class SettingsReader::VaultResolver::Instance

Resolver class for Settings Reader

Constants

DATABASE_MOUNT
IDENTIFIER

Attributes

config[R]

Public Class Methods

new(config) click to toggle source
# File lib/settings_reader/vault_resolver/instance.rb, line 14
def initialize(config)
  @config = config
  @engines = config.vault_engines
end

Public Instance Methods

resolvable?(value, _path) click to toggle source
# File lib/settings_reader/vault_resolver/instance.rb, line 19
def resolvable?(value, _path)
  return unless value.respond_to?(:start_with?)

  value.start_with?(IDENTIFIER)
end
resolve(value, _path) click to toggle source

Expect value in format ‘vault://mount/path/to/secret?attribute_name`

# File lib/settings_reader/vault_resolver/instance.rb, line 26
def resolve(value, _path)
  debug { "Resolving Vault secret at #{value}" }
  address = SettingsReader::VaultResolver::Address.new(value)
  entry = fetch_entry(address)
  entry&.value_for(address.attribute)
end

Private Instance Methods

cache() click to toggle source
# File lib/settings_reader/vault_resolver/instance.rb, line 45
def cache
  SettingsReader::VaultResolver.cache
end
fetch_entry(address) click to toggle source
# File lib/settings_reader/vault_resolver/instance.rb, line 35
def fetch_entry(address)
  cache.fetch(address) do
    info { "Retrieving new secret at: #{address}" }
    config.vault_engine_for(address).get(address)
  end
rescue StandardError => e
  error { "Error retrieving secret: #{address}: #{e.message}" }
  raise e
end