lib/hiera/backend/vault_backend.rb in confidante-0.28.0.pre.14 vs lib/hiera/backend/vault_backend.rb in confidante-0.28.0.pre.15

@@ -17,17 +17,27 @@
 
         vault_config = Backend.parse_answer(Config[:vault], scope)
         vault_address = vault_config[:address]
         vault_client = Vault::Client.new(address: vault_address)
 
-        secret = vault_client.kv('kv').read(key)
+        source = vault_config[:sources][0]
+
+        throw(:unsupported_secrets_engine) unless source[:engine] == 'kv'
+
+        value = read_kv_value(vault_client, source, key)
+
+        Backend.parse_answer(value, scope)
+      end
+
+      def read_kv_value(vault_client, source, key)
+        secret = vault_client.kv(source[:mount]).read(key)
         throw(:no_such_key) unless secret
 
         value = secret.data[:value]
         throw(:no_such_key) unless value
-
-        Backend.parse_answer(value, scope)
+        value
       end
     end
+
     # rubocop:enable Naming/ClassAndModuleCamelCase
   end
 end