RubyGems - smart_proxy_vault - Versions diffs - 0.2.0 - Mend

smart_proxy_vault 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

checksums.yaml +7 -0
data/LICENSE +675 -0
data/README.md +152 -0
data/bundler.d/vault.rb +1 -0
data/lib/smart_proxy_vault/authentication/chef.rb +54 -0
data/lib/smart_proxy_vault/authentication.rb +33 -0
data/lib/smart_proxy_vault/helpers.rb +31 -0
data/lib/smart_proxy_vault/https_config.ru +3 -0
data/lib/smart_proxy_vault/vault.rb +14 -0
data/lib/smart_proxy_vault/vault_api.rb +20 -0
data/lib/smart_proxy_vault/vault_backend.rb +43 -0
data/lib/smart_proxy_vault/version.rb +3 -0
data/lib/smart_proxy_vault.rb +11 -0
data/settings.d/vault.yml.example +16 -0
data/test/authentication_chef_test.rb +102 -0
data/test/factories/rsa.rb +11 -0
data/test/fixtures/authentication/chef/bender.pem +27 -0
data/test/fixtures/authentication/chef/fry.pem +27 -0
data/test/request_test.rb +72 -0
data/test/test_helper.rb +23 -0
metadata +225 -0

data/test/factories/rsa.rb ADDED Viewed

@@ -0,0 +1,11 @@
+FactoryGirl.define do
+  factory :rsa, class: OpenSSL::PKey::RSA do
+    skip_create
+    transient do
+      file nil
+    end
+    initialize_with { new(File.read(file)) }
+  end
+end

data/test/fixtures/authentication/chef/bender.pem ADDED Viewed

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA1HErnHpWXQansmIIjhdxfaFrA5CO+Zfz5Q7RIB4KbM4hwi/L
+0KrfOL5r6mGsBiTU4jYMMSRYZx5djIF718taLu4oM18ydzHOsaDROWuDLfLm33xI
+u6U3n8gQCgDXxJghQzjEaC4Dv4DLYmHXkrEXd+O6dIrCW7tMCCQ+bBojkyMx0U2z
+V1JQUjaBzxaY34a7Lkvp32QdcCazMrV+VYExIECChaBDG+kgPGihPGPEqzzcNOgT
+LCrEnhElX6yT2qIhTJKW9/babMuc/ETgT1EwotWLiRMshg2ebvHkNaGYEUtPUvQp
+BwGhxZoltlzZTjsj/+RB+65Ao6tZ8XSIfWGLJQIDAQABAoIBAQCssAXMX+G+Ir/E
+kE31+vaFMeaEckjWeP+H7eBupBzDT1g/uoyJ5awoOxoL3zNvlxb5fwewFqRJxnQy
+17psst9vEKbbA4JJQ9KJr3kDnPJ4MmAbwLJ63hV2K7FmAENkimlXdFireuQPEknB
+glky5AN4sEQLohPVb02hvJyFUUYjvlbfGhu0hJNIFtddTJ+kLANpB6AIw8EBnkZN
+U1G7aOxbEsrKPFClTofHlcHRnaVmbw3aoi5FK9hWSEXTQv9WITcNbux+IpxFCWVg
+t1aei+pS7Ylo9ZjqcH8pla2xhndGtbjrWh7JSEiMLXRtGBwO01cNHfKQAn2L3Y5O
+yOTbjXYBAoGBAPwuf46opRMQTO+sjmz0OK1DtHwfkNRdus5d4a95+xmrhn4NFuem
+4c/J0ri//U/i4NbUWySdS0SIvV0aK7iWOZtw9m7drzBxdMI8ZhdftMepAs/feT76
+h9u/Ihvq+QTK5dq/esu43Z8IUSdaLFfzHigQsRIuUxl8bFd1hU1hRv2BAoGBANeo
+omQGSvqLkwcOJvGGRHgyr/NWrH4ENxoLO0YLEggnzO1xbItfvB5NZMtuM+Xqqczn
+uPM7ap68kCl/UEfBDwQVfJ03NUp2Bg8G/L2JvOthuhu+rE8uguTAikZ1Fvi2S7M0
+eG0/a9kVarSkX8kGRXX9gXgEupYTUoJjhtbdwaelAoGAEw0UN9vHtLv7g/O+Qr7k
+dTpzLRlZYKHAFg0DmrUVYigSHf2xKEj0MDVoBOsEIP/byn76b7auU/wciicK/IPk
+0DhldZSrwnYfwvi7IbLqPlcnTjrstvRIRTKYShGjRFhrqu3iQfeyTmxbbSSjyvUj
+5xTzu5LiVj+PE8BeFK1vpoECgYB1fFoTcdYxDg6oHk6a75Gnhb2TLJnGARffqVS+
+QNOu+7fJdywx9ZKvU2xg4wWE8MVWarq4T5szJPjIkqIypPtAN1Bu+Z+flBKS5zST
+MVFpThEsgkCu1mDarAXogmtkTTOKSkB9C7r+RYufI5lHE5KNx/BbaQAZOCeP/xZ7
+Qc35PQKBgGYpFugtnwKhzVTVTRFNcJRpq067ipF+7wuPTxp7QwGrQaskkvmk7hwF
+pH8bkz66Qbkpt4d1X19iNjWDk50o/qdrrpgy58Smmm0fGasu8D38GCLX1bHuyt1g
+gcH5fJhMRpcja71fpm+4x2TtbfQHwEP0DB3+v+HIjrrRAPw4+pBD
+-----END RSA PRIVATE KEY-----

data/test/fixtures/authentication/chef/fry.pem ADDED Viewed

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAvTDysb7cu7imRl9Qsh/L1qH3+it7a1oZR2Da0Gx7pWNnEfbb
+5bafinjZH1Bqf7EWzOYW+FnRkosuRBJ5yStXJFAGPsocorQ22nY9YVpovnSQItx5
+QilWgw8SfNnhG5KNGFpp6pdh7p6lB0jCIz0q7d4x+obnnnUL6vGAvfGR8UDjcvtG
+KAuPd1iS44FdcA2MvClj6ZUTg12UmYJHltGype59Ng98h4C2dxfWUAXK9EODuvDI
+OakwQPr8w3To07EqtNc0mbv6miPYKiRbYA/0/t+ExJqnk685Vr2Y6Yq2GP/DZTGG
+ZwILmMXaoQ7p9sMILVSQ7hNFht2B/U++bop5qwIDAQABAoIBAFaBYRcg3DEBdxXK
+U01++GdFW+uJoj8tzU0z3hla4RZ4YxJ1u4pHfJ+GLlEBJhEI2hIKSwp3lznYZek+
+QW1YYdn6tUBUjc9fc41kbyBqhGZBSf6GrPMxj5sRczSfMyy2T8mI3dEkMuU2qOKx
+xAL03wIwjM2ujY2Im1Br6J/xKvgSGCGSsf3MSD5n0dkpaSqGSMFYbd2UebCxj3nR
+cPknFEXTVpWNkY/Ijg/VE7TPGY6U9FXvT/MA1HAgseHu+bzN22cghDCcvRFCAHsi
+dp8TzxzQQSuem0gIA72J87T8IKErzIJOu5BnPbQozaFNHAvv4QIuAEoC2YAwIdLs
+lHDYXaECgYEA4JzcE8K4s6U+JWMzYZAVUJj210x6tz4Oy2EBturfVMGzOjBW5ec1
+bhhofcIOAWlU0qsWMNdbI7n1YUGRrIXDYAqBFDDqnFrxFTaO9UCxCbVeRuv31nCA
+2YK3CmndwRhl1/tijLXdz3qKoPAPY4oWYinFMq1AxNPY7HYYbPIBBdkCgYEA16Dx
+bVagmYnCq/WW533mijlL8iOIb1Qpc5ugpVuXN7sOtwvEqJ+O8dfH78iz6x6V40DK
+kM2dltSmscg9lty8xSNf43iUj8vgIr5AAUji2xWRl9KFZ3jShZM4joq/r8aXK+Uk
+VpiZYDEbabgmn54SHUYeW28U3nnECHCXOkV+9SMCgYBP7IEDJw7CHdJ3S01FMhfj
+jgqHodcozRRGmkYZ6Il/h01XL0w8koEYo+bKmPqS1gAw1mAXEQqFM+50pPhJA2/6
+BMLZhG53JIUUn01PR623XqolYmHWFEJFI5YuRm16AEx9Bh6TI0PCSEB78/AF42UD
+mQlqduvNHfTab0tRuOtUQQKBgQDPeBJzYmNZ95uwOrd8er3kBucUzq2KeI79piL2
+l16zB69L3e3VVNiDx1ufUhwSwLX1FzUQCFZ1dpwA+KqRykdy4utzAWTnyoEYzLbm
+xYtIwsL4Ml2bRjxAu3syYzu2U7zGRk4lZ+RDElzO5pl7AOtq8TlqPkH1IXHFsRdA
+wPc7wwKBgQCu4qfs2ZRMQ6U33uEos72NNyP3U8dXf2t1uzCJeUQyJW3YjPnI2u4G
+VbFRnQz3YzDzCwcA0QWvP5zaYnh4BGm+FmTvkpxwRwnvEoN6SkQl0UCkCMRnnn3b
+lV/ydwWLv4dPoSFFSBs6SZEZXUS+C87d0/dpzVmMkJn0xAP4s3ufaA==
+-----END RSA PRIVATE KEY-----

data/test/request_test.rb ADDED Viewed

@@ -0,0 +1,72 @@
+require 'test_helper'
+require 'smart_proxy_vault'
+class RequestTest < Test::Unit::TestCase
+  include Rack::Test::Methods
+  ###
+  # Helper Methods
+  ###
+  def stub_authorized?(bool)
+    any_instance_of(VaultPlugin::VaultAPI) do |klass|
+      stub(klass).authorized? { true }
+    end
+  end
+  def stub_client
+    any_instance_of(VaultPlugin::VaultAPI) do |klass|
+      stub(klass).client { 'fry' }
+    end
+  end
+  def token
+    {:lease_id => "",
+     :renewable => false,
+     :lease_duration => 43200,
+     :data => nil,
+     :warnings => nil,
+     :auth => { :client_token => "GUID", :lease_duration => 43200, :renewable => true }}
+  end
+  def stub_response
+    stub_request(:post, "https://vault.example.com/v1/auth/token/create").
+    with(:body => "{\"ttl\":\"12h\"}",
+         :headers => { 'Accept'=>['*/*', 'application/json'], 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
+                       'Content-Type'=>'application/json', 'User-Agent'=>['Ruby', 'VaultRuby/0.3.0 (+github.com/hashicorp/vault-ruby)'],
+                       'X-Vault-Token'=>'GUID' }).
+    to_return(:status => 200, :body => token.to_json, :headers => { 'Content-Type'=>'application/json' })
+  end
+  ###
+  # Test Methods
+  ###
+  def app
+    VaultPlugin::VaultAPI.new
+  end
+  def setup
+    stub_authorized?(true)
+    stub_client
+    stub.proxy(::VaultPlugin::Plugin.settings).token_options {{
+      ttl: '12h'
+    }}
+    stub.proxy(::VaultPlugin::Plugin.settings).vault {{
+      address: 'https://vault.example.com',
+      token: 'GUID',
+      ssl_verify: true
+    }}
+  end
+  def test_vault_token_issue
+    stub_response
+    get '/token/issue', ttl: '12h'
+    assert last_response.ok?
+  end
+  def test_bad_ttl_override
+    get '/token/issue', ttl: '24h'
+    assert last_response.bad_request?
+  end
+end

data/test/test_helper.rb ADDED Viewed

@@ -0,0 +1,23 @@
+require "codeclimate-test-reporter"
+CodeClimate::TestReporter.start
+$: << File.join(File.dirname(__FILE__), '..', 'lib')
+require 'openssl'
+require 'test/unit'
+require 'webmock/test_unit'
+require 'rack/test'
+require 'rr'
+require 'factory_girl'
+FactoryGirl.find_definitions
+require 'smart_proxy_for_testing'
+class Test::Unit::TestCase
+  include FactoryGirl::Syntax::Methods
+end
+logdir = File.join(File.dirname(__FILE__), '..', 'logs')
+FileUtils.mkdir_p(logdir) unless File.exists?(logdir)
+WebMock.disable_net_connect!(:allow => "codeclimate.com")

metadata ADDED Viewed

@@ -0,0 +1,225 @@
+--- !ruby/object:Gem::Specification
+name: smart_proxy_vault
+version: !ruby/object:Gem::Version
+  version: 0.2.0
+platform: ruby
+authors:
+- Riley
+- Shott
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2016-04-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
+- !ruby/object:Gem::Dependency
+  name: test-unit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: factory_girl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: rr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: chef-api
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.5.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.5.0
+- !ruby/object:Gem::Dependency
+  name: vault
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+description: Authenticates a client & returns a Vault token
+email: riley.shott@visioncritical.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- README.md
+- LICENSE
+files:
+- LICENSE
+- README.md
+- bundler.d/vault.rb
+- lib/smart_proxy_vault.rb
+- lib/smart_proxy_vault/authentication.rb
+- lib/smart_proxy_vault/authentication/chef.rb
+- lib/smart_proxy_vault/helpers.rb
+- lib/smart_proxy_vault/https_config.ru
+- lib/smart_proxy_vault/vault.rb
+- lib/smart_proxy_vault/vault_api.rb
+- lib/smart_proxy_vault/vault_backend.rb
+- lib/smart_proxy_vault/version.rb
+- settings.d/vault.yml.example
+- test/authentication_chef_test.rb
+- test/factories/rsa.rb
+- test/fixtures/authentication/chef/bender.pem
+- test/fixtures/authentication/chef/fry.pem
+- test/request_test.rb
+- test/test_helper.rb
+homepage: http://github.com/visioncritical/smart_proxy_vault
+licenses:
+- GPLv3
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.6
+signing_key:
+specification_version: 4
+summary: Authenticates a client & returns a Vault token
+test_files:
+- test/authentication_chef_test.rb
+- test/factories/rsa.rb
+- test/fixtures/authentication/chef/bender.pem
+- test/fixtures/authentication/chef/fry.pem
+- test/request_test.rb
+- test/test_helper.rb