Class: Amplify::VaultDataBagWrapperBase

Inherits:

Object

• Object
• Amplify::VaultDataBagWrapperBase

Defined in:

lib/amplify/vault_data_bag_wrapper_base.rb

Direct Known Subclasses

EncryptedDataBagItem, EncryptedDatabaseInfo

Defined Under Namespace

Classes: NotExtendedCorrectly

Instance Attribute Summary

• #strategy ⇒ Object readonly

  Returns the value of attribute strategy.

Class Method Summary

• .chef_databag_load(name, item) ⇒ Object
• .load(app_name, env) ⇒ Object
• .read_from_parameter_store(app_name, env) ⇒ Object
• .read_from_vault(app_name, env) ⇒ Object
• .strategy=(val) ⇒ Object
• .vault_path(_app_name, _env) ⇒ Object

Instance Attribute Details

#strategy ⇒ Object (readonly)

Returns the value of attribute strategy.

# File 'lib/amplify/vault_data_bag_wrapper_base.rb', line 5

def strategy
  @strategy
end

Class Method Details

.chef_databag_load(name, item) ⇒ Object

# File 'lib/amplify/vault_data_bag_wrapper_base.rb', line 27

def self.chef_databag_load(name, item)
  require 'hashie'
  ::Hashie::Mash.new(::Chef::EncryptedDataBagItem.load(name, item).to_hash)
rescue ::Net::HTTPServerException => e
  ::Chef::Log.error e
  raise MissingDatabag, name: name, item: item
end

.load(app_name, env) ⇒ Object

# File 'lib/amplify/vault_data_bag_wrapper_base.rb', line 14

def self.load(app_name, env)
  ::Chef::Log.info "Retrieving secrets using #{@strategy} strategy"
  if @strategy == :vault
    read_from_vault(app_name, env)
  elsif @strategy == :env
    chef_databag_load(env, app_name)
  elsif @strategy == :parameter_store
    read_from_parameter_store(app_name, env)
  else
    chef_databag_load(app_name, env)
  end
end

.read_from_parameter_store(app_name, env) ⇒ Object

Raises:

• (SecretMissingError)

# File 'lib/amplify/vault_data_bag_wrapper_base.rb', line 39

def self.read_from_parameter_store(app_name, env)
  path = vault_path(app_name, env)
  secrets = Amplify::ParameterStoreClient.read(path)
  raise SecretMissingError.new(path, env) if secrets.nil?
  secrets
end

.read_from_vault(app_name, env) ⇒ Object

Raises:

• (SecretMissingError)

# File 'lib/amplify/vault_data_bag_wrapper_base.rb', line 46

def self.read_from_vault(app_name, env)
  path = vault_path(app_name, env)
  secrets = Amplify::VaultAuthClient.read(path, env)
  raise SecretMissingError.new(path, env) if secrets.nil?
  secrets
end

.strategy=(val) ⇒ Object

# File 'lib/amplify/vault_data_bag_wrapper_base.rb', line 7

def self.strategy=(val)
  msg = "Data bag strategy #{val} is not valid. Valid strategies are #{ALLOWED_STRATEGIES}"
  raise msg unless ALLOWED_STRATEGIES.include?(val)
  ::Chef::Log.info "Setting strategy to #{val}"
  @strategy = val
end

.vault_path(_app_name, _env) ⇒ Object

Raises:

• (NotExtendedCorrectly)

# File 'lib/amplify/vault_data_bag_wrapper_base.rb', line 35

def self.vault_path(_app_name, _env)
  raise NotExtendedCorrectly, 'vault_path was not overriden.'
end