/
vault_func.go
106 lines (95 loc) · 3.4 KB
/
vault_func.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
package pipeline
import (
"errors"
"reflect"
"strings"
"github.com/goreflect/gostructor/converters"
"github.com/goreflect/gostructor/infra"
"github.com/goreflect/gostructor/properties"
"github.com/goreflect/gostructor/tags"
vault "github.com/mittwald/vaultgo"
"github.com/sirupsen/logrus"
)
/*VaultConfig - source vault configuring*/
type VaultConfig struct {
Config *properties.VaultConfiguration
connection *vault.Client
}
func (config *VaultConfig) configureVault() error {
configured, errConfigure := Configure(&properties.VaultConfiguration{}, []infra.FuncType{infra.FunctionSetupEnvironment}, "", true)
if errConfigure != nil {
logrus.Error("Can not initialize vault properties. Please setup VAULT_ADDRESS & VAULT_TOKEN for working with cf_vault")
return errConfigure
}
config.Config = configured.(*properties.VaultConfiguration)
return nil
}
func (config *VaultConfig) connect() error {
conn, errConnection := vault.NewClient(config.Config.VaultAddress,
vault.WithCaPath(""),
vault.WithAuthToken(config.Config.VaultToken))
if errConnection != nil {
return errConnection
}
conn.SetToken(config.Config.VaultToken)
config.connection = conn
return nil
}
func (config *VaultConfig) vaultAvailable() error {
if config.Config == nil {
if err := config.configureVault(); err != nil {
logrus.Error("Configure Vault Error: ", err)
return err
}
}
if config.connection == nil {
return config.connect()
}
return nil
}
func (config *VaultConfig) prepareLayer(context *structContext) error {
if err := config.configureVault(); err != nil {
return err
}
if errConn := config.vaultAvailable(); errConn != nil {
logrus.Error("Error while connect to vault: ", errConn)
return errConn
}
return nil
}
func (config VaultConfig) GetBaseType(context *structContext) infra.GoStructorValue {
if err := config.prepareLayer(context); err != nil {
return infra.NewGoStructorNoValue(context.Value, err)
}
nameField := context.StructField.Tag.Get(tags.TagHashiCorpVault)
path := strings.Split(nameField, "#")[0]
secretName := strings.Split(nameField, "#")[1]
secret, err := config.connection.Logical().Read(path)
secretValue := secret.Data[secretName]
logrus.Debug("Secret Vault: ", secretValue)
if err != nil {
logrus.Error("Error while reading config from vault: ", err)
return infra.NewGoStructorNoValue(context.Value, err)
}
return converters.ConvertBetweenPrimitiveTypes(reflect.ValueOf(secret.Data[secretName]), reflect.Indirect(context.Value))
}
func (config VaultConfig) GetComplexType(context *structContext) infra.GoStructorValue {
if err := config.prepareLayer(context); err != nil {
return infra.NewGoStructorNoValue(context.Value, err)
}
nameField := context.StructField.Tag.Get(tags.TagHashiCorpVault)
path := strings.Split(nameField, "#")[0]
secretName := strings.Split(nameField, "#")[1]
secret, err := config.connection.Logical().Read(path)
secretValue := secret.Data[secretName]
logrus.Debug("Secret Vault: ", secretValue)
if err != nil {
logrus.Error("Error while reading config from vault: ", err)
return infra.NewGoStructorNoValue(context.Value, err)
}
kind := reflect.Indirect(context.Value).Kind()
if kind == reflect.Slice {
return converters.ConvertBetweenComplexTypes(reflect.ValueOf(strings.Split(secret.Data[secretName].(string), ",")), reflect.Indirect(context.Value))
}
return infra.NewGoStructorNoValue(context.Value, errors.New("not supported complex type"))
}