vault-consul 0.1.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 4d8af969a5e2ab0c082c66fb9a86bf3a455202e68e28662f58d9606f62abb3c8
+  data.tar.gz: 928ce9d52127099d964cd5b7630b2bfecb74a8fcc0424b53d7e01ba4dc6e92f3
+SHA512:
+  metadata.gz: 62e1739ed119862d31e8211eb66d3c71f149df3a8b11b03a92f794af4904f0259d94428bb5d2da66be5707390409e512a0d6cb010d44edac5408cec077bf7ca4
+  data.tar.gz: 6abaef9e90ad4901fa03ff09f84740dfae383a19b358178f1d564eba74be5ec1a7fcc9de8bbd50c71c913c2c3e1c914ee8044a2260e352aa47ac9177cb2c0c57

data/.gitignore

@@ -0,0 +1 @@
+.idea

data/Gemfile

@@ -0,0 +1,3 @@
+source "https://rubygems.org"
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,31 @@
+PATH
+  remote: .
+  specs:
+    vault-consul (0.1.0)
+      diplomat
+      psych
+      vault
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    aws-sigv4 (1.0.3)
+    diplomat (2.0.2)
+      faraday (~> 0.9)
+      json
+    faraday (0.15.3)
+      multipart-post (>= 1.2, < 3)
+    json (2.1.0)
+    multipart-post (2.0.0)
+    psych (3.0.3)
+    vault (0.12.0)
+      aws-sigv4
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  vault-consul!
+
+BUNDLED WITH
+   1.16.2

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2018 Viki
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,2 @@
+# vault-consul-gem
+Vault & Consul gem for Viki

data/lib/vault-consul.rb

@@ -0,0 +1,43 @@
+require 'vault-consul/errors'
+require 'vault-consul/config_handler'
+require 'vault'
+require 'diplomat'
+
+module VaultConsul
+  ENV_LIST = %w[TEAM ENV SERVICE CONSUL_HTTP_ADDR CONSUL_HTTP_TOKEN VAULT_ADDR VAULT_TOKEN]
+  class << self
+    def parse(path)
+      unless ['local', 'test'].include?(ENV['ENV'])
+        ENV_LIST.each do |env|
+          raise ConfigError, "Missing ENV variable: #{env}" if ENV[env].nil? || ENV[env] == ''
+        end
+      end
+
+      yaml = File.read(path)
+      handler = VaultConsul::ConfigHandler.new
+      parser = Psych::Parser.new(handler)
+      parser.parse(yaml)
+      handler.root.to_ruby.first
+    end
+
+    def read_vault(vault_key, json_key)
+      Vault.with_retries(Vault::HTTPConnectionError) do
+        key = "secret/data/#{ENV['TEAM']}/#{ENV['ENV']}/#{ENV['SERVICE']}/#{vault_key}"
+        val = Vault.logical.read(key)
+        raise "VaultError: No secret was stored for #{key}" if val.nil? || val.data.nil? || val.data[:data].nil?
+        val.data[:data][json_key.to_sym]
+      end
+    end
+
+    def read_consul(consul_key)
+      Diplomat.configure do |config|
+        config.url = ENV['CONSUL_HTTP_ADDR']
+        config.acl_token = ENV['CONSUL_HTTP_TOKEN']
+      end
+      key = "#{ENV['TEAM']}/#{ENV['ENV']}/#{ENV['SERVICE']}/#{consul_key}"
+      val = Diplomat::Kv.get(key)
+      raise "ConsulError: No value was stored for #{key}" if val.nil? || val == ''
+      val
+    end
+  end
+end

data/lib/vault-consul/config_handler.rb

@@ -0,0 +1,27 @@
+require 'psych'
+module VaultConsul
+  class ConfigHandler < Psych::TreeBuilder
+    def scalar value, anchor, tag, plain, quoted, style
+      vault_regex = /vault:/
+      consul_regex = /consul:/
+      env_regex = /env:/
+      translated = if value.match(vault_regex)
+                     vault_tag = value.gsub(vault_regex, '')
+                     vault_tag_holder = vault_tag.split('.')
+                     vault_key = vault_tag_holder[0]
+                     json_key = vault_tag_holder[1]
+                     VaultConsul.read_vault(vault_key, json_key)
+                   elsif value.match(consul_regex)
+                     consul_key = value.gsub(consul_regex, '')
+                     VaultConsul.read_consul(consul_key)
+                   elsif value.match(env_regex)
+                     ENV[value.gsub(env_regex, '')]
+                   else
+                     value
+                   end
+
+      raise ConfigError, "Missing config: #{value}" if translated.nil? || translated == ''
+      super translated, anchor, tag, plain, quoted, style
+    end
+  end
+end

data/lib/vault-consul/errors.rb

@@ -0,0 +1,2 @@
+class ConfigError < RuntimeError
+end

data/lib/vault-consul/version.rb

@@ -0,0 +1,3 @@
+module VaultConsul
+  VERSION = "0.1.2"
+end

data/vault-consul.gemspec

@@ -0,0 +1,36 @@
+# coding: utf-8
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "vault-consul/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "vault-consul"
+  spec.version       = VaultConsul::VERSION
+  spec.authors       = ["Viki-Platform"]
+  spec.email         = ["platform@viki.com"]
+
+  spec.summary       = %q{Viki vault & consul client}
+  spec.description   = %q{Parse your yaml config file with consul/ vault variables}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
+  # to allow pushing to a single host or delete this section to allow pushing to any host.
+  # if spec.respond_to?(:metadata)
+  #   spec.metadata["allowed_push_host"] = "https://rubygems.org"
+  # else
+  #   raise "RubyGems 2.0 or newer is required to protect against " \
+  #     "public gem pushes."
+  # end
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_runtime_dependency "psych"
+  spec.add_runtime_dependency "diplomat"
+  spec.add_runtime_dependency "vault"
+end

metadata

@@ -0,0 +1,96 @@
+--- !ruby/object:Gem::Specification
+name: vault-consul
+version: !ruby/object:Gem::Version
+  version: 0.1.2
+platform: ruby
+authors:
+- Viki-Platform
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2018-11-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: psych
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: diplomat
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: vault
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Parse your yaml config file with consul/ vault variables
+email:
+- platform@viki.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
+- lib/vault-consul.rb
+- lib/vault-consul/config_handler.rb
+- lib/vault-consul/errors.rb
+- lib/vault-consul/version.rb
+- vault-consul.gemspec
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.7
+signing_key: 
+specification_version: 4
+summary: Viki vault & consul client
+test_files: []