consul-templaterb 1.3.1 → 1.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +14 -1
- data/TemplateAPI.md +56 -3
- data/lib/consul/async/consul_template.rb +3 -4
- data/lib/consul/async/version.rb +1 -1
- data/samples/consul-ui/js/service.js +6 -0
- data/samples/consul_template.txt.erb +1 -1
- data/samples/vault-ldap.txt.erb +17 -0
- metadata +3 -3
- data/samples/criteo/vault-test.erb +0 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 60bb02ded0414b955e2ddf979bd02587fd352af8dbb07c162e1985a0173b5fa3
|
|
4
|
+
data.tar.gz: dd78711af97ad24c9b01a228cfaabc0376484ef24fdc6c86fd7e541cf8421a05
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 32632e75b3742427a40373b36caeba46aab17eb634513a1c0d137be65adfb1ce02365c65024df651494bf635464268a2f2555dddd01baade3cad4ef03ccb1d4e
|
|
7
|
+
data.tar.gz: 129215ca52ccb173b31c0939c5438ad5bebb888b15733172ba333fca2f7a03016291a3ec542570679e38e9b64f5f3bb6a983129a461178fb3f8705cc57a3966b
|
data/CHANGELOG.md
CHANGED
|
@@ -2,8 +2,21 @@
|
|
|
2
2
|
|
|
3
3
|
## (UNRELEASED)
|
|
4
4
|
|
|
5
|
+
## 1.4.0 (July 23, 2018)
|
|
6
|
+
|
|
7
|
+
IMPROVEMENTS:
|
|
8
|
+
|
|
9
|
+
* minor fixes in samples
|
|
10
|
+
* consul-ui now supports `#service_<service_name>` anchors
|
|
11
|
+
|
|
12
|
+
NEW FEATURES:
|
|
13
|
+
|
|
14
|
+
* Support for Hashicorp Vault improvements thanks to [@uepoch](https://github.com/uepoch)
|
|
15
|
+
|
|
5
16
|
## 1.3.1 (June 19, 2018)
|
|
6
17
|
|
|
18
|
+
NEW FEATURES:
|
|
19
|
+
|
|
7
20
|
* samples/consul-ui/ now displays Service Meta information (new in Consul 1.1)
|
|
8
21
|
|
|
9
22
|
## 1.3.0 (June 7, 2018)
|
|
@@ -12,7 +25,7 @@ IMPROVEMENTS:
|
|
|
12
25
|
|
|
13
26
|
* samples/consul-ui/ now supports keys as well as nodes thanks to [@geobeau](https://github.com/geobeau)
|
|
14
27
|
|
|
15
|
-
NEW FEATURES
|
|
28
|
+
NEW FEATURES:
|
|
16
29
|
|
|
17
30
|
* EXPERIMENTAL Vault support thanks to [@uepoch](https://github.com/uepoch)
|
|
18
31
|
|
data/TemplateAPI.md
CHANGED
|
@@ -279,8 +279,61 @@ consul-templaterb --template "source.html.erb:dest.html:reload_command:params.ya
|
|
|
279
279
|
[...]
|
|
280
280
|
```
|
|
281
281
|
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
282
|
+
## secrets(prefix)
|
|
283
|
+
|
|
284
|
+
It requires that a Vault token is given either in parameter or in environment variable
|
|
285
|
+
The [policies](https://www.vaultproject.io/docs/concepts/policies.html) should be properly set.
|
|
286
|
+
|
|
287
|
+
List the secrets in vault under a given prefix.
|
|
288
|
+
|
|
289
|
+
<details><summary>Examples</summary>
|
|
290
|
+
<div class="samples">
|
|
291
|
+
|
|
292
|
+
### List all LDAP entities configured in Vault
|
|
293
|
+
|
|
294
|
+
```erb
|
|
295
|
+
<% ['users','groups'].each do |entity_type|
|
|
296
|
+
%><%= entity_type.capitalize %>: <%
|
|
297
|
+
secrets("auth/ldap/#{entity_type}/").each do |entity|
|
|
298
|
+
%> * <%=entity%>
|
|
299
|
+
<% end %>
|
|
300
|
+
<% end %>
|
|
301
|
+
```
|
|
302
|
+
|
|
303
|
+
Full example: [samples/vault-ldap.txt.erb](samples/vault-ldap.txt.erb)
|
|
304
|
+
|
|
305
|
+
</div>
|
|
306
|
+
</details>
|
|
307
|
+
|
|
308
|
+
## secret(path, [data = nil])
|
|
309
|
+
|
|
310
|
+
It requires that a Vault token is given either in parameter or in environment variable
|
|
311
|
+
The [policies](https://www.vaultproject.io/docs/concepts/policies.html) should be properly set.
|
|
312
|
+
|
|
313
|
+
Either read or write on a path in vault.
|
|
314
|
+
|
|
315
|
+
Having a non-nil data Hash will change the behavior from read to update and apply the given data.
|
|
316
|
+
|
|
317
|
+
Notice: For the moment the versionned KV abstration is not handled, if you want to access versioned KV, you have to hit the logical paths directly.
|
|
318
|
+
|
|
319
|
+
<details><summary>Examples</summary>
|
|
320
|
+
<div class="samples">
|
|
321
|
+
|
|
322
|
+
### Read LDAP configuration
|
|
323
|
+
|
|
324
|
+
```erb
|
|
325
|
+
secret('auth/ldap/config')['data']
|
|
326
|
+
```
|
|
327
|
+
|
|
328
|
+
Full example: [samples/vault-ldap.txt.erb](samples/vault-ldap.txt.erb)
|
|
329
|
+
|
|
330
|
+
|
|
331
|
+
### Read a path in non-versionned KV
|
|
332
|
+
```erb
|
|
333
|
+
secret('secret/foo', [force_ttl: intInSecond])
|
|
334
|
+
```
|
|
335
|
+
|
|
336
|
+
</div>
|
|
337
|
+
</details>
|
|
285
338
|
|
|
286
339
|
See [samples/common/header.html.erb](samples/common/header.html.erb) for example of usage.
|
|
@@ -139,10 +139,9 @@ module Consul
|
|
|
139
139
|
create_if_missing(path, query_params) { ConsulTemplateVaultSecretList.new(VaultEndpoint.new(vault_conf, path, 'GET',true, query_params,JSON.generate(data: {keys: []}))) }
|
|
140
140
|
end
|
|
141
141
|
|
|
142
|
-
def secret(path = '', post_data = nil
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
path = "/v1/#{path}"
|
|
142
|
+
def secret(path = '', post_data = nil)
|
|
143
|
+
raise "You need to provide a vault token to use 'secret' keyword" if vault_conf.token.nil?
|
|
144
|
+
path = "/v1/#{path}".gsub(/\/{2,}/, '/')
|
|
146
145
|
query_params = {}
|
|
147
146
|
method = post_data ? "POST" : "GET"
|
|
148
147
|
create_if_missing(path, query_params) { ConsulTemplateVaultSecret.new(VaultEndpoint.new(vault_conf, path, method, true, query_params, JSON.generate(data: {}))) }
|
data/lib/consul/async/version.rb
CHANGED
|
@@ -31,6 +31,12 @@ class ConsulService {
|
|
|
31
31
|
console.log('Data generated at: ' + data['generated_at']);
|
|
32
32
|
|
|
33
33
|
var urlParam = new URL(location.href).searchParams.get('service');
|
|
34
|
+
if (urlParam === null) {
|
|
35
|
+
var servicePrefix = '#service_'
|
|
36
|
+
if (location.hash.startsWith(servicePrefix)) {
|
|
37
|
+
urlParam = location.hash.substr(servicePrefix.length)
|
|
38
|
+
}
|
|
39
|
+
}
|
|
34
40
|
if (urlParam) {
|
|
35
41
|
var nodes = document.getElementById('service-list').childNodes;
|
|
36
42
|
for(var i in nodes) {
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
<% ['users','groups'].each do |entity_type|
|
|
2
|
+
%><%= entity_type.capitalize %>:
|
|
3
|
+
<%
|
|
4
|
+
secrets("auth/ldap/#{entity_type}/").each do |entity|
|
|
5
|
+
%> * <%=entity%>: <%= secret("auth/ldap/#{entity_type}/#{entity}")['data'].to_json %>
|
|
6
|
+
<% end %>
|
|
7
|
+
<% end %>
|
|
8
|
+
|
|
9
|
+
<%# Example Output:
|
|
10
|
+
Users:
|
|
11
|
+
* m.conraux: {"groups":"","policies":["operator"]}
|
|
12
|
+
* p.souchay: {"groups":"","policies":["duck_factory_rw"]}
|
|
13
|
+
|
|
14
|
+
Groups:
|
|
15
|
+
* usr-aws-passwords: {"policies":["aws_passwords"]}
|
|
16
|
+
* gu-analytics: {"policies":["kibana", "hadoop"]}
|
|
17
|
+
%>
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: consul-templaterb
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- SRE Core Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-07-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: em-http-request
|
|
@@ -194,7 +194,6 @@ files:
|
|
|
194
194
|
- samples/consul_template.txt.erb
|
|
195
195
|
- samples/consul_template.xml.erb
|
|
196
196
|
- samples/criteo/haproxy.cfg.erb
|
|
197
|
-
- samples/criteo/vault-test.erb
|
|
198
197
|
- samples/criteo_choregraphies.html.erb
|
|
199
198
|
- samples/criteo_choregraphies.txt.erb
|
|
200
199
|
- samples/ha_proxy.cfg.erb
|
|
@@ -202,6 +201,7 @@ files:
|
|
|
202
201
|
- samples/nodes.html.erb
|
|
203
202
|
- samples/sample_keys.html.erb
|
|
204
203
|
- samples/services.html.erb
|
|
204
|
+
- samples/vault-ldap.txt.erb
|
|
205
205
|
homepage: https://rubygems.org/gems/consul-templaterb
|
|
206
206
|
licenses:
|
|
207
207
|
- Apache v2
|