rubyconfig-vault 1.0.2 → 1.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 63279ad2f29fabd8006dd8bdf3a69e49dabd2a1d5e3f89c1c695c9e6528f5154
-  data.tar.gz: 734327aae2db0747633a5a06101e2c2117ad54b0b441011bf4d58348da871c46
+  metadata.gz: 615bbf4df424a7d1f403b806113e097c81ef41752afa9ebd61771d45a10f4991
+  data.tar.gz: 563b9bd3cd608d49ee2050bd86dd0374cd8fd5a12549f3235f3170ddc65f889a
 SHA512:
-  metadata.gz: 4b6aac24bcb3781bae89ef0bc3e77fe5da3f5ada28308c711e5f8117e193cedcf12aaf5a6576ab080521f138325052c16c5e2246011fb086b38c7407cd32a839
-  data.tar.gz: 8455068a25f114a7a9a430e8daf25421c253f39788c673bcfd996ba208bfee086f7c5fb7d3dfd0c2f93c7349eb6792d4851b082c0753b60ebf729c04db2f2379
+  metadata.gz: 36c354d9baf5cce5f2cd4d0492caa90ae3b77ee4e0e7891d6e260f0a3b2a33f42c749193c5b7c4e82526b5ac9d55dd4d35e4a90a274f89302910deea94f71859
+  data.tar.gz: 652d144137915a2e7213fbf4cb4fb12efa3fecc8fe6861a376a67ff3c1f6ec7edfc44e364ec07553282b4cc687024c5aab29a826691e910c0d1fd57cd92b6965

data/lib/config/vault/vault_error.rb

@@ -0,0 +1,7 @@
+module Config
+  module Sources
+    class RecoverableVaultError < Exception; end
+
+    class VaultError < Exception; end
+  end
+end

data/lib/config/vault/vault_source.rb

@@ -1,10 +1,12 @@
+require 'config'
 require 'vault'
+require_relative 'vault_error'
 
 module Config
   module Sources
     # A vault source for Config
     class VaultSource
-      attr_accessor :kv, :root
+      attr_accessor :kv, :root, :flatten
       attr_reader :paths, :client
 
       # Create a new Config source, all Vault::Client parameters supported
@@ -35,7 +37,7 @@ module Config
             [p, @root]
           end
         end
-        @client = Vault::Client.new(client_opts)
+        @client = ::Vault::Client.new(client_opts)
       end
 
       # Add a path to Config source
@@ -67,10 +69,10 @@ module Config
       #
       # @return [Hash]
       def load
-        Vault.with_retries(Vault::HTTPError,
-                           attempts: @attempts,
-                           base: @base,
-                           max_wait: @max_wait) do
+        ::Vault.with_retries(RecoverableVaultError,
+                             attempts: @attempts,
+                             base: @base,
+                             max_wait: @max_wait) do
           process_paths
         end
       end
@@ -85,6 +87,30 @@ module Config
         end
       end
 
+      def read_at_path(query_path)
+        client_ops.read(query_path)&.data || {}
+      rescue ::Vault::HTTPClientError => e
+        if e.code == 403
+          raise VaultError, "Attempting to read at path #{query_path}\n#{e.response}", caller
+        else
+          raise RecoverableVaultError, e.response, caller
+        end
+      rescue ::Vault::HTTPError => e
+        raise RecoverableVaultError, e.response, caller
+      end
+
+      def list_at_path(query_path)
+        client_ops.list(query_path)
+      rescue ::Vault::HTTPClientError => e
+        if e.code == 403
+          raise VaultError, "Attempting to list at path #{query_path}\n#{e.response}", caller
+        else
+          raise RecoverableVaultError, e.response, caller
+        end
+      rescue ::Vault::HTTPError => e
+        raise RecoverableVaultError, e.response, caller
+      end
+
       def process_paths
         root = {}
         parsed_paths = @paths.map { |p| process_path(p) }
@@ -103,32 +129,35 @@ module Config
           query_path, idx, parent = stack.pop
           sp = subpaths[idx]
           if sp.nil? || sp.eql?('*')
-            data = client_ops.read(query_path)&.data || {}
-            parent.merge!(data)
-            parent.transform_keys! { |key| @map[key] || key }
-            parent.compact!
+            data = read_at_path(query_path)
+            node = root if @flatten
+            node = parent unless @flatten
+            node.merge!(data)
+            node.transform_keys! { |key| @map[key] || key }
+            node.compact!
           end
 
           if sp.eql?('**') || sp.eql?('*')
-            subtrees = client_ops.list(query_path)
+            subtrees = list_at_path(query_path)
             subtrees.each do |st|
               new_parent = {}
               new_key = st.split('/').last.downcase.to_sym
               new_query_path = [query_path, st].join('/')
-              parent[new_key] = new_parent
+              parent[new_key] = new_parent unless @flatten
               stack.push([new_query_path, idx + 1, new_parent])
             end
           elsif sp
             query_path = [query_path, sp].compact.join('/')
             idx += 1
             new_parent = {}
-            parent[sp.downcase.to_sym] = new_parent
+            parent[sp.downcase.to_sym] = new_parent unless @flatten
             stack.push([query_path, idx, new_parent])
           end
         end
 
-        root = root.flatten if @flatten
         if path.last
+          { path.last => root }
+        elsif @root
           { @root => root }
         else
           root

data/lib/config/vault/version.rb

@@ -1,5 +1,5 @@
 module Config
   module Vault
-    VERSION = "1.0.2"
+    VERSION = "1.0.5"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rubyconfig-vault
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.0.5
 platform: ruby
 authors:
 - David Young
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-04-15 00:00:00.000000000 Z
+date: 2022-04-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: vault
@@ -80,7 +80,7 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: 
+description:
 email:
 - da.young@f5.com
 executables: []
@@ -88,6 +88,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - lib/config/vault.rb
+- lib/config/vault/vault_error.rb
 - lib/config/vault/vault_source.rb
 - lib/config/vault/version.rb
 homepage: https://github.com/CrunchwrapSupreme/rubyconfig-vault
@@ -97,7 +98,7 @@ metadata:
   homepage_uri: https://github.com/CrunchwrapSupreme/rubyconfig-vault
   source_code_uri: https://github.com/CrunchwrapSupreme/rubyconfig-vault
   documentation_uri: https://www.rubydoc.info/gems/rubyconfig-vault/index
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -112,8 +113,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3.1
-signing_key: 
+rubygems_version: 3.1.2
+signing_key:
 specification_version: 4
 summary: Implements a ruby config source from vault
 test_files: []