hiera-vault 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +7 -0
  2. data/lib/hiera/backend/vault_backend.rb +37 -0
  3. metadata +78 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 1c933fc24a5577d1995fbf580c2ac0962e43209a
4
+ data.tar.gz: dd4a9674fc7a9a2c6ad12b09ffc5f337abaccf8f
5
+ SHA512:
6
+ metadata.gz: 9592032d96dc0071c6669a6647f6db148eec193f07ce099ad7a815f2e361dfaa02b4f50af1bfee8a7540e96a7d88ecb3de0148f59779f185c256698f5c805b0a
7
+ data.tar.gz: e03475798b24dd14c8837a2fe20e1b2f5376aa37dd2592a6e521bacf0635935ed45979ddff9c5523a4dfbca1ebd4e933bf9d0e4680a7fcb17415b285fb6e854e
data/lib/hiera/backend/vault_backend.rb ADDED
@@ -0,0 +1,37 @@
1
+ # Vault backend for Hiera
2
+ class Hiera
3
+ module Backend
4
+ class Vault_backend
5
+
6
+ def initialize()
7
+ require 'json'
8
+ require 'vault'
9
+
10
+ @config = Config[:vault]
11
+ @vault = Vault::Client.new(address: @config[:addr], token: @config[:token])
12
+ Hiera.debug("[hiera-vault] Client configured to connect to #{@vault.address}")
13
+ end
14
+
15
+ def lookup(key, scope, order_override, resolution_type)
16
+ begin
17
+ secret = @vault.logical.read(key)
18
+ Hiera.debug("[hiera-vault] Read secret: #{key}")
19
+
20
+ rescue Vault::HTTPConnectionError
21
+ Hiera.warn("[hiera-vault] Could not connect to read secret: #{key}")
22
+ rescue Vault::HTTPError => e
23
+ Hiera.warn("[hiera-vault] Could not read secret #{key}: #{e.errors.join("\n").rstrip}")
24
+ end
25
+
26
+ return nil if secret.nil?
27
+
28
+ # Turn secret's hash keys into strings
29
+ data = secret.data.inject({}) { |h, (k, v)| h[k.to_s] = v; h }
30
+ answer = Backend.parse_answer(data, scope)
31
+
32
+ return nil unless answer.kind_of? Hash
33
+ return answer
34
+ end
35
+ end
36
+ end
37
+ end
metadata ADDED
@@ -0,0 +1,78 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: hiera-vault
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Jonathan Sokolowski
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2015-06-04 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: json
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: vault
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '0.1'
34
+ - - ">="
35
+ - !ruby/object:Gem::Version
36
+ version: 0.1.3
37
+ type: :runtime
38
+ prerelease: false
39
+ version_requirements: !ruby/object:Gem::Requirement
40
+ requirements:
41
+ - - "~>"
42
+ - !ruby/object:Gem::Version
43
+ version: '0.1'
44
+ - - ">="
45
+ - !ruby/object:Gem::Version
46
+ version: 0.1.3
47
+ description: Hiera backend for looking up secrets stored in Vault
48
+ email: jonathan.sokolowski@gmail.com
49
+ executables: []
50
+ extensions: []
51
+ extra_rdoc_files: []
52
+ files:
53
+ - lib/hiera/backend/vault_backend.rb
54
+ homepage: http://github.com/jsok/hiera-vault
55
+ licenses:
56
+ - Apache-2.0
57
+ metadata: {}
58
+ post_install_message:
59
+ rdoc_options: []
60
+ require_paths:
61
+ - lib
62
+ required_ruby_version: !ruby/object:Gem::Requirement
63
+ requirements:
64
+ - - ">="
65
+ - !ruby/object:Gem::Version
66
+ version: '0'
67
+ required_rubygems_version: !ruby/object:Gem::Requirement
68
+ requirements:
69
+ - - ">="
70
+ - !ruby/object:Gem::Version
71
+ version: '0'
72
+ requirements: []
73
+ rubyforge_project:
74
+ rubygems_version: 2.4.5
75
+ signing_key:
76
+ specification_version: 4
77
+ summary: Module for using vault as a hiera backend
78
+ test_files: []