lang.String configValue)
        Decrypt will deserialize the configValue into an EncryptedSecret object and decrypted based on the secretEngine referenced in the configValue.
        Parameters:
        configValue - The config value to decrypt
        Returns:
        secret in plaintext

      • decryptAsFile

        public java.nio.file.Path decryptAsFile​(java.lang.String filePathOrEncrypted)
        DecryptAsFile deserializes the configValue into an EncryptedSecret object, decrypts the EncryptedSecret based on the secretEngine referenced in the configValue, writes the decrypted value into a temporary file, and returns the absolute path to the temporary file.

        Based on the EncryptedSecret's parameters, the contents of the temporary file can be: - The decrypted contents of a file stored externally OR (if a key is present in the EncryptedSecret's parameters) - The value of the key in the external file

        Note: The temporary file that is created is deleted upon exiting the application.

        Parameters:
        filePathOrEncrypted - A filepath or encrypted key
        Returns:
        path to temporary file that contains decrypted contents or null if param not encrypted

      • decryptAsBytes

        public byte[] decryptAsBytes​(java.lang.String encryptedString)

      • createTempFile

        protected java.nio.file.Path createTempFile​(java.lang.String prefix,
                                            byte[] decryptedContents)