Class: SettingsReader::VaultResolver::Configuration

Inherits:

Object

• Object
• SettingsReader::VaultResolver::Configuration

Defined in:

lib/settings_reader/vault_resolver/configuration.rb

Overview

Configurations for vault resolver

Instance Attribute Summary

• #lease_not_found_handler ⇒ Object

  Block to be executed when “lease not found” error is raised Default: empty proc.

• #lease_refresh_interval ⇒ Object

  How often do we check if secret lease is about to expire Default: 60seconds.

• #lease_renew_delay ⇒ Object

  Time before expiration when we try to renew the lease Default: 300seconds.

• #lease_renew_error_listener ⇒ Object

  Block to be executed when lease is not refreshed Default: empty proc.

• #lease_renew_retries ⇒ Object

  How many times to retry renew of the secret Default: 4.

• #lease_renew_success_listener ⇒ Object

  Block to be executed when lease is refreshed Default: empty proc.

• #logger ⇒ Object

  Logger for gem Default: Logger.new(STDOUT, level: Logger::ERROR).

• #retriable_errors ⇒ Object

  What errors should be retried when connecting to vault Default: ‘Vault::HTTPConnectionError` and `OpenSSL::SSL::SSLError`.

• #retrieval_retries ⇒ Object

  How many times to retry retrieval of the secret Default: 2.

• #vault_initializer ⇒ Object

  Block to be executed for initialization and authorization Default: empty proc.

Instance Method Summary

• #initialize ⇒ Configuration constructor

  A new instance of Configuration.

• #setup_lease_refresher(cache, previous_task = nil) ⇒ Object
• #vault_engine_for(address) ⇒ Object
• #vault_engines ⇒ Object

Constructor Details

#initialize ⇒ Configuration

Returns a new instance of Configuration.

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 45

def initialize
  @logger = Logger.new($stdout, level: Logger::ERROR)
  @retriable_errors = [OpenSSL::SSL::SSLError, Vault::HTTPConnectionError]
  @retrieval_retries = 2
  @lease_refresh_interval = 60
  @lease_renew_delay = 300
  @lease_renew_retries = 4
  @lease_renew_error_listener = ->(_result) {}
  @lease_renew_success_listener = ->(_result) {}
  @vault_initializer = -> {}
  @lease_not_found_handler = ->(_entry) {}
end

Instance Attribute Details

#lease_not_found_handler ⇒ Object

Block to be executed when “lease not found” error is raised Default: empty proc

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 43

def lease_not_found_handler
  @lease_not_found_handler
end

#lease_refresh_interval ⇒ Object

How often do we check if secret lease is about to expire Default: 60seconds

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 19

def lease_refresh_interval
  @lease_refresh_interval
end

#lease_renew_delay ⇒ Object

Time before expiration when we try to renew the lease Default: 300seconds

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 23

def lease_renew_delay
  @lease_renew_delay
end

#lease_renew_error_listener ⇒ Object

Block to be executed when lease is not refreshed Default: empty proc

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 35

def lease_renew_error_listener
  @lease_renew_error_listener
end

#lease_renew_retries ⇒ Object

How many times to retry renew of the secret Default: 4

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 27

def lease_renew_retries
  @lease_renew_retries
end

#lease_renew_success_listener ⇒ Object

Block to be executed when lease is refreshed Default: empty proc

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 31

def lease_renew_success_listener
  @lease_renew_success_listener
end

#logger ⇒ Object

Logger for gem Default: Logger.new(STDOUT, level: Logger::ERROR)

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 7

def logger
  @logger
end

#retriable_errors ⇒ Object

What errors should be retried when connecting to vault Default: ‘Vault::HTTPConnectionError` and `OpenSSL::SSL::SSLError`

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 11

def retriable_errors
  @retriable_errors
end

#retrieval_retries ⇒ Object

How many times to retry retrieval of the secret Default: 2

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 15

def retrieval_retries
  @retrieval_retries
end

#vault_initializer ⇒ Object

Block to be executed for initialization and authorization Default: empty proc

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 39

def vault_initializer
  @vault_initializer
end

Instance Method Details

#setup_lease_refresher(cache, previous_task = nil) ⇒ Object

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 58

def setup_lease_refresher(cache, previous_task = nil)
  previous_task&.shutdown

  timer_task = Concurrent::TimerTask.new(execution_interval: lease_refresh_interval) do
    SettingsReader::VaultResolver::Refresher.new(cache, self).refresh
  end
  timer_task.add_observer(SettingsReader::VaultResolver::RefresherObserver.new(self))
  timer_task.execute
  timer_task
end

#vault_engine_for(address) ⇒ Object

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 78

def vault_engine_for(address)
  unless (engine = vault_engines.detect { |e| e.retrieves?(address) })
    raise SettingsReader::VaultResolver::Error, "Unknown engine for #{address}"
  end

  engine
end

#vault_engines ⇒ Object

# File 'lib/settings_reader/vault_resolver/configuration.rb', line 69

def vault_engines
  @vault_engines ||= [
    SettingsReader::VaultResolver::Engines::KV2.new(self),
    SettingsReader::VaultResolver::Engines::Database.new(self),
    SettingsReader::VaultResolver::Engines::Aws.new(self),
    SettingsReader::VaultResolver::Engines::Auth.new(self)
  ]
end