rubyconfig-vault 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/config/vault/vault_source.rb +37 -16
- data/lib/config/vault/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 46de173dcd36067470c87796ac1767b87b0dfa8a45deccab555e3f4e46f27eba
|
|
4
|
+
data.tar.gz: a46241218beef3db50686fdd504804c0996b3a773dc7d5fdf0c6cffe2250ae8e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2714a2880f99e0adfa77bbcdfb1b0bc00fe26ecc087846d47dce9d1c644f37c39ce459c1474810f4d6b9200094b197dab593f80e26023643854eb27d3b828859
|
|
7
|
+
data.tar.gz: d31a1275c69520b68ed8d3c7bb6bb68fbd852ac50e8337899ab310114c76d4086697407067cfb13d6c391b98bb3f96fbcf40202bb7a8a322a13a4176c35962b5
|
|
@@ -7,17 +7,33 @@ module Config
|
|
|
7
7
|
attr_accessor :kv, :root
|
|
8
8
|
attr_reader :paths, :client
|
|
9
9
|
|
|
10
|
-
# Create a new Config source
|
|
10
|
+
# Create a new Config source, all Vault::Client parameters supported
|
|
11
11
|
#
|
|
12
12
|
# @param [Hash] opts
|
|
13
13
|
# @option opts [String, nil] :kv mount point for operations
|
|
14
14
|
# @option opts [Array<String>, nil] :paths paths for vault secrets
|
|
15
|
-
# @option opts [String, Symbol, nil] :root root key for data provided by source
|
|
15
|
+
# @option opts [String, Symbol, nil] :root default root key for data provided by source
|
|
16
|
+
# @option opts [Integer] :attempts number of attempts to try and resolve Vault::HTTPError
|
|
17
|
+
# @option opts [Number] :base interval for exponential backoff
|
|
18
|
+
# @option opts [Number] :max_wait maximum weight time for exponential backoff
|
|
19
|
+
# @option opts [Boolean] :flatten flatten the resulting hash. Preserves root option
|
|
16
20
|
def initialize(opts = {})
|
|
17
21
|
client_opts = opts.clone
|
|
18
22
|
@kv = client_opts.delete(:kv) || ''
|
|
19
|
-
@paths =
|
|
23
|
+
@paths = []
|
|
24
|
+
@attempts = client_opts.delete(:attempts) || 5
|
|
25
|
+
@base = client_opts.delete(:base) || 0.5
|
|
26
|
+
@max_wait = client_opts.delete(:max_wait) || 2.5
|
|
20
27
|
@root = client_opts.delete(:root)
|
|
28
|
+
@flatten = client_opts.delete(:flatten)
|
|
29
|
+
@paths << client_opts.delete(:paths) if client_opts.key?(:paths)
|
|
30
|
+
@paths.map! do |p|
|
|
31
|
+
if p.is_a?(Array)
|
|
32
|
+
p
|
|
33
|
+
else
|
|
34
|
+
[p, @root]
|
|
35
|
+
end
|
|
36
|
+
end
|
|
21
37
|
@client = Vault::Client.new(client_opts)
|
|
22
38
|
end
|
|
23
39
|
|
|
@@ -28,8 +44,10 @@ module Config
|
|
|
28
44
|
# source.load #=> { secrets: { some_key: { test: { secret_data: 2 } } } }
|
|
29
45
|
#
|
|
30
46
|
# @param path [String]
|
|
31
|
-
|
|
32
|
-
|
|
47
|
+
# @param root [String] optional root
|
|
48
|
+
def add_path(path, root = nil)
|
|
49
|
+
root ||= @root
|
|
50
|
+
@paths << [path, root]
|
|
33
51
|
end
|
|
34
52
|
|
|
35
53
|
# Remove added paths
|
|
@@ -41,13 +59,17 @@ module Config
|
|
|
41
59
|
#
|
|
42
60
|
# @return [Hash]
|
|
43
61
|
def load
|
|
44
|
-
|
|
62
|
+
Vault.with_retries(Vault::HTTPError,
|
|
63
|
+
attempts: @attempts,
|
|
64
|
+
base: @base,
|
|
65
|
+
max_wait: @max_wait) do
|
|
66
|
+
process_paths
|
|
67
|
+
end
|
|
45
68
|
end
|
|
46
69
|
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
def client
|
|
70
|
+
private
|
|
71
|
+
|
|
72
|
+
def client_ops
|
|
51
73
|
unless kv.empty?
|
|
52
74
|
@client.kv(@kv)
|
|
53
75
|
else
|
|
@@ -55,8 +77,6 @@ module Config
|
|
|
55
77
|
end
|
|
56
78
|
end
|
|
57
79
|
|
|
58
|
-
private
|
|
59
|
-
|
|
60
80
|
def process_paths
|
|
61
81
|
root = {}
|
|
62
82
|
parsed_paths = @paths.map { |p| process_path(p) }
|
|
@@ -67,7 +87,7 @@ module Config
|
|
|
67
87
|
|
|
68
88
|
def process_path(path)
|
|
69
89
|
root = {}
|
|
70
|
-
subpaths = path.split('/')
|
|
90
|
+
subpaths = path.first.split('/')
|
|
71
91
|
stack = []
|
|
72
92
|
stack.push([nil, 0, root])
|
|
73
93
|
|
|
@@ -75,13 +95,13 @@ module Config
|
|
|
75
95
|
query_path, idx, parent = stack.pop
|
|
76
96
|
sp = subpaths[idx]
|
|
77
97
|
if sp.nil? || sp.eql?('*')
|
|
78
|
-
data =
|
|
98
|
+
data = client_ops.read(query_path)&.data
|
|
79
99
|
parent.merge!(data || {})
|
|
80
100
|
parent.compact!
|
|
81
101
|
end
|
|
82
102
|
|
|
83
103
|
if sp.eql?('**') || sp.eql?('*')
|
|
84
|
-
subtrees =
|
|
104
|
+
subtrees = client_ops.list(query_path)
|
|
85
105
|
subtrees.each do |st|
|
|
86
106
|
new_parent = {}
|
|
87
107
|
new_key = st.split('/').last.downcase.to_sym
|
|
@@ -98,7 +118,8 @@ module Config
|
|
|
98
118
|
end
|
|
99
119
|
end
|
|
100
120
|
|
|
101
|
-
if @
|
|
121
|
+
root = root.flatten if @flatten
|
|
122
|
+
if path.last
|
|
102
123
|
{ @root => root }
|
|
103
124
|
else
|
|
104
125
|
root
|
data/lib/config/vault/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rubyconfig-vault
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Young
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-04-
|
|
11
|
+
date: 2022-04-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: vault
|