Sha256: e2545aa1dd67185e3513923708bdbf1a5534d11f3274b0a972bec25102271035
Contents?: true
Size: 1.59 KB
Versions: 1
Compression:
Stored size: 1.59 KB
Contents
# frozen_string_literal: true
require 'rake_factory'
require 'vault'
require_relative '../auth/approle'
require_relative '../auth/oidc'
module RakeVault
module Tasks
class Login < RakeFactory::Task
default_name :login
default_prerequisites(RakeFactory::DynamicValue.new do |t|
[t.ensure_task_name]
end)
default_description(RakeFactory::DynamicValue.new do |_t|
'Login with approle or oidc using vault'
end)
parameter :address
parameter :role
parameter :ensure_task_name, default: :'vault:ensure'
action do |task|
if valid_token?(task.address)
puts 'Valid token found.'
else
puts 'No valid token found. Attempting to login...'
app_role_role_id = ENV.fetch('VAULT_APPROLE_ROLE_ID', nil)
app_role_secret_id = ENV.fetch('VAULT_APPROLE_SECRET_ID', nil)
if app_role_role_id && app_role_secret_id
puts 'Approle credentials found. Logging in with approle...'
RakeVault::Auth::Approle.login(
task.address,
'auth/approle/login',
app_role_role_id,
app_role_secret_id
)
else
RakeVault::Auth::Oidc.login(task.address, task.role, true)
end
end
end
def valid_token?(address)
puts 'Checking for valid token...'
vault_client = Vault::Client.new(address: address)
vault_client.auth_token.lookup_self
rescue Vault::HTTPClientError || Vault::HTTPServerError
false
else
true
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| rake_vault-0.1.0.pre.12 | lib/rake_vault/tasks/login.rb |