From ad1fc69a72266a493cb036f24be68c0cf480d600 Mon Sep 17 00:00:00 2001 From: L2JE Date: Tue, 19 Jul 2022 11:50:25 -0300 Subject: [PATCH 1/4] get vault path with or without prefix --- .../valfadeev/rundeck/plugin/vault/VaultStoragePlugin.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/io/github/valfadeev/rundeck/plugin/vault/VaultStoragePlugin.java b/src/main/java/io/github/valfadeev/rundeck/plugin/vault/VaultStoragePlugin.java index 18089bf..bb097ea 100644 --- a/src/main/java/io/github/valfadeev/rundeck/plugin/vault/VaultStoragePlugin.java +++ b/src/main/java/io/github/valfadeev/rundeck/plugin/vault/VaultStoragePlugin.java @@ -259,7 +259,7 @@ protected int calculateGuaranteedTokenValidity(Properties configuration) { } public static String getVaultPath(String rawPath, String vaultSecretBackend, String vaultPrefix) { - String path= String.format("%s/%s/%s", vaultSecretBackend, vaultPrefix, rawPath); + String path= vaultPrefix != null && !vaultPrefix.equals("") ? String.format("%s/%s/%s", vaultSecretBackend, vaultPrefix, rawPath) : String.format("%s/%s", vaultSecretBackend, rawPath); return path; } From a5c52d17280c5d3e1087628dbc580af92ef70979 Mon Sep 17 00:00:00 2001 From: Luis Toledo Date: Tue, 26 Jul 2022 19:57:27 -0400 Subject: [PATCH 2/4] add the prefix optional in the demo docker rempo template --- .../rundeck/remco/templates/rundeck-config-storage.properties | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docker/rundeck/remco/templates/rundeck-config-storage.properties b/docker/rundeck/remco/templates/rundeck-config-storage.properties index 8376593..7ee4469 100644 --- a/docker/rundeck/remco/templates/rundeck-config-storage.properties +++ b/docker/rundeck/remco/templates/rundeck-config-storage.properties @@ -6,7 +6,11 @@ rundeck.storage.provider.{{index}}.type={% set type = printf("%s/type", provider rundeck.storage.provider.{{index}}.path={% set path = printf("%s/path", provider) %}{{ getv(path, "keys")}} rundeck.storage.provider.{{index}}.removePathPrefix={% set removepathprefix = printf("%s/removepathprefix", provider) %}{{ getv(removepathprefix, "false")}} +{%- set prefix = getv(printf("%s/config/prefix", provider), "") %} +{% if prefix %} rundeck.storage.provider.{{index}}.config.prefix={% set prefix = printf("%s/config/prefix", provider) %}{{ getv(prefix, "")}} +{% endif %} + rundeck.storage.provider.{{index}}.config.address={% set address = printf("%s/config/address", provider) %}{{ getv(address, "")}} rundeck.storage.provider.{{index}}.config.storageBehaviour={% set behaviour = printf("%s/config/behaviour", provider) %}{{ getv(behaviour, "rundeck")}} rundeck.storage.provider.{{index}}.config.secretBackend={% set secretbackend = printf("%s/config/secretbackend", provider) %}{{ getv(secretbackend, "secret")}} From f1a0550566fc41a1e05232827efdb2404cec0d19 Mon Sep 17 00:00:00 2001 From: Luis Toledo Date: Tue, 26 Jul 2022 20:13:14 -0400 Subject: [PATCH 3/4] fix remco template add vault secrets without prefix --- .../remco/templates/rundeck-config-storage.properties | 1 + docker/vault/run.sh | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/docker/rundeck/remco/templates/rundeck-config-storage.properties b/docker/rundeck/remco/templates/rundeck-config-storage.properties index 7ee4469..10e119d 100644 --- a/docker/rundeck/remco/templates/rundeck-config-storage.properties +++ b/docker/rundeck/remco/templates/rundeck-config-storage.properties @@ -8,6 +8,7 @@ rundeck.storage.provider.{{index}}.removePathPrefix={% set removepathprefix = pr {%- set prefix = getv(printf("%s/config/prefix", provider), "") %} {% if prefix %} + rundeck.storage.provider.{{index}}.config.prefix={% set prefix = printf("%s/config/prefix", provider) %}{{ getv(prefix, "")}} {% endif %} diff --git a/docker/vault/run.sh b/docker/vault/run.sh index 1273a38..6dda5f5 100755 --- a/docker/vault/run.sh +++ b/docker/vault/run.sh @@ -15,6 +15,12 @@ if (( $version > 1 )); then vault kv put secret/app/folder/another.secret test=hello vault kv put secret/app/folder/multiple2 name=admin password=admin server=rundeck + vault secrets enable -path=rundeck kv + vault kv put rundeck/simple.secret foo=world + vault kv put rundeck/multiples name=admin password=admin server=rundeck + vault kv put rundeck/folder/another.secret test=hello + vault kv put rundeck/folder/multiple2 name=admin password=admin server=rundeck + else echo "Vault 0.x" From 11009c42ab9c6b8cad0c34bc2decf30c21621c5a Mon Sep 17 00:00:00 2001 From: Luis Toledo Date: Wed, 27 Jul 2022 09:29:47 -0400 Subject: [PATCH 4/4] set new storage with version 2 --- docker/vault/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/vault/run.sh b/docker/vault/run.sh index 6dda5f5..938a87c 100755 --- a/docker/vault/run.sh +++ b/docker/vault/run.sh @@ -15,7 +15,7 @@ if (( $version > 1 )); then vault kv put secret/app/folder/another.secret test=hello vault kv put secret/app/folder/multiple2 name=admin password=admin server=rundeck - vault secrets enable -path=rundeck kv + vault secrets enable -version=2 -path=rundeck kv vault kv put rundeck/simple.secret foo=world vault kv put rundeck/multiples name=admin password=admin server=rundeck vault kv put rundeck/folder/another.secret test=hello