Class: Vault::Provision::Auth::Approle
- Inherits:
-
Prototype
- Object
- Prototype
- Vault::Provision::Auth::Approle
- Defined in:
- lib/vault/provision/auth/approle.rb
Overview
placeholder
Instance Method Summary collapse
- #provision! ⇒ Object
-
#repo_files ⇒ Object
Vault supports multiple instances of the ‘approle’ backend mounted concurrently.
- #role_files(auth_point) ⇒ Object
Instance Method Details
#provision! ⇒ Object
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
# File 'lib/vault/provision/auth/approle.rb', line 3 def provision! repo_files.each do |rf| validate_file! rf role_name = File.basename(rf, '.json') auth_point = rf.split('/')[-3] role_path = "auth/#{auth_point}/role/#{role_name}" role_id_file = "#{@instance_dir}/#{role_path}/role-id.json" puts " * #{role_path}" @vault.post "v1/#{role_path}", File.read(rf) next unless FileTest.file? role_id_file puts " * #{role_path}/role-id" @vault.post "v1/#{role_path}/role-id", File.read(role_id_file) end end |
#repo_files ⇒ Object
Vault supports multiple instances of the ‘approle’ backend mounted concurrently. The map-reducey method repo_files gets the list of approle mounts, calls role_files() once for each of the mounts, then concatenates all those filenames into one big flat array
23 24 25 26 27 |
# File 'lib/vault/provision/auth/approle.rb', line 23 def repo_files @vault.sys.auths.select { |_,v| v.type == 'approle' } .keys .inject([]) { |acc, elem| acc + role_files(elem) } end |
#role_files(auth_point) ⇒ Object
29 30 31 32 33 |
# File 'lib/vault/provision/auth/approle.rb', line 29 def role_files auth_point Dir.glob("#{@instance_dir}/auth/#{auth_point}/role/*.json").select do |rf| FileTest.file?(rf) end end |