configuration_service-provider-vault 2.0.1 → 2.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d1ad7c18dfbaa9c962c87a0210eb3c090cced57a
|
|
4
|
+
data.tar.gz: c395e551be9186ea887ca9e2f3c027b9c24bc557
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 36dc4842ebd4851cb07c0ff038a566c98438789fab6ed5ea82853c83e2c840d685b4c247469a8df35f656e2b4b7778d944647fad2e04719c32802242022f1460
|
|
7
|
+
data.tar.gz: 4d317d67bb1dd4993e3a5a9e69dd4aca420a98c21fbdeacff2e4dc5a2b467b502f583c6f01a671af09ca160c098e0396d4a5e53ac27f3d7b7b277a429a173ca1
|
|
@@ -3,7 +3,7 @@ require "vault"
|
|
|
3
3
|
require "json"
|
|
4
4
|
require "time"
|
|
5
5
|
|
|
6
|
-
require_relative "vault/
|
|
6
|
+
require_relative "vault/path_helper"
|
|
7
7
|
|
|
8
8
|
module ConfigurationService
|
|
9
9
|
|
|
@@ -24,7 +24,7 @@ module ConfigurationService
|
|
|
24
24
|
##
|
|
25
25
|
# Request configuration from Vault
|
|
26
26
|
#
|
|
27
|
-
# The Vault secret path is composed by
|
|
27
|
+
# The Vault secret path is composed by PathHelper, using the +identifier+ and the string "latest".
|
|
28
28
|
#
|
|
29
29
|
# See #publish_configuration.
|
|
30
30
|
#
|
|
@@ -33,8 +33,8 @@ module ConfigurationService
|
|
|
33
33
|
|
|
34
34
|
adapt_exceptions do
|
|
35
35
|
if revision = get_latest_revision(identifier)
|
|
36
|
-
|
|
37
|
-
if response = @vault.logical.read(
|
|
36
|
+
path = build_path(identifier, revision)
|
|
37
|
+
if response = @vault.logical.read(path)
|
|
38
38
|
data, metadata = JSON.parse(response.data[:data]), JSON.parse(response.data[:metadata])
|
|
39
39
|
ConfigurationService::Configuration.new(identifier, data, metadata)
|
|
40
40
|
end
|
|
@@ -45,9 +45,9 @@ module ConfigurationService
|
|
|
45
45
|
##
|
|
46
46
|
# Publish configuration to Vault
|
|
47
47
|
#
|
|
48
|
-
# The configuration is written to a Vault path composed by
|
|
48
|
+
# The configuration is written to a Vault path composed by PathHelper, using the configuration's
|
|
49
49
|
# +identifier+ and metadata +revision+ as the path. That path is then written to another path,
|
|
50
|
-
# also composed by
|
|
50
|
+
# also composed by PathHelper, using +identifier+ and the string "latest".
|
|
51
51
|
#
|
|
52
52
|
# This allows the current configuration to always be retrieved from a predictable path in Vault,
|
|
53
53
|
# but preserves revision history of configuration.
|
|
@@ -61,8 +61,8 @@ module ConfigurationService
|
|
|
61
61
|
revision = metadata["revision"] or raise "can't publish configuration without revision in metadata"
|
|
62
62
|
|
|
63
63
|
adapt_exceptions do
|
|
64
|
-
|
|
65
|
-
@vault.logical.write(
|
|
64
|
+
path = build_path(identifier, revision)
|
|
65
|
+
@vault.logical.write(path, data: JSON.generate(data), metadata: JSON.generate(metadata), format: "json")
|
|
66
66
|
set_latest_revision(identifier, metadata["revision"])
|
|
67
67
|
ConfigurationService::Configuration.new(identifier, data, metadata)
|
|
68
68
|
end
|
|
@@ -93,21 +93,21 @@ module ConfigurationService
|
|
|
93
93
|
end
|
|
94
94
|
|
|
95
95
|
def get_latest_revision(identifier)
|
|
96
|
-
if response = @vault.logical.read(
|
|
96
|
+
if response = @vault.logical.read(latest_path(identifier))
|
|
97
97
|
response.data[:revision]
|
|
98
98
|
end
|
|
99
99
|
end
|
|
100
100
|
|
|
101
101
|
def set_latest_revision(identifier, revision)
|
|
102
|
-
@vault.logical.write(
|
|
102
|
+
@vault.logical.write(latest_path(identifier), revision: revision)
|
|
103
103
|
end
|
|
104
104
|
|
|
105
|
-
def
|
|
106
|
-
|
|
105
|
+
def latest_path(identifier)
|
|
106
|
+
PathHelper.path(identifier)
|
|
107
107
|
end
|
|
108
108
|
|
|
109
|
-
def
|
|
110
|
-
|
|
109
|
+
def build_path(identifier, revision)
|
|
110
|
+
PathHelper.path(identifier, revision)
|
|
111
111
|
end
|
|
112
112
|
|
|
113
113
|
end
|
|
@@ -15,15 +15,15 @@ module ConfigurationService
|
|
|
15
15
|
# * composing a revision (or "latest") into the path, to support
|
|
16
16
|
# revision history.
|
|
17
17
|
#
|
|
18
|
-
module
|
|
18
|
+
module PathHelper
|
|
19
19
|
|
|
20
20
|
PREFIX = "secret/config/v1" unless defined?(PREFIX)
|
|
21
21
|
|
|
22
22
|
##
|
|
23
23
|
# Returns the path for the given +revision+ of +identifier+
|
|
24
24
|
#
|
|
25
|
-
def self.
|
|
26
|
-
"#{
|
|
25
|
+
def self.path(identifier, revision = "latest")
|
|
26
|
+
"#{policy_path(identifier)}/#{revision}"
|
|
27
27
|
end
|
|
28
28
|
|
|
29
29
|
##
|
|
@@ -32,7 +32,7 @@ module ConfigurationService
|
|
|
32
32
|
# Since policies must apply to all revisions of the identified configuration,
|
|
33
33
|
# the policy path is necessarily broad.
|
|
34
34
|
#
|
|
35
|
-
def self.
|
|
35
|
+
def self.policy_path(identifier)
|
|
36
36
|
"#{PREFIX}/#{identifier}"
|
|
37
37
|
end
|
|
38
38
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: configuration_service-provider-vault
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sheldon Hearn
|
|
@@ -110,7 +110,7 @@ files:
|
|
|
110
110
|
- bin/console
|
|
111
111
|
- bin/setup
|
|
112
112
|
- lib/configuration_service/provider/vault.rb
|
|
113
|
-
- lib/configuration_service/provider/vault/
|
|
113
|
+
- lib/configuration_service/provider/vault/path_helper.rb
|
|
114
114
|
- lib/configuration_service/provider/vault/version.rb
|
|
115
115
|
homepage: http://www.hetzner.co.za
|
|
116
116
|
licenses: []
|