foreman_vault 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (43) hide show
  1. checksums.yaml +7 -0
  2. data/LICENSE +619 -0
  3. data/README.md +55 -0
  4. data/Rakefile +47 -0
  5. data/app/controllers/api/v2/vault_connections_controller.rb +58 -0
  6. data/app/controllers/concerns/foreman_vault/controller/parameters/vault_connection.rb +23 -0
  7. data/app/controllers/vault_connections_controller.rb +42 -0
  8. data/app/jobs/refresh_vault_token.rb +28 -0
  9. data/app/jobs/refresh_vault_tokens.rb +25 -0
  10. data/app/lib/foreman_vault/macros.rb +15 -0
  11. data/app/models/vault_connection.rb +55 -0
  12. data/app/services/foreman_vault/vault_client.rb +38 -0
  13. data/app/views/api/v2/vault_connections/base.json.rabl +5 -0
  14. data/app/views/api/v2/vault_connections/create.json.rabl +5 -0
  15. data/app/views/api/v2/vault_connections/index.json.rabl +5 -0
  16. data/app/views/api/v2/vault_connections/main.json.rabl +5 -0
  17. data/app/views/api/v2/vault_connections/show.json.rabl +5 -0
  18. data/app/views/api/v2/vault_connections/update.json.rabl +5 -0
  19. data/app/views/vault_connections/_form.html.erb +7 -0
  20. data/app/views/vault_connections/edit.html.erb +3 -0
  21. data/app/views/vault_connections/index.html.erb +31 -0
  22. data/app/views/vault_connections/new.html.erb +3 -0
  23. data/config/foreman_vault.yaml.example +4 -0
  24. data/config/routes.rb +11 -0
  25. data/db/migrate/20180725072913_create_vault_connection.foreman_vault.rb +15 -0
  26. data/db/migrate/20180809172407_rename_vault_status_to_vault_error.foreman_vault.rb +7 -0
  27. data/lib/foreman_vault.rb +6 -0
  28. data/lib/foreman_vault/engine.rb +66 -0
  29. data/lib/foreman_vault/version.rb +5 -0
  30. data/lib/tasks/foreman_vault_tasks.rake +42 -0
  31. data/locale/Makefile +60 -0
  32. data/locale/en/foreman_vault.po +19 -0
  33. data/locale/foreman_vault.pot +19 -0
  34. data/locale/gemspec.rb +4 -0
  35. data/test/factories/foreman_vault_factories.rb +28 -0
  36. data/test/functional/api/v2/vault_connections_controller_test.rb +80 -0
  37. data/test/jobs/refresh_vault_token_test.rb +29 -0
  38. data/test/jobs/refresh_vault_tokens_test.rb +18 -0
  39. data/test/models/vault_connection_test.rb +13 -0
  40. data/test/test_plugin_helper.rb +9 -0
  41. data/test/unit/lib/foreman_vault/macros_test.rb +29 -0
  42. data/test/unit/services/foreman_vault/vault_client_test.rb +39 -0
  43. metadata +135 -0
@@ -0,0 +1,18 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'test_plugin_helper'
4
+
5
+ class RefreshVaultTokensTest < ActiveJob::TestCase
6
+ test 'should refresh vault token for valid VaultConnection' do
7
+ valid_vault_connection = FactoryBot.create(:vault_connection, :without_callbacks)
8
+ invalid_vault_connection = FactoryBot.create(:vault_connection, :invalid, :without_callbacks)
9
+
10
+ assert valid_vault_connection.token_valid?
11
+ assert_not invalid_vault_connection.token_valid?
12
+ RefreshVaultToken.expects(:perform_later).once.with(valid_vault_connection.id).returns(true)
13
+
14
+ RefreshVaultTokens.expects(:set).once.returns(nil) # Hack to prevent an infinite loop
15
+
16
+ perform_enqueued_jobs { RefreshVaultTokens.perform_later }
17
+ end
18
+ end
@@ -0,0 +1,13 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'test_plugin_helper'
4
+
5
+ class VaultConnectionTest < ActiveSupport::TestCase
6
+ subject { FactoryBot.create(:vault_connection, :without_callbacks) }
7
+ should validate_presence_of(:name)
8
+ should validate_uniqueness_of(:name)
9
+ should validate_presence_of(:token)
10
+ should validate_presence_of(:url)
11
+ should allow_value('http://127.0.0.1:8200').for(:url)
12
+ should_not allow_value('börks').for(:url)
13
+ end
@@ -0,0 +1,9 @@
1
+ # frozen_string_literal: true
2
+
3
+ # This calls the main test_helper in Foreman-core
4
+ require 'test_helper'
5
+ require 'vault'
6
+
7
+ # Add plugin to FactoryBot's paths
8
+ FactoryBot.definition_file_paths << File.join(File.dirname(__FILE__), 'factories')
9
+ FactoryBot.reload
@@ -0,0 +1,29 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'test_plugin_helper'
4
+
5
+ class MacrosTest < ActiveSupport::TestCase
6
+ class TestScope < Foreman::Renderer::Scope::Base
7
+ include ::ForemanVault::Macros
8
+ end
9
+
10
+ describe '#vault_secret' do
11
+ test 'should have vault_secret helper' do
12
+ host = FactoryBot.build_stubbed(:host)
13
+ template = OpenStruct.new(name: 'Test', template: 'Test')
14
+ source = Foreman::Renderer::Source::Database.new(template)
15
+
16
+ vault_connection = FactoryBot.create(:vault_connection, :without_callbacks)
17
+ secret_path = '/kv/my-secret'
18
+ response = OpenStruct.new(data: { foo: 'bar' })
19
+ logical = mock.tap { |object| object.expects(:read).once.with(secret_path).returns(response) }
20
+ client = mock.tap { |object| object.expects(:logical).once.returns(logical) }
21
+ Vault::Client.expects(:new).returns(client)
22
+
23
+ subject = TestScope.new(host: host, source: source)
24
+
25
+ assert subject.respond_to?(:vault_secret)
26
+ assert_equal response.data, subject.vault_secret(vault_connection.name, secret_path)
27
+ end
28
+ end
29
+ end
@@ -0,0 +1,39 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'test_plugin_helper'
4
+
5
+ class VaultClientTest < ActiveSupport::TestCase
6
+ setup do
7
+ @subject = ForemanVault::VaultClient.new('http://127.0.0.1:8200', 'e57e5ef2-b25c-a0e5-65a6-863ab095dff6')
8
+ @client = mock
9
+ Vault::Client.expects(:new).returns(@client)
10
+ end
11
+
12
+ describe '#fetch_expire_time' do
13
+ setup do
14
+ @time = '2018-08-01T20:08:55.525830559+02:00'
15
+ response = OpenStruct.new(data: { expire_time: @time })
16
+ auth_token = mock.tap { |object| object.expects(:lookup_self).once.returns(response) }
17
+ @client.expects(:auth_token).once.returns(auth_token)
18
+ end
19
+
20
+ test 'should return expire time' do
21
+ assert_equal Time.zone.parse(@time), @subject.fetch_expire_time
22
+ end
23
+ end
24
+
25
+ describe '#fetch_secret' do
26
+ setup do
27
+ @secret_path = '/kv/my-secret'
28
+ @data = { foo: 'bar' }
29
+ response = OpenStruct.new(data: @data)
30
+ logical = mock.tap { |object| object.expects(:read).once.with(@secret_path).returns(response) }
31
+
32
+ @client.expects(:logical).once.returns(logical)
33
+ end
34
+
35
+ test 'should return expire time' do
36
+ assert_equal @data, @subject.fetch_secret(@secret_path)
37
+ end
38
+ end
39
+ end
metadata ADDED
@@ -0,0 +1,135 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: foreman_vault
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - dmTECH GmbH
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2019-01-21 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: vault
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '0.1'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '0.1'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rdoc
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rubocop
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - '='
46
+ - !ruby/object:Gem::Version
47
+ version: 0.54.0
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - '='
53
+ - !ruby/object:Gem::Version
54
+ version: 0.54.0
55
+ description:
56
+ email:
57
+ - opensource@dm.de
58
+ executables: []
59
+ extensions: []
60
+ extra_rdoc_files: []
61
+ files:
62
+ - LICENSE
63
+ - README.md
64
+ - Rakefile
65
+ - app/controllers/api/v2/vault_connections_controller.rb
66
+ - app/controllers/concerns/foreman_vault/controller/parameters/vault_connection.rb
67
+ - app/controllers/vault_connections_controller.rb
68
+ - app/jobs/refresh_vault_token.rb
69
+ - app/jobs/refresh_vault_tokens.rb
70
+ - app/lib/foreman_vault/macros.rb
71
+ - app/models/vault_connection.rb
72
+ - app/services/foreman_vault/vault_client.rb
73
+ - app/views/api/v2/vault_connections/base.json.rabl
74
+ - app/views/api/v2/vault_connections/create.json.rabl
75
+ - app/views/api/v2/vault_connections/index.json.rabl
76
+ - app/views/api/v2/vault_connections/main.json.rabl
77
+ - app/views/api/v2/vault_connections/show.json.rabl
78
+ - app/views/api/v2/vault_connections/update.json.rabl
79
+ - app/views/vault_connections/_form.html.erb
80
+ - app/views/vault_connections/edit.html.erb
81
+ - app/views/vault_connections/index.html.erb
82
+ - app/views/vault_connections/new.html.erb
83
+ - config/foreman_vault.yaml.example
84
+ - config/routes.rb
85
+ - db/migrate/20180725072913_create_vault_connection.foreman_vault.rb
86
+ - db/migrate/20180809172407_rename_vault_status_to_vault_error.foreman_vault.rb
87
+ - lib/foreman_vault.rb
88
+ - lib/foreman_vault/engine.rb
89
+ - lib/foreman_vault/version.rb
90
+ - lib/tasks/foreman_vault_tasks.rake
91
+ - locale/Makefile
92
+ - locale/en/foreman_vault.po
93
+ - locale/foreman_vault.pot
94
+ - locale/gemspec.rb
95
+ - test/factories/foreman_vault_factories.rb
96
+ - test/functional/api/v2/vault_connections_controller_test.rb
97
+ - test/jobs/refresh_vault_token_test.rb
98
+ - test/jobs/refresh_vault_tokens_test.rb
99
+ - test/models/vault_connection_test.rb
100
+ - test/test_plugin_helper.rb
101
+ - test/unit/lib/foreman_vault/macros_test.rb
102
+ - test/unit/services/foreman_vault/vault_client_test.rb
103
+ homepage: https://github.com/dm-drogeriemarkt/foreman_vault
104
+ licenses:
105
+ - GPL-3.0
106
+ metadata: {}
107
+ post_install_message:
108
+ rdoc_options: []
109
+ require_paths:
110
+ - lib
111
+ required_ruby_version: !ruby/object:Gem::Requirement
112
+ requirements:
113
+ - - ">="
114
+ - !ruby/object:Gem::Version
115
+ version: '0'
116
+ required_rubygems_version: !ruby/object:Gem::Requirement
117
+ requirements:
118
+ - - ">="
119
+ - !ruby/object:Gem::Version
120
+ version: '0'
121
+ requirements: []
122
+ rubyforge_project:
123
+ rubygems_version: 2.7.3
124
+ signing_key:
125
+ specification_version: 4
126
+ summary: Adds support for using credentials from Hashicorp Vault
127
+ test_files:
128
+ - test/unit/lib/foreman_vault/macros_test.rb
129
+ - test/unit/services/foreman_vault/vault_client_test.rb
130
+ - test/models/vault_connection_test.rb
131
+ - test/factories/foreman_vault_factories.rb
132
+ - test/test_plugin_helper.rb
133
+ - test/jobs/refresh_vault_tokens_test.rb
134
+ - test/jobs/refresh_vault_token_test.rb
135
+ - test/functional/api/v2/vault_connections_controller_test.rb