Skip to main content

SecretsStore

zlayer_secrets

Trait SecretsStore 

Source 
pub trait SecretsStore: SecretsProvider {
    // Required methods
    fn set_secret<'life0, 'life1, 'life2, 'life3, 'async_trait>(
        &'life0 self,
        scope: &'life1 str,
        name: &'life2 str,
        value: &'life3 Secret,
    ) -> Pin<Box<dyn Future<Output = Result<()>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait,
             'life1: 'async_trait,
             'life2: 'async_trait,
             'life3: 'async_trait;
    fn delete_secret<'life0, 'life1, 'life2, 'async_trait>(
        &'life0 self,
        scope: &'life1 str,
        name: &'life2 str,
    ) -> Pin<Box<dyn Future<Output = Result<()>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait,
             'life1: 'async_trait,
             'life2: 'async_trait;

    // Provided method
    fn rotate_secret<'life0, 'life1, 'life2, 'life3, 'async_trait>(
        &'life0 self,
        scope: &'life1 str,
        name: &'life2 str,
        value: &'life3 Secret,
    ) -> Pin<Box<dyn Future<Output = Result<RotationResult>> + Send + 'async_trait>>
       where Self: Sync + 'async_trait,
             'life0: 'async_trait,
             'life1: 'async_trait,
             'life2: 'async_trait,
             'life3: 'async_trait { ... }
}
Expand description

Read-write secrets store trait.

Extends SecretsProvider with write operations for managing secrets. Implementations handle encryption, versioning, and storage.

§Example

use zlayer_secrets::{SecretsStore, Secret};

async fn store_api_key(store: &impl SecretsStore, key: &str) -> Result<()> {
    let secret = Secret::new(key);
    store.set_secret("my-deployment", "api-key", &secret).await
}

Required Methods§

Source

fn set_secret<'life0, 'life1, 'life2, 'life3, 'async_trait>( &'life0 self, scope: &'life1 str, name: &'life2 str, value: &'life3 Secret, ) -> Pin<Box<dyn Future<Output = Result<()>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait, 'life3: 'async_trait,

Store or update a secret.

If the secret already exists, it will be updated and its version incremented. If it doesn’t exist, a new secret will be created.

§Arguments
  • scope - The scope identifier (e.g., deployment name)
  • name - The secret name within the scope
  • value - The secret value to store
§Errors

Returns an error if encryption fails or storage is unavailable.

Source

fn delete_secret<'life0, 'life1, 'life2, 'async_trait>( &'life0 self, scope: &'life1 str, name: &'life2 str, ) -> Pin<Box<dyn Future<Output = Result<()>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait,

Delete a secret from the store.

§Arguments
  • scope - The scope identifier
  • name - The secret name to delete
§Errors

Returns SecretsError::NotFound if the secret doesn’t exist, or other errors for storage issues.

Provided Methods§

Source

fn rotate_secret<'life0, 'life1, 'life2, 'life3, 'async_trait>( &'life0 self, scope: &'life1 str, name: &'life2 str, value: &'life3 Secret, ) -> Pin<Box<dyn Future<Output = Result<RotationResult>> + Send + 'async_trait>>
where Self: Sync + 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait, 'life3: 'async_trait,

Rotate a secret: overwrite with a new value and return the version before+after.

Default impl reads current metadata, writes the new value, re-reads metadata to capture the new version. Backends MAY override for efficiency.

§Arguments
  • scope - The scope identifier
  • name - The secret name
  • value - The new secret value
§Errors

Returns SecretsError::NotFound if the secret does not exist (use set_secret to create). Other storage errors as usual.

Implementations on Foreign Types§

Source§

impl<T: SecretsStore + ?Sized> SecretsStore for Arc<T>

Source§

fn set_secret<'life0, 'life1, 'life2, 'life3, 'async_trait>( &'life0 self, scope: &'life1 str, name: &'life2 str, value: &'life3 Secret, ) -> Pin<Box<dyn Future<Output = Result<()>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait, 'life3: 'async_trait,

Source§

fn delete_secret<'life0, 'life1, 'life2, 'async_trait>( &'life0 self, scope: &'life1 str, name: &'life2 str, ) -> Pin<Box<dyn Future<Output = Result<()>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait,

Source§

fn rotate_secret<'life0, 'life1, 'life2, 'life3, 'async_trait>( &'life0 self, scope: &'life1 str, name: &'life2 str, value: &'life3 Secret, ) -> Pin<Box<dyn Future<Output = Result<RotationResult>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait, 'life3: 'async_trait,

Implementors§