secrets_cli 1.6.0 → 1.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/secrets_cli/check/vault.rb +8 -1
- data/lib/secrets_cli/vault/auth.rb +9 -5
- data/lib/secrets_cli/version.rb +1 -1
- data/secrets_cli.gemspec +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3b46cea0788b5373f0498f402bd1b5f12a9ec7cd
|
|
4
|
+
data.tar.gz: eaf28daf5525ac3228d0b72c967162219846c363
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2f7201d35de52f516793c6e9f4593c1dcaeed114b08fb3d85ead9d5e4f5556aa7e14bcde84c54813c9a9d7bb5e7e74895ddc19b7854ec2b10e7e276d7debfb90
|
|
7
|
+
data.tar.gz: b0ffcde8c188ff4089f24adf5664ef97bcb200a1548798791443044c0fce9643e9c77d60190df535fea4b5f16963b63544d9cb3944df5f1fa2459c009deb3222
|
|
@@ -12,9 +12,12 @@ module SecretsCli
|
|
|
12
12
|
def call
|
|
13
13
|
error! 'Missing VAULT_ADDR env' if ENV['VAULT_ADDR'].nil?
|
|
14
14
|
error! 'Missing VAULT_AUTH_METHOD env' if missing_auth_method?
|
|
15
|
-
|
|
15
|
+
case auth_method
|
|
16
|
+
when 'app_id'
|
|
16
17
|
error! 'Missing VAULT_AUTH_APP_ID' if missing_auth_app_id?
|
|
17
18
|
error! 'Missing VAULT_AUTH_USER_ID' if missing_auth_user_id?
|
|
19
|
+
when 'approle'
|
|
20
|
+
error! 'Missing VAULT_AUTH_ROLE_ID' if missing_auth_role_id?
|
|
18
21
|
else
|
|
19
22
|
error! 'Missing VAULT_AUTH_TOKEN env' if missing_auth_token?
|
|
20
23
|
end
|
|
@@ -38,6 +41,10 @@ module SecretsCli
|
|
|
38
41
|
options.auth_user_id.nil? && ENV['VAULT_AUTH_USER_ID'].nil?
|
|
39
42
|
end
|
|
40
43
|
|
|
44
|
+
def missing_auth_role_id?
|
|
45
|
+
options.auth_role_id.nil? && ENV['VAULT_AUTH_ROLE_ID'].nil?
|
|
46
|
+
end
|
|
47
|
+
|
|
41
48
|
def auth_method
|
|
42
49
|
ENV['VAULT_AUTH_METHOD']
|
|
43
50
|
end
|
|
@@ -6,15 +6,17 @@ module SecretsCli
|
|
|
6
6
|
def initialize(options)
|
|
7
7
|
super
|
|
8
8
|
SecretsCli::Check::Vault.new(options).call
|
|
9
|
-
@auth_method
|
|
10
|
-
@auth_token
|
|
11
|
-
@auth_app_id
|
|
12
|
-
@auth_user_id
|
|
9
|
+
@auth_method = ENV['VAULT_AUTH_METHOD']
|
|
10
|
+
@auth_token = ENV['VAULT_AUTH_TOKEN']
|
|
11
|
+
@auth_app_id = ENV['VAULT_AUTH_APP_ID']
|
|
12
|
+
@auth_user_id = ENV['VAULT_AUTH_USER_ID']
|
|
13
|
+
@auth_role_id = ENV['VAULT_AUTH_ROLE_ID']
|
|
14
|
+
@auth_secret_id = ENV['VAULT_AUTH_SECRET_ID']
|
|
13
15
|
end
|
|
14
16
|
|
|
15
17
|
private
|
|
16
18
|
|
|
17
|
-
attr_reader :auth_token, :auth_method, :auth_app_id, :auth_user_id
|
|
19
|
+
attr_reader :auth_token, :auth_method, :auth_app_id, :auth_user_id, :auth_role_id, :auth_secret_id
|
|
18
20
|
|
|
19
21
|
def command
|
|
20
22
|
case auth_method
|
|
@@ -24,6 +26,8 @@ module SecretsCli
|
|
|
24
26
|
::Vault.auth.token(auth_token).auth.policies
|
|
25
27
|
when 'app_id'
|
|
26
28
|
::Vault.auth.app_id(auth_app_id, auth_user_id).auth.policies
|
|
29
|
+
when 'approle'
|
|
30
|
+
::Vault.auth.approle(auth_role_id, auth_secret_id).auth.policies
|
|
27
31
|
else
|
|
28
32
|
error! "Unknown auth method #{auth_method}"
|
|
29
33
|
end
|
data/lib/secrets_cli/version.rb
CHANGED
data/secrets_cli.gemspec
CHANGED
|
@@ -34,5 +34,5 @@ Gem::Specification.new do |spec|
|
|
|
34
34
|
spec.add_runtime_dependency 'commander'
|
|
35
35
|
spec.add_runtime_dependency 'tty-prompt'
|
|
36
36
|
spec.add_runtime_dependency 'tty-file'
|
|
37
|
-
spec.add_runtime_dependency 'vault', '~> 0.
|
|
37
|
+
spec.add_runtime_dependency 'vault', '~> 0.7'
|
|
38
38
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secrets_cli
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stjepan Hadjic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-10-30 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -114,14 +114,14 @@ dependencies:
|
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 0.
|
|
117
|
+
version: '0.7'
|
|
118
118
|
type: :runtime
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 0.
|
|
124
|
+
version: '0.7'
|
|
125
125
|
description:
|
|
126
126
|
email:
|
|
127
127
|
- d4be4st@gmail.com
|
|
@@ -176,7 +176,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
176
176
|
version: '0'
|
|
177
177
|
requirements: []
|
|
178
178
|
rubyforge_project:
|
|
179
|
-
rubygems_version: 2.
|
|
179
|
+
rubygems_version: 2.6.11
|
|
180
180
|
signing_key:
|
|
181
181
|
specification_version: 4
|
|
182
182
|
summary: This is a CLI for easier use of https://www.vaultproject.io/
|