configuration_service-provider-vault 2.0.1 → 2.0.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d1ad7c18dfbaa9c962c87a0210eb3c090cced57a
|
4
|
+
data.tar.gz: c395e551be9186ea887ca9e2f3c027b9c24bc557
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 36dc4842ebd4851cb07c0ff038a566c98438789fab6ed5ea82853c83e2c840d685b4c247469a8df35f656e2b4b7778d944647fad2e04719c32802242022f1460
|
7
|
+
data.tar.gz: 4d317d67bb1dd4993e3a5a9e69dd4aca420a98c21fbdeacff2e4dc5a2b467b502f583c6f01a671af09ca160c098e0396d4a5e53ac27f3d7b7b277a429a173ca1
|
@@ -3,7 +3,7 @@ require "vault"
|
|
3
3
|
require "json"
|
4
4
|
require "time"
|
5
5
|
|
6
|
-
require_relative "vault/
|
6
|
+
require_relative "vault/path_helper"
|
7
7
|
|
8
8
|
module ConfigurationService
|
9
9
|
|
@@ -24,7 +24,7 @@ module ConfigurationService
|
|
24
24
|
##
|
25
25
|
# Request configuration from Vault
|
26
26
|
#
|
27
|
-
# The Vault secret path is composed by
|
27
|
+
# The Vault secret path is composed by PathHelper, using the +identifier+ and the string "latest".
|
28
28
|
#
|
29
29
|
# See #publish_configuration.
|
30
30
|
#
|
@@ -33,8 +33,8 @@ module ConfigurationService
|
|
33
33
|
|
34
34
|
adapt_exceptions do
|
35
35
|
if revision = get_latest_revision(identifier)
|
36
|
-
|
37
|
-
if response = @vault.logical.read(
|
36
|
+
path = build_path(identifier, revision)
|
37
|
+
if response = @vault.logical.read(path)
|
38
38
|
data, metadata = JSON.parse(response.data[:data]), JSON.parse(response.data[:metadata])
|
39
39
|
ConfigurationService::Configuration.new(identifier, data, metadata)
|
40
40
|
end
|
@@ -45,9 +45,9 @@ module ConfigurationService
|
|
45
45
|
##
|
46
46
|
# Publish configuration to Vault
|
47
47
|
#
|
48
|
-
# The configuration is written to a Vault path composed by
|
48
|
+
# The configuration is written to a Vault path composed by PathHelper, using the configuration's
|
49
49
|
# +identifier+ and metadata +revision+ as the path. That path is then written to another path,
|
50
|
-
# also composed by
|
50
|
+
# also composed by PathHelper, using +identifier+ and the string "latest".
|
51
51
|
#
|
52
52
|
# This allows the current configuration to always be retrieved from a predictable path in Vault,
|
53
53
|
# but preserves revision history of configuration.
|
@@ -61,8 +61,8 @@ module ConfigurationService
|
|
61
61
|
revision = metadata["revision"] or raise "can't publish configuration without revision in metadata"
|
62
62
|
|
63
63
|
adapt_exceptions do
|
64
|
-
|
65
|
-
@vault.logical.write(
|
64
|
+
path = build_path(identifier, revision)
|
65
|
+
@vault.logical.write(path, data: JSON.generate(data), metadata: JSON.generate(metadata), format: "json")
|
66
66
|
set_latest_revision(identifier, metadata["revision"])
|
67
67
|
ConfigurationService::Configuration.new(identifier, data, metadata)
|
68
68
|
end
|
@@ -93,21 +93,21 @@ module ConfigurationService
|
|
93
93
|
end
|
94
94
|
|
95
95
|
def get_latest_revision(identifier)
|
96
|
-
if response = @vault.logical.read(
|
96
|
+
if response = @vault.logical.read(latest_path(identifier))
|
97
97
|
response.data[:revision]
|
98
98
|
end
|
99
99
|
end
|
100
100
|
|
101
101
|
def set_latest_revision(identifier, revision)
|
102
|
-
@vault.logical.write(
|
102
|
+
@vault.logical.write(latest_path(identifier), revision: revision)
|
103
103
|
end
|
104
104
|
|
105
|
-
def
|
106
|
-
|
105
|
+
def latest_path(identifier)
|
106
|
+
PathHelper.path(identifier)
|
107
107
|
end
|
108
108
|
|
109
|
-
def
|
110
|
-
|
109
|
+
def build_path(identifier, revision)
|
110
|
+
PathHelper.path(identifier, revision)
|
111
111
|
end
|
112
112
|
|
113
113
|
end
|
@@ -15,15 +15,15 @@ module ConfigurationService
|
|
15
15
|
# * composing a revision (or "latest") into the path, to support
|
16
16
|
# revision history.
|
17
17
|
#
|
18
|
-
module
|
18
|
+
module PathHelper
|
19
19
|
|
20
20
|
PREFIX = "secret/config/v1" unless defined?(PREFIX)
|
21
21
|
|
22
22
|
##
|
23
23
|
# Returns the path for the given +revision+ of +identifier+
|
24
24
|
#
|
25
|
-
def self.
|
26
|
-
"#{
|
25
|
+
def self.path(identifier, revision = "latest")
|
26
|
+
"#{policy_path(identifier)}/#{revision}"
|
27
27
|
end
|
28
28
|
|
29
29
|
##
|
@@ -32,7 +32,7 @@ module ConfigurationService
|
|
32
32
|
# Since policies must apply to all revisions of the identified configuration,
|
33
33
|
# the policy path is necessarily broad.
|
34
34
|
#
|
35
|
-
def self.
|
35
|
+
def self.policy_path(identifier)
|
36
36
|
"#{PREFIX}/#{identifier}"
|
37
37
|
end
|
38
38
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: configuration_service-provider-vault
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sheldon Hearn
|
@@ -110,7 +110,7 @@ files:
|
|
110
110
|
- bin/console
|
111
111
|
- bin/setup
|
112
112
|
- lib/configuration_service/provider/vault.rb
|
113
|
-
- lib/configuration_service/provider/vault/
|
113
|
+
- lib/configuration_service/provider/vault/path_helper.rb
|
114
114
|
- lib/configuration_service/provider/vault/version.rb
|
115
115
|
homepage: http://www.hetzner.co.za
|
116
116
|
licenses: []
|