github.com/zntrio/harp/v2@v2.0.9/pkg/vault/client.go

github.com/zntrio/harp/v2@v2.0.9/pkg/vault/client.go (about)

     1  // Licensed to Elasticsearch B.V. under one or more contributor
     2  // license agreements. See the NOTICE file distributed with
     3  // this work for additional information regarding copyright
     4  // ownership. Elasticsearch B.V. licenses this file to you under
     5  // the Apache License, Version 2.0 (the "License"); you may
     6  // not use this file except in compliance with the License.
     7  // You may obtain a copy of the License at
     8  //
     9  //     http://www.apache.org/licenses/LICENSE-2.0
    10  //
    11  // Unless required by applicable law or agreed to in writing,
    12  // software distributed under the License is distributed on an
    13  // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
    14  // KIND, either express or implied.  See the License for the
    15  // specific language governing permissions and limitations
    16  // under the License.
    17  
    18  package vault
    19  
    20  import (
    21  	"fmt"
    22  
    23  	"github.com/hashicorp/vault/api"
    24  
    25  	"github.com/zntrio/harp/v2/pkg/vault/cubbyhole"
    26  	"github.com/zntrio/harp/v2/pkg/vault/kv"
    27  	"github.com/zntrio/harp/v2/pkg/vault/transit"
    28  )
    29  
    30  // -----------------------------------------------------------------------------
    31  
    32  // ServiceFactory defines Vault client cervice contract.
    33  type ServiceFactory interface {
    34  	KV(mountPath string) (kv.Service, error)
    35  	Transit(mounthPath, keyName string) (transit.Service, error)
    36  	Cubbyhole(mountPath string) (cubbyhole.Service, error)
    37  }
    38  
    39  // -----------------------------------------------------------------------------
    40  
    41  // DefaultClient initialize a Vault client and wrap it in a Service factory.
    42  func DefaultClient() (ServiceFactory, error) {
    43  	// Initialize default config
    44  	conf := api.DefaultConfig()
    45  
    46  	// Initialize vault client
    47  	vaultClient, err := api.NewClient(conf)
    48  	if err != nil {
    49  		return nil, fmt.Errorf("unable to initialize vault client: %w", err)
    50  	}
    51  
    52  	// Delegate to other constructor.
    53  	return FromVaultClient(vaultClient)
    54  }
    55  
    56  // FromVaultClient wraps an existing Vault client as a Service factory.
    57  func FromVaultClient(vaultClient *api.Client) (ServiceFactory, error) {
    58  	// Return wrapped client.
    59  	return &client{
    60  		Client: vaultClient,
    61  	}, nil
    62  }
    63  
    64  // -----------------------------------------------------------------------------
    65  
    66  // Client wrpas original Vault client instance to provide service factory.
    67  type client struct {
    68  	*api.Client
    69  }
    70  
    71  func (c *client) KV(mountPath string) (kv.Service, error) {
    72  	return kv.New(c.Client, mountPath)
    73  }
    74  
    75  func (c *client) Transit(mountPath, keyName string) (transit.Service, error) {
    76  	return transit.New(c.Client, mountPath, keyName)
    77  }
    78  
    79  func (c *client) Cubbyhole(mountPath string) (cubbyhole.Service, error) {
    80  	return cubbyhole.New(c.Client, mountPath)
    81  }