hako-vault 0.2.1 → 0.2.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +18 -0
- data/README.md +1 -1
- data/hako-vault.gemspec +1 -1
- data/lib/hako/env_providers/vault.rb +26 -6
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 22c6fcbd129b51b0c3ade5c375f03f1b2a398c3e
|
4
|
+
data.tar.gz: 258e19161da4d0fce2b195b21a5b6bf9e5d02111
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 33b7621675c97fcc07e609ca5ffcc8a50e5f619819f7962fe377800a547140139ef3104ffbe7f5404dd26febafcd1af1acdff7a37db02688549dbb5e9acabe63
|
7
|
+
data.tar.gz: 798a41387e80ad8b82ef2886cac5bb7875b62a07a9dd2e0f04e1ca3b20c1f008052e6a5f1c6aa3d79fe6faabc260e3d1d2fa9781b6bd2a8d7ed3aaa98d595d69
|
data/CHANGELOG.md
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
# 0.2.2 (2017-06-26)
|
2
|
+
## Bug fixes
|
3
|
+
- Retry when Vault returns 5xx
|
4
|
+
|
5
|
+
# 0.2.1 (2017-03-02)
|
6
|
+
## Bug fixes
|
7
|
+
- Add missing require
|
8
|
+
|
9
|
+
# 0.2.0 (2017-02-28)
|
10
|
+
## New features
|
11
|
+
- Support `ask_keys` method for latest hako
|
12
|
+
|
13
|
+
# 0.1.1 (2017-01-16)
|
14
|
+
## Bug fixes
|
15
|
+
- Do not hold VAULT_TOKEN as ivar for security reason
|
16
|
+
|
17
|
+
# 0.1.0 (2017-01-12)
|
18
|
+
- Initial release
|
data/README.md
CHANGED
@@ -48,7 +48,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
|
|
48
48
|
|
49
49
|
## Contributing
|
50
50
|
|
51
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/
|
51
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/eagletmt/hako-vault.
|
52
52
|
|
53
53
|
|
54
54
|
## License
|
data/hako-vault.gemspec
CHANGED
@@ -35,9 +35,7 @@ module Hako
|
|
35
35
|
env = {}
|
36
36
|
@http.start do
|
37
37
|
variables.each do |key|
|
38
|
-
|
39
|
-
req['X-Vault-Token'] = ENV['VAULT_TOKEN']
|
40
|
-
res = @http.request(req)
|
38
|
+
res = get_with_retry("/v1/secret/#{@directory}/#{key}")
|
41
39
|
case res.code
|
42
40
|
when '200'
|
43
41
|
env[key] = JSON.parse(res.body)['data']['value']
|
@@ -62,9 +60,7 @@ module Hako
|
|
62
60
|
keys = []
|
63
61
|
@http.start do
|
64
62
|
parent_directories_for(variables).each do |parent_dir|
|
65
|
-
|
66
|
-
req['X-Vault-Token'] = ENV['VAULT_TOKEN']
|
67
|
-
res = @http.request(req)
|
63
|
+
res = get_with_retry("/v1/secret/#{@directory}/#{parent_dir}?list=true")
|
68
64
|
case res.code
|
69
65
|
when '200'
|
70
66
|
keys += JSON.parse(res.body)['data']['keys'].map { |key| "#{parent_dir}#{key}" }
|
@@ -78,6 +74,8 @@ module Hako
|
|
78
74
|
keys.select { |key| variables.include?(key) }
|
79
75
|
end
|
80
76
|
|
77
|
+
private
|
78
|
+
|
81
79
|
# @param [Array<String>] variables
|
82
80
|
# @return [Array<String>]
|
83
81
|
def parent_directories_for(variables)
|
@@ -87,6 +85,28 @@ module Hako
|
|
87
85
|
(base_uri + variable + '.').request_uri.sub(%r{\A/}, '')
|
88
86
|
end.uniq
|
89
87
|
end
|
88
|
+
|
89
|
+
# @param [String] path
|
90
|
+
# @return [Net::HTTPResponse]
|
91
|
+
def get_with_retry(path)
|
92
|
+
last_error = nil
|
93
|
+
10.times do |i|
|
94
|
+
req = Net::HTTP::Get.new(path)
|
95
|
+
req['X-Vault-Token'] = ENV['VAULT_TOKEN']
|
96
|
+
res = @http.request(req)
|
97
|
+
code = res.code.to_i
|
98
|
+
if code >= 500 && code < 600
|
99
|
+
Hako.logger.warn("Vault HTTP Error: #{res.code}: #{res.body}")
|
100
|
+
last_error = res
|
101
|
+
interval = 1.5**i
|
102
|
+
Hako.logger.warn("Retrying after #{interval} seconds")
|
103
|
+
sleep(interval)
|
104
|
+
else
|
105
|
+
return res
|
106
|
+
end
|
107
|
+
end
|
108
|
+
raise Error.new("Vault HTTP Error: #{last_error.code}: #{last_error.body}")
|
109
|
+
end
|
90
110
|
end
|
91
111
|
end
|
92
112
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hako-vault
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Kohei Suzuki
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-06-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: hako
|
@@ -76,6 +76,7 @@ files:
|
|
76
76
|
- ".gitignore"
|
77
77
|
- ".rubocop.yml"
|
78
78
|
- ".rubocop_todo.yml"
|
79
|
+
- CHANGELOG.md
|
79
80
|
- Gemfile
|
80
81
|
- LICENSE.txt
|
81
82
|
- README.md
|
@@ -104,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
104
105
|
version: '0'
|
105
106
|
requirements: []
|
106
107
|
rubyforge_project:
|
107
|
-
rubygems_version: 2.6.
|
108
|
+
rubygems_version: 2.6.11
|
108
109
|
signing_key:
|
109
110
|
specification_version: 4
|
110
111
|
summary: Provide variables from Vault to hako
|