Class: Dev::Vault

Inherits:

Object

• Object
• Dev::Vault

Extended by:

Helpers

Defined in:

lib/dev/vault.rb,
lib/dev/vault/build.rb,
lib/dev/vault/helpers.rb,
lib/dev/vault/version.rb

Overview

Helpers to fetch and run a development-instance of vault

Defined Under Namespace

Modules: Build, Helpers

Constant Summary

DEFAULT_PORT =

8200

RANDOM_PORT =

'RANDOM_PORT'.freeze

RELEASE =

'1'.freeze

VERSION =

'0.5.2'.freeze

Instance Attribute Summary

• #client ⇒ Object readonly

  Returns the value of attribute client.

• #command ⇒ Object readonly

  Returns the value of attribute command.

• #config ⇒ Object readonly

  Returns the value of attribute config.

• #dev ⇒ Object (also: #dev?) readonly

  Returns the value of attribute dev.

• #keys ⇒ Object readonly

  Returns the value of attribute keys.

• #output ⇒ Object readonly

  Returns the value of attribute output.

• #port ⇒ Object readonly

  Returns the value of attribute port.

• #token ⇒ Object readonly

  Returns the value of attribute token.

Instance Method Summary

• #block ⇒ Object
• #configure ⇒ Object

  Write configuration to tempfile.

• #init(**options) ⇒ Object

  Helper to initialize a non-development Vault server and store the new token.

• #initialize(**options) ⇒ Vault constructor

  A new instance of Vault.

• #log(*message) ⇒ Object

  Logging helper.

• #run ⇒ Object
• #stop ⇒ Object
• #wait ⇒ Object

  Wait for the service to become ready.

Methods included from Helpers

architecture, bin, bindir, platform

Constructor Details

#initialize(**options) ⇒ Vault

Returns a new instance of Vault.

# File 'lib/dev/vault.rb', line 32

def initialize(**options)
  @dev = options.fetch(:dev, true)
  @token = dev ? SecureRandom.uuid : options[:token]

  @port = case options[:port]
          when Fixnum then options[:port]
          when RANDOM_PORT then 10_000 + rand(10_000)
          else DEFAULT_PORT
          end

  @command = [self.class.bin, 'server']
  @command.push(*['-dev', "-dev-root-token-id=#{token}", "-dev-listen-address=127.0.0.1:#{port}"]) if dev?
  @output = options.fetch(:output, $stdout)

  ## Non-development mode server
  unless dev?
    @config = Tempfile.new('dev-vault')
    @command << "-config=#{config.path}"
  end

  @client = ::Vault::Client.new(:address => "http://localhost:#{port}",
                                :token => token)
end

Instance Attribute Details

#client ⇒ Object (readonly)

Returns the value of attribute client.

# File 'lib/dev/vault.rb', line 26

def client
  @client
end

#command ⇒ Object (readonly)

Returns the value of attribute command.

# File 'lib/dev/vault.rb', line 19

def command
  @command
end

#config ⇒ Object (readonly)

Returns the value of attribute config.

# File 'lib/dev/vault.rb', line 20

def config
  @config
end

#dev ⇒ Object (readonly) Also known as: dev?

Returns the value of attribute dev.

# File 'lib/dev/vault.rb', line 23

def dev
  @dev
end

#keys ⇒ Object (readonly)

Returns the value of attribute keys.

# File 'lib/dev/vault.rb', line 29

def keys
  @keys
end

#output ⇒ Object (readonly)

Returns the value of attribute output.

# File 'lib/dev/vault.rb', line 21

def output
  @output
end

#port ⇒ Object (readonly)

Returns the value of attribute port.

# File 'lib/dev/vault.rb', line 27

def port
  @port
end

#token ⇒ Object (readonly)

Returns the value of attribute token.

# File 'lib/dev/vault.rb', line 30

def token
  @token
end

Instance Method Details

#block ⇒ Object

# File 'lib/dev/vault.rb', line 158

def block
  @thread.join unless @thread.nil?
end

#configure ⇒ Object

Write configuration to tempfile

# File 'lib/dev/vault.rb', line 67

def configure
  raise 'Cannot configure a Vault server in development mode' if dev?

  config.write(
    JSON.pretty_generate(
      :backend => {
        :inmem => {}
      },
      :listener => {
        :tcp => {
          :address => "127.0.0.1:#{port}",
          :tls_disable => 'true'
        }
      }
    )
  )

  config.rewind
end

#init(**options) ⇒ Object

Helper to initialize a non-development Vault server and store the new token

# File 'lib/dev/vault.rb', line 90

def init(**options)
  raise 'Cannot initialize a Vault server in development mode' if dev?

  options[:shares] ||= 1
  options[:threshold] ||= 1

  result = client.sys.init(options)

  ## Capture the new keys and token
  @keys = result.keys
  @token = result.root_token
end

#log(*message) ⇒ Object

Logging helper

# File 'lib/dev/vault.rb', line 57

def log(*message)
  return unless output.is_a?(IO)

  output.write(message.join(' ') + "\n")
  output.flush
end

#run ⇒ Object

# File 'lib/dev/vault.rb', line 103

def run
  configure unless dev?
  log "Running #{command.join(' ')}"

  ## Fork a child process for Vault from a thread
  @stopped = false
  @thread = Thread.new do
    IO.popen(command + [:err => [:child, :out]], 'r+') do |io|
      Thread.current[:process] = io.pid

      ## Stream output
      loop do
        break if io.eof?
        chunk = io.readpartial(1024)

        next unless output.is_a?(IO)
        output.write(chunk)
        output.flush
      end
    end
  end

  self
end

#stop ⇒ Object

# File 'lib/dev/vault.rb', line 162

def stop
  unless @thread.nil?
    unless @thread[:process].nil?
      log "Stop #{command.join(' ')} (#{@thread[:process]})"
      Process.kill('TERM', @thread[:process])
    end

    @thread.join
  end

  config.unlink unless dev?
  @thread = nil
  @stopped = true
end

#wait ⇒ Object

Wait for the service to become ready

# File 'lib/dev/vault.rb', line 131

def wait
  loop do
    break if @stopped || @thread.nil? || !@thread.alive?

    begin
      client.sys.init_status
    rescue ::Vault::HTTPConnectionError
      log 'Waiting for Vault HTTP API to be ready'
      sleep 1

      next
    end

    if dev? && !client.sys.init_status.initialized?
      log 'Waiting for Vault development server to initialize'
      sleep 1

      next
    end

    log 'Vault is ready!'
    break
  end

  self
end