vault-provision 0.1.1 → 0.1.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/VERSION +1 -1
  4. data/lib/vault/provision/auth/ldap/groups.rb +22 -0
  5. data/lib/vault/provision.rb +1 -1
  6. data/spec/vault_provision_spec.rb +12 -0
  7. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 79f872c69434db5cf504adcd6efeea369c1bff7c
4
- data.tar.gz: eabe325c9cff5d09bbc2ad8b58a364aa4d948d0d
3
+ metadata.gz: 07ea7e20d39900ca94b02dff1b460933ea9e2a7b
4
+ data.tar.gz: 974204a47b957a7532d1750c9248e408ce1baaeb
5
5
  SHA512:
6
- metadata.gz: 624e211242329581f89cad36cdf018f70d5f5244366f25e81ca1df8d05463e91374edc532e14890d935dfdec8219392f388198360d52c94ce7db376d6fe02389
7
- data.tar.gz: 7aba52e8656f2a035c2871ca19e6d08b03a7c4d6c1ed8b962ef19bf26cfd3fda3640f9b94a117ce947f07454befbf0f6ea7fbbf3f957c5879239994360b3af48
6
+ metadata.gz: fd1561e9ae836c4e51d0930157b6ebbfdf5fb7210fdfeecfc192d778070e76f782277be085e8e4bfad8814de3ce988f493ca897f3695ae56c3de65ffd225ab31
7
+ data.tar.gz: 19d8c9a168a5c4c9f983fdbccc181c08affffe07ef9170b1dc86a16c7b8df2fe2b9ebbd88359fe47a370055677fef2d4b723ad3a665e08b99b9354014089ba66
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- vault-provision (0.1.0)
4
+ vault-provision (0.1.1)
5
5
  vault (~> 0.9.0)
6
6
 
7
7
  GEM
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.1.1
1
+ 0.1.2
data/lib/vault/provision/auth/ldap/groups.rb CHANGED
@@ -1,3 +1,25 @@
1
1
  # placeholder
2
2
  class Vault::Provision::Auth::Ldap::Groups < Vault::Provision::Prototype
3
+ def group_files auth_point
4
+ Find.find("#{@instance_dir}/auth/#{auth_point}/groups/").select do |rf|
5
+ FileTest.file?(rf) && rf.end_with?('.json')
6
+ end
7
+ end
8
+
9
+ def repo_files
10
+ #auths = @vault.sys.auths
11
+ #auths.keys.select { |ap| auths[ap].type == 'ldap' }
12
+ # .inject([]) { |acc, elem| acc + group_files(elem) }
13
+ @vault.sys.auths.select { |_,v| v.type == 'ldap' }
14
+ .keys
15
+ .inject([]) { |acc, elem| acc + group_files(elem) }
16
+ end
17
+
18
+ def provision!
19
+ repo_files.each do |rf|
20
+ group = File.basename(rf, '.json')
21
+ auth_point = rf.split('/')[-3]
22
+ @vault.post "v1/auth/#{auth_point}/groups/#{group}", File.read(rf)
23
+ end
24
+ end
3
25
  end
data/lib/vault/provision.rb CHANGED
@@ -36,7 +36,7 @@ class Vault::Provision
36
36
  Pki::Roles,
37
37
  Generic,
38
38
  Sys::Policy,
39
- #Auth::Ldap::Groups,
39
+ Auth::Ldap::Groups,
40
40
  ]
41
41
  end
42
42
 
data/spec/vault_provision_spec.rb CHANGED
@@ -10,6 +10,18 @@ describe Vault::Provision do
10
10
  expect(client.sys.auths[:ldap].type).to be == 'ldap'
11
11
  end
12
12
 
13
+ it "has an ldap admin group" do
14
+ resp = client.get('v1/auth/ldap/groups/admin')
15
+ expect(resp[:data]).to be
16
+ expect(resp[:data][:policies].split(',')).to include 'security_admin'
17
+ end
18
+
19
+ it "has an ldap operators group" do
20
+ resp = client.get('v1/auth/ldap/groups/operators')
21
+ expect(resp[:data]).to be
22
+ expect(resp[:data][:policies]).to include 'master_of_secrets'
23
+ end
24
+
13
25
  it "has a token auth" do
14
26
  expect(client.sys.auths[:token].type).to be == 'token'
15
27
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: vault-provision
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tom Maher