smart_proxy_vault 0.4.0 → 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/lib/smart_proxy_vault/api.rb +12 -22
- data/lib/smart_proxy_vault/endpoint.rb +1 -0
- data/lib/smart_proxy_vault/helpers.rb +8 -0
- data/lib/smart_proxy_vault/version.rb +1 -1
- data/test/helpers/helpers.rb +18 -0
- data/test/request_test.rb +8 -8
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 59bbf36d677feac1a85674ef5b6e4592cbaabef9
|
4
|
+
data.tar.gz: 9eb12ef4c3225de70436601091f30dcc0dc61e64
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 52623d07b6e789637e376e452128e6a6c198554aad07dcb1da727f20b5885675cc11f16b1bff5fc64505b95ae9e4359dd841a1fa5fac5dbe69ba914220d4f6dd
|
7
|
+
data.tar.gz: 48f28cecae0135f976ddc9a601c92dc37ad0119c9566003a6f4feda0c64778f53c379daddb3070540e536acb72f1a7845540c4a59590bafc2d1a32e1316d31b6
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,8 @@
|
|
1
1
|
# Change Log
|
2
2
|
|
3
|
+
## [v0.4.1](https://github.com/theforeman/smart_proxy_vault/tree/v0.4.1)
|
4
|
+
- Fix for https://github.com/hashicorp/vault-ruby/issues/121
|
5
|
+
|
3
6
|
## [v0.4.0](https://github.com/theforeman/smart_proxy_vault/tree/v0.4.0)
|
4
7
|
- Added creating tokens from roles
|
5
8
|
- Fixed days to seconds calculation
|
@@ -13,28 +13,22 @@ module VaultPlugin
|
|
13
13
|
include ::VaultPlugin::Helpers
|
14
14
|
|
15
15
|
class Client
|
16
|
-
|
16
|
+
extend ::VaultPlugin::Helpers
|
17
17
|
|
18
|
-
|
19
|
-
|
20
|
-
def initialize
|
21
|
-
@connection = ::Vault::Client.new(vault_settings)
|
22
|
-
end
|
23
|
-
|
24
|
-
def issue_token(options)
|
25
|
-
@connection.auth_token.create(options).auth.client_token
|
18
|
+
def self.issue_token(options)
|
19
|
+
Vault.auth_token.create(options).auth.client_token
|
26
20
|
end
|
27
21
|
|
28
|
-
def issue_role_token(role, options)
|
29
|
-
|
22
|
+
def self.issue_role_token(role, options)
|
23
|
+
Vault.auth_token.create_with_role(role, options).auth.client_token
|
30
24
|
end
|
31
25
|
|
32
|
-
def lookup_self
|
33
|
-
|
26
|
+
def self.lookup_self
|
27
|
+
Vault.auth_token.lookup_self
|
34
28
|
end
|
35
29
|
|
36
|
-
def renew_self
|
37
|
-
|
30
|
+
def self.renew_self
|
31
|
+
Vault.auth_token.renew_self(lookup_self.data[:creation_ttl])
|
38
32
|
end
|
39
33
|
end
|
40
34
|
|
@@ -49,26 +43,22 @@ module VaultPlugin
|
|
49
43
|
options.merge(ttl: ttl) unless ttl.nil?
|
50
44
|
end
|
51
45
|
|
52
|
-
def vault
|
53
|
-
Client.new
|
54
|
-
end
|
55
|
-
|
56
46
|
def issue(ttl, role)
|
57
47
|
begin
|
58
48
|
opts = options ttl
|
59
|
-
role.nil? ?
|
49
|
+
role.nil? ? Client.issue_token(opts) : Client.issue_role_token(role, opts)
|
60
50
|
rescue StandardError => e
|
61
51
|
log_halt 500, 'Failed to generate Vault token ' + e.message
|
62
52
|
end
|
63
53
|
end
|
64
54
|
|
65
55
|
def creation_ttl
|
66
|
-
|
56
|
+
Client.lookup_self[:data][:creation_ttl]
|
67
57
|
end
|
68
58
|
|
69
59
|
def renew
|
70
60
|
begin
|
71
|
-
|
61
|
+
Client.renew_self
|
72
62
|
rescue StandardError => e
|
73
63
|
puts 'Failed to renew Vault token ' + e.message
|
74
64
|
end
|
@@ -16,6 +16,14 @@ module VaultPlugin
|
|
16
16
|
::VaultPlugin::Plugin.settings.add_token_metadata
|
17
17
|
end
|
18
18
|
|
19
|
+
def vault_client_configure
|
20
|
+
Vault.configure do |config|
|
21
|
+
vault_settings.each do |k, v|
|
22
|
+
config.send("#{k}=", v)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
19
27
|
def to_seconds(string)
|
20
28
|
case string.slice(-1)
|
21
29
|
when 'd'
|
@@ -0,0 +1,18 @@
|
|
1
|
+
module RequestHelpers
|
2
|
+
extend RR::DSL
|
3
|
+
extend self
|
4
|
+
|
5
|
+
# Need to stub this before we require smart_proxy_vault/endpoint
|
6
|
+
def configure_settings
|
7
|
+
stub.proxy(::VaultPlugin::Plugin.settings).token_options {{
|
8
|
+
ttl: '12h'
|
9
|
+
}}
|
10
|
+
stub.proxy(::VaultPlugin::Plugin.settings).vault {{
|
11
|
+
address: 'https://vault.example.com',
|
12
|
+
token: 'GUID',
|
13
|
+
ssl_verify: true
|
14
|
+
}}
|
15
|
+
end
|
16
|
+
|
17
|
+
RequestHelpers.configure_settings
|
18
|
+
end
|
data/test/request_test.rb
CHANGED
@@ -1,9 +1,11 @@
|
|
1
1
|
require_relative './test_helper'
|
2
2
|
require 'smart_proxy_vault'
|
3
|
+
require_relative './helpers/helpers'
|
3
4
|
require 'smart_proxy_vault/endpoint'
|
4
5
|
|
5
6
|
class RequestTest < Test::Unit::TestCase
|
6
7
|
include Rack::Test::Methods
|
8
|
+
include RequestHelpers
|
7
9
|
include VaultPlugin::API
|
8
10
|
|
9
11
|
###
|
@@ -122,14 +124,7 @@ class RequestTest < Test::Unit::TestCase
|
|
122
124
|
def setup
|
123
125
|
stub_authorized?(true)
|
124
126
|
stub_client
|
125
|
-
|
126
|
-
ttl: '12h'
|
127
|
-
}}
|
128
|
-
stub.proxy(::VaultPlugin::Plugin.settings).vault {{
|
129
|
-
address: 'https://vault.example.com',
|
130
|
-
token: 'GUID',
|
131
|
-
ssl_verify: true
|
132
|
-
}}
|
127
|
+
configure_settings
|
133
128
|
end
|
134
129
|
|
135
130
|
def test_vault_token_issue
|
@@ -154,4 +149,9 @@ class RequestTest < Test::Unit::TestCase
|
|
154
149
|
stub_response_renew
|
155
150
|
renew
|
156
151
|
end
|
152
|
+
|
153
|
+
def test_vault_settings
|
154
|
+
failure_msg = 'Unexpected Vault Configuration'
|
155
|
+
assert_equal [], vault_settings.values - Vault.options.values.compact, failure_msg
|
156
|
+
end
|
157
157
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: smart_proxy_vault
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Riley
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2016-11-
|
12
|
+
date: 2016-11-16 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|
@@ -234,6 +234,7 @@ files:
|
|
234
234
|
- test/factories/rsa.rb
|
235
235
|
- test/fixtures/authentication/chef/bender.pem
|
236
236
|
- test/fixtures/authentication/chef/fry.pem
|
237
|
+
- test/helpers/helpers.rb
|
237
238
|
- test/request_test.rb
|
238
239
|
- test/test_helper.rb
|
239
240
|
homepage: http://github.com/theforeman/smart_proxy_vault
|
@@ -265,5 +266,6 @@ test_files:
|
|
265
266
|
- test/factories/rsa.rb
|
266
267
|
- test/fixtures/authentication/chef/bender.pem
|
267
268
|
- test/fixtures/authentication/chef/fry.pem
|
269
|
+
- test/helpers/helpers.rb
|
268
270
|
- test/request_test.rb
|
269
271
|
- test/test_helper.rb
|