foreman_vault 0.0.1

data/test/jobs/refresh_vault_tokens_test.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+require 'test_plugin_helper'
+
+class RefreshVaultTokensTest < ActiveJob::TestCase
+  test 'should refresh vault token for valid VaultConnection' do
+    valid_vault_connection = FactoryBot.create(:vault_connection, :without_callbacks)
+    invalid_vault_connection = FactoryBot.create(:vault_connection, :invalid, :without_callbacks)
+
+    assert valid_vault_connection.token_valid?
+    assert_not invalid_vault_connection.token_valid?
+    RefreshVaultToken.expects(:perform_later).once.with(valid_vault_connection.id).returns(true)
+
+    RefreshVaultTokens.expects(:set).once.returns(nil) # Hack to prevent an infinite loop
+
+    perform_enqueued_jobs { RefreshVaultTokens.perform_later }
+  end
+end

data/test/models/vault_connection_test.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'test_plugin_helper'
+
+class VaultConnectionTest < ActiveSupport::TestCase
+  subject { FactoryBot.create(:vault_connection, :without_callbacks) }
+  should validate_presence_of(:name)
+  should validate_uniqueness_of(:name)
+  should validate_presence_of(:token)
+  should validate_presence_of(:url)
+  should allow_value('http://127.0.0.1:8200').for(:url)
+  should_not allow_value('börks').for(:url)
+end

data/test/test_plugin_helper.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+# This calls the main test_helper in Foreman-core
+require 'test_helper'
+require 'vault'
+
+# Add plugin to FactoryBot's paths
+FactoryBot.definition_file_paths << File.join(File.dirname(__FILE__), 'factories')
+FactoryBot.reload

data/test/unit/lib/foreman_vault/macros_test.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require 'test_plugin_helper'
+
+class MacrosTest < ActiveSupport::TestCase
+  class TestScope < Foreman::Renderer::Scope::Base
+    include ::ForemanVault::Macros
+  end
+
+  describe '#vault_secret' do
+    test 'should have vault_secret helper' do
+      host = FactoryBot.build_stubbed(:host)
+      template = OpenStruct.new(name: 'Test', template: 'Test')
+      source = Foreman::Renderer::Source::Database.new(template)
+
+      vault_connection = FactoryBot.create(:vault_connection, :without_callbacks)
+      secret_path = '/kv/my-secret'
+      response = OpenStruct.new(data: { foo: 'bar' })
+      logical = mock.tap { |object| object.expects(:read).once.with(secret_path).returns(response) }
+      client = mock.tap { |object| object.expects(:logical).once.returns(logical) }
+      Vault::Client.expects(:new).returns(client)
+
+      subject = TestScope.new(host: host, source: source)
+
+      assert subject.respond_to?(:vault_secret)
+      assert_equal response.data, subject.vault_secret(vault_connection.name, secret_path)
+    end
+  end
+end

data/test/unit/services/foreman_vault/vault_client_test.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'test_plugin_helper'
+
+class VaultClientTest < ActiveSupport::TestCase
+  setup do
+    @subject = ForemanVault::VaultClient.new('http://127.0.0.1:8200', 'e57e5ef2-b25c-a0e5-65a6-863ab095dff6')
+    @client = mock
+    Vault::Client.expects(:new).returns(@client)
+  end
+
+  describe '#fetch_expire_time' do
+    setup do
+      @time = '2018-08-01T20:08:55.525830559+02:00'
+      response = OpenStruct.new(data: { expire_time: @time })
+      auth_token = mock.tap { |object| object.expects(:lookup_self).once.returns(response) }
+      @client.expects(:auth_token).once.returns(auth_token)
+    end
+
+    test 'should return expire time' do
+      assert_equal Time.zone.parse(@time), @subject.fetch_expire_time
+    end
+  end
+
+  describe '#fetch_secret' do
+    setup do
+      @secret_path = '/kv/my-secret'
+      @data = { foo: 'bar' }
+      response = OpenStruct.new(data: @data)
+      logical = mock.tap { |object| object.expects(:read).once.with(@secret_path).returns(response) }
+
+      @client.expects(:logical).once.returns(logical)
+    end
+
+    test 'should return expire time' do
+      assert_equal @data, @subject.fetch_secret(@secret_path)
+    end
+  end
+end

metadata

@@ -0,0 +1,135 @@
+--- !ruby/object:Gem::Specification
+name: foreman_vault
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- dmTECH GmbH
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2019-01-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: vault
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.54.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.54.0
+description: 
+email:
+- opensource@dm.de
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- README.md
+- Rakefile
+- app/controllers/api/v2/vault_connections_controller.rb
+- app/controllers/concerns/foreman_vault/controller/parameters/vault_connection.rb
+- app/controllers/vault_connections_controller.rb
+- app/jobs/refresh_vault_token.rb
+- app/jobs/refresh_vault_tokens.rb
+- app/lib/foreman_vault/macros.rb
+- app/models/vault_connection.rb
+- app/services/foreman_vault/vault_client.rb
+- app/views/api/v2/vault_connections/base.json.rabl
+- app/views/api/v2/vault_connections/create.json.rabl
+- app/views/api/v2/vault_connections/index.json.rabl
+- app/views/api/v2/vault_connections/main.json.rabl
+- app/views/api/v2/vault_connections/show.json.rabl
+- app/views/api/v2/vault_connections/update.json.rabl
+- app/views/vault_connections/_form.html.erb
+- app/views/vault_connections/edit.html.erb
+- app/views/vault_connections/index.html.erb
+- app/views/vault_connections/new.html.erb
+- config/foreman_vault.yaml.example
+- config/routes.rb
+- db/migrate/20180725072913_create_vault_connection.foreman_vault.rb
+- db/migrate/20180809172407_rename_vault_status_to_vault_error.foreman_vault.rb
+- lib/foreman_vault.rb
+- lib/foreman_vault/engine.rb
+- lib/foreman_vault/version.rb
+- lib/tasks/foreman_vault_tasks.rake
+- locale/Makefile
+- locale/en/foreman_vault.po
+- locale/foreman_vault.pot
+- locale/gemspec.rb
+- test/factories/foreman_vault_factories.rb
+- test/functional/api/v2/vault_connections_controller_test.rb
+- test/jobs/refresh_vault_token_test.rb
+- test/jobs/refresh_vault_tokens_test.rb
+- test/models/vault_connection_test.rb
+- test/test_plugin_helper.rb
+- test/unit/lib/foreman_vault/macros_test.rb
+- test/unit/services/foreman_vault/vault_client_test.rb
+homepage: https://github.com/dm-drogeriemarkt/foreman_vault
+licenses:
+- GPL-3.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.3
+signing_key: 
+specification_version: 4
+summary: Adds support for using credentials from Hashicorp Vault
+test_files:
+- test/unit/lib/foreman_vault/macros_test.rb
+- test/unit/services/foreman_vault/vault_client_test.rb
+- test/models/vault_connection_test.rb
+- test/factories/foreman_vault_factories.rb
+- test/test_plugin_helper.rb
+- test/jobs/refresh_vault_tokens_test.rb
+- test/jobs/refresh_vault_token_test.rb
+- test/functional/api/v2/vault_connections_controller_test.rb