Added new client using token based auth

hamstah · Dec 6, 2016 · f0a2112 · f0a2112
1 parent 7d7b3c6
commit f0a2112
Show file tree

Hide file tree

Showing 2 changed files with 74 additions and 0 deletions.
diff --git a/main.go → vault-ec2-client/main.go b/main.go → vault-ec2-client/main.go
diff --git a/vault-token-client/main.go b/vault-token-client/main.go
@@ -0,0 +1,74 @@
+package main
+
+import (
+	"flag"
+	"fmt"
+	"os"
+	"strings"
+
+	"github.com/hashicorp/vault/api"
+)
+
+type Data map[string]interface{}
+
+func ProcessSecret(client *api.Client, path string) Data {
+	secret, err := client.Logical().Read(path)
+	if err != nil {
+		fmt.Println("Failed to read secret")
+		fmt.Println(err)
+		os.Exit(2)
+	}
+
+	result := make(Data)
+	for key, value := range secret.Data {
+		result[key] = value
+	}
+	return result
+}
+
+func ProcessExport(export string, data map[string]Data) {
+	exportParts := strings.SplitN(export, "=", 2)
+	exportKey := exportParts[0]
+	if len(os.Getenv(exportKey)) != 0 {
+		fmt.Println(fmt.Sprintf("# %s is already set, ignoring", exportKey))
+		return
+	}
+
+	path := exportParts[1]
+
+	parts := strings.Split(path, ".")
+	m := data[parts[0]]
+	res := m[parts[1]]
+	fmt.Println(fmt.Sprintf("export %s=%s", exportKey, res))
+}
+
+func main() {
+	secrets := flag.String("secrets", "", "Comma separated list of secrets to fetch")
+	exports := flag.String("exports", "", "Comma separated list of export output")
+	flag.Parse()
+	if len(*secrets) < 1 {
+		fmt.Println("No secrets specified")
+		os.Exit(2)
+	}
+
+	config := api.DefaultConfig()
+
+	client, err := api.NewClient(config)
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	result := make(map[string]Data)
+	secretList := strings.Split(*secrets, ",")
+	for _, secret := range secretList {
+		result[secret] = ProcessSecret(client, secret)
+	}
+
+	if len(*exports) > 0 {
+		exportList := strings.Split(*exports, ",")
+		for _, export := range exportList {
+			ProcessExport(export, result)
+		}
+	}
+}