-
Notifications
You must be signed in to change notification settings - Fork 0
/
create_hashicorp.go
72 lines (59 loc) · 2.11 KB
/
create_hashicorp.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
package vaults
import (
"context"
"time"
auth "github.com/lugondev/wallet-signer-manager/src/auth/entities"
"github.com/lugondev/wallet-signer-manager/src/entities"
"github.com/lugondev/wallet-signer-manager/pkg/errors"
"github.com/lugondev/wallet-signer-manager/src/infra/hashicorp/client"
"github.com/lugondev/wallet-signer-manager/src/infra/hashicorp/token"
)
func (c *Vaults) CreateHashicorp(_ context.Context, name string, config *entities.HashicorpConfig, allowedTenants []string, _ *auth.UserInfo) error {
logger := c.logger.With("name", name)
logger.Debug("creating hashicorp vault client")
cli, err := client.NewClient(client.NewConfig(config))
if err != nil {
errMessage := "failed to instantiate Hashicorp client"
logger.WithError(err).Error(errMessage)
return errors.InvalidParameterError(errMessage)
}
if config.SkipVerify {
logger.Warn("skipping certs verification will make your connection insecure and is not recommended in production")
}
if config.Token != "" {
cli.SetToken(config.Token)
} else if config.TokenPath != "" {
tokenWatcher, err := token.NewRenewTokenWatcher(cli, config.TokenPath, logger)
if err != nil {
return err
}
go func() {
err = tokenWatcher.Start(context.Background())
if err != nil {
logger.WithError(err).Error("token watcher has exited with errors")
} else {
logger.Warn("token watcher has exited gracefully")
}
}()
// If the client token is read from filesystem, wait for it to be loaded before we continue
maxRetries := 3
retries := 0
for retries < maxRetries {
err = cli.HealthCheck()
if err == nil {
break
}
logger.WithError(err).Debug("waiting for hashicorp client to be ready...", "retries", retries)
time.Sleep(100 * time.Millisecond)
retries++
if retries == maxRetries {
errMessage := "failed to reach hashicorp vault. Please verify that the server is reachable"
logger.WithError(err).Error(errMessage)
return errors.InvalidFormatError(errMessage)
}
}
}
c.createVault(name, entities.HashicorpVaultType, allowedTenants, cli)
logger.Info("hashicorp vault created successfully")
return nil
}