configuration_service-provider-vault 2.0.8 → 2.0.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gemspec +1 -1
- data/README.rdoc +2 -2
- data/Rakefile +4 -0
- data/contrib/README.md +15 -0
- data/contrib/authorize.rb +24 -0
- data/contrib/data.yml +32 -0
- data/contrib/publish.rb +30 -0
- data/contrib/request.rb +30 -0
- data/lib/configuration_service/provider/vault/version.rb +1 -1
- data/lib/configuration_service/test/vault_admin_client.rb +3 -0
- metadata +9 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1c340b4e069e913711ae00d9e920c117e0a49fbd
|
4
|
+
data.tar.gz: cc0560aee72c925e2ac209253496c5dce5178eee
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f095fedea346ed12e2ba041a1d10edf1426ce9a0dff5d0d0233ab6298eaf9a995fe1e3b291003b047e0056e6518f4fa3465babb8e46b0d035577bbd5ce334e9f
|
7
|
+
data.tar.gz: ed9fdcc1bcc8516b6e7ef4354b3adc49ed7d0a38a25df7dc2c927b3f79333857a2d2dd25111e6dfd55f801a5872235cccdf60fab7f80c3b2c723dd86be6145e8
|
data/.gemspec
CHANGED
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
|
|
18
18
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
19
19
|
spec.require_paths = ["lib"]
|
20
20
|
|
21
|
-
spec.add_dependency "vault", "~> 0.
|
21
|
+
spec.add_dependency "vault", "~> 0.2"
|
22
22
|
spec.add_dependency "configuration_service", "~> 2.0.5"
|
23
23
|
spec.add_development_dependency "bundler", "~> 1.7"
|
24
24
|
spec.add_development_dependency "rake", "~> 10.0"
|
data/README.rdoc
CHANGED
@@ -23,8 +23,8 @@ Our +main.rb+ (or +config.ru+ or whatever) is simple:
|
|
23
23
|
config_service = ConfigurationService::Factory::EnvironmentContext.create
|
24
24
|
config = config_service.request_configuration
|
25
25
|
|
26
|
-
$stderr.puts "Using configuration #{
|
27
|
-
acme_config = AcmeConfig.new(
|
26
|
+
$stderr.puts "Using configuration #{config.identifier} #{config.metadata}..."
|
27
|
+
acme_config = AcmeConfig.new(config.data)
|
28
28
|
acme_config.validate!
|
29
29
|
AcmeApplication.new(acme_config).run
|
30
30
|
|
data/Rakefile
CHANGED
@@ -4,6 +4,9 @@ task :default => :test
|
|
4
4
|
|
5
5
|
desc "Test the Vault provider for Configuration Service against a Vault development server"
|
6
6
|
task :test do
|
7
|
+
if File.exists?("#{ENV["HOME"]}/.vault-token")
|
8
|
+
raise "cannot test with ~/.vault-token present"
|
9
|
+
end
|
7
10
|
with_devserver do
|
8
11
|
Rake::Task["just_test"].invoke
|
9
12
|
end
|
@@ -20,6 +23,7 @@ end
|
|
20
23
|
def with_devserver
|
21
24
|
assert_no_vault_server
|
22
25
|
devserver_start
|
26
|
+
File.unlink("#{ENV["HOME"]}/.vault-token")
|
23
27
|
begin
|
24
28
|
yield
|
25
29
|
ensure
|
data/contrib/README.md
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
# Tools
|
2
|
+
|
3
|
+
These are just some tools we're using to manage configs for developers until
|
4
|
+
these workflows are specified and implemented.
|
5
|
+
|
6
|
+
* `publish.rb` - Publish configuration data
|
7
|
+
* `authorize.rb` - Get a token for consuming configuration data
|
8
|
+
* `request.rb` - Request configuration data (when we need to modify existing config)
|
9
|
+
|
10
|
+
These utilities all require the `VAULT_TOKEN` and `VAULT_ADDR` environment variables.
|
11
|
+
|
12
|
+
If you issue new tokens, please add them to the interim
|
13
|
+
[token expiry spreadsheet](https://docs.google.com/spreadsheets/d/1DLYPsbc4c427iJw0ZDA7T6-cd4dObSCBu6z4Ae53uYc/edit)
|
14
|
+
so that we will get [Configuration service token expiry alerts](https://github.com/hetznerZA/configuration_service-token-expiry)
|
15
|
+
for it.
|
@@ -0,0 +1,24 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
PROGNAME = File.basename(__FILE__)
|
4
|
+
require "configuration_service/test/vault_admin_client"
|
5
|
+
|
6
|
+
require "yaml"
|
7
|
+
|
8
|
+
if ARGV.size != 1
|
9
|
+
$stderr.puts "usage: #{PROGNAME} identifier"
|
10
|
+
exit(1)
|
11
|
+
end
|
12
|
+
|
13
|
+
%w[VAULT_TOKEN VAULT_ADDR].each do |e|
|
14
|
+
unless ENV[e]
|
15
|
+
$stderr.puts "#{PROGNAME}: error: missing environment variable #{e}"
|
16
|
+
exit(1)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
identifier = ARGV[0]
|
21
|
+
|
22
|
+
admin = ConfigurationService::Test::VaultAdminClient.new
|
23
|
+
token = admin.consumer_token(identifier)
|
24
|
+
puts token
|
data/contrib/data.yml
ADDED
@@ -0,0 +1,32 @@
|
|
1
|
+
---
|
2
|
+
cache-freshness: 86400
|
3
|
+
policy-store-uri: 1ZqPW6_t9-Vfq5uQAaaQRshaDxuoQEx0B1soT8C166L0
|
4
|
+
policy-store-email: 352849810700-1e8hicj0vpodr0jtfj5uas9igfu0l6cf@developer.gserviceaccount.com
|
5
|
+
policy-store-credentials: |
|
6
|
+
-----BEGIN RSA PRIVATE KEY-----
|
7
|
+
MIIEowIBAAKCAQEA6ERtikIXmRvN3FKS9nAOpj+jP+1xilcGo0QmSeelxZFcVZQj
|
8
|
+
MgIMZ/5kkAsTgGM1qXqsfhyNB8o34CePVQNbwz8hHfI/J64ys6gpNze3HIz/nTJJ
|
9
|
+
oRGOFw5qDr3jzwKuee113PC5BiwT45pnwOg5wBDOm1397ags2NmPuQK4JvsPQV2d
|
10
|
+
ltuQHiFSEkCeXn7HAujSL098IpNjhAbkTZP+K/+7Li62mZGvtBF/tDSIppijcTlm
|
11
|
+
qB+mcBffg68uwMGF97+FCkCVukAZwnwU8ki3fN/LdtPuzBQt38z7VI4nQYYJzL6x
|
12
|
+
zsDhyTYVdQM2uORSCXpQZ1+22gPPuX2kLFQQuwIDAQABAoIBAHyl9G9lZsqpTEI4
|
13
|
+
IlyU6Je5wT+Wiv9mEs7dzPqOkb1EdFwNAxJcXRIWSRuwhge5tlu81QNdCSasFG58
|
14
|
+
bISAJ+fRYlFy5wfBib42ud/DS8bLuIZBLZh+FlYzSyGcMLywwLf4gu9OVM2GLCpS
|
15
|
+
e+nf9tYnbumceKDpRyAdKe9tES0BO3Wv3FCMYQiEPsMlNr9aEXAlILZX2wlUyCxE
|
16
|
+
ZwM+pPwLUGGFeqDAjZZemTdUBW2TCjIG4xHNVto49xZbudIHVAXFzFfOokvRIH8X
|
17
|
+
DPGgW3mKOnLwQMDXmvXR5Mny1qwlNtDherObmEpB56zokza+kJl5M6fwOPATyGeE
|
18
|
+
JzCFPNkCgYEA+TMkmEp11HKcE8diI+hle36AGB7O67YMYKnbM2XoPQM7oqzwZvOr
|
19
|
+
uyI0fdPxkQ22zggpteyjdMg1qE0o5h3DsQ0VrhOAvRbpuFNXuwOt0r48NrxjqSVs
|
20
|
+
z8KKYSHDwT/EeOC3Jb3EV3YNwozpsHB2DiTz7KG9T0t7JI7JVCWrbk0CgYEA7pr/
|
21
|
+
imTqE/CZz5v9mH8am0/0WSyHR5d3RVfP0wBGhxPJWurJMgPBjyuh3Qn3ih7wNBlM
|
22
|
+
6TevsYY6aONO6cZdc7GqQPWiy81nxkPFeQ7n5PiYJ0i/P5vkqcfjmnCTPFutpP77
|
23
|
+
K0fQoOeOAhPolN3+3KEPVoYR92dtZEjP93QezycCgYEAuMV7/9NN9L0aDuxKT1eU
|
24
|
+
T3HnZnsJb+pm2RF4b27DOOH5yM+z3JIWJkXhZ97LgYMKpU+WJccVF5UPe//iMGWn
|
25
|
+
YNLT3WOmlA22NC7PoOHEc7sMCIW824DdYlrbodOYQuSWOA5engRL3ZGx+CvlZias
|
26
|
+
0iYCGtV9+Zp87wlULClWKA0CgYBxTBoRDe/0PefbI9fb5Gau3t1IxpMJ1Ism2xZs
|
27
|
+
u5HBrAyNZjTY0d3D7NT0DzqCVER8iJLznqSHaBQuH9klujI/sFoGdFyz5znic+W9
|
28
|
+
oO1N1RjydmGRg6WlVKvndpMDMwkV8pkzKOuQq8LLi8aBgZP2EWgmDo1Ta8IOv2A4
|
29
|
+
wOOsOwKBgFtm8fjMDNPlvex/ipajeGN7Vl4pKxsCOt2exazjdJ7jwE8QumlP1SiG
|
30
|
+
aod9Bw4cCtQE93nLkSikHgyHc2Rt5BhnjwgA8SpelAnCjAMJpM1I5frBoxQ9De4s
|
31
|
+
boYDtWRsqmIxz4lPhXVBwaTfPEchvHqkzi90hi6azRkyXcG6GV2L
|
32
|
+
-----END RSA PRIVATE KEY-----
|
data/contrib/publish.rb
ADDED
@@ -0,0 +1,30 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
PROGNAME = File.basename(__FILE__)
|
4
|
+
require "configuration_service/provider/vault"
|
5
|
+
|
6
|
+
require "yaml"
|
7
|
+
|
8
|
+
if ARGV.size != 2
|
9
|
+
$stderr.puts "usage: #{PROGNAME} identifier yaml_file"
|
10
|
+
exit(1)
|
11
|
+
end
|
12
|
+
|
13
|
+
%w[VAULT_TOKEN VAULT_ADDR].each do |e|
|
14
|
+
unless ENV[e]
|
15
|
+
$stderr.puts "#{PROGNAME}: error: missing environment variable #{e}"
|
16
|
+
exit(1)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
identifier = ARGV[0]
|
21
|
+
data = YAML.load_file(ARGV[1])
|
22
|
+
service = ConfigurationService::Base.new(
|
23
|
+
identifier,
|
24
|
+
ENV["VAULT_TOKEN"],
|
25
|
+
ConfigurationService::Provider::Vault.new(
|
26
|
+
address: ENV["VAULT_ADDR"]
|
27
|
+
)
|
28
|
+
)
|
29
|
+
|
30
|
+
puts service.publish_configuration(data).metadata
|
data/contrib/request.rb
ADDED
@@ -0,0 +1,30 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
PROGNAME = File.basename(__FILE__)
|
4
|
+
require "configuration_service/provider/vault"
|
5
|
+
|
6
|
+
require "yaml"
|
7
|
+
|
8
|
+
if ARGV.size != 1
|
9
|
+
$stderr.puts "usage: #{PROGNAME} identifier"
|
10
|
+
exit(1)
|
11
|
+
end
|
12
|
+
|
13
|
+
%w[VAULT_TOKEN VAULT_ADDR].each do |e|
|
14
|
+
unless ENV[e]
|
15
|
+
$stderr.puts "#{PROGNAME}: error: missing environment variable #{e}"
|
16
|
+
exit(1)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
identifier = ARGV[0]
|
21
|
+
service = ConfigurationService::Base.new(
|
22
|
+
identifier,
|
23
|
+
ENV["VAULT_TOKEN"],
|
24
|
+
ConfigurationService::Provider::Vault.new(
|
25
|
+
address: ENV["VAULT_ADDR"]
|
26
|
+
)
|
27
|
+
)
|
28
|
+
|
29
|
+
configuration = service.request_configuration
|
30
|
+
puts configuration.data.to_yaml
|
@@ -21,6 +21,9 @@ module ConfigurationService
|
|
21
21
|
# instance in the +VAULT_TOKEN+ envinronment variable.
|
22
22
|
#
|
23
23
|
def initialize
|
24
|
+
if ENV["VAULT_TOKEN"] and File.exists?("#{ENV["HOME"]}/.vault-token")
|
25
|
+
$stderr.puts "warning: ~/.vault-token overrides VAULT_TOKEN environment variable"
|
26
|
+
end
|
24
27
|
@vault = ::Vault::Client.new
|
25
28
|
end
|
26
29
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: configuration_service-provider-vault
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sheldon Hearn
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-
|
11
|
+
date: 2015-12-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: vault
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: '0.2'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: '0.2'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: configuration_service
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -111,6 +111,11 @@ files:
|
|
111
111
|
- Rakefile
|
112
112
|
- bin/console
|
113
113
|
- bin/setup
|
114
|
+
- contrib/README.md
|
115
|
+
- contrib/authorize.rb
|
116
|
+
- contrib/data.yml
|
117
|
+
- contrib/publish.rb
|
118
|
+
- contrib/request.rb
|
114
119
|
- lib/configuration_service/provider/vault.rb
|
115
120
|
- lib/configuration_service/provider/vault/path_helper.rb
|
116
121
|
- lib/configuration_service/provider/vault/version.rb
|