Class: Vault::KV
Instance Attribute Summary collapse
-
#mount ⇒ Object
readonly
Returns the value of attribute mount.
Attributes inherited from Request
Instance Method Summary collapse
-
#delete(path) ⇒ true
Delete the secret at the given path.
-
#delete_versions(path, versions) ⇒ true
Mark specific versions of a secret as deleted.
-
#destroy(path) ⇒ true
Completely remove a secret and its metadata.
-
#destroy_versions(path, versions) ⇒ true
Completely remove specific versions of a secret.
-
#initialize(client, mount) ⇒ KV
constructor
A new instance of KV.
-
#list(path = "", options = {}) ⇒ Array<String>
List the names of secrets at the given path, if the path supports listing.
-
#read(path, version = nil, options = {}) ⇒ Secret?
Read the secret at the given path.
-
#read_metadata(path) ⇒ Hash?
Read the metadata of a secret at the given path.
-
#undelete_versions(path, versions) ⇒ true
Mark specific versions of a secret as active.
-
#write(path, data = {}, options = {}) ⇒ Secret
Write the secret at the given path with the given data.
-
#write_metadata(path, metadata = {}) ⇒ true
Write the metadata of a secret at the given path.
Methods inherited from Request
Methods included from EncodePath
Constructor Details
#initialize(client, mount) ⇒ KV
Returns a new instance of KV.
21 22 23 24 25 |
# File 'lib/vault/api/kv.rb', line 21 def initialize(client, mount) super client @mount = mount end |
Instance Attribute Details
#mount ⇒ Object (readonly)
Returns the value of attribute mount.
19 20 21 |
# File 'lib/vault/api/kv.rb', line 19 def mount @mount end |
Instance Method Details
#delete(path) ⇒ true
Delete the secret at the given path. If the secret does not exist, vault will still return true.
138 139 140 141 142 |
# File 'lib/vault/api/kv.rb', line 138 def delete(path) client.delete("/v1/#{mount}/data/#{encode_path(path)}") true end |
#delete_versions(path, versions) ⇒ true
Mark specific versions of a secret as deleted.
155 156 157 158 159 |
# File 'lib/vault/api/kv.rb', line 155 def delete_versions(path, versions) client.post("/v1/#{mount}/delete/#{encode_path(path)}", JSON.fast_generate(versions: versions)) true end |
#destroy(path) ⇒ true
Completely remove a secret and its metadata.
187 188 189 190 191 |
# File 'lib/vault/api/kv.rb', line 187 def destroy(path) client.delete("/v1/#{mount}/metadata/#{encode_path(path)}") true end |
#destroy_versions(path, versions) ⇒ true
Completely remove specific versions of a secret.
204 205 206 207 208 |
# File 'lib/vault/api/kv.rb', line 204 def destroy_versions(path, versions) client.post("/v1/#{mount}/destroy/#{encode_path(path)}", JSON.fast_generate(versions: versions)) true end |
#list(path = "", options = {}) ⇒ Array<String>
List the names of secrets at the given path, if the path supports listing. If the the path does not exist, an empty array will be returned.
37 38 39 40 41 42 43 44 |
# File 'lib/vault/api/kv.rb', line 37 def list(path = "", = {}) headers = extract_headers!() json = client.list("/v1/#{mount}/metadata/#{encode_path(path)}", {}, headers) json[:data][:keys] || [] rescue HTTPError => e return [] if e.code == 404 raise end |
#read(path, version = nil, options = {}) ⇒ Secret?
Read the secret at the given path. If the secret does not exist, nil
will be returned. The latest version is returned by default, but you can request a specific version.
59 60 61 62 63 64 65 66 67 68 69 |
# File 'lib/vault/api/kv.rb', line 59 def read(path, version = nil, = {}) headers = extract_headers!() params = {} params[:version] = version unless version.nil? json = client.get("/v1/#{mount}/data/#{encode_path(path)}", params, headers) return Secret.decode(json[:data]) rescue HTTPError => e return nil if e.code == 404 raise end |
#read_metadata(path) ⇒ Hash?
Read the metadata of a secret at the given path. If the secret does not exist, nil will be returned.
81 82 83 84 85 86 |
# File 'lib/vault/api/kv.rb', line 81 def (path) client.get("/v1/#{mount}/metadata/#{encode_path(path)}")[:data] rescue HTTPError => e return nil if e.code == 404 raise end |
#undelete_versions(path, versions) ⇒ true
Mark specific versions of a secret as active.
172 173 174 175 176 |
# File 'lib/vault/api/kv.rb', line 172 def undelete_versions(path, versions) client.post("/v1/#{mount}/undelete/#{encode_path(path)}", JSON.fast_generate(versions: versions)) true end |
#write(path, data = {}, options = {}) ⇒ Secret
Write the secret at the given path with the given data. Note that the data must be a Hash!
100 101 102 103 104 105 106 107 108 |
# File 'lib/vault/api/kv.rb', line 100 def write(path, data = {}, = {}) headers = extract_headers!() json = client.post("/v1/#{mount}/data/#{encode_path(path)}", JSON.fast_generate(:data => data), headers) if json.nil? return true else return Secret.decode(json) end end |
#write_metadata(path, metadata = {}) ⇒ true
Write the metadata of a secret at the given path. Note that the data must be a Hash.
122 123 124 125 126 |
# File 'lib/vault/api/kv.rb', line 122 def (path, = {}) client.post("/v1/#{mount}/metadata/#{encode_path(path)}", JSON.fast_generate()) true end |