1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
package kv_v2
import (
"fmt"
"path"
"gitlab.com/gitlab-org/gitlab-runner/helpers/vault"
"gitlab.com/gitlab-org/gitlab-runner/helpers/vault/secret_engines"
)
const engineName = "kv-v2"
type engine struct {
client vault.Client
path string
}
func NewEngine(client vault.Client, path string) vault.SecretEngine {
return &engine{
client: client,
path: path,
}
}
func (e *engine) EngineName() string {
return engineName
}
func (e *engine) Get(path string) (map[string]interface{}, error) {
secret, err := e.client.Read(e.dataPath(path))
if err != nil {
return nil, fmt.Errorf("reading from Vault: %w", err)
}
if secret == nil {
return nil, nil
}
data := secret.Data()
if data == nil {
return nil, nil
}
_, ok := data["data"]
if !ok {
return nil, nil
}
return data["data"].(map[string]interface{}), nil
}
func (e *engine) dataPath(p string) string {
return path.Join(e.path, "data", p)
}
func (e *engine) Put(path string, data map[string]interface{}) error {
dataWrapper := map[string]interface{}{
"data": data,
}
_, err := e.client.Write(e.dataPath(path), dataWrapper)
if err != nil {
return fmt.Errorf("writing to Vault: %w", err)
}
return nil
}
func (e *engine) Delete(path string) error {
err := e.client.Delete(e.metadataPath(path))
if err != nil {
return fmt.Errorf("deleting from Vault: %w", err)
}
return nil
}
func (e *engine) metadataPath(p string) string {
return path.Join(e.path, "metadata", p)
}
func init() {
secret_engines.MustRegisterFactory(engineName, NewEngine)
}
|
