From f99b11d50ec91b5e344eeb1497fd60b96c1af107 Mon Sep 17 00:00:00 2001 From: alwaysjolley Date: Wed, 20 Mar 2019 13:51:06 -0400 Subject: [PATCH] refactor url and token to support muiltiple instances of vault --- lemur/plugins/lemur_vault_dest/plugin.py | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/lemur/plugins/lemur_vault_dest/plugin.py b/lemur/plugins/lemur_vault_dest/plugin.py index 2f2a2e82..c47b49a3 100644 --- a/lemur/plugins/lemur_vault_dest/plugin.py +++ b/lemur/plugins/lemur_vault_dest/plugin.py @@ -30,6 +30,22 @@ class VaultDestinationPlugin(DestinationPlugin): author_url = 'https://github.com/alwaysjolley/lemur' options = [ + { + 'name': 'vaultUrl', + 'type': 'str', + 'required': True, + 'validation': '^https?://[a-zA-Z0-9.:-]+$', + 'helpMessage': 'Valid URL to Hashi Vault instance' + 'default': 'http://127.0.0.1:8200' + }, + { + 'name': 'vaultAuthTokenFile', + 'type': 'str', + 'required': True, + 'validation': '(/[^/]+)+', + 'helpMessage': 'Must be a valid file path!', + 'default': '/etc/pki/secrets/vault/token' + }, { 'name': 'vaultMount', 'type': 'str', @@ -79,13 +95,17 @@ class VaultDestinationPlugin(DestinationPlugin): cname = common_name(parse_certificate(body)) token = current_app.config.get('VAULT_TOKEN') - url = current_app.config.get('VAULT_URL') - + #url = current_app.config.get('VAULT_URL') + url = self.get_option('vaultUrl', options) + token_file = self.get_option('vaultFile', options) mount = self.get_option('vaultMount', options) path = self.get_option('vaultPath', options) bundle = self.get_option('bundleChain', options) obj_name = self.get_option('objectName', options) + with open(token_file, 'r') as file: + token = file.readline() + client = hvac.Client(url=url, token=token) if obj_name: path = '{0}/{1}'.format(path, obj_name)