Showing with 60 additions and 31 deletions.
  1. +6 −2 .devcontainer/README.md
  2. +1 −1 .rubocop.yml
  3. +8 −0 CHANGELOG.md
  4. +21 −15 Gemfile
  5. +5 −2 README.md
  6. +16 −8 REFERENCE.md
  7. +3 −3 metadata.json
8 changes: 6 additions & 2 deletions .devcontainer/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,18 @@ https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/pupp

// Set *default* container specific settings.json values on container create.
"settings": {
"terminal.integrated.shell.linux": "/bin/bash"
"terminal.integrated.profiles.linux": {
"bash": {
"path": "bash",
}
}
},

// Add the IDs of extensions you want installed when the container is created.
"extensions": [
"puppet.puppet-vscode",
"rebornix.Ruby"
]
],

// Use 'forwardPorts' to make a list of ports inside the container available locally.
"forwardPorts": [],
Expand Down
2 changes: 1 addition & 1 deletion .rubocop.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ require:
- rubocop-rspec
AllCops:
DisplayCopNames: true
TargetRubyVersion: '2.4'
TargetRubyVersion: '2.5'
Include:
- "**/*.rb"
Exclude:
Expand Down
8 changes: 8 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,14 @@

All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org).

## [v3.1.1](https://github.com/tragiccode/tragiccode-azure_key_vault/tree/v3.1.1) (2023-01-15)

[Full Changelog](https://github.com/tragiccode/tragiccode-azure_key_vault/compare/v3.1.0...v3.1.1)

### Fixed

- \(GH-101\) Fix documentation for secret lookup using hiera data file interpolation [\#102](https://github.com/TraGicCode/tragiccode-azure_key_vault/pull/102) ([TraGicCode](https://github.com/TraGicCode))

## [v3.1.0](https://github.com/tragiccode/tragiccode-azure_key_vault/tree/v3.1.0) (2022-09-23)

[Full Changelog](https://github.com/tragiccode/tragiccode-azure_key_vault/compare/v3.0.0...v3.1.0)
Expand Down
36 changes: 21 additions & 15 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,24 +13,30 @@ def location_for(place_or_version, fake_version = nil)
end
end

ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
minor_version = ruby_version_segments[0..1].join('.')

group :development do
gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
gem "github_changelog_generator", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2')
gem "puppet-strings", require: false
gem "webmock", require: false
gem "json_pure", '~> 2.0', require: false
gem "voxpupuli-puppet-lint-plugins", '~> 3.1', require: false
gem "facterdb", '~> 1.18', require: false
gem "metadata-json-lint", '>= 2.0.2', '< 4.0.0', require: false
gem "puppetlabs_spec_helper", '>= 3.0.0', '< 5.0.0', require: false
gem "rspec-puppet-facts", '~> 2.0', require: false
gem "codecov", '~> 0.2', require: false
gem "dependency_checker", '~> 0.2', require: false
gem "parallel_tests", '~> 3.4', require: false
gem "pry", '~> 0.10', require: false
gem "simplecov-console", '~> 0.5', require: false
gem "puppet-debugger", '~> 1.0', require: false
gem "rubocop", '= 1.6.1', require: false
gem "rubocop-performance", '= 1.9.1', require: false
gem "rubocop-rspec", '= 2.0.1', require: false
gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw]
gem "github_changelog_generator", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2')
gem "puppet-strings", require: false
gem "webmock", require: false
end
group :system_tests do
gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
gem "puppet_litmus", '< 1.0.0', require: false, platforms: [:ruby]
gem "serverspec", '~> 2.41', require: false
end

puppet_version = ENV['PUPPET_GEM_VERSION']
Expand Down
7 changes: 5 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -144,12 +144,15 @@ notify { 'lookup':
}
```

This function can also be used in hiera files, for example to set class parameters:
The alias function can also be used in hiera files, for example to set class parameters:

```yaml
some_class::password: "%{lookup('important-secret')}"
some_class::password: "%{alias('important-secret')}"
```

**NOTE: The alias function must be used in the above example. Attempting to use the lookup function inside of your hiera files will not work. This is because, when using lookup, the result is interpolated as a string. Since this module is safe by default, it always returns secrets as Sensitive[String]. The reason we have to use alias is because it will preserve the datatype of the value. More information can be found [here](https://www.puppet.com/docs/puppet/7/hiera_merging.html#interpolation_functions)**


You can use a fact to specify different vaults for different groups of nodes. It is
recommended to use a trusted fact such as trusted.extensions.pp_environment as these facts
cannot be altered.
Expand Down
24 changes: 16 additions & 8 deletions REFERENCE.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,12 @@

### Functions

* [`azure_key_vault::lookup`](#azure_key_vaultlookup)
* [`azure_key_vault::secret`](#azure_key_vaultsecret): Retrieves secrets from Azure's Key Vault.
* [`azure_key_vault::lookup`](#azure_key_vault--lookup)
* [`azure_key_vault::secret`](#azure_key_vault--secret): Retrieves secrets from Azure's Key Vault.

## Functions

### <a name="azure_key_vaultlookup"></a>`azure_key_vault::lookup`
### <a name="azure_key_vault--lookup"></a>`azure_key_vault::lookup`

Type: Ruby 4.x API

Expand All @@ -38,14 +38,18 @@ Data type: `Variant[String, Numeric]`

##### `options`

Data type: `Struct[{
Data type:

```puppet
Struct[{
vault_name => String,
vault_api_version => String,
Optional[metadata_api_version] => String,
confine_to_keys => Array[String],
Optional[key_replacement_token] => String,
Optional[service_principal_credentials] => String
}]`
}]
```



Expand All @@ -55,7 +59,7 @@ Data type: `Puppet::LookupContext`



### <a name="azure_key_vaultsecret"></a>`azure_key_vault::secret`
### <a name="azure_key_vault--secret"></a>`azure_key_vault::secret`

Type: Ruby 4.x API

Expand Down Expand Up @@ -89,15 +93,19 @@ Name of the secret to be retrieved.

##### `api_endpoint_hash`

Data type: `Struct[{
Data type:

```puppet
Struct[{
vault_api_version => String,
Optional[metadata_api_version] => String,
Optional[service_principal_credentials] => Struct[{
tenant_id => String,
client_id => String,
client_secret => String
}]
}]`
}]
```

A Hash with API endpoint and authentication information

Expand Down
6 changes: 3 additions & 3 deletions metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "tragiccode-azure_key_vault",
"version": "3.1.0",
"version": "3.1.1",
"author": "tragiccode",
"summary": "The azure_key_vault module allows you to easily fetch secrets securely within your puppet manifests.",
"license": "Apache-2.0",
Expand Down Expand Up @@ -70,7 +70,7 @@
"azure key vault",
"azure vault"
],
"pdk-version": "2.3.0",
"pdk-version": "2.5.0",
"template-url": "https://github.com/puppetlabs/pdk-templates.git#main",
"template-ref": "heads/main-0-gfa6b6d2"
"template-ref": "heads/main-0-gdd87389"
}