hako-vault 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/hako-vault.gemspec +1 -1
- data/lib/hako/env_providers/vault.rb +37 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d80f0c86dda0790aa97a2a120a06b8c2fed2187f
|
|
4
|
+
data.tar.gz: c17f73cb5751c60a39ceab5eb732f1994a34b663
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a08275013f565ed8232bec84922c526c85a142b1fef354db58918e4a6d81b73ad87ab568e8c4075b4d5d324d6beb2fb3e51aca959e13d08be08f3515ba3ca9b4
|
|
7
|
+
data.tar.gz: 46c980de8e5a37ea3cde564747e15e80420783818e198d56fbbb6b6dc0bd8fb19e4c70e9d135f8d1108bdf66083c936de27fb361c280cceb49c47834c44320c5
|
data/hako-vault.gemspec
CHANGED
|
@@ -49,6 +49,43 @@ module Hako
|
|
|
49
49
|
end
|
|
50
50
|
env
|
|
51
51
|
end
|
|
52
|
+
|
|
53
|
+
# @return [Boolean]
|
|
54
|
+
def can_ask_keys?
|
|
55
|
+
true
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
# @param [Array<String>] variables
|
|
59
|
+
# @return [Array<String>]
|
|
60
|
+
def ask_keys(variables)
|
|
61
|
+
keys = []
|
|
62
|
+
@http.start do
|
|
63
|
+
parent_directories_for(variables).each do |parent_dir|
|
|
64
|
+
req = Net::HTTP::Get.new("/v1/secret/#{@directory}/#{parent_dir}?list=true")
|
|
65
|
+
req['X-Vault-Token'] = ENV['VAULT_TOKEN']
|
|
66
|
+
res = @http.request(req)
|
|
67
|
+
case res.code
|
|
68
|
+
when '200'
|
|
69
|
+
keys += JSON.parse(res.body)['data']['keys'].map { |key| "#{parent_dir}#{key}" }
|
|
70
|
+
when '404'
|
|
71
|
+
# Ignore
|
|
72
|
+
else
|
|
73
|
+
raise Error.new("Vault HTTP Error: #{res.code}: #{res.body}")
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
keys.select { |key| variables.include?(key) }
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
# @param [Array<String>] variables
|
|
81
|
+
# @return [Array<String>]
|
|
82
|
+
def parent_directories_for(variables)
|
|
83
|
+
# XXX: URI module cannot join relative URIs
|
|
84
|
+
base_uri = URI.parse("https://dummy/")
|
|
85
|
+
variables.map do |variable|
|
|
86
|
+
(base_uri + variable + '.').request_uri.sub(%r{\A/}, '')
|
|
87
|
+
end.uniq
|
|
88
|
+
end
|
|
52
89
|
end
|
|
53
90
|
end
|
|
54
91
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: hako-vault
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Kohei Suzuki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-02-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: hako
|
|
@@ -104,7 +104,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
104
104
|
version: '0'
|
|
105
105
|
requirements: []
|
|
106
106
|
rubyforge_project:
|
|
107
|
-
rubygems_version: 2.6.
|
|
107
|
+
rubygems_version: 2.6.10
|
|
108
108
|
signing_key:
|
|
109
109
|
specification_version: 4
|
|
110
110
|
summary: Provide variables from Vault to hako
|