////////////////////////////////////////////////////////////////////////// package libvault ////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////// import ( "bytes" "encoding/json" "errors" log "github.com/sirupsen/logrus" "io" "net/http" // "os" "time" ) ////////////////////////////////////////////////////////////////////////// var ( VAULT_ADDR = "https://vault.burble.dn42" VAULT_TOKEN_FILE = "/root/.vault-token" VAULT_TTL = (time.Hour * 24 * 7) VAULT_RENEW_PERIOD = (time.Hour * 24 * 3) ) ////////////////////////////////////////////////////////////////////////// type Vault struct{} var vault *Vault = &Vault{} ////////////////////////////////////////////////////////////////////////// // utility func to create a vault URL from api string func (v *Vault) url(api string) string { return VAULT_ADDR + "/v1" + api } ////////////////////////////////////////////////////////////////////////// // make a vault POST call func (v *Vault) POST(t *Token, api string, request interface{}, response interface{}) error { // create json request jreq, err := json.Marshal(request) if err != nil { log.WithFields(log.Fields{ "api": api, "request": request, "error": err, }).Error("libvault: failed to marshal vault POST request") return err } // create POST request url := v.url(api) hreq, err := http.NewRequest("POST", url, bytes.NewBuffer(jreq)) hreq.Header.Set("X-Vault-Token", t.Token) // and do it hclient := &http.Client{} hresp, err := hclient.Do(hreq) if err != nil { log.WithFields(log.Fields{ "url": url, "request": string(jreq), "error": err, }).Error("libvault: failed to make vault POST call") return err } defer hresp.Body.Close() // read the response body rbody, err := io.ReadAll(hresp.Body) if err != nil { log.WithFields(log.Fields{ "url": url, "request": string(jreq), "error": err, }).Error("libvault: failed to read response body") return err } // var indent bytes.Buffer // json.Indent(&indent, rbody, "", " ") // indent.WriteTo(os.Stdout) // check status code if hresp.StatusCode != 200 { log.WithFields(log.Fields{ "url": url, "status": hresp.Status, "code": hresp.StatusCode, "body": string(rbody), }).Error("libvault: invalid status code on vault post request") return errors.New("libvault: invalid status code") } if response != nil { if err := json.Unmarshal(rbody, response); err != nil { log.WithFields(log.Fields{ "url": url, "body": string(rbody), "response": response, "error": err, }).Error("libvault: failed to unmarshal response body") return err } } log.WithFields(log.Fields{ "api": api, "url": url, "request": string(jreq), "response": string(rbody), }).Debug("libvault: successful vault call") return nil } ////////////////////////////////////////////////////////////////////////// // make a vault GET call func (v *Vault) GET(t *Token, api string, response interface{}) error { // create GET request url := v.url(api) hreq, err := http.NewRequest("GET", url, nil) hreq.Header.Set("X-Vault-Token", t.Token) // and do it hclient := &http.Client{} hresp, err := hclient.Do(hreq) if err != nil { log.WithFields(log.Fields{ "url": url, "error": err, }).Error("libvault: failed to make vault POST call") return err } defer hresp.Body.Close() // read the response body rbody, err := io.ReadAll(hresp.Body) if err != nil { log.WithFields(log.Fields{ "url": url, "error": err, }).Error("libvault: failed to read response body") return err } // var indent bytes.Buffer // json.Indent(&indent, rbody, "", " ") // indent.WriteTo(os.Stdout) // check status code if hresp.StatusCode != 200 { log.WithFields(log.Fields{ "url": url, "status": hresp.Status, "code": hresp.StatusCode, "body": string(rbody), }).Error("libvault: invalid status code on vault post request") return errors.New("libvault: invalid status code") } if response != nil { if err := json.Unmarshal(rbody, response); err != nil { log.WithFields(log.Fields{ "url": url, "body": string(rbody), "response": response, "error": err, }).Error("libvault: failed to unmarshal response body") return err } } log.WithFields(log.Fields{ "api": api, "url": url, "response": string(rbody), }).Debug("libvault: successful vault call") return nil } ////////////////////////////////////////////////////////////////////////// // end of file