hako-vault 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +18 -0
- data/README.md +1 -1
- data/hako-vault.gemspec +1 -1
- data/lib/hako/env_providers/vault.rb +26 -6
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 22c6fcbd129b51b0c3ade5c375f03f1b2a398c3e
|
|
4
|
+
data.tar.gz: 258e19161da4d0fce2b195b21a5b6bf9e5d02111
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 33b7621675c97fcc07e609ca5ffcc8a50e5f619819f7962fe377800a547140139ef3104ffbe7f5404dd26febafcd1af1acdff7a37db02688549dbb5e9acabe63
|
|
7
|
+
data.tar.gz: 798a41387e80ad8b82ef2886cac5bb7875b62a07a9dd2e0f04e1ca3b20c1f008052e6a5f1c6aa3d79fe6faabc260e3d1d2fa9781b6bd2a8d7ed3aaa98d595d69
|
data/CHANGELOG.md
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
# 0.2.2 (2017-06-26)
|
|
2
|
+
## Bug fixes
|
|
3
|
+
- Retry when Vault returns 5xx
|
|
4
|
+
|
|
5
|
+
# 0.2.1 (2017-03-02)
|
|
6
|
+
## Bug fixes
|
|
7
|
+
- Add missing require
|
|
8
|
+
|
|
9
|
+
# 0.2.0 (2017-02-28)
|
|
10
|
+
## New features
|
|
11
|
+
- Support `ask_keys` method for latest hako
|
|
12
|
+
|
|
13
|
+
# 0.1.1 (2017-01-16)
|
|
14
|
+
## Bug fixes
|
|
15
|
+
- Do not hold VAULT_TOKEN as ivar for security reason
|
|
16
|
+
|
|
17
|
+
# 0.1.0 (2017-01-12)
|
|
18
|
+
- Initial release
|
data/README.md
CHANGED
|
@@ -48,7 +48,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
|
|
|
48
48
|
|
|
49
49
|
## Contributing
|
|
50
50
|
|
|
51
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/
|
|
51
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/eagletmt/hako-vault.
|
|
52
52
|
|
|
53
53
|
|
|
54
54
|
## License
|
data/hako-vault.gemspec
CHANGED
|
@@ -35,9 +35,7 @@ module Hako
|
|
|
35
35
|
env = {}
|
|
36
36
|
@http.start do
|
|
37
37
|
variables.each do |key|
|
|
38
|
-
|
|
39
|
-
req['X-Vault-Token'] = ENV['VAULT_TOKEN']
|
|
40
|
-
res = @http.request(req)
|
|
38
|
+
res = get_with_retry("/v1/secret/#{@directory}/#{key}")
|
|
41
39
|
case res.code
|
|
42
40
|
when '200'
|
|
43
41
|
env[key] = JSON.parse(res.body)['data']['value']
|
|
@@ -62,9 +60,7 @@ module Hako
|
|
|
62
60
|
keys = []
|
|
63
61
|
@http.start do
|
|
64
62
|
parent_directories_for(variables).each do |parent_dir|
|
|
65
|
-
|
|
66
|
-
req['X-Vault-Token'] = ENV['VAULT_TOKEN']
|
|
67
|
-
res = @http.request(req)
|
|
63
|
+
res = get_with_retry("/v1/secret/#{@directory}/#{parent_dir}?list=true")
|
|
68
64
|
case res.code
|
|
69
65
|
when '200'
|
|
70
66
|
keys += JSON.parse(res.body)['data']['keys'].map { |key| "#{parent_dir}#{key}" }
|
|
@@ -78,6 +74,8 @@ module Hako
|
|
|
78
74
|
keys.select { |key| variables.include?(key) }
|
|
79
75
|
end
|
|
80
76
|
|
|
77
|
+
private
|
|
78
|
+
|
|
81
79
|
# @param [Array<String>] variables
|
|
82
80
|
# @return [Array<String>]
|
|
83
81
|
def parent_directories_for(variables)
|
|
@@ -87,6 +85,28 @@ module Hako
|
|
|
87
85
|
(base_uri + variable + '.').request_uri.sub(%r{\A/}, '')
|
|
88
86
|
end.uniq
|
|
89
87
|
end
|
|
88
|
+
|
|
89
|
+
# @param [String] path
|
|
90
|
+
# @return [Net::HTTPResponse]
|
|
91
|
+
def get_with_retry(path)
|
|
92
|
+
last_error = nil
|
|
93
|
+
10.times do |i|
|
|
94
|
+
req = Net::HTTP::Get.new(path)
|
|
95
|
+
req['X-Vault-Token'] = ENV['VAULT_TOKEN']
|
|
96
|
+
res = @http.request(req)
|
|
97
|
+
code = res.code.to_i
|
|
98
|
+
if code >= 500 && code < 600
|
|
99
|
+
Hako.logger.warn("Vault HTTP Error: #{res.code}: #{res.body}")
|
|
100
|
+
last_error = res
|
|
101
|
+
interval = 1.5**i
|
|
102
|
+
Hako.logger.warn("Retrying after #{interval} seconds")
|
|
103
|
+
sleep(interval)
|
|
104
|
+
else
|
|
105
|
+
return res
|
|
106
|
+
end
|
|
107
|
+
end
|
|
108
|
+
raise Error.new("Vault HTTP Error: #{last_error.code}: #{last_error.body}")
|
|
109
|
+
end
|
|
90
110
|
end
|
|
91
111
|
end
|
|
92
112
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: hako-vault
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Kohei Suzuki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-06-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: hako
|
|
@@ -76,6 +76,7 @@ files:
|
|
|
76
76
|
- ".gitignore"
|
|
77
77
|
- ".rubocop.yml"
|
|
78
78
|
- ".rubocop_todo.yml"
|
|
79
|
+
- CHANGELOG.md
|
|
79
80
|
- Gemfile
|
|
80
81
|
- LICENSE.txt
|
|
81
82
|
- README.md
|
|
@@ -104,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
104
105
|
version: '0'
|
|
105
106
|
requirements: []
|
|
106
107
|
rubyforge_project:
|
|
107
|
-
rubygems_version: 2.6.
|
|
108
|
+
rubygems_version: 2.6.11
|
|
108
109
|
signing_key:
|
|
109
110
|
specification_version: 4
|
|
110
111
|
summary: Provide variables from Vault to hako
|