rubyconfig-vault 1.0.0 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/config/vault/vault_source.rb +37 -16
- data/lib/config/vault/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 46de173dcd36067470c87796ac1767b87b0dfa8a45deccab555e3f4e46f27eba
|
4
|
+
data.tar.gz: a46241218beef3db50686fdd504804c0996b3a773dc7d5fdf0c6cffe2250ae8e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2714a2880f99e0adfa77bbcdfb1b0bc00fe26ecc087846d47dce9d1c644f37c39ce459c1474810f4d6b9200094b197dab593f80e26023643854eb27d3b828859
|
7
|
+
data.tar.gz: d31a1275c69520b68ed8d3c7bb6bb68fbd852ac50e8337899ab310114c76d4086697407067cfb13d6c391b98bb3f96fbcf40202bb7a8a322a13a4176c35962b5
|
@@ -7,17 +7,33 @@ module Config
|
|
7
7
|
attr_accessor :kv, :root
|
8
8
|
attr_reader :paths, :client
|
9
9
|
|
10
|
-
# Create a new Config source
|
10
|
+
# Create a new Config source, all Vault::Client parameters supported
|
11
11
|
#
|
12
12
|
# @param [Hash] opts
|
13
13
|
# @option opts [String, nil] :kv mount point for operations
|
14
14
|
# @option opts [Array<String>, nil] :paths paths for vault secrets
|
15
|
-
# @option opts [String, Symbol, nil] :root root key for data provided by source
|
15
|
+
# @option opts [String, Symbol, nil] :root default root key for data provided by source
|
16
|
+
# @option opts [Integer] :attempts number of attempts to try and resolve Vault::HTTPError
|
17
|
+
# @option opts [Number] :base interval for exponential backoff
|
18
|
+
# @option opts [Number] :max_wait maximum weight time for exponential backoff
|
19
|
+
# @option opts [Boolean] :flatten flatten the resulting hash. Preserves root option
|
16
20
|
def initialize(opts = {})
|
17
21
|
client_opts = opts.clone
|
18
22
|
@kv = client_opts.delete(:kv) || ''
|
19
|
-
@paths =
|
23
|
+
@paths = []
|
24
|
+
@attempts = client_opts.delete(:attempts) || 5
|
25
|
+
@base = client_opts.delete(:base) || 0.5
|
26
|
+
@max_wait = client_opts.delete(:max_wait) || 2.5
|
20
27
|
@root = client_opts.delete(:root)
|
28
|
+
@flatten = client_opts.delete(:flatten)
|
29
|
+
@paths << client_opts.delete(:paths) if client_opts.key?(:paths)
|
30
|
+
@paths.map! do |p|
|
31
|
+
if p.is_a?(Array)
|
32
|
+
p
|
33
|
+
else
|
34
|
+
[p, @root]
|
35
|
+
end
|
36
|
+
end
|
21
37
|
@client = Vault::Client.new(client_opts)
|
22
38
|
end
|
23
39
|
|
@@ -28,8 +44,10 @@ module Config
|
|
28
44
|
# source.load #=> { secrets: { some_key: { test: { secret_data: 2 } } } }
|
29
45
|
#
|
30
46
|
# @param path [String]
|
31
|
-
|
32
|
-
|
47
|
+
# @param root [String] optional root
|
48
|
+
def add_path(path, root = nil)
|
49
|
+
root ||= @root
|
50
|
+
@paths << [path, root]
|
33
51
|
end
|
34
52
|
|
35
53
|
# Remove added paths
|
@@ -41,13 +59,17 @@ module Config
|
|
41
59
|
#
|
42
60
|
# @return [Hash]
|
43
61
|
def load
|
44
|
-
|
62
|
+
Vault.with_retries(Vault::HTTPError,
|
63
|
+
attempts: @attempts,
|
64
|
+
base: @base,
|
65
|
+
max_wait: @max_wait) do
|
66
|
+
process_paths
|
67
|
+
end
|
45
68
|
end
|
46
69
|
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
def client
|
70
|
+
private
|
71
|
+
|
72
|
+
def client_ops
|
51
73
|
unless kv.empty?
|
52
74
|
@client.kv(@kv)
|
53
75
|
else
|
@@ -55,8 +77,6 @@ module Config
|
|
55
77
|
end
|
56
78
|
end
|
57
79
|
|
58
|
-
private
|
59
|
-
|
60
80
|
def process_paths
|
61
81
|
root = {}
|
62
82
|
parsed_paths = @paths.map { |p| process_path(p) }
|
@@ -67,7 +87,7 @@ module Config
|
|
67
87
|
|
68
88
|
def process_path(path)
|
69
89
|
root = {}
|
70
|
-
subpaths = path.split('/')
|
90
|
+
subpaths = path.first.split('/')
|
71
91
|
stack = []
|
72
92
|
stack.push([nil, 0, root])
|
73
93
|
|
@@ -75,13 +95,13 @@ module Config
|
|
75
95
|
query_path, idx, parent = stack.pop
|
76
96
|
sp = subpaths[idx]
|
77
97
|
if sp.nil? || sp.eql?('*')
|
78
|
-
data =
|
98
|
+
data = client_ops.read(query_path)&.data
|
79
99
|
parent.merge!(data || {})
|
80
100
|
parent.compact!
|
81
101
|
end
|
82
102
|
|
83
103
|
if sp.eql?('**') || sp.eql?('*')
|
84
|
-
subtrees =
|
104
|
+
subtrees = client_ops.list(query_path)
|
85
105
|
subtrees.each do |st|
|
86
106
|
new_parent = {}
|
87
107
|
new_key = st.split('/').last.downcase.to_sym
|
@@ -98,7 +118,8 @@ module Config
|
|
98
118
|
end
|
99
119
|
end
|
100
120
|
|
101
|
-
if @
|
121
|
+
root = root.flatten if @flatten
|
122
|
+
if path.last
|
102
123
|
{ @root => root }
|
103
124
|
else
|
104
125
|
root
|
data/lib/config/vault/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rubyconfig-vault
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Young
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-04-
|
11
|
+
date: 2022-04-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: vault
|