vault-tool 0.0.0.4 → 0.1.0.0
raw patch · 3 files changed
+23/−19 lines, 3 filesPVP ok
version bump matches the API change (PVP)
API changes (from Hackage documentation)
- Network.VaultTool: VaultAuthToken :: ByteString -> VaultAuthToken
+ Network.VaultTool: VaultAuthToken :: Text -> VaultAuthToken
- Network.VaultTool: [unVaultAuthToken] :: VaultAuthToken -> ByteString
+ Network.VaultTool: [unVaultAuthToken] :: VaultAuthToken -> Text
Files
- src/Network/VaultTool.hs +20/−15
- src/Network/VaultTool/Types.hs +2/−3
- vault-tool.cabal +1/−1
src/Network/VaultTool.hs view
@@ -71,8 +71,10 @@ import Data.Maybe (catMaybes) import Network.HTTP.Client (Manager, newManager) import Network.HTTP.Client.TLS (tlsManagerSettings)+import Network.HTTP.Types.Header (Header) import qualified Data.HashMap.Strict as H import qualified Data.Text as T+import qualified Data.Text.Encoding as T import Network.VaultTool.Internal import Network.VaultTool.Types@@ -242,6 +244,9 @@ v .: "lease_id" parseJSON _ = fail "Not an Object" +authTokenHeader :: VaultAuthToken -> Header+authTokenHeader (VaultAuthToken token) = ("X-Vault-Token", T.encodeUtf8 token)+ -- | <https://www.vaultproject.io/docs/auth/approle.html> vaultAppRoleLogin :: VaultAddress -> Manager -> VaultAppRoleId -> VaultAppRoleSecretId -> IO VaultAuthToken vaultAppRoleLogin addr manager roleId secretId = do@@ -261,7 +266,7 @@ pure () where reqBody = object [ "type" .= authMethod ]- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] -- | <https://www.vaultproject.io/api/system/policies.html#create-update-acl-policy> vaultPolicyCreate :: VaultConnection -> Text -> Text -> IO ()@@ -270,7 +275,7 @@ pure () where reqBody = object [ "policy" .= policy ]- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] data VaultAppRoleListResponse = VaultAppRoleListResponse { _VaultAppRoleListResponse_AppRoles :: [Text] }@@ -333,7 +338,7 @@ _ <- vaultRequest _VaultConnection_Manager "POST" (vaultUrl _VaultConnection_VaultAddress "/auth/approle/role/" ++ T.unpack appRoleName) headers (Just varp) [204] pure () where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] -- | <https://www.vaultproject.io/api/auth/approle/index.html#read-approle-role-id> vaultAppRoleRoleIdRead :: VaultConnection -> Text -> IO VaultAppRoleId@@ -344,7 +349,7 @@ Left err -> throwIO $ VaultException_ParseBodyError "GET" ("/auth/approle/role/" ++ T.unpack appRoleName ++ "/role-id") (encode d) err Right obj -> return obj where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] data VaultAppRoleSecretIdGenerateResponse = VaultAppRoleSecretIdGenerateResponse { _VaultAppRoleSecretIdGenerateResponse_SecretIdAccessor :: VaultAppRoleSecretIdAccessor@@ -368,14 +373,14 @@ Right obj -> return obj where reqBody = object[ "metadata" .= metadata ]- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] vaultSeal :: VaultConnection -> IO () vaultSeal VaultConnection{_VaultConnection_VaultAddress, _VaultConnection_Manager, _VaultConnection_AuthToken} = do _ <- vaultRequest _VaultConnection_Manager "PUT" (vaultUrl _VaultConnection_VaultAddress "/sys/seal") headers (Nothing :: Maybe ()) [204] pure () where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] -- | <https://www.vaultproject.io/docs/http/sys-unseal.html> --@@ -469,14 +474,14 @@ Left err -> throwIO $ VaultException_ParseBodyError "GET" reqPath (encode rspObj) err Right obj -> pure $ sortOn fst (H.toList obj) where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] -- | <https://www.vaultproject.io/docs/http/sys-mounts.html> vaultMountTune :: VaultConnection -> Text -> IO VaultMountConfigRead vaultMountTune VaultConnection{_VaultConnection_VaultAddress, _VaultConnection_Manager, _VaultConnection_AuthToken} mountPoint = do vaultRequestJSON _VaultConnection_Manager "GET" (vaultUrl _VaultConnection_VaultAddress "/sys/mounts/" ++ T.unpack mountPoint ++ "/tune") headers (Nothing :: Maybe ()) [200] where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] -- | <https://www.vaultproject.io/docs/http/sys-mounts.html> vaultMountSetTune :: VaultConnection -> Text -> VaultMountConfigWrite -> IO ()@@ -485,7 +490,7 @@ _ <- vaultRequest _VaultConnection_Manager "POST" (vaultUrl _VaultConnection_VaultAddress "/sys/mounts/" ++ T.unpack mountPoint ++ "/tune") headers (Just reqBody) [204] pure () where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] -- | <https://www.vaultproject.io/docs/http/sys-mounts.html> vaultNewMount :: VaultConnection -> Text -> VaultMountWrite -> IO ()@@ -494,7 +499,7 @@ _ <- vaultRequest _VaultConnection_Manager "POST" (vaultUrl _VaultConnection_VaultAddress "/sys/mounts/" ++ T.unpack mountPoint) headers (Just reqBody) [204] pure () where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] -- | <https://www.vaultproject.io/docs/http/sys-mounts.html> vaultUnmount :: VaultConnection -> Text -> IO ()@@ -502,7 +507,7 @@ _ <- vaultRequest _VaultConnection_Manager "DELETE" (vaultUrl _VaultConnection_VaultAddress "/sys/mounts/" ++ T.unpack mountPoint) headers (Nothing :: Maybe ()) [204] pure () where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] data VaultSecretMetadata = VaultSecretMetadata { _VaultSecretMetadata_leaseDuration :: Int@@ -528,7 +533,7 @@ _ <- vaultRequest _VaultConnection_Manager "POST" (vaultUrl _VaultConnection_VaultAddress "/" ++ T.unpack location) headers (Just reqBody) [204] pure () where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] vaultRead :: FromJSON a@@ -561,7 +566,7 @@ Right data_ -> pure (metadata, Right data_) where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] -- | <https://www.vaultproject.io/docs/secrets/generic/index.html> vaultDelete :: VaultConnection -> VaultSecretPath -> IO ()@@ -569,7 +574,7 @@ _ <- vaultRequest _VaultConnection_Manager "DELETE" (vaultUrl _VaultConnection_VaultAddress "/" ++ T.unpack location) headers (Nothing :: Maybe ()) [204] pure () where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] data VaultListResult = VaultListResult [Text] @@ -597,7 +602,7 @@ VaultListResult keys <- vaultRequestJSON _VaultConnection_Manager "LIST" (vaultUrl _VaultConnection_VaultAddress "/" ++ T.unpack location) headers (Nothing :: Maybe ()) [200] pure $ map (VaultSecretPath . (withTrailingSlash `T.append`)) keys where- headers = [("X-Vault-Token", unVaultAuthToken _VaultConnection_AuthToken)]+ headers = [authTokenHeader _VaultConnection_AuthToken] withTrailingSlash | T.null location = "/" | T.last location == '/' = location
src/Network/VaultTool/Types.hs view
@@ -7,7 +7,6 @@ import Data.ByteString (ByteString) import Data.Text (Text) import qualified Data.ByteString.Lazy as BL-import qualified Data.Text.Encoding as T newtype VaultAddress = VaultAddress { unVaultAddress :: Text } deriving (Show, Eq, Ord)@@ -15,13 +14,13 @@ newtype VaultUnsealKey = VaultUnsealKey { unVaultUnsealKey :: Text } deriving (Show, Eq, Ord) -newtype VaultAuthToken = VaultAuthToken { unVaultAuthToken :: ByteString }+newtype VaultAuthToken = VaultAuthToken { unVaultAuthToken :: Text } deriving (Show, Eq, Ord) instance FromJSON VaultAuthToken where parseJSON j = do text <- parseJSON j- pure (VaultAuthToken (T.encodeUtf8 text))+ pure (VaultAuthToken text) newtype VaultSecretPath = VaultSecretPath { unVaultSecretPath :: Text } deriving (Show, Eq, Ord)
vault-tool.cabal view
@@ -1,5 +1,5 @@ name: vault-tool-version: 0.0.0.4+version: 0.1.0.0 synopsis: Client library for HashiCorp's Vault tool (via HTTP API) description: Client library for HashiCorp's Vault tool (via HTTP API) license: MIT