Method: Chef::SecretFetcher.for_service

Defined in:
lib/chef/secret_fetcher.rb

.for_service(service, config, run_context) ⇒ Object

Returns a configured and validated instance of a [Chef::SecretFetcher::Base] for the given service and configuration.

Parameters:

  • service (Symbol)

    the identifier for the service that will support this request. Must be in SECRET_FETCHERS

  • config (Hash)

    configuration that the secrets service requires

  • run_context (Chef::RunContext)

    the run context this is being invoked from



34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'lib/chef/secret_fetcher.rb', line 34

def self.for_service(service, config, run_context)
  fetcher = case service
            when :example
              require_relative "secret_fetcher/example"
              Chef::SecretFetcher::Example.new(config, run_context)
            when :aws_secrets_manager
              require_relative "secret_fetcher/aws_secrets_manager"
              Chef::SecretFetcher::AWSSecretsManager.new(config, run_context)
            when :azure_key_vault
              require_relative "secret_fetcher/azure_key_vault"
              Chef::SecretFetcher::AzureKeyVault.new(config, run_context)
            when :hashi_vault
              require_relative "secret_fetcher/hashi_vault"
              Chef::SecretFetcher::HashiVault.new(config, run_context)
            when :akeyless_vault
              require_relative "secret_fetcher/akeyless_vault"
              Chef::SecretFetcher::AKeylessVault.new(config, run_context)
            when nil, ""
              raise Chef::Exceptions::Secret::MissingFetcher.new(SECRET_FETCHERS)
            else
              raise Chef::Exceptions::Secret::InvalidFetcherService.new("Unsupported secret service: '#{service}'", SECRET_FETCHERS)
            end
  fetcher.validate!
  fetcher
end