RubyGems - legion-crypt - Versions diffs - 1.4.18 → 1.4.19 - Mend

legion-crypt 1.4.18 → 1.4.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +8 -0
data/lib/legion/crypt/ldap_auth.rb +2 -1
data/lib/legion/crypt/lease_manager.rb +2 -2
data/lib/legion/crypt/vault.rb +1 -0
data/lib/legion/crypt/vault_cluster.rb +8 -0
data/lib/legion/crypt/vault_jwt_auth.rb +1 -1
data/lib/legion/crypt/vault_kerberos_auth.rb +1 -1
data/lib/legion/crypt/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9397c4eab60b75a13e4f1e9fd842ce6b4908d94d891e9ea29a893fb33e71d5ef
-  data.tar.gz: 852ec5569b543089412ce28e96b32f6424e7da1f169e836d3e596dd51719c74d
+  metadata.gz: e3a746c03498b392437f0d7db81caca5f6daa84aeda465bbf0db71bb898d25f1
+  data.tar.gz: d27dfcdfa9032fa6bc8df4174f370c7896151c746bf8b810421d1c28d5d8e51b
 SHA512:
-  metadata.gz: 59170bcaead98cda37e2be65b1e9b294ab4eff65fde9251ebb2de24390224e8ed6bf3d62a523a11cd9ac1f2ead894dbffeee79815194c583e47a565b9ac7ff1c
-  data.tar.gz: 7f65e04abcb52c320f0d6e133569604d8eba37dcd4d63bcf046b0ba8fb70c631ebf4723bce2cd8ce728bf46a7b4992af389c3cb0da25bfd9c7c1176a38e56866
+  metadata.gz: 9e3a72a7a2fc6b78439f582b33c3c667fb40f1ef86c8a0201fb53e38d2d122e3689fa3496e11df36e5085a551753d58864a8033bc2cb028662922d87ce7afc9a
+  data.tar.gz: ab485a6da390007f060067bcca2863a5585fd6845f2dfc023658d48c6195364af7f99bf86f2492830d7991ae6a600a43fbd819d715412ca3f9c210fa95a830e3

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,13 @@
 # Legion::Crypt
+## [1.4.19] - 2026-03-26
+### Fixed
+- `LeaseManager`, `VaultJwtAuth`, `LdapAuth`, `VaultKerberosAuth`: use `renewable?` instead of `renewable` to match Vault gem API
+- `LeaseManager#fetch`: handle string/symbol key mismatch between resolver (strings) and cache (symbols)
+- `VaultCluster#connect_all_clusters`: set top-level `vault.connected` flag after any cluster connects via Kerberos/LDAP
+- `Vault#add_session`: guard `@sessions` with lazy init to prevent nil error when using cluster-based auth
 ## [1.4.18] - 2026-03-26
 ### Fixed

data/lib/legion/crypt/ldap_auth.rb CHANGED Viewed

@@ -12,10 +12,11 @@ module Legion
         clusters[cluster_name][:token] = token
         clusters[cluster_name][:connected] = true
+        mark_vault_connected
         Legion::Logging.info "LDAP login success: user=#{username}, cluster=#{cluster_name}" if defined?(Legion::Logging)
         { token: token, lease_duration: auth.lease_duration,
-          renewable: auth.renewable, policies: auth.policies }
+          renewable: auth.renewable?, policies: auth.policies }
       rescue StandardError => e
         Legion::Logging.warn "LDAP login failed: user=#{username}, cluster=#{cluster_name}: #{e.message}" if defined?(Legion::Logging)
         raise

data/lib/legion/crypt/lease_manager.rb CHANGED Viewed

@@ -33,7 +33,7 @@ module Legion
             @active_leases[name] = {
               lease_id:       response.lease_id,
               lease_duration: response.lease_duration,
-              renewable:      response.renewable,
+              renewable:      response.renewable?,
               expires_at:     Time.now + (response.lease_duration || 0),
               fetched_at:     Time.now
             }
@@ -45,7 +45,7 @@ module Legion
       end
       def fetch(name, key)
-        data = @lease_cache[name]
+        data = @lease_cache[name.to_sym] || @lease_cache[name.to_s]
         return nil unless data
         data[key.to_sym] || data[key.to_s]

data/lib/legion/crypt/vault.rb CHANGED Viewed

@@ -85,6 +85,7 @@ module Legion
       end
       def add_session(path:)
+        @sessions ||= []
         @sessions.push(path)
       end

data/lib/legion/crypt/vault_cluster.rb CHANGED Viewed

@@ -60,11 +60,19 @@ module Legion
           results[name] = false
           log_vault_error(name, e)
         end
+        mark_vault_connected if results.any? { |_, v| v }
         results
       end
       private
+      def mark_vault_connected
+        return unless defined?(Legion::Settings)
+        Legion::Settings[:crypt][:vault][:connected] = true
+      end
       def resolve_cluster_name(name)
         return name.to_sym if name

data/lib/legion/crypt/vault_jwt_auth.rb CHANGED Viewed

@@ -39,7 +39,7 @@ module Legion
         {
           token:          response.auth.client_token,
           lease_duration: response.auth.lease_duration,
-          renewable:      response.auth.renewable,
+          renewable:      response.auth.renewable?,
           policies:       response.auth.policies,
           metadata:       response.auth.metadata
         }

data/lib/legion/crypt/vault_kerberos_auth.rb CHANGED Viewed

@@ -16,7 +16,7 @@ module Legion
         {
           token:          response.auth.client_token,
           lease_duration: response.auth.lease_duration,
-          renewable:      response.auth.renewable,
+          renewable:      response.auth.renewable?,
           policies:       response.auth.policies,
           metadata:       response.auth.metadata
         }

data/lib/legion/crypt/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Legion
   module Crypt
-    VERSION = '1.4.18'
+    VERSION = '1.4.19'
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: legion-crypt
 version: !ruby/object:Gem::Version
-  version: 1.4.18
+  version: 1.4.19
 platform: ruby
 authors:
 - Esity