foreman_vault 2.0.0 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +2 -1
- data/lib/foreman_vault/engine.rb +43 -47
- data/lib/foreman_vault/version.rb +1 -1
- metadata +3 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f4fbc008315206c64c8641835e56d14ef1b31f42ef411dfc321a3c8670998172
|
|
4
|
+
data.tar.gz: 3ff7634135705a37592423d8d993790041b826a4d414f7952187290ae4d9109b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9a7afc22a1db923534cd471d61b0837573c3f3db79c82ca7c6454148a281aa1adf76806fec9a39da3e4bb189e00a38ba2e3bf0e69382c48319489e24c943381d
|
|
7
|
+
data.tar.gz: 34e80dcc58fcf00a8673d6ca9a5f23f30196d5d8ab38640d34eb4323322572ad152f66b308e252d2a2be9d176082193a9acbc4e62006016f279c218841a319fd
|
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# ForemanVault
|
|
2
2
|
|
|
3
|
-
[<img src="https://
|
|
3
|
+
[<img src="https://raw.githubusercontent.com/dm-drogeriemarkt/.github/refs/heads/main/assets/dmtech-open-source-badge.svg">](https://www.dmtech.de/)
|
|
4
4
|
|
|
5
5
|
**Foreman Vault** is a plugin for Foreman that integrates with Hashicorp Vault for different things. Currently, it offers two distinct features.
|
|
6
6
|
|
|
@@ -22,6 +22,7 @@ This allows Foreman to create everything needed to access Hashicorp Vault direct
|
|
|
22
22
|
|
|
23
23
|
| Foreman Version | Plugin Version |
|
|
24
24
|
| --------------- | -------------- |
|
|
25
|
+
| >= 3.13 | ~> 3.0 |
|
|
25
26
|
| >= 3.9 | ~> 2.0 |
|
|
26
27
|
| >= 2.3 | ~> 1.0 |
|
|
27
28
|
| >= 1.23 | ~> 0.3, ~> 0.4 |
|
data/lib/foreman_vault/engine.rb
CHANGED
|
@@ -6,12 +6,6 @@ module ForemanVault
|
|
|
6
6
|
class Engine < ::Rails::Engine
|
|
7
7
|
engine_name 'foreman_vault'
|
|
8
8
|
|
|
9
|
-
config.autoload_paths += Dir["#{config.root}/app/controllers"]
|
|
10
|
-
config.autoload_paths += Dir["#{config.root}/app/models"]
|
|
11
|
-
config.autoload_paths += Dir["#{config.root}/app/services"]
|
|
12
|
-
config.autoload_paths += Dir["#{config.root}/app/lib"]
|
|
13
|
-
config.autoload_paths += Dir["#{config.root}/app/jobs"]
|
|
14
|
-
|
|
15
9
|
# Add any db migrations
|
|
16
10
|
initializer 'foreman_vault.load_app_instance_data' do |app|
|
|
17
11
|
ForemanVault::Engine.paths['db/migrate'].existent.each do |path|
|
|
@@ -19,52 +13,54 @@ module ForemanVault
|
|
|
19
13
|
end
|
|
20
14
|
end
|
|
21
15
|
|
|
22
|
-
initializer 'foreman_vault.register_plugin', before: :finisher_hook do |
|
|
23
|
-
|
|
24
|
-
|
|
16
|
+
initializer 'foreman_vault.register_plugin', before: :finisher_hook do |app|
|
|
17
|
+
app.reloader.to_prepare do
|
|
18
|
+
Foreman::Plugin.register :foreman_vault do
|
|
19
|
+
requires_foreman '>= 3.13'
|
|
25
20
|
|
|
26
|
-
|
|
21
|
+
apipie_documented_controllers ["#{ForemanVault::Engine.root}/app/controllers/api/v2/*.rb"]
|
|
27
22
|
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
23
|
+
# Add permissions
|
|
24
|
+
security_block :foreman_vault do
|
|
25
|
+
permission :view_vault_connections, { vault_connections: [:index, :show],
|
|
26
|
+
'api/v2/vault_connections': [:index, :show] }, resource_type: 'VaultConnection'
|
|
27
|
+
permission :create_vault_connections, { vault_connections: [:new, :create],
|
|
28
|
+
'api/v2/vault_connections': [:create] }, resource_type: 'VaultConnection'
|
|
29
|
+
permission :edit_vault_connections, { vault_connections: [:edit, :update],
|
|
30
|
+
'api/v2/vault_connections': [:update] }, resource_type: 'VaultConnection'
|
|
31
|
+
permission :destroy_vault_connections, { vault_connections: [:destroy],
|
|
32
|
+
'api/v2/vault_connections': [:destroy] }, resource_type: 'VaultConnection'
|
|
33
|
+
end
|
|
39
34
|
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
35
|
+
settings do
|
|
36
|
+
category(:vault, N_('Vault')) do
|
|
37
|
+
setting('vault_connection',
|
|
38
|
+
full_name: N_('Default Vault connection'),
|
|
39
|
+
type: :string,
|
|
40
|
+
description: N_('Default Vault Connection that can be override using parameters'),
|
|
41
|
+
default: VaultConnection.table_exists? && VaultConnection.unscoped.count == 1 ? VaultConnection.unscoped.first.name : nil,
|
|
42
|
+
collection: VaultConnection.table_exists? ? proc { Hash[VaultConnection.unscoped.all.map { |vc| [vc.name, vc.name] }] } : [],
|
|
43
|
+
include_blank: _('Select Vault Connection'))
|
|
44
|
+
setting('vault_policy_template',
|
|
45
|
+
full_name: N_('Vault Policy template name'),
|
|
46
|
+
type: :string,
|
|
47
|
+
description: N_('The name of the ProvisioningTemplate that will be used for Vault Policy'),
|
|
48
|
+
default: ProvisioningTemplate.unscoped.of_kind(:VaultPolicy).find_by(name: 'Default Vault Policy')&.name,
|
|
49
|
+
collection: proc { Hash[ProvisioningTemplate.unscoped.of_kind(:VaultPolicy).map { |tmpl| [tmpl.name, tmpl.name] }] },
|
|
50
|
+
include_blank: _('Select Template'))
|
|
51
|
+
setting('vault_orchestration_enabled',
|
|
52
|
+
full_name: N_('Vault Orchestration enabled'),
|
|
53
|
+
type: :boolean,
|
|
54
|
+
description: N_('Enable or disable the Vault orchestration step for managing policies and auth methods'),
|
|
55
|
+
default: false)
|
|
56
|
+
end
|
|
61
57
|
end
|
|
62
|
-
end
|
|
63
58
|
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
59
|
+
# add menu entry
|
|
60
|
+
menu :top_menu, :vault_connections, url_hash: { controller: :vault_connections, action: :index },
|
|
61
|
+
caption: N_('Vault Connections'),
|
|
62
|
+
parent: :infrastructure_menu
|
|
63
|
+
end
|
|
68
64
|
end
|
|
69
65
|
end
|
|
70
66
|
|
metadata
CHANGED
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foreman_vault
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 3.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- dmTECH GmbH
|
|
8
|
-
autorequire:
|
|
9
8
|
bindir: bin
|
|
10
9
|
cert_chain: []
|
|
11
|
-
date:
|
|
10
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
12
11
|
dependencies:
|
|
13
12
|
- !ruby/object:Gem::Dependency
|
|
14
13
|
name: vault
|
|
@@ -52,7 +51,6 @@ dependencies:
|
|
|
52
51
|
- - "~>"
|
|
53
52
|
- !ruby/object:Gem::Version
|
|
54
53
|
version: 0.1.2
|
|
55
|
-
description:
|
|
56
54
|
email:
|
|
57
55
|
- opensource@dm.de
|
|
58
56
|
executables: []
|
|
@@ -124,7 +122,6 @@ homepage: https://github.com/dm-drogeriemarkt/foreman_vault
|
|
|
124
122
|
licenses:
|
|
125
123
|
- GPL-3.0
|
|
126
124
|
metadata: {}
|
|
127
|
-
post_install_message:
|
|
128
125
|
rdoc_options: []
|
|
129
126
|
require_paths:
|
|
130
127
|
- lib
|
|
@@ -142,8 +139,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
142
139
|
- !ruby/object:Gem::Version
|
|
143
140
|
version: '0'
|
|
144
141
|
requirements: []
|
|
145
|
-
rubygems_version: 3.
|
|
146
|
-
signing_key:
|
|
142
|
+
rubygems_version: 3.6.7
|
|
147
143
|
specification_version: 4
|
|
148
144
|
summary: Adds support for using credentials from Hashicorp Vault
|
|
149
145
|
test_files:
|