Add Prefetching to Vault backend

.travis.yml

@@ -12,7 +12,7 @@ before_install:
   - export PATH="$GOPATH/bin:$PATH"
   - docker run -d -p 2379:2379 quay.io/coreos/etcd /usr/local/bin/etcd -advertise-client-urls http://0.0.0.0:2379 -listen-client-urls http://0.0.0.0:2379
   - docker run -d -p 8500:8500 --name consul consul
-  - docker run -d -p 8200:8200 --cap-add=IPC_LOCK -e 'VAULT_DEV_ROOT_TOKEN_ID=root' -e 'VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:8200' vault
+  - docker run -d -p 8200:8200 --cap-add=IPC_LOCK -e 'VAULT_DEV_ROOT_TOKEN_ID=root' -e 'VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:8200' vault:0.9.6
 
 env:
   - VAULT_ADDR=http://127.0.0.1:8200

Gopkg.toml

@@ -20,7 +20,7 @@
 
 [[constraint]]
   name = "github.com/hashicorp/vault"
-  version = "0.9.3"
+  version = "0.10.0"
 
 [prune]
   go-tests = true

backend/vault/vault.go

@@ -12,28 +12,34 @@ import (
 type Backend struct {
 	client *api.Logical
 	path   string
+	secret *api.Secret
 }
 
 // NewBackend creates a configuration loader that loads from Vault
-func NewBackend(c *api.Logical, p string) *Backend {
+// all the keys from the given path and holds them in memory.
+func NewBackend(client *api.Logical, path string) *Backend {
 	return &Backend{
-		client: c,
-		path:   p,
+		client: client,
+		path:   path,
 	}
 }
 
-// Get loads the given key from Vault
+// Get loads the given key from Vault.
 func (b *Backend) Get(ctx context.Context, key string) ([]byte, error) {
-	secret, err := b.client.Read(b.path)
-	if err != nil {
-		return nil, err
-	}
+	var err error
+
+	if b.secret == nil {
+		b.secret, err = b.client.Read(b.path)
+		if err != nil {
+			return nil, err
+		}
 
-	if secret == nil {
-		return nil, fmt.Errorf("secret not found at the following path: %s", b.path)
+		if b.secret == nil {
+			return nil, fmt.Errorf("secret not found at the following path: %s", b.path)
+		}
 	}
 
-	if v, ok := secret.Data[key]; ok {
+	if v, ok := b.secret.Data[key]; ok {
 		return []byte(v.(string)), nil
 	}
 

backend/vault/vault_test.go

@@ -2,6 +2,7 @@ package vault
 
 import (
 	"context"
+	"os"
 	"testing"
 
 	"github.com/hashicorp/vault/api"
@@ -11,21 +12,24 @@ import (
 )
 
 func TestVaultBackend(t *testing.T) {
+	os.Setenv("VAULT_ADDR", "http://127.0.0.1:8200")
 	client, err := api.NewClient(api.DefaultConfig())
 	require.NoError(t, err)
 
 	client.SetToken("root")
 	c := client.Logical()
 
 	path := "secret/test"
-	b := NewBackend(c, path)
 
 	t.Run("SecretPathNotFound", func(t *testing.T) {
+		b := NewBackend(c, path)
 		_, err := b.Get(context.Background(), "foo")
 		require.EqualError(t, err, "secret not found at the following path: secret/test")
 	})
 
 	t.Run("OK", func(t *testing.T) {
+		b := NewBackend(c, path)
+
 		_, err = c.Write(path,
 			map[string]interface{}{
 				"foo":    "bar",
@@ -43,6 +47,7 @@ func TestVaultBackend(t *testing.T) {
 	})
 
 	t.Run("NotFound", func(t *testing.T) {
+		b := NewBackend(c, path)
 		_, err := b.Get(context.Background(), "badKey")
 		require.EqualError(t, err, backend.ErrNotFound.Error())
 	})