hiera-vault 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/lib/hiera/backend/vault_backend.rb +37 -0
- metadata +78 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA1:
|
|
3
|
+
metadata.gz: 1c933fc24a5577d1995fbf580c2ac0962e43209a
|
|
4
|
+
data.tar.gz: dd4a9674fc7a9a2c6ad12b09ffc5f337abaccf8f
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: 9592032d96dc0071c6669a6647f6db148eec193f07ce099ad7a815f2e361dfaa02b4f50af1bfee8a7540e96a7d88ecb3de0148f59779f185c256698f5c805b0a
|
|
7
|
+
data.tar.gz: e03475798b24dd14c8837a2fe20e1b2f5376aa37dd2592a6e521bacf0635935ed45979ddff9c5523a4dfbca1ebd4e933bf9d0e4680a7fcb17415b285fb6e854e
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# Vault backend for Hiera
|
|
2
|
+
class Hiera
|
|
3
|
+
module Backend
|
|
4
|
+
class Vault_backend
|
|
5
|
+
|
|
6
|
+
def initialize()
|
|
7
|
+
require 'json'
|
|
8
|
+
require 'vault'
|
|
9
|
+
|
|
10
|
+
@config = Config[:vault]
|
|
11
|
+
@vault = Vault::Client.new(address: @config[:addr], token: @config[:token])
|
|
12
|
+
Hiera.debug("[hiera-vault] Client configured to connect to #{@vault.address}")
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def lookup(key, scope, order_override, resolution_type)
|
|
16
|
+
begin
|
|
17
|
+
secret = @vault.logical.read(key)
|
|
18
|
+
Hiera.debug("[hiera-vault] Read secret: #{key}")
|
|
19
|
+
|
|
20
|
+
rescue Vault::HTTPConnectionError
|
|
21
|
+
Hiera.warn("[hiera-vault] Could not connect to read secret: #{key}")
|
|
22
|
+
rescue Vault::HTTPError => e
|
|
23
|
+
Hiera.warn("[hiera-vault] Could not read secret #{key}: #{e.errors.join("\n").rstrip}")
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
return nil if secret.nil?
|
|
27
|
+
|
|
28
|
+
# Turn secret's hash keys into strings
|
|
29
|
+
data = secret.data.inject({}) { |h, (k, v)| h[k.to_s] = v; h }
|
|
30
|
+
answer = Backend.parse_answer(data, scope)
|
|
31
|
+
|
|
32
|
+
return nil unless answer.kind_of? Hash
|
|
33
|
+
return answer
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: hiera-vault
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.1
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- Jonathan Sokolowski
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2015-06-04 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: json
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '0'
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ">="
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: '0'
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: vault
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - "~>"
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: '0.1'
|
|
34
|
+
- - ">="
|
|
35
|
+
- !ruby/object:Gem::Version
|
|
36
|
+
version: 0.1.3
|
|
37
|
+
type: :runtime
|
|
38
|
+
prerelease: false
|
|
39
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
40
|
+
requirements:
|
|
41
|
+
- - "~>"
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: '0.1'
|
|
44
|
+
- - ">="
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: 0.1.3
|
|
47
|
+
description: Hiera backend for looking up secrets stored in Vault
|
|
48
|
+
email: jonathan.sokolowski@gmail.com
|
|
49
|
+
executables: []
|
|
50
|
+
extensions: []
|
|
51
|
+
extra_rdoc_files: []
|
|
52
|
+
files:
|
|
53
|
+
- lib/hiera/backend/vault_backend.rb
|
|
54
|
+
homepage: http://github.com/jsok/hiera-vault
|
|
55
|
+
licenses:
|
|
56
|
+
- Apache-2.0
|
|
57
|
+
metadata: {}
|
|
58
|
+
post_install_message:
|
|
59
|
+
rdoc_options: []
|
|
60
|
+
require_paths:
|
|
61
|
+
- lib
|
|
62
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
63
|
+
requirements:
|
|
64
|
+
- - ">="
|
|
65
|
+
- !ruby/object:Gem::Version
|
|
66
|
+
version: '0'
|
|
67
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
68
|
+
requirements:
|
|
69
|
+
- - ">="
|
|
70
|
+
- !ruby/object:Gem::Version
|
|
71
|
+
version: '0'
|
|
72
|
+
requirements: []
|
|
73
|
+
rubyforge_project:
|
|
74
|
+
rubygems_version: 2.4.5
|
|
75
|
+
signing_key:
|
|
76
|
+
specification_version: 4
|
|
77
|
+
summary: Module for using vault as a hiera backend
|
|
78
|
+
test_files: []
|