configuration_service-provider-vault 2.0.0 → 2.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +4 -11
  3. data/lib/configuration_service/provider/vault.rb +25 -4
  4. data/lib/configuration_service/provider/vault/index_helper.rb +21 -1
  5. data/lib/configuration_service/provider/vault/version.rb +1 -1
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: fbd2f8fa57732ffc8593b11fa2525435272804c2
4
- data.tar.gz: c756b1da1cc358126f7c9c96cbedaddf11033fc8
3
+ metadata.gz: 308555a5fbb41084a4993fff7e606b0d3ecaaa94
4
+ data.tar.gz: f31b038011e7af7e90e440f27357a7e3a6f715f0
5
5
  SHA512:
6
- metadata.gz: 01be9f302992db424027c82ee746d0e227fd1c34a041f598a37747450bd48edeaa32ddcea622759bdedfa549a9623474051e81103550e16163f57eb1bcfae788
7
- data.tar.gz: 65da9cea27cea1d94c20def2542abe96321995e3264da70f6fbf462f6a8906c1f1ea9bacec8be4b063c2b204d9fde8c00c76907a64bfa376d1755d8d3cd44529
6
+ metadata.gz: a3a365096aa3acd90582d00b5496124e7657703a73ff711651736f10059710f57225731d73e1a5164967d3db292e3e12523cc77e2ecf79f9503c79a6cdf130b1
7
+ data.tar.gz: 42f59961c487c15e69ad9b6e618a7f7b5b8286b71876532e999602a43f80afb42f66f931c5dd2fd7126293e5b4221edc64abeb844755324c917e2f90df698675
data/README.md CHANGED
@@ -21,11 +21,8 @@ require 'bundler'
21
21
  Bundler.require(:default)
22
22
 
23
23
  service = ConfigurationService::Factory::EnvironmentContext.create
24
- if configuraton = service.request_configuration
25
- AcmeApplication.new(configuration.data).run
26
- else
27
- raise "configuration not found"
28
- end
24
+ configuraton = service.request_configuration
25
+ AcmeApplication.new(configuration.data).run
29
26
  ```
30
27
 
31
28
  This relies on a [bundler](http://bundler.io) Gemfile to provide the
@@ -69,9 +66,5 @@ service = ConfigurationService.new(
69
66
  address: "http://127.0.0.1:8200"
70
67
  )
71
68
  )
72
- if configuraton = service.request_configuration
73
- AcmeApplication.new(configuration.data).run
74
- else
75
- raise "configuration not found"
76
- end
77
- ```
69
+ configuraton = service.request_configuration
70
+ AcmeApplication.new(configuration.data).run
data/lib/configuration_service/provider/vault.rb CHANGED
@@ -9,12 +9,25 @@ module ConfigurationService
9
9
 
10
10
  module Provider
11
11
 
12
+ ##
13
+ # Vault provider for the configuration service
14
+ #
15
+ # Instances of this class are intended to be composed into a ConfigurationService::Base,
16
+ # usually by a ConfigurationService::Factory.
17
+ #
12
18
  class Vault
13
19
 
14
20
  def initialize(address:)
15
21
  @vault = ::Vault::Client.new(address: address)
16
22
  end
17
23
 
24
+ ##
25
+ # Request configuration from Vault
26
+ #
27
+ # The Vault secret path is composed by IndexHelper, using the +identifier+ and the string "latest".
28
+ #
29
+ # See #publish_configuration.
30
+ #
18
31
  def request_configuration(identifier, token)
19
32
  authenticate(token)
20
33
 
@@ -29,6 +42,18 @@ module ConfigurationService
29
42
  end
30
43
  end
31
44
 
45
+ ##
46
+ # Publish configuration to Vault
47
+ #
48
+ # The configuration is written to a Vault path composed by IndexHelper, using the configuration's
49
+ # +identifier+ and metadata +revision+ as the path. That path is then written to another path,
50
+ # also composed by IndexHelper, using +identifier+ and the string "latest".
51
+ #
52
+ # This allows the current configuration to always be retrieved from a predictable path in Vault,
53
+ # but preserves revision history of configuration.
54
+ #
55
+ # TODO make revision history queryable (blocked by https://github.com/hashicorp/vault/issues/111)
56
+ #
32
57
  def publish_configuration(configuration, token)
33
58
  authenticate(token)
34
59
 
@@ -43,10 +68,6 @@ module ConfigurationService
43
68
  end
44
69
  end
45
70
 
46
- def key(identifier)
47
- self.class.key(identifier)
48
- end
49
-
50
71
  private
51
72
 
52
73
  # We explicitly disallow a nil token to defeat ::Vault::Client's default behaviour
data/lib/configuration_service/provider/vault/index_helper.rb CHANGED
@@ -4,14 +4,34 @@ module ConfigurationService
4
4
 
5
5
  class Vault
6
6
 
7
+ ##
8
+ # Utility module for creating Vault paths
9
+ #
10
+ # The module supports:
11
+ #
12
+ # * versioning paths to support backward-incompatible changes to the
13
+ # pathing and data schemes;
14
+ # * composing the configuration identifier into the path, and
15
+ # * composing a revision (or "latest") into the path, to support
16
+ # revision history.
17
+ #
7
18
  module IndexHelper
8
19
 
9
- PREFIX = "secret/config/v1"
20
+ PREFIX = "secret/config/v1" unless defined?(PREFIX)
10
21
 
22
+ ##
23
+ # Returns the path for the given +revision+ of +identifier+
24
+ #
11
25
  def self.index(identifier, revision = "latest")
12
26
  "#{policy_index(identifier)}/#{revision}"
13
27
  end
14
28
 
29
+ ##
30
+ # Returns the policy path for the given +identifier+
31
+ #
32
+ # Since policies must apply to all revisions of the identified configuration,
33
+ # the policy path is necessarily broad.
34
+ #
15
35
  def self.policy_index(identifier)
16
36
  "#{PREFIX}/#{identifier}"
17
37
  end
data/lib/configuration_service/provider/vault/version.rb CHANGED
@@ -4,7 +4,7 @@ module ConfigurationService
4
4
 
5
5
  class Vault
6
6
 
7
- VERSION = "2.0.0"
7
+ VERSION = "2.0.1"
8
8
 
9
9
  end
10
10
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: configuration_service-provider-vault
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sheldon Hearn