foreman_vault 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. checksums.yaml +7 -0
  2. data/LICENSE +619 -0
  3. data/README.md +55 -0
  4. data/Rakefile +47 -0
  5. data/app/controllers/api/v2/vault_connections_controller.rb +58 -0
  6. data/app/controllers/concerns/foreman_vault/controller/parameters/vault_connection.rb +23 -0
  7. data/app/controllers/vault_connections_controller.rb +42 -0
  8. data/app/jobs/refresh_vault_token.rb +28 -0
  9. data/app/jobs/refresh_vault_tokens.rb +25 -0
  10. data/app/lib/foreman_vault/macros.rb +15 -0
  11. data/app/models/vault_connection.rb +55 -0
  12. data/app/services/foreman_vault/vault_client.rb +38 -0
  13. data/app/views/api/v2/vault_connections/base.json.rabl +5 -0
  14. data/app/views/api/v2/vault_connections/create.json.rabl +5 -0
  15. data/app/views/api/v2/vault_connections/index.json.rabl +5 -0
  16. data/app/views/api/v2/vault_connections/main.json.rabl +5 -0
  17. data/app/views/api/v2/vault_connections/show.json.rabl +5 -0
  18. data/app/views/api/v2/vault_connections/update.json.rabl +5 -0
  19. data/app/views/vault_connections/_form.html.erb +7 -0
  20. data/app/views/vault_connections/edit.html.erb +3 -0
  21. data/app/views/vault_connections/index.html.erb +31 -0
  22. data/app/views/vault_connections/new.html.erb +3 -0
  23. data/config/foreman_vault.yaml.example +4 -0
  24. data/config/routes.rb +11 -0
  25. data/db/migrate/20180725072913_create_vault_connection.foreman_vault.rb +15 -0
  26. data/db/migrate/20180809172407_rename_vault_status_to_vault_error.foreman_vault.rb +7 -0
  27. data/lib/foreman_vault.rb +6 -0
  28. data/lib/foreman_vault/engine.rb +66 -0
  29. data/lib/foreman_vault/version.rb +5 -0
  30. data/lib/tasks/foreman_vault_tasks.rake +42 -0
  31. data/locale/Makefile +60 -0
  32. data/locale/en/foreman_vault.po +19 -0
  33. data/locale/foreman_vault.pot +19 -0
  34. data/locale/gemspec.rb +4 -0
  35. data/test/factories/foreman_vault_factories.rb +28 -0
  36. data/test/functional/api/v2/vault_connections_controller_test.rb +80 -0
  37. data/test/jobs/refresh_vault_token_test.rb +29 -0
  38. data/test/jobs/refresh_vault_tokens_test.rb +18 -0
  39. data/test/models/vault_connection_test.rb +13 -0
  40. data/test/test_plugin_helper.rb +9 -0
  41. data/test/unit/lib/foreman_vault/macros_test.rb +29 -0
  42. data/test/unit/services/foreman_vault/vault_client_test.rb +39 -0
  43. metadata +135 -0
@@ -0,0 +1,18 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'test_plugin_helper'
4
+
5
+ class RefreshVaultTokensTest < ActiveJob::TestCase
6
+ test 'should refresh vault token for valid VaultConnection' do
7
+ valid_vault_connection = FactoryBot.create(:vault_connection, :without_callbacks)
8
+ invalid_vault_connection = FactoryBot.create(:vault_connection, :invalid, :without_callbacks)
9
+
10
+ assert valid_vault_connection.token_valid?
11
+ assert_not invalid_vault_connection.token_valid?
12
+ RefreshVaultToken.expects(:perform_later).once.with(valid_vault_connection.id).returns(true)
13
+
14
+ RefreshVaultTokens.expects(:set).once.returns(nil) # Hack to prevent an infinite loop
15
+
16
+ perform_enqueued_jobs { RefreshVaultTokens.perform_later }
17
+ end
18
+ end
@@ -0,0 +1,13 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'test_plugin_helper'
4
+
5
+ class VaultConnectionTest < ActiveSupport::TestCase
6
+ subject { FactoryBot.create(:vault_connection, :without_callbacks) }
7
+ should validate_presence_of(:name)
8
+ should validate_uniqueness_of(:name)
9
+ should validate_presence_of(:token)
10
+ should validate_presence_of(:url)
11
+ should allow_value('http://127.0.0.1:8200').for(:url)
12
+ should_not allow_value('börks').for(:url)
13
+ end
@@ -0,0 +1,9 @@
1
+ # frozen_string_literal: true
2
+
3
+ # This calls the main test_helper in Foreman-core
4
+ require 'test_helper'
5
+ require 'vault'
6
+
7
+ # Add plugin to FactoryBot's paths
8
+ FactoryBot.definition_file_paths << File.join(File.dirname(__FILE__), 'factories')
9
+ FactoryBot.reload
@@ -0,0 +1,29 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'test_plugin_helper'
4
+
5
+ class MacrosTest < ActiveSupport::TestCase
6
+ class TestScope < Foreman::Renderer::Scope::Base
7
+ include ::ForemanVault::Macros
8
+ end
9
+
10
+ describe '#vault_secret' do
11
+ test 'should have vault_secret helper' do
12
+ host = FactoryBot.build_stubbed(:host)
13
+ template = OpenStruct.new(name: 'Test', template: 'Test')
14
+ source = Foreman::Renderer::Source::Database.new(template)
15
+
16
+ vault_connection = FactoryBot.create(:vault_connection, :without_callbacks)
17
+ secret_path = '/kv/my-secret'
18
+ response = OpenStruct.new(data: { foo: 'bar' })
19
+ logical = mock.tap { |object| object.expects(:read).once.with(secret_path).returns(response) }
20
+ client = mock.tap { |object| object.expects(:logical).once.returns(logical) }
21
+ Vault::Client.expects(:new).returns(client)
22
+
23
+ subject = TestScope.new(host: host, source: source)
24
+
25
+ assert subject.respond_to?(:vault_secret)
26
+ assert_equal response.data, subject.vault_secret(vault_connection.name, secret_path)
27
+ end
28
+ end
29
+ end
@@ -0,0 +1,39 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'test_plugin_helper'
4
+
5
+ class VaultClientTest < ActiveSupport::TestCase
6
+ setup do
7
+ @subject = ForemanVault::VaultClient.new('http://127.0.0.1:8200', 'e57e5ef2-b25c-a0e5-65a6-863ab095dff6')
8
+ @client = mock
9
+ Vault::Client.expects(:new).returns(@client)
10
+ end
11
+
12
+ describe '#fetch_expire_time' do
13
+ setup do
14
+ @time = '2018-08-01T20:08:55.525830559+02:00'
15
+ response = OpenStruct.new(data: { expire_time: @time })
16
+ auth_token = mock.tap { |object| object.expects(:lookup_self).once.returns(response) }
17
+ @client.expects(:auth_token).once.returns(auth_token)
18
+ end
19
+
20
+ test 'should return expire time' do
21
+ assert_equal Time.zone.parse(@time), @subject.fetch_expire_time
22
+ end
23
+ end
24
+
25
+ describe '#fetch_secret' do
26
+ setup do
27
+ @secret_path = '/kv/my-secret'
28
+ @data = { foo: 'bar' }
29
+ response = OpenStruct.new(data: @data)
30
+ logical = mock.tap { |object| object.expects(:read).once.with(@secret_path).returns(response) }
31
+
32
+ @client.expects(:logical).once.returns(logical)
33
+ end
34
+
35
+ test 'should return expire time' do
36
+ assert_equal @data, @subject.fetch_secret(@secret_path)
37
+ end
38
+ end
39
+ end
metadata ADDED
@@ -0,0 +1,135 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: foreman_vault
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - dmTECH GmbH
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2019-01-21 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: vault
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '0.1'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '0.1'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rdoc
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rubocop
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - '='
46
+ - !ruby/object:Gem::Version
47
+ version: 0.54.0
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - '='
53
+ - !ruby/object:Gem::Version
54
+ version: 0.54.0
55
+ description:
56
+ email:
57
+ - opensource@dm.de
58
+ executables: []
59
+ extensions: []
60
+ extra_rdoc_files: []
61
+ files:
62
+ - LICENSE
63
+ - README.md
64
+ - Rakefile
65
+ - app/controllers/api/v2/vault_connections_controller.rb
66
+ - app/controllers/concerns/foreman_vault/controller/parameters/vault_connection.rb
67
+ - app/controllers/vault_connections_controller.rb
68
+ - app/jobs/refresh_vault_token.rb
69
+ - app/jobs/refresh_vault_tokens.rb
70
+ - app/lib/foreman_vault/macros.rb
71
+ - app/models/vault_connection.rb
72
+ - app/services/foreman_vault/vault_client.rb
73
+ - app/views/api/v2/vault_connections/base.json.rabl
74
+ - app/views/api/v2/vault_connections/create.json.rabl
75
+ - app/views/api/v2/vault_connections/index.json.rabl
76
+ - app/views/api/v2/vault_connections/main.json.rabl
77
+ - app/views/api/v2/vault_connections/show.json.rabl
78
+ - app/views/api/v2/vault_connections/update.json.rabl
79
+ - app/views/vault_connections/_form.html.erb
80
+ - app/views/vault_connections/edit.html.erb
81
+ - app/views/vault_connections/index.html.erb
82
+ - app/views/vault_connections/new.html.erb
83
+ - config/foreman_vault.yaml.example
84
+ - config/routes.rb
85
+ - db/migrate/20180725072913_create_vault_connection.foreman_vault.rb
86
+ - db/migrate/20180809172407_rename_vault_status_to_vault_error.foreman_vault.rb
87
+ - lib/foreman_vault.rb
88
+ - lib/foreman_vault/engine.rb
89
+ - lib/foreman_vault/version.rb
90
+ - lib/tasks/foreman_vault_tasks.rake
91
+ - locale/Makefile
92
+ - locale/en/foreman_vault.po
93
+ - locale/foreman_vault.pot
94
+ - locale/gemspec.rb
95
+ - test/factories/foreman_vault_factories.rb
96
+ - test/functional/api/v2/vault_connections_controller_test.rb
97
+ - test/jobs/refresh_vault_token_test.rb
98
+ - test/jobs/refresh_vault_tokens_test.rb
99
+ - test/models/vault_connection_test.rb
100
+ - test/test_plugin_helper.rb
101
+ - test/unit/lib/foreman_vault/macros_test.rb
102
+ - test/unit/services/foreman_vault/vault_client_test.rb
103
+ homepage: https://github.com/dm-drogeriemarkt/foreman_vault
104
+ licenses:
105
+ - GPL-3.0
106
+ metadata: {}
107
+ post_install_message:
108
+ rdoc_options: []
109
+ require_paths:
110
+ - lib
111
+ required_ruby_version: !ruby/object:Gem::Requirement
112
+ requirements:
113
+ - - ">="
114
+ - !ruby/object:Gem::Version
115
+ version: '0'
116
+ required_rubygems_version: !ruby/object:Gem::Requirement
117
+ requirements:
118
+ - - ">="
119
+ - !ruby/object:Gem::Version
120
+ version: '0'
121
+ requirements: []
122
+ rubyforge_project:
123
+ rubygems_version: 2.7.3
124
+ signing_key:
125
+ specification_version: 4
126
+ summary: Adds support for using credentials from Hashicorp Vault
127
+ test_files:
128
+ - test/unit/lib/foreman_vault/macros_test.rb
129
+ - test/unit/services/foreman_vault/vault_client_test.rb
130
+ - test/models/vault_connection_test.rb
131
+ - test/factories/foreman_vault_factories.rb
132
+ - test/test_plugin_helper.rb
133
+ - test/jobs/refresh_vault_tokens_test.rb
134
+ - test/jobs/refresh_vault_token_test.rb
135
+ - test/functional/api/v2/vault_connections_controller_test.rb