class Vault::Authenticate

Monkey patch to support k8s authenticaiton. Taken from github.com/hashicorp/vault-ruby/pull/202

Public Instance Methods

kubernetes(role, route: nil, service_token_path: nil) click to toggle source
# File lib/settings_reader/vault_resolver/patches/authenticate.rb, line 4
def kubernetes(role, route: nil, service_token_path: nil)
  route ||= '/v1/auth/kubernetes/login'
  service_token_path ||= '/var/run/secrets/kubernetes.io/serviceaccount/token'

  payload = {
    role: role,
    jwt: File.read(service_token_path)
  }

  json = client.post(route, JSON.fast_generate(payload))

  secret = Secret.decode(json)
  client.token = secret.auth.client_token

  secret
end