tiller 0.9.2 → 0.9.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/tiller +1 -1
- data/lib/tiller/consul.rb +6 -1
- data/lib/tiller/data/consul.rb +4 -0
- data/lib/tiller/data/http.rb +3 -0
- data/lib/tiller/data/vault.rb +62 -0
- data/lib/tiller/defaults.rb +16 -1
- data/lib/tiller/http.rb +5 -1
- data/lib/tiller/logger.rb +11 -0
- data/lib/tiller/template/consul.rb +1 -0
- data/lib/tiller/template/http.rb +1 -0
- data/lib/tiller/template/vault.rb +41 -0
- data/lib/tiller/vault.rb +53 -0
- data/lib/tiller/version.rb +1 -1
- metadata +5 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 15b6d2bae8088a2cdff87c27892257063b0bce78
|
4
|
+
data.tar.gz: 499654583932982792992a5ba48e337f9ba4930f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c7a7fdf2f42bfa81891644495754a0b705b8a706b737e39671606c2a2bce6cd5f4e8c576f019fd603a23de85ad1fbefdd18f072c3a46914e51d0c6d23c6c78e5
|
7
|
+
data.tar.gz: afce5ef800ef253760bba24311eeb56474ea0889cdb4dd3f1ef44704e272fbda3bcd005b1b320f10b691b44bdbc40099af3b609d248c2487aee4185f4948e1af
|
data/bin/tiller
CHANGED
data/lib/tiller/consul.rb
CHANGED
@@ -4,10 +4,15 @@ require 'tiller/defaults'
|
|
4
4
|
require 'tiller/util'
|
5
5
|
|
6
6
|
module Tiller::ConsulCommon
|
7
|
+
|
8
|
+
|
7
9
|
def setup
|
8
10
|
# Set our defaults if not specified
|
9
11
|
@consul_config = Tiller::Consul.defaults
|
10
|
-
|
12
|
+
unless Tiller::config.has_key?('consul')
|
13
|
+
Tiller::log.info('No Consul configuration block for this environment')
|
14
|
+
return
|
15
|
+
end
|
11
16
|
@consul_config.deep_merge!(Tiller::config['consul'])
|
12
17
|
|
13
18
|
# Sanity check
|
data/lib/tiller/data/consul.rb
CHANGED
@@ -8,6 +8,8 @@ class ConsulDataSource < Tiller::DataSource
|
|
8
8
|
include Tiller::ConsulCommon
|
9
9
|
|
10
10
|
def global_values
|
11
|
+
return {} unless Tiller::config.has_key?('consul')
|
12
|
+
|
11
13
|
# Fetch globals
|
12
14
|
path = interpolate("#{@consul_config['values']['global']}")
|
13
15
|
Tiller::log.debug("#{self} : Fetching globals from #{path}")
|
@@ -43,12 +45,14 @@ class ConsulDataSource < Tiller::DataSource
|
|
43
45
|
end
|
44
46
|
|
45
47
|
def values(template_name)
|
48
|
+
return {} unless Tiller::config.has_key?('consul')
|
46
49
|
path = interpolate("#{@consul_config['values']['template']}", template_name)
|
47
50
|
Tiller::log.debug("#{self} : Fetching template values from #{path}")
|
48
51
|
fetch_all_keys(path)
|
49
52
|
end
|
50
53
|
|
51
54
|
def target_values(template_name)
|
55
|
+
return {} unless Tiller::config.has_key?('consul')
|
52
56
|
path = interpolate("#{@consul_config['values']['target']}", template_name)
|
53
57
|
Tiller::log.debug("#{self} : Fetching template target values from #{path}")
|
54
58
|
fetch_all_keys(path)
|
data/lib/tiller/data/http.rb
CHANGED
@@ -10,14 +10,17 @@ class HttpDataSource < Tiller::DataSource
|
|
10
10
|
include Tiller::HttpCommon
|
11
11
|
|
12
12
|
def values(template_name)
|
13
|
+
return {} unless Tiller::config.has_key?('http')
|
13
14
|
parse(get_uri(@http_config['uri'] + @http_config['values']['template'], :template => template_name))
|
14
15
|
end
|
15
16
|
|
16
17
|
def global_values
|
18
|
+
return {} unless Tiller::config.has_key?('http')
|
17
19
|
parse(get_uri(@http_config['uri'] + @http_config['values']['global']))
|
18
20
|
end
|
19
21
|
|
20
22
|
def target_values(template_name)
|
23
|
+
return {} unless Tiller::config.has_key?('http')
|
21
24
|
parse(get_uri(@http_config['uri'] + @http_config['values']['target'], :template => template_name))
|
22
25
|
end
|
23
26
|
|
@@ -0,0 +1,62 @@
|
|
1
|
+
require 'yaml'
|
2
|
+
require 'vault'
|
3
|
+
require 'tiller/datasource'
|
4
|
+
require 'tiller/vault.rb'
|
5
|
+
|
6
|
+
class VaultDataSource < Tiller::DataSource
|
7
|
+
|
8
|
+
include Tiller::VaultCommon
|
9
|
+
|
10
|
+
def global_values
|
11
|
+
return {} unless Tiller::config.has_key?('vault')
|
12
|
+
path = interpolate("#{@vault_config['values']['global']}")
|
13
|
+
Tiller::log.debug("#{self} : Fetching globals from #{path}")
|
14
|
+
globals = get_values(path)
|
15
|
+
|
16
|
+
# Do we have per-env globals ? If so, merge them
|
17
|
+
path = interpolate("#{@vault_config['values']['per_env']}")
|
18
|
+
Tiller::log.debug("#{self} : Fetching per-environment globals from #{path}")
|
19
|
+
globals.deep_merge!(get_values(path))
|
20
|
+
end
|
21
|
+
|
22
|
+
def values(template_name)
|
23
|
+
return {} unless Tiller::config.has_key?('vault')
|
24
|
+
path = interpolate("#{@vault_config['values']['template']}", template_name)
|
25
|
+
Tiller::log.debug("#{self} : Fetching template values from #{path}")
|
26
|
+
get_values(path)
|
27
|
+
end
|
28
|
+
|
29
|
+
|
30
|
+
def target_values(template_name)
|
31
|
+
return {} unless Tiller::config.has_key?('vault')
|
32
|
+
path = interpolate("#{@vault_config['values']['target']}", template_name)
|
33
|
+
Tiller::log.debug("#{self} : Fetching template target values from #{path}")
|
34
|
+
get_values(path)
|
35
|
+
end
|
36
|
+
|
37
|
+
|
38
|
+
# Helper method, not used by DataSource API
|
39
|
+
def get_values(path)
|
40
|
+
keys = nil
|
41
|
+
Vault.with_retries(Vault::HTTPConnectionError, Vault::HTTPError) do |attempt, e|
|
42
|
+
Tiller::log.warn("#{self} : Received exception #{e} from Vault") if e
|
43
|
+
keys = Vault.logical.list(path)
|
44
|
+
end
|
45
|
+
|
46
|
+
values = {}
|
47
|
+
if keys.is_a? Array
|
48
|
+
keys.each do |k|
|
49
|
+
Tiller::log.debug("#{self} : Fetching value at #{path}/#{k}")
|
50
|
+
Vault.with_retries(Vault::HTTPConnectionError, Vault::HTTPError) do |attempt, e|
|
51
|
+
Tiller::log.warn("#{self} : Received exception #{e} from Vault") if e
|
52
|
+
values[k] = Vault.logical.read(File.absolute_path(k,path)).data[@vault_config['json_key_name']]
|
53
|
+
end
|
54
|
+
end
|
55
|
+
values
|
56
|
+
else
|
57
|
+
{}
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
|
62
|
+
end
|
data/lib/tiller/defaults.rb
CHANGED
@@ -31,6 +31,22 @@ module Tiller::Zookeeper
|
|
31
31
|
}
|
32
32
|
end
|
33
33
|
|
34
|
+
# Defaults for the Vault data and template sources
|
35
|
+
module Tiller::Vault
|
36
|
+
Defaults = {
|
37
|
+
'timeout' => 30,
|
38
|
+
'ssl_verify' => false,
|
39
|
+
'templates' => '/secret/tiller/templates',
|
40
|
+
'json_key_name' => :content,
|
41
|
+
|
42
|
+
'values' => {
|
43
|
+
'global' => '/secret/tiller/globals/all',
|
44
|
+
'per_env' => '/secret/tiller/globals/%e',
|
45
|
+
'template' => '/secret/tiller/values/%e/%t',
|
46
|
+
'target' => '/secret/tiller/target_values/%t/%e'
|
47
|
+
}
|
48
|
+
}
|
49
|
+
end
|
34
50
|
|
35
51
|
# Defaults for the HTTP data and template sources
|
36
52
|
module Tiller::Http
|
@@ -79,4 +95,3 @@ module Tiller::Environment
|
|
79
95
|
}
|
80
96
|
end
|
81
97
|
end
|
82
|
-
|
data/lib/tiller/http.rb
CHANGED
@@ -12,7 +12,11 @@ module Tiller::HttpCommon
|
|
12
12
|
# Set our defaults if not specified
|
13
13
|
@http_config = Tiller::Http.defaults
|
14
14
|
|
15
|
-
|
15
|
+
unless Tiller::config.has_key?('http')
|
16
|
+
Tiller::log.info('No HTTP configuration block for this environment')
|
17
|
+
return
|
18
|
+
end
|
19
|
+
|
16
20
|
@http_config.merge!(Tiller::config['http'])
|
17
21
|
|
18
22
|
# Sanity check
|
data/lib/tiller/logger.rb
CHANGED
@@ -3,8 +3,12 @@ require 'logger'
|
|
3
3
|
module Tiller
|
4
4
|
|
5
5
|
class Logger < Logger
|
6
|
+
|
7
|
+
attr_accessor :messages
|
8
|
+
|
6
9
|
def initialize
|
7
10
|
super(STDOUT)
|
11
|
+
self.messages = []
|
8
12
|
|
9
13
|
self.level = Logger::WARN
|
10
14
|
self.level = Logger::INFO if Tiller::config[:verbose]
|
@@ -15,6 +19,13 @@ module Tiller
|
|
15
19
|
end
|
16
20
|
|
17
21
|
end
|
22
|
+
|
23
|
+
# Quick hack to remove duplicate informational messages
|
24
|
+
def info(msg)
|
25
|
+
super(msg) unless self.messages.include?(msg)
|
26
|
+
self.messages.push(msg)
|
27
|
+
end
|
28
|
+
|
18
29
|
end
|
19
30
|
|
20
31
|
end
|
@@ -8,6 +8,7 @@ class ConsulTemplateSource < Tiller::TemplateSource
|
|
8
8
|
include Tiller::ConsulCommon
|
9
9
|
|
10
10
|
def templates
|
11
|
+
return [] unless Tiller::config.has_key?('consul')
|
11
12
|
path = interpolate("#{@consul_config['templates']}")
|
12
13
|
Tiller::log.debug("#{self} : Fetching templates from #{path}")
|
13
14
|
templates = Diplomat::Kv.get(path, {:keys => true, :dc => @consul_config['dc']}, :return)
|
data/lib/tiller/template/http.rb
CHANGED
@@ -0,0 +1,41 @@
|
|
1
|
+
require 'pp'
|
2
|
+
require 'vault'
|
3
|
+
require 'tiller/templatesource'
|
4
|
+
require 'tiller/vault.rb'
|
5
|
+
|
6
|
+
class VaultTemplateSource < Tiller::TemplateSource
|
7
|
+
|
8
|
+
include Tiller::VaultCommon
|
9
|
+
|
10
|
+
def templates
|
11
|
+
return [] unless Tiller::config.has_key?('vault')
|
12
|
+
path = interpolate("#{@vault_config['templates']}")
|
13
|
+
Tiller::log.debug("#{self} : Fetching templates from #{path}")
|
14
|
+
|
15
|
+
templates = nil
|
16
|
+
|
17
|
+
Vault.with_retries(Vault::HTTPConnectionError, Vault::HTTPError) do |attempt, e|
|
18
|
+
Tiller::log.warn("#{self} : Received exception #{e} from Vault") if e
|
19
|
+
templates = Vault.logical.list(path)
|
20
|
+
end
|
21
|
+
|
22
|
+
if templates.is_a? Array
|
23
|
+
templates
|
24
|
+
else
|
25
|
+
Tiller::log.warn("Consul : No templates could be fetched from #{path}")
|
26
|
+
[]
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def template(template_name)
|
31
|
+
path = interpolate("#{@vault_config['templates']}")
|
32
|
+
|
33
|
+
Vault.with_retries(Vault::HTTPConnectionError, Vault::HTTPError) do |attempt, e|
|
34
|
+
Tiller::log.warn("#{self} : Received exception #{e} from Vault") if e
|
35
|
+
Vault.logical.read(File.absolute_path(template_name,path)).data[:content]
|
36
|
+
end
|
37
|
+
|
38
|
+
end
|
39
|
+
|
40
|
+
|
41
|
+
end
|
data/lib/tiller/vault.rb
ADDED
@@ -0,0 +1,53 @@
|
|
1
|
+
require 'vault'
|
2
|
+
require 'pp'
|
3
|
+
require 'tiller/defaults'
|
4
|
+
require 'tiller/util'
|
5
|
+
|
6
|
+
VAULT_TOKEN_FILE = "#{Dir.home}/.vault-token"
|
7
|
+
|
8
|
+
module Tiller::VaultCommon
|
9
|
+
def setup
|
10
|
+
# Set our defaults if not specified
|
11
|
+
@vault_config = Tiller::Vault::Defaults
|
12
|
+
|
13
|
+
unless Tiller::config.has_key?('vault')
|
14
|
+
Tiller::log.info('No Vault configuration block for this environment')
|
15
|
+
return
|
16
|
+
end
|
17
|
+
|
18
|
+
@vault_config.deep_merge!(Tiller::config['vault'])
|
19
|
+
|
20
|
+
# Sanity checks
|
21
|
+
['url'].each {|c| raise "Missing Vault configuration #{c}" unless @vault_config.has_key?(c)}
|
22
|
+
raise "Missing Vault token" if !(File.exists? VAULT_TOKEN_FILE || @vault_config['token'])
|
23
|
+
|
24
|
+
Vault.configure do |config|
|
25
|
+
# The address of the Vault server
|
26
|
+
config.address = @vault_config['url']
|
27
|
+
|
28
|
+
# The token to authenticate to Vault
|
29
|
+
config.token = @vault_config['token'] || File.read(VAULT_TOKEN_FILE)
|
30
|
+
|
31
|
+
config.ssl_verify = @vault_config['ssl_verify']
|
32
|
+
config.ssl_pem_file = @vault_config['ssl_pem_file'] if @vault_config.has_key?(:ssl_pem_file)
|
33
|
+
|
34
|
+
config.timeout = @vault_config['timeout']
|
35
|
+
end
|
36
|
+
|
37
|
+
# Check if Vault is unsealed, perform a safe check with retries on failure
|
38
|
+
Vault.with_retries(Vault::HTTPConnectionError, Vault::HTTPError) do |attempt, e|
|
39
|
+
Tiller::log.debug("#{self} : Connecting to Vault at #{@vault_config['url']}")
|
40
|
+
raise "Vault at url: #{uri} is sealed" if Vault.sys.seal_status.sealed?
|
41
|
+
Tiller::log.warn("#{self} : Received exception #{e} from Vault") if e
|
42
|
+
end
|
43
|
+
|
44
|
+
end
|
45
|
+
|
46
|
+
# Interpolate configuration placeholders with values
|
47
|
+
def interpolate(path, template_name = nil)
|
48
|
+
path.gsub!('%e', Tiller::config[:environment])
|
49
|
+
path.gsub!('%t', template_name) if template_name
|
50
|
+
path
|
51
|
+
end
|
52
|
+
|
53
|
+
end
|
data/lib/tiller/version.rb
CHANGED
@@ -1 +1 @@
|
|
1
|
-
VERSION="0.9.
|
1
|
+
VERSION="0.9.3"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tiller
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.9.
|
4
|
+
version: 0.9.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mark Dastmalchi-Round
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-09-07 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: A tool to create configuration files from a variety of sources, particularly
|
14
14
|
useful for Docker containers. See https://github.com/markround/tiller for examples
|
@@ -36,6 +36,7 @@ files:
|
|
36
36
|
- lib/tiller/data/file.rb
|
37
37
|
- lib/tiller/data/http.rb
|
38
38
|
- lib/tiller/data/random.rb
|
39
|
+
- lib/tiller/data/vault.rb
|
39
40
|
- lib/tiller/data/xml_file.rb
|
40
41
|
- lib/tiller/data/zookeeper.rb
|
41
42
|
- lib/tiller/datasource.rb
|
@@ -49,9 +50,11 @@ files:
|
|
49
50
|
- lib/tiller/template/consul.rb
|
50
51
|
- lib/tiller/template/file.rb
|
51
52
|
- lib/tiller/template/http.rb
|
53
|
+
- lib/tiller/template/vault.rb
|
52
54
|
- lib/tiller/template/zookeeper.rb
|
53
55
|
- lib/tiller/templatesource.rb
|
54
56
|
- lib/tiller/util.rb
|
57
|
+
- lib/tiller/vault.rb
|
55
58
|
- lib/tiller/version.rb
|
56
59
|
homepage: http://www.markround.com/blog/categories/tiller/
|
57
60
|
licenses:
|