vault_config 0.0.1 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/vault_config.rb +49 -4
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 34c2b9b4363eb262639ab2c4e8a2b2015d563b752ea5fbf7ea98df467519dfac
|
4
|
+
data.tar.gz: 355b5ded01bb65959a852448169c17e35dcfff59be49f2c23357ff28e5610cd3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b0fb4f51e8b5c8f54519843d941a85c01b7f4fdfd29b8700387d1e49575347bd71a18f3bd8f8db8a9505fab1ee5615c46393904fbf169a5e148e5d076734d41e
|
7
|
+
data.tar.gz: 6438334f04add8afe4280341316ca82131dcba2807ca32eb13fbafbd8dbf6a628ef0ff821b3856eb3d78581bd4e1949e5c5157618b0153f0990bc0fecac16ec7
|
data/lib/vault_config.rb
CHANGED
@@ -12,12 +12,57 @@ class VaultConfig
|
|
12
12
|
client.load!
|
13
13
|
end
|
14
14
|
|
15
|
+
def self.load_with_warning(app)
|
16
|
+
begin
|
17
|
+
client = self.new(app)
|
18
|
+
client.load!
|
19
|
+
rescue => exception
|
20
|
+
puts "Warning: VaultConfig.load error --- ignore \n #{exception.message}"
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
# https://learn.hashicorp.com/tutorials/vault/tokens
|
25
|
+
def self.renew(token = nil, increment = '12h')
|
26
|
+
uri = URI(File.join(ENV['VAULT_ADDR'], '/v1/auth/token/renew'))
|
27
|
+
header = {
|
28
|
+
'X-Vault-Token': ENV['VAULT_TOKEN'],
|
29
|
+
'content-type':'application/json'
|
30
|
+
}
|
31
|
+
response = Net::HTTP.post(uri, {
|
32
|
+
token: token || ENV['VAULT_TOKEN'],
|
33
|
+
increment: increment,
|
34
|
+
}.to_json, header)
|
35
|
+
JSON.parse(response.body)
|
36
|
+
end
|
37
|
+
|
15
38
|
def load!
|
16
|
-
|
17
|
-
|
18
|
-
response = Net::HTTP.get_response(uri, header)
|
19
|
-
JSON.parse(response.body)['data']['data'].each do |k, v|
|
39
|
+
ret = get client_uri, headers
|
40
|
+
ret['data']['data'].each do |k, v|
|
20
41
|
ENV[k] = v
|
21
42
|
end
|
22
43
|
end
|
44
|
+
|
45
|
+
private def get(uri, headers = {})
|
46
|
+
Net::HTTP.start(uri.host, uri.port) do |http|
|
47
|
+
request = Net::HTTP::Get.new uri, headers
|
48
|
+
response = http.request request
|
49
|
+
return JSON.parse(response.body)
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
private def headers
|
54
|
+
@headers ||= {}
|
55
|
+
@headers['X-Vault-Token'] = ENV['VAULT_TOKEN']
|
56
|
+
@headers
|
57
|
+
end
|
58
|
+
|
59
|
+
private def client_uri
|
60
|
+
@client_uri ||= if @app.start_with?('/')
|
61
|
+
arr = @app.split('/')
|
62
|
+
arr[1] = "#{arr[1]}/data"
|
63
|
+
URI(File.join(ENV['VAULT_ADDR'], 'v1/', arr.join('/')))
|
64
|
+
else
|
65
|
+
URI(File.join(ENV['VAULT_ADDR'], 'v1/secret/data', @app))
|
66
|
+
end
|
67
|
+
end
|
23
68
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: vault_config
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- azhao
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-01-05 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: default safe in a easy way by using HashiCorp Vault
|
14
14
|
email: azhao.1981@gmail.com
|