confidante 0.28.0.pre.15 → 0.28.0.pre.19

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9650fc6b5cfb60cde80bd5d25dde663535bca870a8f9b08ce29eb9c2375be8f7
-  data.tar.gz: 17cc9dd25523d6415681f1fcda2b8036c94360b4927fa97dd5532e1bfc3386e8
+  metadata.gz: 5f3e97cd1b0dcd653425d0934a613a5a8228b0158fdc452686380daae3300e53
+  data.tar.gz: 9c71a804a9684722971e6fb83c08a850585abd4713c530bad399038b363bb4b3
 SHA512:
-  metadata.gz: 8a81fed1309c40c7f52fac384b1f084ad7f1a8352adc031aed918d780f7d072436007f12571fe8c739173f35f6b834073bb1e67efc4441ac4d085fda3e57d642
-  data.tar.gz: e8eb70b0f2246395a497ade451252cf05d762bad52d2128f6ce50360ba20709f8921de4059202d19463641dc39dbb10a8c7f5fce7f9f81d1248e7567721abe4c
+  metadata.gz: 86540c8fdac3b8e870a11dcb34578ebadfb944532b879467f6c3750616d24420f86e8dd6a742e5b241fde95564537804f8f3da00570375d2ebd485752971f152
+  data.tar.gz: d3aa207302d69f104fc35e9e5dbd77d405237fa303ec4aa756d0bdb8f940a1877ece7855e2ea73a7995da811801dda191984325186d949560865beaad89ff86a

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    confidante (0.28.0.pre.15)
+    confidante (0.28.0.pre.19)
       activesupport (>= 4)
       hiera (~> 3.3)
       shikashi (~> 0.6)
@@ -113,7 +113,7 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.11.0)
     rspec-support (3.11.0)
-    rubocop (1.35.0)
+    rubocop (1.35.1)
       json (~> 2.3)
       parallel (~> 1.10)
       parser (>= 3.1.2.1)
@@ -136,12 +136,12 @@ GEM
       sexp_processor (~> 4.6)
     ruby_gpg2 (0.8.0)
       lino (>= 1.5)
-    ruby_parser (3.18.1)
+    ruby_parser (3.19.1)
       sexp_processor (~> 4.16)
     sawyer (0.8.2)
       addressable (>= 2.3.5)
       faraday (> 0.8, < 2.0)
-    sexp_processor (4.16.0)
+    sexp_processor (4.16.1)
     shikashi (0.6.0)
       evalhook (>= 0.6.0)
       getsource (>= 0.1.0)
@@ -180,4 +180,4 @@ DEPENDENCIES
   simplecov
 
 BUNDLED WITH
-   2.3.20
+   2.3.21

data/lib/confidante/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Confidante
-  VERSION = '0.28.0.pre.15'
+  VERSION = '0.28.0.pre.19'
 end

data/lib/hiera/backend/vault_backend.rb

@@ -17,24 +17,34 @@ class Hiera
 
         vault_config = Backend.parse_answer(Config[:vault], scope)
         vault_address = vault_config[:address]
-        vault_client = Vault::Client.new(address: vault_address)
 
-        source = vault_config[:sources][0]
+        throw :no_vault_address_provided unless vault_address
 
-        throw(:unsupported_secrets_engine) unless source[:engine] == 'kv'
+        vault_client = Vault::Client.new(address: vault_address)
+        value = get_value(vault_client, key, vault_config[:sources])
+        Backend.parse_answer(value, scope)
+      end
 
-        value = read_kv_value(vault_client, source, key)
+      def get_value(vault_client, key, sources)
+        found_source = sources.find do |source|
+          read_kv_value(vault_client, source, key)
+        end
 
-        Backend.parse_answer(value, scope)
+        throw(:no_such_key) unless found_source
+
+        read_kv_value(vault_client, found_source, key)
       end
 
       def read_kv_value(vault_client, source, key)
-        secret = vault_client.kv(source[:mount]).read(key)
-        throw(:no_such_key) unless secret
+        throw(:unsupported_secrets_engine) unless source[:engine] == 'kv'
+
+        mount = source[:mount]
+        full_path = "#{source[:path]}/#{key}"
+
+        secret = vault_client.kv(mount).read(full_path)
+        return nil unless secret
 
-        value = secret.data[:value]
-        throw(:no_such_key) unless value
-        value
+        secret.data[:value]
       end
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: confidante
 version: !ruby/object:Gem::Version
-  version: 0.28.0.pre.15
+  version: 0.28.0.pre.19
 platform: ruby
 authors:
 - InfraBlocks Maintainers
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-08-17 00:00:00.000000000 Z
+date: 2022-08-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport