rubyconfig-vault 1.0.0 → 1.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/config/vault/vault_source.rb +53 -22
- data/lib/config/vault/version.rb +1 -1
- metadata +7 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0a737c714f6c9e6cdff7bc6ea5ad1cdb864929ea00552b49c0a711bf7985571e
|
|
4
|
+
data.tar.gz: 54d1b1055a1272b021c3b9411fefd41c2c6ee2e6ec2469fec1382e7becbd4502
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d6810e8ed8954833fd7de46c76f1ff0102ab8240d7c25b9eed16eee421bd73703c1ae2b6ac75b1a5b36b25c5857e763ef7c73c8641a6aa305702b9716f3ba1ca
|
|
7
|
+
data.tar.gz: f4b0a4031bff1d623978064ddef59656b60ae9cf7071ee0a2e31665d7397b4c15ed63462a9a356b5ee7e82b2b671d2daf6a94b2969f24fb3c7e402f85e005cd6
|
|
@@ -4,21 +4,38 @@ module Config
|
|
|
4
4
|
module Sources
|
|
5
5
|
# A vault source for Config
|
|
6
6
|
class VaultSource
|
|
7
|
-
attr_accessor :kv, :root
|
|
7
|
+
attr_accessor :kv, :root, :flatten
|
|
8
8
|
attr_reader :paths, :client
|
|
9
9
|
|
|
10
|
-
# Create a new Config source
|
|
10
|
+
# Create a new Config source, all Vault::Client parameters supported
|
|
11
11
|
#
|
|
12
12
|
# @param [Hash] opts
|
|
13
13
|
# @option opts [String, nil] :kv mount point for operations
|
|
14
14
|
# @option opts [Array<String>, nil] :paths paths for vault secrets
|
|
15
|
-
# @option opts [String, Symbol, nil] :root root key for data provided by source
|
|
15
|
+
# @option opts [String, Symbol, nil] :root default root key for data provided by source
|
|
16
|
+
# @option opts [Integer] :attempts number of attempts to try and resolve Vault::HTTPError
|
|
17
|
+
# @option opts [Number] :base interval for exponential backoff
|
|
18
|
+
# @option opts [Number] :max_wait maximum weight time for exponential backoff
|
|
19
|
+
# @option opts [Boolean] :flatten flatten the resulting hash. Preserves root option
|
|
16
20
|
def initialize(opts = {})
|
|
17
21
|
client_opts = opts.clone
|
|
18
22
|
@kv = client_opts.delete(:kv) || ''
|
|
19
|
-
@paths =
|
|
23
|
+
@paths = []
|
|
24
|
+
@attempts = client_opts.delete(:attempts) || 5
|
|
25
|
+
@base = client_opts.delete(:base) || 0.5
|
|
26
|
+
@max_wait = client_opts.delete(:max_wait) || 2.5
|
|
20
27
|
@root = client_opts.delete(:root)
|
|
21
|
-
@
|
|
28
|
+
@flatten = client_opts.delete(:flatten)
|
|
29
|
+
@paths << client_opts.delete(:paths) if client_opts.key?(:paths)
|
|
30
|
+
@map = {}
|
|
31
|
+
@paths.map! do |p|
|
|
32
|
+
if p.is_a?(Array)
|
|
33
|
+
p
|
|
34
|
+
else
|
|
35
|
+
[p, @root]
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
@client = ::Vault::Client.new(client_opts)
|
|
22
39
|
end
|
|
23
40
|
|
|
24
41
|
# Add a path to Config source
|
|
@@ -28,8 +45,17 @@ module Config
|
|
|
28
45
|
# source.load #=> { secrets: { some_key: { test: { secret_data: 2 } } } }
|
|
29
46
|
#
|
|
30
47
|
# @param path [String]
|
|
31
|
-
|
|
32
|
-
|
|
48
|
+
# @param root [String] optional root
|
|
49
|
+
def add_path(path, root = nil)
|
|
50
|
+
root ||= @root
|
|
51
|
+
@paths << [path, root]
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
# Re-map individual key names
|
|
55
|
+
#
|
|
56
|
+
# @param hsh [Hash] mappings for keys
|
|
57
|
+
def map(hsh)
|
|
58
|
+
@map = hsh
|
|
33
59
|
end
|
|
34
60
|
|
|
35
61
|
# Remove added paths
|
|
@@ -41,13 +67,17 @@ module Config
|
|
|
41
67
|
#
|
|
42
68
|
# @return [Hash]
|
|
43
69
|
def load
|
|
44
|
-
|
|
70
|
+
Vault.with_retries(Vault::HTTPError,
|
|
71
|
+
attempts: @attempts,
|
|
72
|
+
base: @base,
|
|
73
|
+
max_wait: @max_wait) do
|
|
74
|
+
process_paths
|
|
75
|
+
end
|
|
45
76
|
end
|
|
46
77
|
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
def client
|
|
78
|
+
private
|
|
79
|
+
|
|
80
|
+
def client_ops
|
|
51
81
|
unless kv.empty?
|
|
52
82
|
@client.kv(@kv)
|
|
53
83
|
else
|
|
@@ -55,8 +85,6 @@ module Config
|
|
|
55
85
|
end
|
|
56
86
|
end
|
|
57
87
|
|
|
58
|
-
private
|
|
59
|
-
|
|
60
88
|
def process_paths
|
|
61
89
|
root = {}
|
|
62
90
|
parsed_paths = @paths.map { |p| process_path(p) }
|
|
@@ -67,7 +95,7 @@ module Config
|
|
|
67
95
|
|
|
68
96
|
def process_path(path)
|
|
69
97
|
root = {}
|
|
70
|
-
subpaths = path.split('/')
|
|
98
|
+
subpaths = path.first.split('/')
|
|
71
99
|
stack = []
|
|
72
100
|
stack.push([nil, 0, root])
|
|
73
101
|
|
|
@@ -75,30 +103,33 @@ module Config
|
|
|
75
103
|
query_path, idx, parent = stack.pop
|
|
76
104
|
sp = subpaths[idx]
|
|
77
105
|
if sp.nil? || sp.eql?('*')
|
|
78
|
-
data =
|
|
79
|
-
|
|
80
|
-
parent
|
|
106
|
+
data = client_ops.read(query_path)&.data || {}
|
|
107
|
+
node = root if @flatten
|
|
108
|
+
node = parent unless @flatten
|
|
109
|
+
node.merge!(data)
|
|
110
|
+
node.transform_keys! { |key| @map[key] || key }
|
|
111
|
+
node.compact!
|
|
81
112
|
end
|
|
82
113
|
|
|
83
114
|
if sp.eql?('**') || sp.eql?('*')
|
|
84
|
-
subtrees =
|
|
115
|
+
subtrees = client_ops.list(query_path)
|
|
85
116
|
subtrees.each do |st|
|
|
86
117
|
new_parent = {}
|
|
87
118
|
new_key = st.split('/').last.downcase.to_sym
|
|
88
119
|
new_query_path = [query_path, st].join('/')
|
|
89
|
-
parent[new_key] = new_parent
|
|
120
|
+
parent[new_key] = new_parent unless @flatten
|
|
90
121
|
stack.push([new_query_path, idx + 1, new_parent])
|
|
91
122
|
end
|
|
92
123
|
elsif sp
|
|
93
124
|
query_path = [query_path, sp].compact.join('/')
|
|
94
125
|
idx += 1
|
|
95
126
|
new_parent = {}
|
|
96
|
-
parent[sp.downcase.to_sym] = new_parent
|
|
127
|
+
parent[sp.downcase.to_sym] = new_parent unless @flatten
|
|
97
128
|
stack.push([query_path, idx, new_parent])
|
|
98
129
|
end
|
|
99
130
|
end
|
|
100
131
|
|
|
101
|
-
if
|
|
132
|
+
if path.last
|
|
102
133
|
{ @root => root }
|
|
103
134
|
else
|
|
104
135
|
root
|
data/lib/config/vault/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rubyconfig-vault
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Young
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-04-
|
|
11
|
+
date: 2022-04-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: vault
|
|
@@ -80,7 +80,7 @@ dependencies:
|
|
|
80
80
|
- - ">="
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
82
|
version: '0'
|
|
83
|
-
description:
|
|
83
|
+
description:
|
|
84
84
|
email:
|
|
85
85
|
- da.young@f5.com
|
|
86
86
|
executables: []
|
|
@@ -97,7 +97,7 @@ metadata:
|
|
|
97
97
|
homepage_uri: https://github.com/CrunchwrapSupreme/rubyconfig-vault
|
|
98
98
|
source_code_uri: https://github.com/CrunchwrapSupreme/rubyconfig-vault
|
|
99
99
|
documentation_uri: https://www.rubydoc.info/gems/rubyconfig-vault/index
|
|
100
|
-
post_install_message:
|
|
100
|
+
post_install_message:
|
|
101
101
|
rdoc_options: []
|
|
102
102
|
require_paths:
|
|
103
103
|
- lib
|
|
@@ -112,8 +112,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
112
112
|
- !ruby/object:Gem::Version
|
|
113
113
|
version: '0'
|
|
114
114
|
requirements: []
|
|
115
|
-
rubygems_version: 3.
|
|
116
|
-
signing_key:
|
|
115
|
+
rubygems_version: 3.1.2
|
|
116
|
+
signing_key:
|
|
117
117
|
specification_version: 4
|
|
118
118
|
summary: Implements a ruby config source from vault
|
|
119
119
|
test_files: []
|