Skip to content
This repository has been archived by the owner on Jun 10, 2024. It is now read-only.

Commit

Permalink
feat(kv-vault): support loading env from env file
Browse files Browse the repository at this point in the history
Signed-off-by: Brooks Townsend <[email protected]>
  • Loading branch information
brooksmtownsend committed Oct 19, 2023
1 parent 9a9d60a commit 23f5fa6
Show file tree
Hide file tree
Showing 6 changed files with 42 additions and 4 deletions.
3 changes: 3 additions & 0 deletions kv-vault/.gitignore
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
build
target
.idea

# Ignore test created environment files
*.env
7 changes: 7 additions & 0 deletions kv-vault/Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions kv-vault/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ url = "2.2.2"
vaultrs = "0.6.0"
wasmcloud-interface-keyvalue = "0.11"
wasmbus-rpc = { version = "0.14", features = ["otel"] }
simple_env_load = "0.2.0"

# test dependencies
[dev-dependencies]
Expand Down
10 changes: 10 additions & 0 deletions kv-vault/run-test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ fi

# localhost port for server - should be unique to avoid conflicts
PORT=11182
# Name of environment variables file
ENV_FILE=vault_test.env
# name of vault's temporary docker container
CONTAINER_NAME=kv-vault-test
# mount point, default is "secret"
Expand All @@ -20,6 +22,7 @@ RUST_LOG=debug
RELEASE_FLAG=--release

cleanup() {
rm -f ${ENV_FILE}
docker rm -f ${CONTAINER_NAME} 2>/dev/null
killall -q kv-vault || true
}
Expand Down Expand Up @@ -53,6 +56,13 @@ export VAULT_ADDR=http://127.0.0.1:${PORT}
export SHORT_LIVED_TOKEN=$(docker exec -i -e VAULT_TOKEN=${VAULT_TOKEN} ${CONTAINER_NAME} \
vault token create -ttl 120s -renewable -format json -address=http://127.0.0.1:8200 | jq -r .auth.client_token)
[ -n "$VAULT_MOUNT" ] && export VAULT_MOUNT=${VAULT_MOUNT}
# write env file for tests
cat <<EOF > ${ENV_FILE}
VAULT_ADDR=$VAULT_ADDR
VAULT_MOUNT=$VAULT_MOUNT
VAULT_TOKEN=$VAULT_TOKEN
EOF
export ENV_FILE=${ENV_FILE}
cargo test ${RELEASE_FLAG} -- --nocapture

# cleanup
Expand Down
8 changes: 8 additions & 0 deletions kv-vault/src/config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,14 @@ impl Default for Config {
impl Config {
/// initialize from linkdef values, environment, and defaults
pub fn from_values(values: &HashMap<String, String>) -> RpcResult<Config> {
// load environment variables from file
if let Some(env_file) = values.get("env").or_else(|| values.get("ENV")) {
eprintln!("file try read env from file: {}", env_file);
let data = std::fs::read_to_string(env_file).map_err(|e| {
RpcError::ProviderInit(format!("reading env file '{}': {}", env_file, e))
})?;
simple_env_load::parse_and_set(&data, |k, v| std::env::set_var(k, v));
}
let config = Config {
addr: env::var("VAULT_ADDR")
.ok()
Expand Down
17 changes: 13 additions & 4 deletions kv-vault/tests/kv_test.rs
Original file line number Diff line number Diff line change
Expand Up @@ -141,8 +141,12 @@ async fn json_values(_opt: &TestOptions) -> RpcResult<()> {
let prov = test_provider().await;
env_logger::try_init().ok();

let vault_direct = kv_vault_lib::client::Client::new(kv_vault_lib::config::Config::default())
.expect("client from defaults");
let env_file = std::env::var("ENV_FILE").expect("environment configuration file to exist");
let config = HashMap::from_iter([("env".to_string(), env_file)]);
let vault_direct = kv_vault_lib::client::Client::new(
kv_vault_lib::config::Config::from_values(&config).expect("configuration to be valid"),
)
.expect("client from defaults");

// test pulling data when other processes have saved json data
let mut map1 = HashMap::new();
Expand Down Expand Up @@ -186,8 +190,13 @@ async fn json_values(_opt: &TestOptions) -> RpcResult<()> {
async fn renewal(_opt: &TestOptions) -> RpcResult<()> {
let token = std::env::var("SHORT_LIVED_TOKEN")
.expect("token to exist in env. Run this test with `run-test.sh`.");
// Weird but env takes precedence so we have to set the environment variable
std::env::set_var("VAULT_TOKEN", token.clone());

// Slightly annoying parsing of env file and then overwriting the VAULT_TOKEN with the short lived token
let env_file = std::env::var("ENV_FILE").expect("environment configuration file to exist");
let data = std::fs::read_to_string(env_file).expect("env file to load properly");
simple_env_load::parse_and_set(&data, |k, v| std::env::set_var(k, v));
std::env::set_var("VAULT_TOKEN", token.to_string());

let config_values = std::collections::HashMap::from_iter([
("token_increment_ttl".to_string(), "130s".to_string()),
("token_refresh_interval".to_string(), "5".to_string()),
Expand Down

0 comments on commit 23f5fa6

Please sign in to comment.