-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvault.go
49 lines (39 loc) · 1.07 KB
/
vault.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
package main
import (
"github.com/golang/glog"
vaultapi "github.com/hashicorp/vault/api"
)
func VaultClientMaker(vaultAddr string) (client *vaultapi.Client, err error) {
config := *vaultapi.DefaultConfig()
config.Address = vaultAddr
client, err = vaultapi.NewClient(&config)
return client, err
}
func VaultTokenValidation(vaultAddr string, token string) (string, error) {
glog.V(4).Infof("Validating token: %v", token)
_, err := VaultClientMaker(vaultAddr)
if err != nil {
return "", err
}
// TODO - Look into security measures like setting TTL on Token
//client.SetToken(token)
//AuthClient := client.Auth().Token()
//_, err = AuthClient.RenewSelf(600)
//
//if err != nil {
// return "", err
//}
return token, nil
}
func VaultGetSecret(vaultAddr string, token string, path string) (*vaultapi.Secret, error) {
client, err := VaultClientMaker(vaultAddr)
if err != nil {
glog.Fatalf("Error getting vault secrets: %s", err.Error())
}
client.SetToken(token)
secret, err := client.Logical().Read(path)
if err != nil {
return nil, err
}
return secret, nil
}