hiera-eyaml-vault 0.0.2 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/hiera/backend/eyaml/encryptors/vault.rb +36 -4
- metadata +3 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0b6e6ef8cb8f9ff71e46513889e36cd2b3c3eb32f354deabfff2da9d8ea5ce49
|
4
|
+
data.tar.gz: ba672c9d3826736c8447cbe591b9872585a55aad302f764be35a628aea15d312
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1b894c43c2983db672c463cb5c175a5686306ce83b56ebbcf7f8159d596a1e0924f06a927b69280dbe4cc69ad2a92df3417f8fa04f1589e422b70a5adf29f816
|
7
|
+
data.tar.gz: 257776c55b5e580cb97d4ba3fc4eeae8347ef9150dca831552f57a4436f35dd31cbfa182a47730fb21756801b1bece5f59f90eabe852ec8c39a358acba2624d0
|
@@ -14,7 +14,7 @@ class Hiera
|
|
14
14
|
end
|
15
15
|
|
16
16
|
|
17
|
-
VERSION = "0.0
|
17
|
+
VERSION = "1.0.0"
|
18
18
|
HTTP_HANDLER = Hiera::Backend::Eyaml::Encryptors::Vault::Httphandler
|
19
19
|
|
20
20
|
self.tag = 'VAULT'
|
@@ -48,6 +48,16 @@ class Hiera
|
|
48
48
|
default: true
|
49
49
|
},
|
50
50
|
|
51
|
+
:ssl_cert => {
|
52
|
+
desc: "SSL Certificate to connect with",
|
53
|
+
type: :string
|
54
|
+
},
|
55
|
+
|
56
|
+
:ssl_key => {
|
57
|
+
desc: "SSL Private key to connect with",
|
58
|
+
type: :string
|
59
|
+
},
|
60
|
+
|
51
61
|
:keyname => {
|
52
62
|
desc: "Vault transit key name (default 'hiera')",
|
53
63
|
type: :string,
|
@@ -62,13 +72,34 @@ class Hiera
|
|
62
72
|
}
|
63
73
|
class << self
|
64
74
|
|
75
|
+
def config_file
|
76
|
+
ENV['EYAML_CONFIG'] || File.join(ENV['HOME'], '.eyaml/config.yaml') || '/etc/eyaml/config.yaml'
|
77
|
+
end
|
78
|
+
|
79
|
+
def load_config
|
80
|
+
if File.exists?(config_File)
|
81
|
+
@config_defaults = YAML.load_file(config_file)
|
82
|
+
end
|
83
|
+
end
|
84
|
+
|
85
|
+
# Allow the inherited options method to allow for local
|
86
|
+
# configuration to fall back on
|
87
|
+
#
|
88
|
+
def option(key)
|
89
|
+
return super(key) if super(key)
|
90
|
+
|
91
|
+
load_config if @config_defaults.nil?
|
92
|
+
unless @config_defaults.nil?
|
93
|
+
return @config_defaults[key.to_s] if @config_defaults[key.to_s]
|
94
|
+
end
|
95
|
+
super
|
96
|
+
end
|
97
|
+
|
65
98
|
def create_keys
|
66
99
|
diagnostic_message = self.option :diagnostic_message
|
67
100
|
puts "Create_keys: #{diagnostic_message}"
|
68
101
|
end
|
69
102
|
|
70
|
-
#### BEGIN IMPORT
|
71
|
-
|
72
103
|
def vault_url(endpoint)
|
73
104
|
uri = []
|
74
105
|
uri << option(:addr)
|
@@ -111,12 +142,13 @@ class Hiera
|
|
111
142
|
|
112
143
|
|
113
144
|
def token_configured?
|
145
|
+
return true if ENV['VAULT_TOKEN']
|
114
146
|
not option(:token).nil?
|
115
147
|
end
|
116
148
|
|
117
149
|
def token
|
118
150
|
authenticate
|
119
|
-
option(:token) || @approle_token
|
151
|
+
ENV['VAULT_TOKEN'] || option(:token) || @approle_token
|
120
152
|
end
|
121
153
|
|
122
154
|
def authenticate
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hiera-eyaml-vault
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Craig Dunn
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-11-
|
11
|
+
date: 2019-11-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: hiera-eyaml
|
@@ -52,8 +52,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
52
52
|
- !ruby/object:Gem::Version
|
53
53
|
version: '0'
|
54
54
|
requirements: []
|
55
|
-
|
56
|
-
rubygems_version: 2.7.6.2
|
55
|
+
rubygems_version: 3.0.3
|
57
56
|
signing_key:
|
58
57
|
specification_version: 4
|
59
58
|
summary: Encryption plugin for hiera-eyaml to use Vault's transit secrets engine
|