Initial commit of secrets w/ housekeeping:

- updated vagrant provisioning process - added vault approle commands - added vault info types - WIP token/login on startup - Secret handler stub created Signed-off-by: Andrew Cornies <acornies@gmail.com>
acornies · Jan 25, 2019 · 57bd520 · 57bd520
1 parent 0b9e5bf
commit 57bd520
Show file tree

Hide file tree

Showing 13 changed files with 200 additions and 146 deletions.
diff --git a/.gitignore b/.gitignore
@@ -23,6 +23,7 @@ consul.hcl
 nomad.hcl
 
 .vagrant
+.vscode
 provisioning/saltstack/formulas*
 ubuntu*.log
 debug

diff --git a/.vscode/launch.json b/.vscode/launch.json
diff --git a/Gopkg.lock b/Gopkg.lock
diff --git a/Gopkg.toml b/Gopkg.toml
@@ -1,19 +1,27 @@
 [[constraint]]
   name = "github.com/openfaas/faas"
-  version = "0.8.12"
+  version = "0.10.1"
 
 [[constraint]]
   name = "github.com/openfaas/faas-provider"
-  version = "0.7.1"
+  version = "0.8.1"
 
 [[constraint]]
   name = "github.com/hashicorp/nomad"
   version = "0.7.0"
 
+[[constraint]]
+  name = "github.com/hashicorp/vault"
+  version = "v0.9.6"
+
 [[constraint]]
   name = "github.com/stretchr/testify"
   version = "1.1.4"
 
+[[constraint]]
+  name = "github.com/mitchellh/mapstructure"
+  version = "v1.1.2"
+
 [prune]
   go-tests = true
   unused-packages = true
diff --git a/Vagrantfile b/Vagrantfile
@@ -67,7 +67,7 @@ Vagrant.configure("2") do |config|
       salt.verbose = true
       salt.salt_call_args = ["saltenv=dev", "pillarenv=dev"]
     end
-    override.vm.provision "shell", path: "provisioning/scripts/nomad_run.sh"
+    # override.vm.provision "shell", path: "provisioning/scripts/nomad_run.sh"
   end
 
   # vmware fusion
@@ -81,6 +81,8 @@ Vagrant.configure("2") do |config|
       salt.verbose = true
       salt.salt_call_args = ["saltenv=dev", "pillarenv=dev"]
     end
+    # override.vm.provision "shell", path: "provisioning/scripts/nomad_run.sh"
+    override.vm.provision "shell", path: "provisioning/scripts/vault_populate.sh"
     override.vm.provision "shell", path: "provisioning/scripts/nomad_run.sh"
   end
 
@@ -95,7 +97,12 @@ Vagrant.configure("2") do |config|
       salt.verbose = true
       salt.salt_call_args = ["saltenv=dev", "pillarenv=dev"]
     end
-    override.vm.provision "shell", path: "provisioning/scripts/nomad_run.sh"
+    # override.vm.provision "shell", path: "provisioning/scripts/nomad_run.sh"
+  end
+
+  config.vm.provision :docker do |d|
+    d.run 'dev-vault', image: 'vault:0.9.6', 
+      args: '-p 8200:8200 -e "VAULT_DEV_ROOT_TOKEN_ID=vagrant" -v /vagrant:/vagrant'
   end
   #
   # View the documentation for the provider you are using for more
@@ -112,7 +119,6 @@ Vagrant.configure("2") do |config|
     cd /vagrant/provisioning/saltstack/formulas
     git clone https://github.com/tucows/nomad-formula.git
     git clone https://github.com/tucows/consul-formula.git
-    git clone https://github.com/tucows/docker-formula.git
     git clone https://github.com/tucows/vault-formula.git
   SHELL
 

diff --git a/handlers/secrets.go b/handlers/secrets.go
@@ -0,0 +1,14 @@
+package handlers
+
+import (
+	"net/http"
+
+	"github.com/hashicorp/faas-nomad/types"
+	hclog "github.com/hashicorp/go-hclog"
+	vapi "github.com/hashicorp/vault/api"
+)
+
+func MakeSecretHandler(vaultClient *vapi.Client, logger hclog.Logger, providerConfig types.ProviderConfig) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+	}
+}