diff options
author | Mike Crute <mike@crute.us> | 2022-10-10 19:21:29 -0700 |
---|---|---|
committer | Mike Crute <mike@crute.us> | 2022-10-10 19:21:29 -0700 |
commit | 45b2ba21231880a88e8f91e8239df32a36492dfd (patch) | |
tree | 6541d71b311ed99cc33600ca73a129c174bfd8a3 | |
parent | f5125ca626155902a21bc8070cde9c081038db25 (diff) | |
download | golib-45b2ba21231880a88e8f91e8239df32a36492dfd.tar.bz2 golib-45b2ba21231880a88e8f91e8239df32a36492dfd.tar.xz golib-45b2ba21231880a88e8f91e8239df32a36492dfd.zip |
vault: add KVWrite support
-rw-r--r-- | vault/client.go | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/vault/client.go b/vault/client.go index d1a6d14..afc1868 100644 --- a/vault/client.go +++ b/vault/client.go | |||
@@ -2,6 +2,7 @@ package vault | |||
2 | 2 | ||
3 | import ( | 3 | import ( |
4 | "context" | 4 | "context" |
5 | "encoding/json" | ||
5 | "fmt" | 6 | "fmt" |
6 | "os" | 7 | "os" |
7 | "path" | 8 | "path" |
@@ -21,6 +22,7 @@ type VaultClient interface { | |||
21 | DbCredential(c context.Context, suffix string) (*VaultUsernamePassword, error) | 22 | DbCredential(c context.Context, suffix string) (*VaultUsernamePassword, error) |
22 | 23 | ||
23 | KV(c context.Context, suffix string, out interface{}) (*VaultSecret, error) | 24 | KV(c context.Context, suffix string, out interface{}) (*VaultSecret, error) |
25 | KVWrite(c context.Context, suffix string, in interface{}) error | ||
24 | KVApiKey(c context.Context, suffix string) (*VaultApiKey, error) | 26 | KVApiKey(c context.Context, suffix string) (*VaultApiKey, error) |
25 | KVCredential(c context.Context, suffix string) (*VaultUsernamePassword, error) | 27 | KVCredential(c context.Context, suffix string) (*VaultUsernamePassword, error) |
26 | 28 | ||
@@ -176,6 +178,22 @@ func (c *vaultClient) read(ctx context.Context, prefix, suffix string) (*api.Sec | |||
176 | return s, key, nil | 178 | return s, key, nil |
177 | } | 179 | } |
178 | 180 | ||
181 | func (c *vaultClient) writeJson(ctx context.Context, prefix, suffix string, in interface{}) (*api.Secret, string, error) { | ||
182 | key := path.Join(prefix, suffix) | ||
183 | |||
184 | inBytes, err := json.Marshal(in) | ||
185 | if err != nil { | ||
186 | return nil, "", fmt.Errorf("error encoding json: %w", err) | ||
187 | } | ||
188 | |||
189 | s, err := c.lc.WriteBytesWithContext(ctx, key, inBytes) | ||
190 | if err != nil { | ||
191 | return nil, "", err | ||
192 | } | ||
193 | |||
194 | return s, key, nil | ||
195 | } | ||
196 | |||
179 | func (c *vaultClient) stop() { | 197 | func (c *vaultClient) stop() { |
180 | c.Lock() | 198 | c.Lock() |
181 | defer c.Unlock() | 199 | defer c.Unlock() |
@@ -287,6 +305,13 @@ func (c *vaultClient) KV(ctx context.Context, suffix string, out interface{}) (* | |||
287 | return &VaultSecret{s: s, n: k}, nil | 305 | return &VaultSecret{s: s, n: k}, nil |
288 | } | 306 | } |
289 | 307 | ||
308 | func (c *vaultClient) KVWrite(ctx context.Context, suffix string, in interface{}) error { | ||
309 | if _, _, err := c.writeJson(ctx, "kv/data", suffix, in); err != nil { | ||
310 | return err | ||
311 | } | ||
312 | return nil | ||
313 | } | ||
314 | |||
290 | func (c *vaultClient) KVApiKey(ctx context.Context, suffix string) (*VaultApiKey, error) { | 315 | func (c *vaultClient) KVApiKey(ctx context.Context, suffix string) (*VaultApiKey, error) { |
291 | var ak VaultApiKey | 316 | var ak VaultApiKey |
292 | s, err := c.KV(ctx, suffix, &ak) | 317 | s, err := c.KV(ctx, suffix, &ak) |