Sha256: f2a62351529347930164da928f17a451350fe3f83df6bda4b05eaec3517cf3b1
Contents?: true
Size: 1.89 KB
Versions: 1
Compression:
Stored size: 1.89 KB
Contents
# frozen_string_literal: true
require "json"
require "open3"
require "pathname"
require_relative "vault_env_secrets/errors"
require_relative "vault_env_secrets/version"
module VaultEnvSecrets
@enabled = true
@template_path = "config/vault_secrets.json.tmpl"
class << self
attr_accessor :enabled
attr_accessor :template_path
def load(env: {})
if enabled
# Check that the expected template file exists.
path = Pathname.new(template_path)
if defined?(::Rails) && path.relative?
path = Rails.root.join(template_path)
end
unless path.exist?
raise Error.new("vault template path (#{path.to_s.inspect}) does not exist")
end
# Run gomplate to render any template files.
output, status = Open3.capture2(env, "gomplate", "--file", path.to_s)
unless status.success?
raise Error.new("vault template gomplate render failed: #{status}")
end
# Read the output JSON and set any of the variables as environment
# variables.
secrets = JSON.parse(output)
if secrets
# Make sure the JSON output is an expected hash.
unless secrets.is_a?(Hash)
raise Error.new("JSON in vault template output does not of expected Hash type (#{path.to_s.inspect})")
end
secrets.each do |key, value|
# Reject nested values that can't be set as simple string values
# for environment variable purposes.
if value.is_a?(Array) || value.is_a?(Hash)
raise Error.new("JSON in vault template output has nested data that cannot be set as environment variables (#{path.to_s.inspect}: #{key.inspect} type #{value.class.name})")
end
ENV[key] = value.to_s
end
end
end
end
end
end
if defined?(::Rails)
require_relative "vault_env_secrets/railtie"
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| vault_env_secrets-2.0.0 | lib/vault_env_secrets.rb |