legion-crypt 0.2.0 → 1.2.0

data/lib/legion/crypt/vault.rb

@@ -22,6 +22,10 @@ module Legion
 
         require_relative 'vault_renewer'
         @renewer = Legion::Crypt::Vault::Renewer.new
+      rescue StandardError => e
+        Legion::Logging.error e.message
+        Legion::Settings[:crypt][:vault][:connected] = false
+        false
       end
 
       def read(path, type = 'legion')
@@ -32,20 +36,18 @@ module Legion
       end
 
       def get(path)
-        result = ::Vault.kv('legion').read(path)
+        result = ::Vault.kv(settings[:vault][:kv_path]).read(path)
         return nil if result.nil?
 
         result.data
       end
 
-      def write(path, key, value)
-        hash = {}
-        hash[key.to_sym] = value
-        ::Vault.kv('legion').write(path, **hash)
+      def write(path, **hash)
+        ::Vault.kv(settings[:vault][:kv_path]).write(path, **hash)
       end
 
       def exist?(path)
-        !::Vault.kv('legion').read_metadata(path).nil?
+        !::Vault.kv(settings[:vault][:kv_path]).read_metadata(path).nil?
       end
 
       def add_session(path:)
@@ -53,9 +55,10 @@ module Legion
       end
 
       def close_sessions
-        Legion::Logging.info 'Closing all Legion::Crypt vault sessions'
         return if @sessions.nil?
 
+        Legion::Logging.info 'Closing all Legion::Crypt vault sessions'
+
         @sessions.each do |session|
           close_session(session: session)
         end
@@ -65,7 +68,7 @@ module Legion
         return unless Legion::Settings[:crypt][:vault][:connected]
         return if @renewer.nil?
 
-        Legion::Logging.debug 'Shutdown down Legion::Crypt::Vault::Renewer'
+        Legion::Logging.debug 'Shutting down Legion::Crypt::Vault::Renewer'
         @renewer.cancel
       end
 
@@ -82,6 +85,10 @@ module Legion
           renew_session(session: session)
         end
       end
+
+      def vault_exists?(name)
+        ::Vault.sys.mounts.key?(name.to_sym)
+      end
     end
   end
 end

data/lib/legion/crypt/version.rb

@@ -2,6 +2,6 @@
 
 module Legion
   module Crypt
-    VERSION = '0.2.0'
+    VERSION = '1.2.0'
   end
 end

data/sonar-project.properties

@@ -0,0 +1,11 @@
+sonar.projectKey=legion-io_legion-crypt
+sonar.organization=legion-io
+sonar.sources=.
+sonar.exclusions=vendor/**
+sonar.coverage.exclusions=spec/**
+sonar.ruby.coverage.reportPath=coverage/.resultset.json
+sonar.ruby.file.suffixes=rb,ruby
+sonar.ruby.coverage.framework=RSpec
+sonar.ruby.rubocopConfig=.rubocop.yml
+sonar.ruby.rubocop.reportPath=rubocop-result.json
+sonar.ruby.rubocop.filePath=.

data/sourcehawk.yml

@@ -0,0 +1,4 @@
+
+config-locations:
+  - https://raw.githubusercontent.com/optum/.github/main/sourcehawk.yml
+  

metadata

@@ -1,43 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: legion-crypt
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Esity
 autorequire:
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2020-08-20 00:00:00.000000000 Z
+date: 2021-06-09 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: rbnacl
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: vault
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.15.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.15.0
 - !ruby/object:Gem::Dependency
   name: legion-logging
   requirement: !ruby/object:Gem::Requirement
@@ -66,100 +52,51 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: legion-transport
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-description: Integrates with Hashicorps vault and other encryption type things
+description: A gem used by the LegionIO framework for encryption
 email:
 - matthewdiverson@gmail.com
+- ruby@optum.com
 executables: []
 extensions: []
-extra_rdoc_files: []
+extra_rdoc_files:
+- README.md
+- LICENSE
+- CHANGELOG.md
 files:
-- ".circleci/config.yml"
+- ".github/workflows/rubocop-analysis.yml"
+- ".github/workflows/sourcehawk-scan.yml"
 - ".gitignore"
-- ".idea/.rakeTasks"
-- ".idea/legion-crypt.iml"
-- ".idea/misc.xml"
-- ".idea/modules.xml"
-- ".idea/vagrant.xml"
-- ".idea/workspace.xml"
-- ".rspec"
 - ".rubocop.yml"
+- CHANGELOG.md
+- CODE_OF_CONDUCT.md
+- CONTRIBUTING.md
 - Gemfile
-- LICENSE.txt
+- INDIVIDUAL_CONTRIBUTOR_LICENSE.md
+- LICENSE
+- NOTICE.txt
 - README.md
-- Rakefile
-- bin/console
-- bin/setup
+- SECURITY.md
+- attribution.txt
 - legion-crypt.gemspec
 - lib/legion/crypt.rb
-- lib/legion/crypt/box.rb
 - lib/legion/crypt/cipher.rb
+- lib/legion/crypt/cluster_secret.rb
 - lib/legion/crypt/settings.rb
 - lib/legion/crypt/vault.rb
 - lib/legion/crypt/vault_renewer.rb
 - lib/legion/crypt/version.rb
-homepage: https://bitbucket.org/legion-io/legion-vault/
+- sonar-project.properties
+- sourcehawk.yml
+homepage: https://github.com/Optum/legion-crypt
 licenses:
-- MIT
+- Apache-2.0
 metadata:
-  homepage_uri: https://bitbucket.org/legion-io/legion-vault/
-  source_code_uri: https://bitbucket.org/legion-io/legion/
-  changelog_uri: https://bitbucket.org/legion-io/legion/src/master/CHANGELOG.md
+  bug_tracker_uri: https://github.com/Optum/legion-crypt/issues
+  changelog_uri: https://github.com/Optum/legion-crypt/src/main/CHANGELOG.md
+  documentation_uri: https://github.com/Optum/legion-crypt
+  homepage_uri: https://github.com/Optum/LegionIO
+  source_code_uri: https://github.com/Optum/legion-crypt
+  wiki_uri: https://github.com/Optum/legion-crypt/wiki
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -168,15 +105,16 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.5.0
+      version: '2.4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
-summary: Legion::Vault is used to keep things safe
+summary: Handles requests for encrypt, decrypting, connecting to Vault, among other
+  things
 test_files: []

data/.circleci/config.yml

@@ -1,61 +0,0 @@
-version: 2.1
-orbs:
-  ruby: circleci/ruby@0.2.1
-
-jobs:
-  "rubocop":
-    docker:
-      - image: circleci/ruby:2.5-node
-    steps:
-      - checkout
-      - ruby/load-cache
-      - ruby/install-deps
-      - run:
-          name: Run Rubocop
-          command: bundle exec rubocop
-      - ruby/save-cache
-  "ruby-two-five":
-    docker:
-      - image: circleci/ruby:2.5
-      - image: memcached:1.5-alpine
-    steps:
-      - checkout
-      - ruby/load-cache
-      - ruby/install-deps
-      - ruby/run-tests
-      - ruby/save-cache
-  "ruby-two-six":
-    docker:
-      - image: circleci/ruby:2.6
-      - image: memcached:1.5-alpine
-    steps:
-      - checkout
-      - ruby/load-cache
-      - ruby/install-deps
-      - ruby/run-tests
-      - ruby/save-cache
-  "ruby-two-seven":
-    docker:
-      - image: circleci/ruby:2.7
-      - image: memcached:1.5-alpine
-    steps:
-      - checkout
-      - ruby/load-cache
-      - ruby/install-deps
-      - ruby/run-tests
-      - ruby/save-cache
-
-workflows:
-  version: 2
-  rubocop-rspec:
-    jobs:
-      - rubocop
-      - ruby-two-five:
-          requires:
-            - rubocop
-      - ruby-two-six:
-          requires:
-            - ruby-two-five
-      - ruby-two-seven:
-          requires:
-            - ruby-two-five

data/.idea/.rakeTasks

@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<Settings><!--This file was automatically generated by Ruby plugin.
-You are allowed to: 
-1. Remove rake task
-2. Add existing rake tasks
-To add existing rake tasks automatically delete this file and reload the project.
---><RakeGroup description="" fullCmd="" taksId="rake"><RakeTask description="Build legion-crypt-0.1.0.gem into the pkg directory" fullCmd="build" taksId="build" /><RakeTask description="Remove any temporary products" fullCmd="clean" taksId="clean" /><RakeTask description="Remove any generated files" fullCmd="clobber" taksId="clobber" /><RakeTask description="Build and install legion-crypt-0.1.0.gem into system gems" fullCmd="install" taksId="install" /><RakeGroup description="" fullCmd="" taksId="install"><RakeTask description="Build and install legion-crypt-0.1.0.gem into system gems without network access" fullCmd="install:local" taksId="local" /></RakeGroup><RakeTask description="Create tag v0.1.0 and build and push legion-crypt-0.1.0.gem to rubygems.org" fullCmd="release[remote]" taksId="release[remote]" /><RakeTask description="Run RSpec code examples" fullCmd="spec" taksId="spec" /><RakeTask description="" fullCmd="default" taksId="default" /><RakeTask description="" fullCmd="release" taksId="release" /><RakeGroup description="" fullCmd="" taksId="release"><RakeTask description="" fullCmd="release:guard_clean" taksId="guard_clean" /><RakeTask description="" fullCmd="release:rubygem_push" taksId="rubygem_push" /><RakeTask description="" fullCmd="release:source_control_push" taksId="source_control_push" /></RakeGroup></RakeGroup></Settings>

data/.idea/legion-crypt.iml

@@ -1,54 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<module type="RUBY_MODULE" version="4">
-  <component name="ModuleRunConfigurationManager">
-    <shared />
-  </component>
-  <component name="NewModuleRootManager">
-    <content url="file://$MODULE_DIR$" />
-    <orderEntry type="jdk" jdkName="RVM: ruby-2.7.0" jdkType="RUBY_SDK" />
-    <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="library" scope="PROVIDED" name="amq-protocol (v2.3.2, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="ast (v2.4.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="aws-eventstream (v1.1.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="aws-sigv4 (v1.2.2, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="bundler (v2.1.4, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="bunny (v2.16.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="chef (v16.1.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="concurrent-ruby (v1.1.7, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="concurrent-ruby-ext (v1.1.7, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="connection_pool (v2.2.3, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="daemons (v1.3.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="dalli (v2.7.10, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="diff-lcs (v1.4.4, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="ffi (v1.13.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="hashdiff (v1.0.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="legion-cache (v1.0.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="legion-data (v0.2.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="legion-exceptions (v1.1.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="legion-json (v1.1.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="legion-logging (v1.1.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="legion-settings (v1.1.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="legion-transport (v1.1.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="multi_json (v1.15.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="mysql2 (v0.5.3, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="parallel (v1.19.2, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="parser (v2.7.1.4, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rainbow (v3.0.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rake (v13.0.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rbnacl (v7.1.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="redis (v4.2.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="regexp_parser (v1.7.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rexml (v3.2.4, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rspec (v3.9.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rspec-core (v3.9.2, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rspec-expectations (v3.9.2, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rspec-mocks (v3.9.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rspec-support (v3.9.3, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rubocop (v0.89.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rubocop-ast (v0.3.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="ruby-progressbar (v1.10.1, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="sequel (v5.35.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="unicode-display_width (v1.7.0, RVM: ruby-2.7.0) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="vault (v0.15.0, RVM: ruby-2.7.0) [gem]" level="application" />
-  </component>
-</module>

data/.idea/misc.xml

@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="JavaScriptSettings">
-    <option name="languageLevel" value="ES6" />
-  </component>
-  <component name="ProjectRootManager" version="2" project-jdk-name="RVM: ruby-2.6.3" project-jdk-type="RUBY_SDK" />
-</project>

data/.idea/modules.xml

@@ -1,8 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="ProjectModuleManager">
-    <modules>
-      <module fileurl="file://$PROJECT_DIR$/.idea/legion-crypt.iml" filepath="$PROJECT_DIR$/.idea/legion-crypt.iml" />
-    </modules>
-  </component>
-</project>

data/.idea/vagrant.xml

@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="VagrantProjectSettings">
-    <option name="instanceFolder" value="" />
-    <option name="provider" value="" />
-  </component>
-</project>

data/.idea/workspace.xml

@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="CoverageOptionsProvider">
-    <option name="myAddOrReplace" value="0" />
-  </component>
-  <component name="Git.Settings">
-    <option name="PUSH_AUTO_UPDATE" value="true" />
-    <option name="ROOT_SYNC" value="DONT_SYNC" />
-  </component>
-  <component name="ProjectId" id="1Yk09ZatgP1aKTE1VrPrnkK2STE" />
-  <component name="PropertiesComponent">
-    <property name="settings.editor.selected.configurable" value="reference.settingsdialog.project.vagrant" />
-  </component>
-</project>