legion-crypt 1.4.26 → 1.4.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -0
  3. data/lib/legion/crypt/vault.rb +30 -20
  4. data/lib/legion/crypt/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ea29b8a42c33a47e97c578af649f6114b03e3ef155386fcb4e929afb3518b56c
4
- data.tar.gz: f1c915cf4c52f269f536248805cb53d13cd6fca2bc237f41ab998102081e94a3
3
+ metadata.gz: 5a67b420dc0efc26d3609c92e64fc8674c4edad3ad4bfbfeb75246f2fe641c4c
4
+ data.tar.gz: 70af06bd5f95c9c9e01582b64af5c4b92a79270acfc9a9d476f063e105e5c193
5
5
  SHA512:
6
- metadata.gz: d525f2ae8f8552d881e96912e6f828de345e869537e2319559e6da577ecc729d68709e1211b0ec986c4d14b3d7372b541be47a4fabd9615e627f02e96136026a
7
- data.tar.gz: 0a42c458345ecf8d04e31db279377afb8886b5b77bb0e73faddda6971c7191dc602e06343c09dee9830c1d071fd7839707a5804a2fff90b4ec6fef40555e8c0f
6
+ metadata.gz: afafc5438c996024c1a13e84349d14344dc1694437e67ffe4902525e88438299fa505371eaa4b85574718bbe0e42b2fc6ffa7fc56894706c9f7cdaabe8056443
7
+ data.tar.gz: 4cab2713f2bd9be3c5f7270fa64e2259a883a50c6f74dbad05c0f4e0034a0ce9b29f46a9e9b2003afaf501e24448ab382dd25f9f02e254c4f71368e123394c5f
data/CHANGELOG.md CHANGED
@@ -1,5 +1,11 @@
1
1
  # Legion::Crypt
2
2
 
3
+ ## [1.4.27] - 2026-03-31
4
+
5
+ ### Fixed
6
+ - `connect_vault` now sets `::Vault.namespace` from `vault_namespace` setting, fixing 403 errors for non-cluster Vault connections in namespaced environments
7
+ - Extracted `resolve_vault_address` and `log_vault_connection_error` to reduce `connect_vault` complexity
8
+
3
9
  ## [1.4.26] - 2026-03-28
4
10
 
5
11
  ### Fixed
data/lib/legion/crypt/vault.rb CHANGED
@@ -15,35 +15,20 @@ module Legion
15
15
  def connect_vault
16
16
  @sessions = []
17
17
  vault_settings = Legion::Settings[:crypt][:vault]
18
- protocol = vault_settings[:protocol] || 'http'
19
- address = vault_settings[:address] || 'localhost'
20
- port = vault_settings[:port] || 8200
21
-
22
- if address.match?(%r{\Ahttps?://})
23
- uri = URI.parse(address)
24
- protocol = uri.scheme
25
- address = uri.host
26
- port = uri.port if vault_settings[:port].nil?
27
- end
28
-
29
- ::Vault.address = "#{protocol}://#{address}:#{port}"
18
+ ::Vault.address = resolve_vault_address(vault_settings)
30
19
 
31
20
  Legion::Settings[:crypt][:vault][:token] = ENV['VAULT_DEV_ROOT_TOKEN_ID'] if ENV.key? 'VAULT_DEV_ROOT_TOKEN_ID'
32
21
  return nil if Legion::Settings[:crypt][:vault][:token].nil?
33
22
 
34
23
  ::Vault.token = Legion::Settings[:crypt][:vault][:token]
24
+ namespace = vault_settings[:vault_namespace]
25
+ ::Vault.namespace = namespace if namespace
35
26
  if vault_healthy?
36
27
  Legion::Settings[:crypt][:vault][:connected] = true
37
- Legion::Logging.info "Vault connected at #{::Vault.address}" if defined?(Legion::Logging)
28
+ Legion::Logging.info "Vault connected at #{::Vault.address} (namespace=#{namespace || 'none'})" if defined?(Legion::Logging)
38
29
  end
39
30
  rescue StandardError => e
40
- if defined?(Legion::Logging) && Legion::Logging.respond_to?(:log_exception)
41
- Legion::Logging.log_exception(e, lex: 'crypt', component_type: :helper)
42
- elsif defined?(Legion::Logging) && Legion::Logging.respond_to?(:error)
43
- Legion::Logging.error "Vault connection failed: #{e.class}=#{e.message}\n#{Array(e.backtrace).first(10).join("\n")}"
44
- else
45
- warn "Vault connection failed: #{e.class}=#{e.message}"
46
- end
31
+ log_vault_connection_error(e)
47
32
  Legion::Settings[:crypt][:vault][:connected] = false
48
33
  false
49
34
  end
@@ -206,6 +191,31 @@ module Legion
206
191
  data[:data]
207
192
  end
208
193
 
194
+ def resolve_vault_address(vault_settings)
195
+ protocol = vault_settings[:protocol] || 'http'
196
+ address = vault_settings[:address] || 'localhost'
197
+ port = vault_settings[:port] || 8200
198
+
199
+ if address.match?(%r{\Ahttps?://})
200
+ uri = URI.parse(address)
201
+ protocol = uri.scheme
202
+ address = uri.host
203
+ port = uri.port if vault_settings[:port].nil?
204
+ end
205
+
206
+ "#{protocol}://#{address}:#{port}"
207
+ end
208
+
209
+ def log_vault_connection_error(error)
210
+ if defined?(Legion::Logging) && Legion::Logging.respond_to?(:log_exception)
211
+ Legion::Logging.log_exception(error, lex: 'crypt', component_type: :helper)
212
+ elsif defined?(Legion::Logging) && Legion::Logging.respond_to?(:error)
213
+ Legion::Logging.error "Vault connection failed: #{error.class}=#{error.message}\n#{Array(error.backtrace).first(10).join("\n")}"
214
+ else
215
+ warn "Vault connection failed: #{error.class}=#{error.message}"
216
+ end
217
+ end
218
+
209
219
  def log_vault_debug(message)
210
220
  Legion::Logging.debug(message) if defined?(Legion::Logging)
211
221
  end
data/lib/legion/crypt/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Legion
4
4
  module Crypt
5
- VERSION = '1.4.26'
5
+ VERSION = '1.4.27'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: legion-crypt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.26
4
+ version: 1.4.27
5
5
  platform: ruby
6
6
  authors:
7
7
  - Esity