hiera-consul 0.0.1 → 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/hiera/backend/consul_backend.rb +19 -4
- metadata +2 -3
- data/lib/hiera/backend/vault_backend.rb +0 -60
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5511f6fb4e5f61eca5669dba7d210e8e69c93519
|
4
|
+
data.tar.gz: 747b63180b69108982f7649cfe7c4e4df6e9c51d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ca6875819a8c7f2cb36a84474c66505d79cac6ffd86a04dfa8a28bfd267df5864aea77000c4134bbe59e2a327e376e6264c12789155449bc6b1a3508e61fc2c2
|
7
|
+
data.tar.gz: 864e34a71ba9261cf7944c0da1e0e6436f29152af4ea7cbbc90870292d06f9b610dda4cfbf5d578f2e26658dda156e0985911cbfe51b290a930792435b321743
|
@@ -20,14 +20,21 @@ class Hiera
|
|
20
20
|
else
|
21
21
|
raise "[hiera-consul] Missing minimum configuration, please check hiera.yaml"
|
22
22
|
end
|
23
|
-
|
24
|
-
Hiera.debug("[hiera-consul] Client configured to connect to #{@consul.address}:#{@consul.port}")
|
25
|
-
|
26
23
|
@consul.read_timeout = @config[:http_read_timeout] || 10
|
27
24
|
@consul.open_timeout = @config[:http_connect_timeout] || 10
|
25
|
+
|
26
|
+
begin
|
27
|
+
check_agent
|
28
|
+
Hiera.debug("[hiera-consul] Client configured to connect to #{@consul.address}:#{@consul.port}")
|
29
|
+
rescue Exception => e
|
30
|
+
@consul = nil
|
31
|
+
Hiera.warn("[hiera-consul] Skipping backend. Configuration error: #{e}")
|
32
|
+
end
|
28
33
|
end
|
29
34
|
|
30
35
|
def lookup(key, scope, order_override, resolution_type)
|
36
|
+
return nil if @consul.nil?
|
37
|
+
|
31
38
|
answer = nil
|
32
39
|
|
33
40
|
paths = @config[:paths].map { |p| Backend.parse_string(p, scope, { 'key' => key }) }
|
@@ -76,7 +83,7 @@ class Hiera
|
|
76
83
|
Hiera.debug("[hiera-consul] Could not read key: #{path}")
|
77
84
|
end
|
78
85
|
rescue Exception => e
|
79
|
-
Hiera.warn("[hiera-consul] Error occurred
|
86
|
+
Hiera.warn("[hiera-consul] Error occurred reading value #{path}: #{e}")
|
80
87
|
end
|
81
88
|
|
82
89
|
data
|
@@ -118,6 +125,14 @@ class Hiera
|
|
118
125
|
end
|
119
126
|
end
|
120
127
|
|
128
|
+
def check_agent
|
129
|
+
response = wrapquery("/v1/agent/self")
|
130
|
+
if response.nil?
|
131
|
+
raise "Client could not connect to #{@consul.address}:#{@consul.port}"
|
132
|
+
end
|
133
|
+
true
|
134
|
+
end
|
135
|
+
|
121
136
|
end
|
122
137
|
end
|
123
138
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hiera-consul
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jonathan Sokolowski
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-06-
|
11
|
+
date: 2015-06-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: json
|
@@ -31,7 +31,6 @@ extensions: []
|
|
31
31
|
extra_rdoc_files: []
|
32
32
|
files:
|
33
33
|
- lib/hiera/backend/consul_backend.rb
|
34
|
-
- lib/hiera/backend/vault_backend.rb
|
35
34
|
homepage: http://github.com/jsok/hiera-consul
|
36
35
|
licenses:
|
37
36
|
- Apache-2.0
|
@@ -1,60 +0,0 @@
|
|
1
|
-
# Vault backend for Hiera
|
2
|
-
class Hiera
|
3
|
-
module Backend
|
4
|
-
class Vault_backend
|
5
|
-
|
6
|
-
def initialize()
|
7
|
-
require 'json'
|
8
|
-
require 'vault'
|
9
|
-
|
10
|
-
@config = Config[:vault]
|
11
|
-
@config[:mounts] ||= {}
|
12
|
-
@config[:mounts][:generic] ||= ['secret']
|
13
|
-
|
14
|
-
begin
|
15
|
-
@vault = Vault::Client.new(address: @config[:addr], token: @config[:token])
|
16
|
-
fail if @vault.sys.seal_status.sealed?
|
17
|
-
Hiera.debug("[hiera-vault] Client configured to connect to #{@vault.address}")
|
18
|
-
rescue Exception => e
|
19
|
-
@vault = nil
|
20
|
-
Hiera.warn("[hiera-vault] Skipping backend. Configuration error: #{e}")
|
21
|
-
end
|
22
|
-
end
|
23
|
-
|
24
|
-
def lookup(key, scope, order_override, resolution_type)
|
25
|
-
return nil if @vault.nil?
|
26
|
-
|
27
|
-
answer = nil
|
28
|
-
|
29
|
-
# Only generic mounts supported so far
|
30
|
-
@config[:mounts][:generic].each do |mount|
|
31
|
-
path = Backend.parse_string(mount, scope, { 'key' => key })
|
32
|
-
answer = lookup_generic("#{path}/#{key}", scope)
|
33
|
-
|
34
|
-
break if answer.kind_of? Hash
|
35
|
-
end
|
36
|
-
|
37
|
-
answer
|
38
|
-
end
|
39
|
-
|
40
|
-
def lookup_generic(key, scope)
|
41
|
-
begin
|
42
|
-
secret = @vault.logical.read(key)
|
43
|
-
rescue Vault::HTTPConnectionError
|
44
|
-
Hiera.debug("[hiera-vault] Could not connect to read secret: #{key}")
|
45
|
-
rescue Vault::HTTPError => e
|
46
|
-
Hiera.warn("[hiera-vault] Could not read secret #{key}: #{e.errors.join("\n").rstrip}")
|
47
|
-
end
|
48
|
-
|
49
|
-
return nil if secret.nil?
|
50
|
-
|
51
|
-
Hiera.debug("[hiera-vault] Read secret: #{key}")
|
52
|
-
# Turn secret's hash keys into strings
|
53
|
-
data = secret.data.inject({}) { |h, (k, v)| h[k.to_s] = v; h }
|
54
|
-
|
55
|
-
return Backend.parse_answer(data, scope)
|
56
|
-
end
|
57
|
-
|
58
|
-
end
|
59
|
-
end
|
60
|
-
end
|