-
Notifications
You must be signed in to change notification settings - Fork 17
/
leases.clj
88 lines (69 loc) · 2.12 KB
/
leases.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
(ns vault.sys.leases
"The `/sys/leases` endpoint is used to view and manage leases in Vault.
Reference: https://www.vaultproject.io/api-docs/system/leases"
(:require
[vault.client.http :as http]
[vault.lease :as lease]
[vault.util :as u])
(:import
vault.client.http.HTTPClient))
;; ## API Protocol
(defprotocol API
"The leases endpoint is used to manage secret leases in Vault."
(read-lease
[client lease-id]
"Retrieve lease metadata.")
(list-leases
[client prefix]
"Return a collection of lease ids under the given prefix. This endpoint
requires sudo capability.")
(renew-lease!
[client lease-id]
[client lease-id increment]
"Renew a lease, requesting to extend the time it is valid for. The
`increment` is a requested duration in seconds to extend the lease.")
(revoke-lease!
[client lease-id]
"Revoke a lease, invalidating the secret it references."))
;; ## HTTP Client
(extend-type HTTPClient
API
(read-lease
[client lease-id]
(http/call-api
client ::read-lease
:put "sys/leases/lookup"
{:info {::lease/id lease-id}
:content-type :json
:body {:lease_id lease-id}}))
(list-leases
[client prefix]
(http/call-api
client ::list-leases
:list (u/join-path "sys/leases/lookup" prefix)
{:info {::prefix prefix}}))
(renew-lease!
([client lease-id]
(renew-lease! client lease-id nil))
([client lease-id increment]
(http/call-api
client ::renew-lease!
:put "sys/leases/renew"
{:info {::lease/id lease-id}
:content-type :json
:body (cond-> {:lease_id lease-id}
increment
(assoc :increment increment))
:handle-response http/lease-info
:on-success (fn update-lease
[lease]
(lease/update! client lease))})))
(revoke-lease!
[client lease-id]
(lease/delete! client lease-id)
(http/call-api
client ::revoke-lease!
:put "sys/leases/revoke"
{:info {::lease/id lease-id}
:content-type :json
:body {:lease_id lease-id}})))