rubyconfig-vault 1.0.0 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/config/vault/vault_source.rb +53 -22
- data/lib/config/vault/version.rb +1 -1
- metadata +7 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0a737c714f6c9e6cdff7bc6ea5ad1cdb864929ea00552b49c0a711bf7985571e
|
|
4
|
+
data.tar.gz: 54d1b1055a1272b021c3b9411fefd41c2c6ee2e6ec2469fec1382e7becbd4502
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d6810e8ed8954833fd7de46c76f1ff0102ab8240d7c25b9eed16eee421bd73703c1ae2b6ac75b1a5b36b25c5857e763ef7c73c8641a6aa305702b9716f3ba1ca
|
|
7
|
+
data.tar.gz: f4b0a4031bff1d623978064ddef59656b60ae9cf7071ee0a2e31665d7397b4c15ed63462a9a356b5ee7e82b2b671d2daf6a94b2969f24fb3c7e402f85e005cd6
|
|
@@ -4,21 +4,38 @@ module Config
|
|
|
4
4
|
module Sources
|
|
5
5
|
# A vault source for Config
|
|
6
6
|
class VaultSource
|
|
7
|
-
attr_accessor :kv, :root
|
|
7
|
+
attr_accessor :kv, :root, :flatten
|
|
8
8
|
attr_reader :paths, :client
|
|
9
9
|
|
|
10
|
-
# Create a new Config source
|
|
10
|
+
# Create a new Config source, all Vault::Client parameters supported
|
|
11
11
|
#
|
|
12
12
|
# @param [Hash] opts
|
|
13
13
|
# @option opts [String, nil] :kv mount point for operations
|
|
14
14
|
# @option opts [Array<String>, nil] :paths paths for vault secrets
|
|
15
|
-
# @option opts [String, Symbol, nil] :root root key for data provided by source
|
|
15
|
+
# @option opts [String, Symbol, nil] :root default root key for data provided by source
|
|
16
|
+
# @option opts [Integer] :attempts number of attempts to try and resolve Vault::HTTPError
|
|
17
|
+
# @option opts [Number] :base interval for exponential backoff
|
|
18
|
+
# @option opts [Number] :max_wait maximum weight time for exponential backoff
|
|
19
|
+
# @option opts [Boolean] :flatten flatten the resulting hash. Preserves root option
|
|
16
20
|
def initialize(opts = {})
|
|
17
21
|
client_opts = opts.clone
|
|
18
22
|
@kv = client_opts.delete(:kv) || ''
|
|
19
|
-
@paths =
|
|
23
|
+
@paths = []
|
|
24
|
+
@attempts = client_opts.delete(:attempts) || 5
|
|
25
|
+
@base = client_opts.delete(:base) || 0.5
|
|
26
|
+
@max_wait = client_opts.delete(:max_wait) || 2.5
|
|
20
27
|
@root = client_opts.delete(:root)
|
|
21
|
-
@
|
|
28
|
+
@flatten = client_opts.delete(:flatten)
|
|
29
|
+
@paths << client_opts.delete(:paths) if client_opts.key?(:paths)
|
|
30
|
+
@map = {}
|
|
31
|
+
@paths.map! do |p|
|
|
32
|
+
if p.is_a?(Array)
|
|
33
|
+
p
|
|
34
|
+
else
|
|
35
|
+
[p, @root]
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
@client = ::Vault::Client.new(client_opts)
|
|
22
39
|
end
|
|
23
40
|
|
|
24
41
|
# Add a path to Config source
|
|
@@ -28,8 +45,17 @@ module Config
|
|
|
28
45
|
# source.load #=> { secrets: { some_key: { test: { secret_data: 2 } } } }
|
|
29
46
|
#
|
|
30
47
|
# @param path [String]
|
|
31
|
-
|
|
32
|
-
|
|
48
|
+
# @param root [String] optional root
|
|
49
|
+
def add_path(path, root = nil)
|
|
50
|
+
root ||= @root
|
|
51
|
+
@paths << [path, root]
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
# Re-map individual key names
|
|
55
|
+
#
|
|
56
|
+
# @param hsh [Hash] mappings for keys
|
|
57
|
+
def map(hsh)
|
|
58
|
+
@map = hsh
|
|
33
59
|
end
|
|
34
60
|
|
|
35
61
|
# Remove added paths
|
|
@@ -41,13 +67,17 @@ module Config
|
|
|
41
67
|
#
|
|
42
68
|
# @return [Hash]
|
|
43
69
|
def load
|
|
44
|
-
|
|
70
|
+
Vault.with_retries(Vault::HTTPError,
|
|
71
|
+
attempts: @attempts,
|
|
72
|
+
base: @base,
|
|
73
|
+
max_wait: @max_wait) do
|
|
74
|
+
process_paths
|
|
75
|
+
end
|
|
45
76
|
end
|
|
46
77
|
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
def client
|
|
78
|
+
private
|
|
79
|
+
|
|
80
|
+
def client_ops
|
|
51
81
|
unless kv.empty?
|
|
52
82
|
@client.kv(@kv)
|
|
53
83
|
else
|
|
@@ -55,8 +85,6 @@ module Config
|
|
|
55
85
|
end
|
|
56
86
|
end
|
|
57
87
|
|
|
58
|
-
private
|
|
59
|
-
|
|
60
88
|
def process_paths
|
|
61
89
|
root = {}
|
|
62
90
|
parsed_paths = @paths.map { |p| process_path(p) }
|
|
@@ -67,7 +95,7 @@ module Config
|
|
|
67
95
|
|
|
68
96
|
def process_path(path)
|
|
69
97
|
root = {}
|
|
70
|
-
subpaths = path.split('/')
|
|
98
|
+
subpaths = path.first.split('/')
|
|
71
99
|
stack = []
|
|
72
100
|
stack.push([nil, 0, root])
|
|
73
101
|
|
|
@@ -75,30 +103,33 @@ module Config
|
|
|
75
103
|
query_path, idx, parent = stack.pop
|
|
76
104
|
sp = subpaths[idx]
|
|
77
105
|
if sp.nil? || sp.eql?('*')
|
|
78
|
-
data =
|
|
79
|
-
|
|
80
|
-
parent
|
|
106
|
+
data = client_ops.read(query_path)&.data || {}
|
|
107
|
+
node = root if @flatten
|
|
108
|
+
node = parent unless @flatten
|
|
109
|
+
node.merge!(data)
|
|
110
|
+
node.transform_keys! { |key| @map[key] || key }
|
|
111
|
+
node.compact!
|
|
81
112
|
end
|
|
82
113
|
|
|
83
114
|
if sp.eql?('**') || sp.eql?('*')
|
|
84
|
-
subtrees =
|
|
115
|
+
subtrees = client_ops.list(query_path)
|
|
85
116
|
subtrees.each do |st|
|
|
86
117
|
new_parent = {}
|
|
87
118
|
new_key = st.split('/').last.downcase.to_sym
|
|
88
119
|
new_query_path = [query_path, st].join('/')
|
|
89
|
-
parent[new_key] = new_parent
|
|
120
|
+
parent[new_key] = new_parent unless @flatten
|
|
90
121
|
stack.push([new_query_path, idx + 1, new_parent])
|
|
91
122
|
end
|
|
92
123
|
elsif sp
|
|
93
124
|
query_path = [query_path, sp].compact.join('/')
|
|
94
125
|
idx += 1
|
|
95
126
|
new_parent = {}
|
|
96
|
-
parent[sp.downcase.to_sym] = new_parent
|
|
127
|
+
parent[sp.downcase.to_sym] = new_parent unless @flatten
|
|
97
128
|
stack.push([query_path, idx, new_parent])
|
|
98
129
|
end
|
|
99
130
|
end
|
|
100
131
|
|
|
101
|
-
if
|
|
132
|
+
if path.last
|
|
102
133
|
{ @root => root }
|
|
103
134
|
else
|
|
104
135
|
root
|
data/lib/config/vault/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rubyconfig-vault
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Young
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-04-
|
|
11
|
+
date: 2022-04-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: vault
|
|
@@ -80,7 +80,7 @@ dependencies:
|
|
|
80
80
|
- - ">="
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
82
|
version: '0'
|
|
83
|
-
description:
|
|
83
|
+
description:
|
|
84
84
|
email:
|
|
85
85
|
- da.young@f5.com
|
|
86
86
|
executables: []
|
|
@@ -97,7 +97,7 @@ metadata:
|
|
|
97
97
|
homepage_uri: https://github.com/CrunchwrapSupreme/rubyconfig-vault
|
|
98
98
|
source_code_uri: https://github.com/CrunchwrapSupreme/rubyconfig-vault
|
|
99
99
|
documentation_uri: https://www.rubydoc.info/gems/rubyconfig-vault/index
|
|
100
|
-
post_install_message:
|
|
100
|
+
post_install_message:
|
|
101
101
|
rdoc_options: []
|
|
102
102
|
require_paths:
|
|
103
103
|
- lib
|
|
@@ -112,8 +112,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
112
112
|
- !ruby/object:Gem::Version
|
|
113
113
|
version: '0'
|
|
114
114
|
requirements: []
|
|
115
|
-
rubygems_version: 3.
|
|
116
|
-
signing_key:
|
|
115
|
+
rubygems_version: 3.1.2
|
|
116
|
+
signing_key:
|
|
117
117
|
specification_version: 4
|
|
118
118
|
summary: Implements a ruby config source from vault
|
|
119
119
|
test_files: []
|