Class: Vault::KV
Instance Attribute Summary collapse
-
#mount ⇒ Object
readonly
Returns the value of attribute mount.
Attributes inherited from Request
Instance Method Summary collapse
-
#delete(path) ⇒ true
Delete the secret at the given path.
-
#delete_versions(path, versions) ⇒ true
Mark specific versions of a secret as deleted.
-
#destroy(path) ⇒ true
Completely remove a secret and its metadata.
-
#destroy_versions(path, versions) ⇒ true
Completely remove specific versions of a secret.
-
#initialize(client, mount) ⇒ KV
constructor
A new instance of KV.
-
#list(path = "", options = {}) ⇒ Array<String>
List the names of secrets at the given path, if the path supports listing.
-
#read(path, version = nil, options = {}) ⇒ Secret?
Read the secret at the given path.
-
#read_metadata(path) ⇒ Hash?
Read the metadata of a secret at the given path.
-
#undelete_versions(path, versions) ⇒ true
Mark specific versions of a secret as active.
-
#write(path, data = {}, options = {}) ⇒ Secret
Write the secret at the given path with the given data.
-
#write_metadata(path, metadata = {}) ⇒ true
Write the metadata of a secret at the given path.
Methods inherited from Request
Methods included from EncodePath
Constructor Details
#initialize(client, mount) ⇒ KV
Returns a new instance of KV.
18 19 20 21 22 |
# File 'lib/vault/api/kv.rb', line 18 def initialize(client, mount) super client @mount = mount end |
Instance Attribute Details
#mount ⇒ Object (readonly)
Returns the value of attribute mount.
16 17 18 |
# File 'lib/vault/api/kv.rb', line 16 def mount @mount end |
Instance Method Details
#delete(path) ⇒ true
Delete the secret at the given path. If the secret does not exist, vault will still return true.
135 136 137 138 139 |
# File 'lib/vault/api/kv.rb', line 135 def delete(path) client.delete("/v1/#{mount}/data/#{encode_path(path)}") true end |
#delete_versions(path, versions) ⇒ true
Mark specific versions of a secret as deleted.
152 153 154 155 156 |
# File 'lib/vault/api/kv.rb', line 152 def delete_versions(path, versions) client.post("/v1/#{mount}/delete/#{encode_path(path)}", JSON.fast_generate(versions: versions)) true end |
#destroy(path) ⇒ true
Completely remove a secret and its metadata.
184 185 186 187 188 |
# File 'lib/vault/api/kv.rb', line 184 def destroy(path) client.delete("/v1/#{mount}/metadata/#{encode_path(path)}") true end |
#destroy_versions(path, versions) ⇒ true
Completely remove specific versions of a secret.
201 202 203 204 205 |
# File 'lib/vault/api/kv.rb', line 201 def destroy_versions(path, versions) client.post("/v1/#{mount}/destroy/#{encode_path(path)}", JSON.fast_generate(versions: versions)) true end |
#list(path = "", options = {}) ⇒ Array<String>
List the names of secrets at the given path, if the path supports listing. If the the path does not exist, an empty array will be returned.
34 35 36 37 38 39 40 41 |
# File 'lib/vault/api/kv.rb', line 34 def list(path = "", = {}) headers = extract_headers!() json = client.list("/v1/#{mount}/metadata/#{encode_path(path)}", {}, headers) json[:data][:keys] || [] rescue HTTPError => e return [] if e.code == 404 raise end |
#read(path, version = nil, options = {}) ⇒ Secret?
Read the secret at the given path. If the secret does not exist, nil
will be returned. The latest version is returned by default, but you can request a specific version.
56 57 58 59 60 61 62 63 64 65 66 |
# File 'lib/vault/api/kv.rb', line 56 def read(path, version = nil, = {}) headers = extract_headers!() params = {} params[:version] = version unless version.nil? json = client.get("/v1/#{mount}/data/#{encode_path(path)}", params, headers) return Secret.decode(json[:data]) rescue HTTPError => e return nil if e.code == 404 raise end |
#read_metadata(path) ⇒ Hash?
Read the metadata of a secret at the given path. If the secret does not exist, nil will be returned.
78 79 80 81 82 83 |
# File 'lib/vault/api/kv.rb', line 78 def (path) client.get("/v1/#{mount}/metadata/#{encode_path(path)}")[:data] rescue HTTPError => e return nil if e.code == 404 raise end |
#undelete_versions(path, versions) ⇒ true
Mark specific versions of a secret as active.
169 170 171 172 173 |
# File 'lib/vault/api/kv.rb', line 169 def undelete_versions(path, versions) client.post("/v1/#{mount}/undelete/#{encode_path(path)}", JSON.fast_generate(versions: versions)) true end |
#write(path, data = {}, options = {}) ⇒ Secret
Write the secret at the given path with the given data. Note that the data must be a Hash!
97 98 99 100 101 102 103 104 105 |
# File 'lib/vault/api/kv.rb', line 97 def write(path, data = {}, = {}) headers = extract_headers!() json = client.post("/v1/#{mount}/data/#{encode_path(path)}", JSON.fast_generate(:data => data), headers) if json.nil? return true else return Secret.decode(json) end end |
#write_metadata(path, metadata = {}) ⇒ true
Write the metadata of a secret at the given path. Note that teh data must be a Hash.
119 120 121 122 123 |
# File 'lib/vault/api/kv.rb', line 119 def (path, = {}) client.post("/v1/#{mount}/metadata/#{encode_path(path)}", JSON.fast_generate()) true end |