vault-kv 0.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +42 -0
- data/.rspec +2 -0
- data/.travis.yml +29 -0
- data/CHANGELOG.md +228 -0
- data/Gemfile +3 -0
- data/LICENSE +362 -0
- data/README.md +212 -0
- data/Rakefile +6 -0
- data/lib/vault.rb +49 -0
- data/lib/vault/api.rb +13 -0
- data/lib/vault/api/approle.rb +218 -0
- data/lib/vault/api/auth.rb +316 -0
- data/lib/vault/api/auth_tls.rb +92 -0
- data/lib/vault/api/auth_token.rb +242 -0
- data/lib/vault/api/help.rb +33 -0
- data/lib/vault/api/kv.rb +207 -0
- data/lib/vault/api/logical.rb +150 -0
- data/lib/vault/api/secret.rb +168 -0
- data/lib/vault/api/sys.rb +25 -0
- data/lib/vault/api/sys/audit.rb +91 -0
- data/lib/vault/api/sys/auth.rb +116 -0
- data/lib/vault/api/sys/health.rb +63 -0
- data/lib/vault/api/sys/init.rb +83 -0
- data/lib/vault/api/sys/leader.rb +48 -0
- data/lib/vault/api/sys/lease.rb +49 -0
- data/lib/vault/api/sys/mount.rb +103 -0
- data/lib/vault/api/sys/policy.rb +92 -0
- data/lib/vault/api/sys/seal.rb +81 -0
- data/lib/vault/client.rb +447 -0
- data/lib/vault/configurable.rb +48 -0
- data/lib/vault/defaults.rb +197 -0
- data/lib/vault/encode.rb +19 -0
- data/lib/vault/errors.rb +72 -0
- data/lib/vault/persistent.rb +1158 -0
- data/lib/vault/persistent/connection.rb +42 -0
- data/lib/vault/persistent/pool.rb +48 -0
- data/lib/vault/persistent/timed_stack_multi.rb +70 -0
- data/lib/vault/request.rb +43 -0
- data/lib/vault/response.rb +89 -0
- data/lib/vault/vendor/connection_pool.rb +150 -0
- data/lib/vault/vendor/connection_pool/timed_stack.rb +178 -0
- data/lib/vault/vendor/connection_pool/version.rb +5 -0
- data/lib/vault/version.rb +3 -0
- data/vault.gemspec +30 -0
- metadata +186 -0
@@ -0,0 +1,178 @@
|
|
1
|
+
require 'thread'
|
2
|
+
require 'timeout'
|
3
|
+
|
4
|
+
module Vault; end
|
5
|
+
|
6
|
+
##
|
7
|
+
# Raised when you attempt to retrieve a connection from a pool that has been
|
8
|
+
# shut down.
|
9
|
+
|
10
|
+
class Vault::ConnectionPool::PoolShuttingDownError < RuntimeError; end
|
11
|
+
|
12
|
+
##
|
13
|
+
# The TimedStack manages a pool of homogeneous connections (or any resource
|
14
|
+
# you wish to manage). Connections are created lazily up to a given maximum
|
15
|
+
# number.
|
16
|
+
|
17
|
+
# Examples:
|
18
|
+
#
|
19
|
+
# ts = TimedStack.new(1) { MyConnection.new }
|
20
|
+
#
|
21
|
+
# # fetch a connection
|
22
|
+
# conn = ts.pop
|
23
|
+
#
|
24
|
+
# # return a connection
|
25
|
+
# ts.push conn
|
26
|
+
#
|
27
|
+
# conn = ts.pop
|
28
|
+
# ts.pop timeout: 5
|
29
|
+
# #=> raises Timeout::Error after 5 seconds
|
30
|
+
|
31
|
+
module Vault
|
32
|
+
class ConnectionPool::TimedStack
|
33
|
+
|
34
|
+
##
|
35
|
+
# Creates a new pool with +size+ connections that are created from the given
|
36
|
+
# +block+.
|
37
|
+
|
38
|
+
def initialize(size = 0, &block)
|
39
|
+
@create_block = block
|
40
|
+
@created = 0
|
41
|
+
@que = []
|
42
|
+
@max = size
|
43
|
+
@mutex = Mutex.new
|
44
|
+
@resource = ConditionVariable.new
|
45
|
+
@shutdown_block = nil
|
46
|
+
end
|
47
|
+
|
48
|
+
##
|
49
|
+
# Returns +obj+ to the stack. +options+ is ignored in TimedStack but may be
|
50
|
+
# used by subclasses that extend TimedStack.
|
51
|
+
|
52
|
+
def push(obj, options = {})
|
53
|
+
@mutex.synchronize do
|
54
|
+
if @shutdown_block
|
55
|
+
@shutdown_block.call(obj)
|
56
|
+
else
|
57
|
+
store_connection obj, options
|
58
|
+
end
|
59
|
+
|
60
|
+
@resource.broadcast
|
61
|
+
end
|
62
|
+
end
|
63
|
+
alias_method :<<, :push
|
64
|
+
|
65
|
+
##
|
66
|
+
# Retrieves a connection from the stack. If a connection is available it is
|
67
|
+
# immediately returned. If no connection is available within the given
|
68
|
+
# timeout a Timeout::Error is raised.
|
69
|
+
#
|
70
|
+
# +:timeout+ is the only checked entry in +options+ and is preferred over
|
71
|
+
# the +timeout+ argument (which will be removed in a future release). Other
|
72
|
+
# options may be used by subclasses that extend TimedStack.
|
73
|
+
|
74
|
+
def pop(timeout = 0.5, options = {})
|
75
|
+
options, timeout = timeout, 0.5 if Hash === timeout
|
76
|
+
timeout = options.fetch :timeout, timeout
|
77
|
+
|
78
|
+
deadline = Time.now + timeout
|
79
|
+
@mutex.synchronize do
|
80
|
+
loop do
|
81
|
+
raise ConnectionPool::PoolShuttingDownError if @shutdown_block
|
82
|
+
return fetch_connection(options) if connection_stored?(options)
|
83
|
+
|
84
|
+
connection = try_create(options)
|
85
|
+
return connection if connection
|
86
|
+
|
87
|
+
to_wait = deadline - Time.now
|
88
|
+
raise Timeout::Error, "Waited #{timeout} sec" if to_wait <= 0
|
89
|
+
@resource.wait(@mutex, to_wait)
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
93
|
+
|
94
|
+
##
|
95
|
+
# Shuts down the TimedStack which prevents connections from being checked
|
96
|
+
# out. The +block+ is called once for each connection on the stack.
|
97
|
+
|
98
|
+
def shutdown(&block)
|
99
|
+
raise ArgumentError, "shutdown must receive a block" unless block_given?
|
100
|
+
|
101
|
+
@mutex.synchronize do
|
102
|
+
@shutdown_block = block
|
103
|
+
@resource.broadcast
|
104
|
+
|
105
|
+
shutdown_connections
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
109
|
+
##
|
110
|
+
# Returns +true+ if there are no available connections.
|
111
|
+
|
112
|
+
def empty?
|
113
|
+
(@created - @que.length) >= @max
|
114
|
+
end
|
115
|
+
|
116
|
+
##
|
117
|
+
# The number of connections available on the stack.
|
118
|
+
|
119
|
+
def length
|
120
|
+
@max - @created + @que.length
|
121
|
+
end
|
122
|
+
|
123
|
+
private
|
124
|
+
|
125
|
+
##
|
126
|
+
# This is an extension point for TimedStack and is called with a mutex.
|
127
|
+
#
|
128
|
+
# This method must returns true if a connection is available on the stack.
|
129
|
+
|
130
|
+
def connection_stored?(options = nil)
|
131
|
+
!@que.empty?
|
132
|
+
end
|
133
|
+
|
134
|
+
##
|
135
|
+
# This is an extension point for TimedStack and is called with a mutex.
|
136
|
+
#
|
137
|
+
# This method must return a connection from the stack.
|
138
|
+
|
139
|
+
def fetch_connection(options = nil)
|
140
|
+
@que.pop
|
141
|
+
end
|
142
|
+
|
143
|
+
##
|
144
|
+
# This is an extension point for TimedStack and is called with a mutex.
|
145
|
+
#
|
146
|
+
# This method must shut down all connections on the stack.
|
147
|
+
|
148
|
+
def shutdown_connections(options = nil)
|
149
|
+
while connection_stored?(options)
|
150
|
+
conn = fetch_connection(options)
|
151
|
+
@shutdown_block.call(conn)
|
152
|
+
end
|
153
|
+
end
|
154
|
+
|
155
|
+
##
|
156
|
+
# This is an extension point for TimedStack and is called with a mutex.
|
157
|
+
#
|
158
|
+
# This method must return +obj+ to the stack.
|
159
|
+
|
160
|
+
def store_connection(obj, options = nil)
|
161
|
+
@que.push obj
|
162
|
+
end
|
163
|
+
|
164
|
+
##
|
165
|
+
# This is an extension point for TimedStack and is called with a mutex.
|
166
|
+
#
|
167
|
+
# This method must create a connection if and only if the total number of
|
168
|
+
# connections allowed has not been met.
|
169
|
+
|
170
|
+
def try_create(options = nil)
|
171
|
+
unless @created == @max
|
172
|
+
object = @create_block.call
|
173
|
+
@created += 1
|
174
|
+
object
|
175
|
+
end
|
176
|
+
end
|
177
|
+
end
|
178
|
+
end
|
data/vault.gemspec
ADDED
@@ -0,0 +1,30 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path("../lib", __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require "vault/version"
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "vault-kv"
|
8
|
+
spec.version = Vault::VERSION
|
9
|
+
spec.authors = ["Seth Vargo"]
|
10
|
+
spec.email = ["sethvargo@gmail.com"]
|
11
|
+
spec.licenses = ["MPL-2.0"]
|
12
|
+
|
13
|
+
spec.summary = "Vault is a Ruby API client for interacting with a Vault server."
|
14
|
+
spec.description = spec.summary
|
15
|
+
spec.homepage = "https://github.com/hashicorp/vault-ruby"
|
16
|
+
|
17
|
+
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
18
|
+
spec.bindir = "exe"
|
19
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
20
|
+
spec.require_paths = ["lib"]
|
21
|
+
|
22
|
+
spec.add_runtime_dependency "aws-sigv4"
|
23
|
+
|
24
|
+
spec.add_development_dependency "bundler"
|
25
|
+
spec.add_development_dependency "pry"
|
26
|
+
spec.add_development_dependency "rake", "~> 12.0"
|
27
|
+
spec.add_development_dependency "rspec", "~> 3.5"
|
28
|
+
spec.add_development_dependency "yard"
|
29
|
+
spec.add_development_dependency "webmock", "~> 2.3"
|
30
|
+
end
|
metadata
ADDED
@@ -0,0 +1,186 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: vault-kv
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.12.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Seth Vargo
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2019-08-08 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: aws-sigv4
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: bundler
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: pry
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rake
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '12.0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '12.0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: rspec
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - "~>"
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '3.5'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - "~>"
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '3.5'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: yard
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: webmock
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - "~>"
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '2.3'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - "~>"
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '2.3'
|
111
|
+
description: Vault is a Ruby API client for interacting with a Vault server.
|
112
|
+
email:
|
113
|
+
- sethvargo@gmail.com
|
114
|
+
executables: []
|
115
|
+
extensions: []
|
116
|
+
extra_rdoc_files: []
|
117
|
+
files:
|
118
|
+
- ".gitignore"
|
119
|
+
- ".rspec"
|
120
|
+
- ".travis.yml"
|
121
|
+
- CHANGELOG.md
|
122
|
+
- Gemfile
|
123
|
+
- LICENSE
|
124
|
+
- README.md
|
125
|
+
- Rakefile
|
126
|
+
- lib/vault.rb
|
127
|
+
- lib/vault/api.rb
|
128
|
+
- lib/vault/api/approle.rb
|
129
|
+
- lib/vault/api/auth.rb
|
130
|
+
- lib/vault/api/auth_tls.rb
|
131
|
+
- lib/vault/api/auth_token.rb
|
132
|
+
- lib/vault/api/help.rb
|
133
|
+
- lib/vault/api/kv.rb
|
134
|
+
- lib/vault/api/logical.rb
|
135
|
+
- lib/vault/api/secret.rb
|
136
|
+
- lib/vault/api/sys.rb
|
137
|
+
- lib/vault/api/sys/audit.rb
|
138
|
+
- lib/vault/api/sys/auth.rb
|
139
|
+
- lib/vault/api/sys/health.rb
|
140
|
+
- lib/vault/api/sys/init.rb
|
141
|
+
- lib/vault/api/sys/leader.rb
|
142
|
+
- lib/vault/api/sys/lease.rb
|
143
|
+
- lib/vault/api/sys/mount.rb
|
144
|
+
- lib/vault/api/sys/policy.rb
|
145
|
+
- lib/vault/api/sys/seal.rb
|
146
|
+
- lib/vault/client.rb
|
147
|
+
- lib/vault/configurable.rb
|
148
|
+
- lib/vault/defaults.rb
|
149
|
+
- lib/vault/encode.rb
|
150
|
+
- lib/vault/errors.rb
|
151
|
+
- lib/vault/persistent.rb
|
152
|
+
- lib/vault/persistent/connection.rb
|
153
|
+
- lib/vault/persistent/pool.rb
|
154
|
+
- lib/vault/persistent/timed_stack_multi.rb
|
155
|
+
- lib/vault/request.rb
|
156
|
+
- lib/vault/response.rb
|
157
|
+
- lib/vault/vendor/connection_pool.rb
|
158
|
+
- lib/vault/vendor/connection_pool/timed_stack.rb
|
159
|
+
- lib/vault/vendor/connection_pool/version.rb
|
160
|
+
- lib/vault/version.rb
|
161
|
+
- vault.gemspec
|
162
|
+
homepage: https://github.com/hashicorp/vault-ruby
|
163
|
+
licenses:
|
164
|
+
- MPL-2.0
|
165
|
+
metadata: {}
|
166
|
+
post_install_message:
|
167
|
+
rdoc_options: []
|
168
|
+
require_paths:
|
169
|
+
- lib
|
170
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
171
|
+
requirements:
|
172
|
+
- - ">="
|
173
|
+
- !ruby/object:Gem::Version
|
174
|
+
version: '0'
|
175
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
176
|
+
requirements:
|
177
|
+
- - ">="
|
178
|
+
- !ruby/object:Gem::Version
|
179
|
+
version: '0'
|
180
|
+
requirements: []
|
181
|
+
rubyforge_project:
|
182
|
+
rubygems_version: 2.7.6
|
183
|
+
signing_key:
|
184
|
+
specification_version: 4
|
185
|
+
summary: Vault is a Ruby API client for interacting with a Vault server.
|
186
|
+
test_files: []
|