Class: Sambot::Testing::VaultHelper

Inherits:
Object
  • Object
show all
Defined in:
lib/sambot/testing/vault_helper.rb

Constant Summary collapse

VAULT_CONFIG_BINARY = 
'vault-config'
WORKING_DIR = 
'/tmp/sambot/testing/vault'
VAULT_POLICIES_REPO = 
'[email protected]:ads-devops/vault-policies.git'
VAULT_ADDRESS = 
'http://127.0.0.1:8200'
BOOTSTRAP_TOKEN_ROLE = 
'nightswatch-ro'
BOOTSTRAP_TOKEN_TTL = 
'72h'
BOOTSTRAP_TOKEN = 
'root'
BOOTSTRAP_TOKEN_POLICIES = 
['nightswatch-ro']

Class Method Summary collapse

Class Method Details

.configureObject 



22
23
24
25
26
27
28
 
# File 'lib/sambot/testing/vault_helper.rb', line 22

def configure
  ::Vault.configure do |config|
    config.address = VAULT_ADDRESS
    config.token = BOOTSTRAP_TOKEN
    config.ssl_verify = false
  end
end

.generate_wrapped_tokenObject 



30
31
32
33
34
35
36
37
38
39
 
# File 'lib/sambot/testing/vault_helper.rb', line 30

def generate_wrapped_token
  configure
  token = ''
  begin
    wrap_info = Vault.auth_token.create('wrap_ttl': BOOTSTRAP_TOKEN_TTL, role: BOOTSTRAP_TOKEN_ROLE, policies: BOOTSTRAP_TOKEN_POLICIES).wrap_info
    token = wrap_info.token
  rescue
  end
  token
end

.load_secrets(config, src = 'local_testing') ⇒ Object 



57
58
59
60
61
62
63
64
65
66
 
# File 'lib/sambot/testing/vault_helper.rb', line 57

def load_secrets(config, src = 'local_testing')
  UI.info('Reading secrets from the configuration file')
  secrets = merge_wrapper_cookbook_secrets(config.dependencies, config.secrets)
  if secrets.nil? || secrets.empty?
    UI.info('No secrets were found in the secrets configuration file')
    return 0
  else
    store_secrets(secrets, src)
  end
end

.read_field(path, key) ⇒ Object 



73
74
75
76
 
# File 'lib/sambot/testing/vault_helper.rb', line 73

def read_field(path, key)
  configure
  Vault.logical.read(path, key)
end

.read_path(path) ⇒ Object 



68
69
70
71
 
# File 'lib/sambot/testing/vault_helper.rb', line 68

def read_path(path)
  configure
  Vault.logical.read(path)
end

.setupObject 



41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/sambot/testing/vault_helper.rb', line 41

def setup
  FileUtils.rm_r(WORKING_DIR) if Dir.exist?(WORKING_DIR)
  FileUtils.mkpath WORKING_DIR
  UI.info("Created #{WORKING_DIR}")
  Dir.chdir WORKING_DIR do
    UI.info('Cloning the Vault policies for inclusion into the Vault Docker instance')
    `git clone --depth=1 --single-branch -q #{VAULT_POLICIES_REPO}`
    Dir.chdir 'vault-policies/dev/vault-config' do
      FS.copy(VAULT_CONFIG_BINARY)
      UI.info('Applying the Vault policies')
      `VC_VAULT_ADDR=#{VAULT_ADDRESS} VC_VAULT_TOKEN=#{BOOTSTRAP_TOKEN} ./#{VAULT_CONFIG_BINARY} config`
      UI.info('The Vault policies have been applied')
    end
  end
end