Class: Config::Sources::VaultSource

Inherits:

Object

• Object
• Config::Sources::VaultSource

Defined in:

lib/config/vault/vault_source.rb

Overview

A vault source for Config

Instance Attribute Summary

• #client ⇒ Object readonly

  Returns the value of attribute client.

• #flatten ⇒ Object

  Returns the value of attribute flatten.

• #kv ⇒ Object

  Returns the value of attribute kv.

• #paths ⇒ Object readonly

  Returns the value of attribute paths.

• #root ⇒ Object

  Returns the value of attribute root.

Instance Method Summary

• #add_path(path, root = nil) ⇒ Object

  Add a path to Config source.

• #clear_paths ⇒ Object

  Remove added paths.

• #initialize(opts = {}) ⇒ VaultSource constructor

  Create a new Config source, all Vault::Client parameters supported.

• #load ⇒ Hash

  Load data from source into hash.

• #map(hsh) ⇒ Object

  Re-map individual key names.

Constructor Details

#initialize(opts = {}) ⇒ VaultSource

Create a new Config source, all Vault::Client parameters supported

Parameters:

• opts (Hash) (defaults to: {})

Options Hash (opts):

• :kv (String, nil) —

  mount point for operations

• :paths (Array<String>, nil) —

  paths for vault secrets

• :root (String, Symbol, nil) —

  default root key for data provided by source

• :attempts (Integer) —

  number of attempts to try and resolve Vault::HTTPError

• :base (Number) —

  interval for exponential backoff

• :max_wait (Number) —

  maximum weight time for exponential backoff

• :flatten (Boolean) —

  flatten the resulting hash. Preserves root option

# File 'lib/config/vault/vault_source.rb', line 22

def initialize(opts = {})
  client_opts = opts.clone
  @kv = client_opts.delete(:kv) || ''
  @paths = []
  @attempts = client_opts.delete(:attempts) || 5
  @base = client_opts.delete(:base) || 0.5
  @max_wait = client_opts.delete(:max_wait) || 2.5
  @root = client_opts.delete(:root)
  @flatten = client_opts.delete(:flatten)
  @paths << client_opts.delete(:paths) if client_opts.key?(:paths)
  map({})
  @paths.map! do |p|
    if p.is_a?(Array)
      p
    else
      [p, @root]
    end
  end
  @client = ::Vault::Client.new(client_opts)
end

Instance Attribute Details

#client ⇒ Object (readonly)

Returns the value of attribute client.

# File 'lib/config/vault/vault_source.rb', line 10

def client
  @client
end

#flatten ⇒ Object

Returns the value of attribute flatten.

# File 'lib/config/vault/vault_source.rb', line 9

def flatten
  @flatten
end

#kv ⇒ Object

Returns the value of attribute kv.

# File 'lib/config/vault/vault_source.rb', line 9

def kv
  @kv
end

#paths ⇒ Object (readonly)

Returns the value of attribute paths.

# File 'lib/config/vault/vault_source.rb', line 10

def paths
  @paths
end

#root ⇒ Object

Returns the value of attribute root.

# File 'lib/config/vault/vault_source.rb', line 9

def root
  @root
end

Instance Method Details

#add_path(path, root = nil) ⇒ Object

Add a path to Config source

Examples:

Use glob operators

source.add_path('secrets/**/test/*')
source.load #=> { secrets: { some_key: { test: { secret_data: 2 } } } }

Parameters:

• path (String)
• root (String) (defaults to: nil) —

  optional root

# File 'lib/config/vault/vault_source.rb', line 51

def add_path(path, root = nil)
  root ||= @root
  @paths << [path, root]
end

#clear_paths ⇒ Object

Remove added paths

# File 'lib/config/vault/vault_source.rb', line 65

def clear_paths
  @paths = []
end

#load ⇒ Hash

Load data from source into hash

Returns:

• (Hash)

# File 'lib/config/vault/vault_source.rb', line 72

def load
  ::Vault.with_retries(RecoverableVaultError,
                       attempts: @attempts,
                       base: @base,
                       max_wait: @max_wait) do
    process_paths
  end
end

#map(hsh) ⇒ Object

Re-map individual key names

Parameters:

• hsh (Hash) —

  mappings for keys

# File 'lib/config/vault/vault_source.rb', line 59

def map(hsh)
  @map = hsh
  @map.transform_keys! { |k| k.to_sym }
end