README
¶
memory
import "github.com/altessa-s/go-atlas/security/secrets/providers/memory"
Package memory provides an in-memory secret storage provider. Implements the Static interface, allowing
Manager to skip periodic refresh for optimal performance. Useful for testing or fixed secret sets.
Usage
store := memory.New(map[string]*secrets.Value[MySecret]{
"api-key": secrets.NewValue[MySecret](...),
})
mgr := secrets.New[MySecret](store)
Documentation
¶
Overview ¶
Package memory provides an implementation of the secrets.Provider interface for in-memory secret storage. This provider is useful for testing, development environments, or when working with a fixed set of secrets that don't change during application runtime.
The memory provider loads all secrets from a provided map during initialization and serves them from memory. It implements the Static interface, indicating that secrets don't change over time, which allows the manager to skip periodic refresh operations for optimal performance.
This provider is particularly useful in scenarios where:
- Testing applications with known secret values
- Development environments with fixed configuration
- Applications with embedded secrets that don't change
- Performance-critical applications requiring zero-latency secret access
- Offline environments without access to external secret services
Example:
// Create a memory provider with a set of secrets
secrets := map[string]string{
"database_url": "postgres://localhost:5432/mydb",
"redis_url": "redis://localhost:6379",
"api_key": "dev-api-key-12345",
"jwt_secret": "jwt-signing-secret",
"encryption_key": "32-byte-encryption-key-here!!!",
}
provider := memory.New(secrets)
// Use with secrets manager
manager := secrets.New(provider)
// Note: RunUpdateCycle() is not needed for static providers
// Retrieve secrets (very fast, no network calls)
dbUrl, err := manager.Value(ctx, "database_url", true)
if err != nil {
log.Fatal(err)
}
fmt.Printf("Database URL: %s\n", dbUrl.Value)
// List all available secrets
allSecrets, err := provider.List(context.Background())
if err != nil {
log.Fatal(err)
}
fmt.Printf("Loaded %d secrets\n", len(allSecrets))
Testing Example:
// Perfect for unit tests with known secret values
func TestSecretRetrieval(t *testing.T) {
testSecrets := map[string]string{
"test_key": "test_value",
}
provider := memory.New(testSecrets)
manager := secrets.New(provider)
value, err := manager.Value(ctx, "test_key", true)
assert.NoError(t, err)
assert.Equal(t, "test_value", value.Value)
}
Thread Safety:
All provider operations are thread-safe and can be used concurrently from multiple goroutines. The provider uses read-write mutex protection to ensure data consistency while allowing concurrent read operations for optimal performance.
Limitations:
Consider these limitations when using the memory provider:
- Secrets are stored in plain text in application memory
- Not suitable for production environments with sensitive secrets
- No persistence across application restarts
- Memory usage scales linearly with the number and size of secrets
- No encryption or additional security measures
Index ¶
- type Storage
- func (s *Storage[T]) CheckConnection(_ context.Context) error
- func (s *Storage[T]) Delete(_ context.Context, key string) error
- func (s *Storage[T]) IsStatic() bool
- func (s *Storage[T]) List(_ context.Context) ([]*secrets.Value[T], error)
- func (s *Storage[T]) Name() string
- func (s *Storage[T]) Save(_ context.Context, key string, value T) error
- func (s *Storage[T]) Value(_ context.Context, key string) (*secrets.Value[T], error)
- func (s *Storage[T]) Values(ctx context.Context) iter.Seq2[*secrets.Value[T], error]
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Storage ¶
type Storage[T any] struct { // contains filtered or unexported fields }
Storage implements the secrets.Provider interface for in-memory secret storage. It provides fast access to a fixed set of secrets loaded during initialization. All secrets are stored in memory and served without any external calls.
func New ¶
New creates a new memory storage provider with the given secrets. All provided secrets are loaded into memory and remain static throughout the application lifetime.
Returns a new Storage instance with all secrets preloaded.
func (*Storage[T]) CheckConnection ¶
CheckConnection verifies the memory provider's operational status. This method implements the ProviderHealthChecker interface. Since the memory provider doesn't have external dependencies, this check primarily validates internal consistency and basic operational readiness.
Parameters:
- ctx: context for the health check operation, supports cancellation and timeouts
Returns nil if the provider is healthy, or an error describing the issue.
func (*Storage[T]) Delete ¶
Delete removes a secret from memory storage. This operation removes the secret from the in-memory map.
Returns secrets.ErrNotFound if the key doesn't exist.
func (*Storage[T]) IsStatic ¶
IsStatic returns true, indicating that this storage provider contains a static set of secrets that will not change over time. This allows consumers to avoid unnecessary refresh operations.
func (*Storage[T]) List ¶
List returns all secrets stored in the memory provider. Since all secrets are stored in memory, this operation is very fast and does not require any external calls.
Returns a slice of all secrets, or an error.
func (*Storage[T]) Save ¶
Save stores or updates a secret in memory storage. This operation adds or updates the secret in the in-memory map.
Returns nil if the save was successful, or an error.
func (*Storage[T]) Value ¶
Value retrieves a specific secret by key from memory storage. This operation is performed entirely in memory and is very fast.
Returns the secret value if found, or secrets.ErrNotFound if the key doesn't exist.
Source Files