Simon Marsh
37cf3b756d
All checks were successful
continuous-integration/drone/push Build is passing
196 lines
4.6 KiB
Go
196 lines
4.6 KiB
Go
//////////////////////////////////////////////////////////////////////////
|
|
|
|
package libvault
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/json"
|
|
"errors"
|
|
log "github.com/sirupsen/logrus"
|
|
"io"
|
|
"net/http"
|
|
// "os"
|
|
"time"
|
|
)
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
|
|
var (
|
|
VAULT_ADDR = "https://vault.burble.dn42"
|
|
VAULT_TOKEN_FILE = "/root/.vault-token"
|
|
VAULT_TTL = (time.Hour * 24 * 7)
|
|
VAULT_RENEW_PERIOD = (time.Hour * 24 * 3)
|
|
)
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
|
|
type Vault struct{}
|
|
|
|
var vault *Vault = &Vault{}
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
// utility func to create a vault URL from api string
|
|
|
|
func (v *Vault) url(api string) string {
|
|
return VAULT_ADDR + "/v1" + api
|
|
}
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
// make a vault POST call
|
|
|
|
func (v *Vault) POST(t *Token, api string, request interface{},
|
|
response interface{}) error {
|
|
|
|
// create json request
|
|
jreq, err := json.Marshal(request)
|
|
if err != nil {
|
|
log.WithFields(log.Fields{
|
|
"api": api,
|
|
"request": request,
|
|
"error": err,
|
|
}).Error("libvault: failed to marshal vault POST request")
|
|
return err
|
|
}
|
|
|
|
// create POST request
|
|
url := v.url(api)
|
|
hreq, err := http.NewRequest("POST", url, bytes.NewBuffer(jreq))
|
|
hreq.Header.Set("X-Vault-Token", t.Token)
|
|
|
|
// and do it
|
|
hclient := &http.Client{}
|
|
hresp, err := hclient.Do(hreq)
|
|
if err != nil {
|
|
log.WithFields(log.Fields{
|
|
"url": url,
|
|
"request": string(jreq),
|
|
"error": err,
|
|
}).Error("libvault: failed to make vault POST call")
|
|
return err
|
|
}
|
|
defer hresp.Body.Close()
|
|
|
|
// read the response body
|
|
rbody, err := io.ReadAll(hresp.Body)
|
|
if err != nil {
|
|
log.WithFields(log.Fields{
|
|
"url": url,
|
|
"request": string(jreq),
|
|
"error": err,
|
|
}).Error("libvault: failed to read response body")
|
|
return err
|
|
}
|
|
|
|
// var indent bytes.Buffer
|
|
// json.Indent(&indent, rbody, "", " ")
|
|
// indent.WriteTo(os.Stdout)
|
|
|
|
// check status code
|
|
if hresp.StatusCode != 200 {
|
|
log.WithFields(log.Fields{
|
|
"url": url,
|
|
"status": hresp.Status,
|
|
"code": hresp.StatusCode,
|
|
"body": string(rbody),
|
|
}).Error("libvault: invalid status code on vault post request")
|
|
return errors.New("libvault: invalid status code")
|
|
}
|
|
|
|
if response != nil {
|
|
if err := json.Unmarshal(rbody, response); err != nil {
|
|
log.WithFields(log.Fields{
|
|
"url": url,
|
|
"body": string(rbody),
|
|
"response": response,
|
|
"error": err,
|
|
}).Error("libvault: failed to unmarshal response body")
|
|
return err
|
|
}
|
|
}
|
|
|
|
log.WithFields(log.Fields{
|
|
"api": api,
|
|
"url": url,
|
|
"request": string(jreq),
|
|
"response": string(rbody),
|
|
}).Debug("libvault: successful vault call")
|
|
|
|
return nil
|
|
}
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
// make a vault GET call
|
|
|
|
func (v *Vault) GET(t *Token, api string,
|
|
response interface{}) error {
|
|
|
|
// create GET request
|
|
url := v.url(api)
|
|
hreq, err := http.NewRequest("GET", url, nil)
|
|
hreq.Header.Set("X-Vault-Token", t.Token)
|
|
|
|
// and do it
|
|
hclient := &http.Client{}
|
|
hresp, err := hclient.Do(hreq)
|
|
if err != nil {
|
|
log.WithFields(log.Fields{
|
|
"url": url,
|
|
"error": err,
|
|
}).Error("libvault: failed to make vault POST call")
|
|
return err
|
|
}
|
|
defer hresp.Body.Close()
|
|
|
|
// read the response body
|
|
rbody, err := io.ReadAll(hresp.Body)
|
|
if err != nil {
|
|
log.WithFields(log.Fields{
|
|
"url": url,
|
|
"error": err,
|
|
}).Error("libvault: failed to read response body")
|
|
return err
|
|
}
|
|
|
|
// var indent bytes.Buffer
|
|
// json.Indent(&indent, rbody, "", " ")
|
|
// indent.WriteTo(os.Stdout)
|
|
|
|
// check status code
|
|
if hresp.StatusCode != 200 {
|
|
log.WithFields(log.Fields{
|
|
"url": url,
|
|
"status": hresp.Status,
|
|
"code": hresp.StatusCode,
|
|
"body": string(rbody),
|
|
}).Error("libvault: invalid status code on vault post request")
|
|
return errors.New("libvault: invalid status code")
|
|
}
|
|
|
|
if response != nil {
|
|
if err := json.Unmarshal(rbody, response); err != nil {
|
|
log.WithFields(log.Fields{
|
|
"url": url,
|
|
"body": string(rbody),
|
|
"response": response,
|
|
"error": err,
|
|
}).Error("libvault: failed to unmarshal response body")
|
|
return err
|
|
}
|
|
}
|
|
|
|
log.WithFields(log.Fields{
|
|
"api": api,
|
|
"url": url,
|
|
"response": string(rbody),
|
|
}).Debug("libvault: successful vault call")
|
|
|
|
return nil
|
|
}
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
// end of file
|