Merge branch 'dev'

mch1307 · Jan 8, 2019 · 3c3f33e · 3c3f33e
2 parents 5bda5a7 + b7a40aa
commit 3c3f33e
Show file tree

Hide file tree

Showing 7 changed files with 34 additions and 30 deletions.
diff --git a/README.MD b/README.MD
@@ -68,7 +68,7 @@ func main() {
     }
 
     // Get the Vault secret data
-    kv, err := vaultCli.GetVaultSecret("my_kv/my_org/my_secret")
+    kv, err := vaultCli.GetSecret("my_kv/my_org/my_secret")
     if err != nil {
         fmt.Println(err)
     }

diff --git a/client.go b/client.go
@@ -1,6 +1,8 @@
 //Package vaultlib is a lightweight Go library for reading Vault KV secrets.
 //Interacts with Vault server using HTTP API only.
+//
 //First create a new *Config object using NewConfig().
+//
 //Then create you Vault client using NewClient(*Config).
 package vaultlib
 
@@ -14,8 +16,8 @@ import (
 	cleanhttp "github.com/hashicorp/go-cleanhttp"
 )
 
-// VaultClient holds the vault client
-type VaultClient struct {
+// Client holds the vault client
+type Client struct {
 	Address    *url.URL
 	HTTPClient *http.Client
 	Config     *Config
@@ -100,12 +102,12 @@ func (c *Config) setAppRole(cred AppRoleCredentials) error {
 }
 
 // NewClient returns a new client based on the provided config
-func NewClient(c *Config) (*VaultClient, error) {
+func NewClient(c *Config) (*Client, error) {
 	// If no config provided, use a new one based on default values and env vars
 	if c == nil {
 		c = NewConfig()
 	}
-	var cli VaultClient
+	var cli Client
 	cli.Status = "New"
 	cli.Config = c
 	cli.Config.Address = c.Address

diff --git a/client_test.go b/client_test.go
@@ -100,7 +100,7 @@ func TestNewClient(t *testing.T) {
 	tests := []struct {
 		name    string
 		args    args
-		want    *VaultClient
+		want    *Client
 		wantErr bool
 	}{
 		{"testOK", args{cfg}, vc, false},
@@ -149,22 +149,22 @@ func Example() {
 	}
 
 	// Get the Vault KV secret from kv_v1/path/my-secret
-	resV1, err := vaultCli.GetVaultSecret("kv_v1/path/my-secret")
+	resV1, err := vaultCli.GetSecret("kv_v1/path/my-secret")
 	if err != nil {
 		fmt.Println(err)
 	}
 	for k, v := range resV1.KV {
 		fmt.Printf("Secret %v: %v\n", k, v)
 	}
 	// Get the Vault KVv2 secret kv_v2/path/my-secret
-	resV2, err := vaultCli.GetVaultSecret("kv_v2/path/my-secret")
+	resV2, err := vaultCli.GetSecret("kv_v2/path/my-secret")
 	if err != nil {
 		fmt.Println(err)
 	}
 	for k, v := range resV2.KV {
 		fmt.Printf("Secret %v: %v\n", k, v)
 	}
-	resJSON, err := vaultCli.GetVaultSecret("kv_v2/path/json-secret")
+	resJSON, err := vaultCli.GetSecret("kv_v2/path/json-secret")
 	if err != nil {
 		fmt.Println(err)
 	}

diff --git a/sample/main.go b/sample/main.go
@@ -22,7 +22,7 @@ func main() {
 	fmt.Printf("AppRole token: %v\n", vaultCli.Token)
 	fmt.Printf("Client status: %v\n", vaultCli.Status)
 	// Get the Vault secret kv_v1/path/my-secret
-	resV1, err := vaultCli.GetVaultSecret("kv_v1/path/my-secret")
+	resV1, err := vaultCli.GetSecret("kv_v1/path/my-secret")
 	if err != nil {
 		fmt.Println(err)
 	}
@@ -33,7 +33,7 @@ func main() {
 	fmt.Printf("Client status: %v\n", vaultCli.Status)
 
 	// Get the Vault secret kv_v2/path/my-secret
-	resV2, err := vaultCli.GetVaultSecret("kv_v2/path/json-secret")
+	resV2, err := vaultCli.GetSecret("kv_v2/path/json-secret")
 	if err != nil {
 		fmt.Println(err)
 	}

diff --git a/test-files/initVaultDev.sh b/test-files/initVaultDev.sh
@@ -31,6 +31,6 @@ sleep 5
 # create approle
 ./vault auth enable approle >> /tmp/vaultdev.log
 #./vault write auth/approle/role/my-role policies=VaultDevAdmin secret_id_ttl=100m token_num_uses=100 token_ttl=100m token_max_ttl=300m secret_id_num_uses=40 >> /tmp/vaultdev.log
-./vault write auth/approle/role/my-role policies=VaultDevAdmin token_num_uses=100 token_ttl=360s token_max_ttl=300m secret_id_num_uses=40 >> /tmp/vaultdev.log
+./vault write auth/approle/role/my-role policies=VaultDevAdmin token_num_uses=100 token_ttl=10s token_max_ttl=300m secret_id_num_uses=40 >> /tmp/vaultdev.log
 
 unset VAULT_TOKEN
diff --git a/vault.go b/vault.go
@@ -8,9 +8,11 @@ import (
 	"github.com/pkg/errors"
 )
 
-// Secret holds the returned secret
-// KV contains data in case of KV secret
-// JSONSecret contains data in case of JSON raw secret
+// Secret holds the returned secret.
+//
+// KV contains data in case of KV secret.
+//
+// JSONSecret contains data in case of JSON raw secret.
 type Secret struct {
 	KV         map[string]string
 	JSONSecret json.RawMessage
@@ -55,7 +57,7 @@ type vaultSecretMounts struct {
 	Type        string                 `json:"type"`
 }
 
-func (c *VaultClient) getKVInfo(path string) (version, name string, err error) {
+func (c *Client) getKVInfo(path string) (version, name string, err error) {
 	var mountResponse vaultMountResponse
 	var vaultSecretMount = make(map[string]vaultSecretMounts)
 	url := c.Address
@@ -116,7 +118,7 @@ type vaultAuth struct {
 }
 
 // renew the client's token, launched at client creation time as a go routine
-func (c *VaultClient) renewToken() {
+func (c *Client) renewToken() {
 	var vaultData vaultAuth
 	jsonToken := make(map[string]string)
 
@@ -155,7 +157,7 @@ func (c *VaultClient) renewToken() {
 }
 
 // setTokenFromAppRole get the token from Vault and set it in the client
-func (c *VaultClient) setTokenFromAppRole() error {
+func (c *Client) setTokenFromAppRole() error {
 	var vaultData vaultAuth
 	if c.Config.AppRoleCredentials.RoleID == "" {
 		return errors.New("No credentials provided")
@@ -201,10 +203,10 @@ type vaultSecretKV2 struct {
 	} `json:"metadata"`
 }
 
-// GetVaultSecret returns the Vault secret object
+// GetSecret returns the Vault secret object
 // KV: map[string]string if the secret is a KV
 // JSONSecret: json.RawMessage if the secret is a json
-func (c *VaultClient) GetVaultSecret(path string) (secret Secret, err error) {
+func (c *Client) GetSecret(path string) (secret Secret, err error) {
 	var v2Secret vaultSecretKV2
 	var vaultRsp rawSecretData
 	secret.KV = make(map[string]string)

diff --git a/vault_test.go b/vault_test.go
@@ -52,14 +52,14 @@ func TestVaultClient_getKVInfo(t *testing.T) {
 			c, _ := NewClient(tt.fields.Config)
 			gotVersion, gotName, err := c.getKVInfo(tt.args.path)
 			if (err != nil) != tt.wantErr {
-				t.Errorf("VaultClient.getKVInfo() error = %v, wantErr %v", err, tt.wantErr)
+				t.Errorf("Client.getKVInfo() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 			if gotVersion != tt.wantVersion {
-				t.Errorf("VaultClient.getKVInfo() gotVersion = %v, want %v", gotVersion, tt.wantVersion)
+				t.Errorf("Client.getKVInfo() gotVersion = %v, want %v", gotVersion, tt.wantVersion)
 			}
 			if gotName != tt.wantName {
-				t.Errorf("VaultClient.getKVInfo() gotName = %v, want %v", gotName, tt.wantName)
+				t.Errorf("Client.getKVInfo() gotName = %v, want %v", gotName, tt.wantName)
 			}
 		})
 	}
@@ -87,21 +87,21 @@ func TestVaultClient_setTokenFromAppRole(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			c := &VaultClient{
+			c := &Client{
 				Address:    tt.fields.Address,
 				HTTPClient: tt.fields.HTTPClient,
 				Config:     tt.fields.Config,
 				Token:      tt.fields.Token,
 				Status:     tt.fields.Status,
 			}
 			if err := c.setTokenFromAppRole(); (err != nil) != tt.wantErr {
-				t.Errorf("VaultClient.setTokenFromAppRole() error = %v, wantErr %v", err, tt.wantErr)
+				t.Errorf("Client.setTokenFromAppRole() error = %v, wantErr %v", err, tt.wantErr)
 			}
 		})
 	}
 }
 
-func TestVaultClient_GetVaultSecret(t *testing.T) {
+func TestVaultClient_GetSecret(t *testing.T) {
 	_ = os.Unsetenv("VAULT_TOKEN")
 	conf := NewConfig()
 	conf.AppRoleCredentials.RoleID = vaultRoleID
@@ -115,7 +115,7 @@ func TestVaultClient_GetVaultSecret(t *testing.T) {
 	expectedJSON := []byte(`{"json-secret":{"first-secret":"first-value","second-secret":"second-value"}}`)
 	tests := []struct {
 		name     string
-		cli      *VaultClient
+		cli      *Client
 		path     string
 		wantKv   map[string]string
 		wantJSON json.RawMessage
@@ -133,13 +133,13 @@ func TestVaultClient_GetVaultSecret(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			c := tt.cli
-			res, err := c.GetVaultSecret(tt.path)
+			res, err := c.GetSecret(tt.path)
 			if (err != nil) != tt.wantErr {
-				t.Errorf("VaultClient.GetVaultSecret() error = %v, wantErr %v", err, tt.wantErr)
+				t.Errorf("Client.GetSecret() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 			if !reflect.DeepEqual(res.KV, tt.wantKv) || !reflect.DeepEqual(res.JSONSecret, tt.wantJSON) {
-				t.Errorf("VaultClient.GetVaultSecret() = %v, want %v", res.KV, tt.wantKv)
+				t.Errorf("Client.GetSecret() = %v, want %v", res.KV, tt.wantKv)
 			}
 		})
 	}