rubyconfig-vault 1.0.2 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/config/vault/vault_error.rb +7 -0
- data/lib/config/vault/vault_source.rb +43 -14
- data/lib/config/vault/version.rb +1 -1
- metadata +8 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 615bbf4df424a7d1f403b806113e097c81ef41752afa9ebd61771d45a10f4991
|
|
4
|
+
data.tar.gz: 563b9bd3cd608d49ee2050bd86dd0374cd8fd5a12549f3235f3170ddc65f889a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 36c354d9baf5cce5f2cd4d0492caa90ae3b77ee4e0e7891d6e260f0a3b2a33f42c749193c5b7c4e82526b5ac9d55dd4d35e4a90a274f89302910deea94f71859
|
|
7
|
+
data.tar.gz: 652d144137915a2e7213fbf4cb4fb12efa3fecc8fe6861a376a67ff3c1f6ec7edfc44e364ec07553282b4cc687024c5aab29a826691e910c0d1fd57cd92b6965
|
|
@@ -1,10 +1,12 @@
|
|
|
1
|
+
require 'config'
|
|
1
2
|
require 'vault'
|
|
3
|
+
require_relative 'vault_error'
|
|
2
4
|
|
|
3
5
|
module Config
|
|
4
6
|
module Sources
|
|
5
7
|
# A vault source for Config
|
|
6
8
|
class VaultSource
|
|
7
|
-
attr_accessor :kv, :root
|
|
9
|
+
attr_accessor :kv, :root, :flatten
|
|
8
10
|
attr_reader :paths, :client
|
|
9
11
|
|
|
10
12
|
# Create a new Config source, all Vault::Client parameters supported
|
|
@@ -35,7 +37,7 @@ module Config
|
|
|
35
37
|
[p, @root]
|
|
36
38
|
end
|
|
37
39
|
end
|
|
38
|
-
@client = Vault::Client.new(client_opts)
|
|
40
|
+
@client = ::Vault::Client.new(client_opts)
|
|
39
41
|
end
|
|
40
42
|
|
|
41
43
|
# Add a path to Config source
|
|
@@ -67,10 +69,10 @@ module Config
|
|
|
67
69
|
#
|
|
68
70
|
# @return [Hash]
|
|
69
71
|
def load
|
|
70
|
-
Vault.with_retries(
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
72
|
+
::Vault.with_retries(RecoverableVaultError,
|
|
73
|
+
attempts: @attempts,
|
|
74
|
+
base: @base,
|
|
75
|
+
max_wait: @max_wait) do
|
|
74
76
|
process_paths
|
|
75
77
|
end
|
|
76
78
|
end
|
|
@@ -85,6 +87,30 @@ module Config
|
|
|
85
87
|
end
|
|
86
88
|
end
|
|
87
89
|
|
|
90
|
+
def read_at_path(query_path)
|
|
91
|
+
client_ops.read(query_path)&.data || {}
|
|
92
|
+
rescue ::Vault::HTTPClientError => e
|
|
93
|
+
if e.code == 403
|
|
94
|
+
raise VaultError, "Attempting to read at path #{query_path}\n#{e.response}", caller
|
|
95
|
+
else
|
|
96
|
+
raise RecoverableVaultError, e.response, caller
|
|
97
|
+
end
|
|
98
|
+
rescue ::Vault::HTTPError => e
|
|
99
|
+
raise RecoverableVaultError, e.response, caller
|
|
100
|
+
end
|
|
101
|
+
|
|
102
|
+
def list_at_path(query_path)
|
|
103
|
+
client_ops.list(query_path)
|
|
104
|
+
rescue ::Vault::HTTPClientError => e
|
|
105
|
+
if e.code == 403
|
|
106
|
+
raise VaultError, "Attempting to list at path #{query_path}\n#{e.response}", caller
|
|
107
|
+
else
|
|
108
|
+
raise RecoverableVaultError, e.response, caller
|
|
109
|
+
end
|
|
110
|
+
rescue ::Vault::HTTPError => e
|
|
111
|
+
raise RecoverableVaultError, e.response, caller
|
|
112
|
+
end
|
|
113
|
+
|
|
88
114
|
def process_paths
|
|
89
115
|
root = {}
|
|
90
116
|
parsed_paths = @paths.map { |p| process_path(p) }
|
|
@@ -103,32 +129,35 @@ module Config
|
|
|
103
129
|
query_path, idx, parent = stack.pop
|
|
104
130
|
sp = subpaths[idx]
|
|
105
131
|
if sp.nil? || sp.eql?('*')
|
|
106
|
-
data =
|
|
107
|
-
|
|
108
|
-
parent
|
|
109
|
-
|
|
132
|
+
data = read_at_path(query_path)
|
|
133
|
+
node = root if @flatten
|
|
134
|
+
node = parent unless @flatten
|
|
135
|
+
node.merge!(data)
|
|
136
|
+
node.transform_keys! { |key| @map[key] || key }
|
|
137
|
+
node.compact!
|
|
110
138
|
end
|
|
111
139
|
|
|
112
140
|
if sp.eql?('**') || sp.eql?('*')
|
|
113
|
-
subtrees =
|
|
141
|
+
subtrees = list_at_path(query_path)
|
|
114
142
|
subtrees.each do |st|
|
|
115
143
|
new_parent = {}
|
|
116
144
|
new_key = st.split('/').last.downcase.to_sym
|
|
117
145
|
new_query_path = [query_path, st].join('/')
|
|
118
|
-
parent[new_key] = new_parent
|
|
146
|
+
parent[new_key] = new_parent unless @flatten
|
|
119
147
|
stack.push([new_query_path, idx + 1, new_parent])
|
|
120
148
|
end
|
|
121
149
|
elsif sp
|
|
122
150
|
query_path = [query_path, sp].compact.join('/')
|
|
123
151
|
idx += 1
|
|
124
152
|
new_parent = {}
|
|
125
|
-
parent[sp.downcase.to_sym] = new_parent
|
|
153
|
+
parent[sp.downcase.to_sym] = new_parent unless @flatten
|
|
126
154
|
stack.push([query_path, idx, new_parent])
|
|
127
155
|
end
|
|
128
156
|
end
|
|
129
157
|
|
|
130
|
-
root = root.flatten if @flatten
|
|
131
158
|
if path.last
|
|
159
|
+
{ path.last => root }
|
|
160
|
+
elsif @root
|
|
132
161
|
{ @root => root }
|
|
133
162
|
else
|
|
134
163
|
root
|
data/lib/config/vault/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rubyconfig-vault
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Young
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-04-
|
|
11
|
+
date: 2022-04-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: vault
|
|
@@ -80,7 +80,7 @@ dependencies:
|
|
|
80
80
|
- - ">="
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
82
|
version: '0'
|
|
83
|
-
description:
|
|
83
|
+
description:
|
|
84
84
|
email:
|
|
85
85
|
- da.young@f5.com
|
|
86
86
|
executables: []
|
|
@@ -88,6 +88,7 @@ extensions: []
|
|
|
88
88
|
extra_rdoc_files: []
|
|
89
89
|
files:
|
|
90
90
|
- lib/config/vault.rb
|
|
91
|
+
- lib/config/vault/vault_error.rb
|
|
91
92
|
- lib/config/vault/vault_source.rb
|
|
92
93
|
- lib/config/vault/version.rb
|
|
93
94
|
homepage: https://github.com/CrunchwrapSupreme/rubyconfig-vault
|
|
@@ -97,7 +98,7 @@ metadata:
|
|
|
97
98
|
homepage_uri: https://github.com/CrunchwrapSupreme/rubyconfig-vault
|
|
98
99
|
source_code_uri: https://github.com/CrunchwrapSupreme/rubyconfig-vault
|
|
99
100
|
documentation_uri: https://www.rubydoc.info/gems/rubyconfig-vault/index
|
|
100
|
-
post_install_message:
|
|
101
|
+
post_install_message:
|
|
101
102
|
rdoc_options: []
|
|
102
103
|
require_paths:
|
|
103
104
|
- lib
|
|
@@ -112,8 +113,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
112
113
|
- !ruby/object:Gem::Version
|
|
113
114
|
version: '0'
|
|
114
115
|
requirements: []
|
|
115
|
-
rubygems_version: 3.
|
|
116
|
-
signing_key:
|
|
116
|
+
rubygems_version: 3.1.2
|
|
117
|
+
signing_key:
|
|
117
118
|
specification_version: 4
|
|
118
119
|
summary: Implements a ruby config source from vault
|
|
119
120
|
test_files: []
|