Examples with SysRx - io.helidon.integrations.vault.sys.SysRx

Example 1 with SysRx

use of io.helidon.integrations.vault.sys.SysRx in project helidon by oracle.

the class ReactiveVaultMain method main.

/**
 * Main method.
 * @param args ignored
 */
public static void main(String[] args) {
    LogConfig.configureRuntime();
    // as I cannot share my secret configuration, let's combine the configuration
    // from my home directory with the one compiled into the jar
    // when running this example, you can either update the application.yaml in resources directory
    // or use the same approach
    Config config = buildConfig();
    // we have three configurations available
    // 1. Token based authentication
    Vault tokenVault = Vault.builder().config(config.get("vault.token")).updateWebClient(it -> it.connectTimeout(5, TimeUnit.SECONDS).readTimeout(5, TimeUnit.SECONDS)).build();
    // 2. App role based authentication - must be created after we obtain the role id an token
    // 3. Kubernetes (k8s) based authentication (requires to run on k8s) - must be created after we create
    // the authentication method
    // the tokenVault is using the root token and can be used to enable engines and
    // other authentication mechanisms
    CompletionAwaitable<Void> k8sFuture = new K8sExample(tokenVault, config.get("vault.k8s")).run().forSingle(System.out::println);
    CompletionAwaitable<Void> appRoleFuture = new AppRoleExample(tokenVault, config.get("vault.approle")).run().forSingle(System.out::println);
    /*
        We do not need to block here for our examples, as the server started below will keep the process running
         */
    SysRx sys = tokenVault.sys(SysRx.API);
    // we use await for webserver, as we do not care if we block the main thread - it is not used
    // for anything
    WebServer webServer = WebServer.builder().config(config.get("server")).routing(Routing.builder().register("/cubbyhole", new CubbyholeService(sys, tokenVault.secrets(CubbyholeSecretsRx.ENGINE))).register("/kv1", new Kv1Service(sys, tokenVault.secrets(Kv1SecretsRx.ENGINE))).register("/kv2", new Kv2Service(sys, tokenVault.secrets(Kv2SecretsRx.ENGINE))).register("/transit", new TransitService(sys, tokenVault.secrets(TransitSecretsRx.ENGINE)))).build().start().await();
    try {
        appRoleFuture.await();
    } catch (Exception e) {
        System.err.println("AppRole example failed");
        e.printStackTrace();
    }
    try {
        k8sFuture.await();
    } catch (Exception e) {
        System.err.println("Kubernetes example failed");
        e.printStackTrace();
    }
    String baseAddress = "http://localhost:" + webServer.port() + "/";
    System.out.println("Server started on " + baseAddress);
    System.out.println();
    System.out.println("Key/Value Version 1 Secrets Engine");
    System.out.println("\t" + baseAddress + "kv1/enable");
    System.out.println("\t" + baseAddress + "kv1/create");
    System.out.println("\t" + baseAddress + "kv1/secrets/first/secret");
    System.out.println("\tcurl -i -X DELETE " + baseAddress + "kv1/secrets/first/secret");
    System.out.println("\t" + baseAddress + "kv1/disable");
    System.out.println();
    System.out.println("Key/Value Version 2 Secrets Engine");
    System.out.println("\t" + baseAddress + "kv2/create");
    System.out.println("\t" + baseAddress + "kv2/secrets/first/secret");
    System.out.println("\tcurl -i -X DELETE " + baseAddress + "kv2/secrets/first/secret");
    System.out.println();
    System.out.println("Transit Secrets Engine");
    System.out.println("\t" + baseAddress + "transit/enable");
    System.out.println("\t" + baseAddress + "transit/keys");
    System.out.println("\t" + baseAddress + "transit/encrypt/secret_text");
    System.out.println("\t" + baseAddress + "transit/decrypt/cipher_text");
    System.out.println("\t" + baseAddress + "transit/sign");
    System.out.println("\t" + baseAddress + "transit/verify/sign/signature_text");
    System.out.println("\t" + baseAddress + "transit/hmac");
    System.out.println("\t" + baseAddress + "transit/verify/hmac/hmac_text");
    System.out.println("\tcurl -i -X DELETE " + baseAddress + "transit/keys");
    System.out.println("\t" + baseAddress + "transit/disable");
}

Also used : TransitSecretsRx(io.helidon.integrations.vault.secrets.transit.TransitSecretsRx) Kv2SecretsRx(io.helidon.integrations.vault.secrets.kv2.Kv2SecretsRx) Config(io.helidon.config.Config) SysRx(io.helidon.integrations.vault.sys.SysRx) CompletionAwaitable(io.helidon.common.reactive.CompletionAwaitable) CubbyholeSecretsRx(io.helidon.integrations.vault.secrets.cubbyhole.CubbyholeSecretsRx) TimeUnit(java.util.concurrent.TimeUnit) Vault(io.helidon.integrations.vault.Vault) ConfigSources.file(io.helidon.config.ConfigSources.file) WebServer(io.helidon.webserver.WebServer) Kv1SecretsRx(io.helidon.integrations.vault.secrets.kv1.Kv1SecretsRx) ConfigSources.classpath(io.helidon.config.ConfigSources.classpath) LogConfig(io.helidon.common.LogConfig) Routing(io.helidon.webserver.Routing) Config(io.helidon.config.Config) LogConfig(io.helidon.common.LogConfig) WebServer(io.helidon.webserver.WebServer) SysRx(io.helidon.integrations.vault.sys.SysRx) Vault(io.helidon.integrations.vault.Vault)

Aggregations

LogConfig (io.helidon.common.LogConfig)1 CompletionAwaitable (io.helidon.common.reactive.CompletionAwaitable)1 Config (io.helidon.config.Config)1 ConfigSources.classpath (io.helidon.config.ConfigSources.classpath)1 ConfigSources.file (io.helidon.config.ConfigSources.file)1 Vault (io.helidon.integrations.vault.Vault)1 CubbyholeSecretsRx (io.helidon.integrations.vault.secrets.cubbyhole.CubbyholeSecretsRx)1 Kv1SecretsRx (io.helidon.integrations.vault.secrets.kv1.Kv1SecretsRx)1 Kv2SecretsRx (io.helidon.integrations.vault.secrets.kv2.Kv2SecretsRx)1 TransitSecretsRx (io.helidon.integrations.vault.secrets.transit.TransitSecretsRx)1 SysRx (io.helidon.integrations.vault.sys.SysRx)1 Routing (io.helidon.webserver.Routing)1 WebServer (io.helidon.webserver.WebServer)1 TimeUnit (java.util.concurrent.TimeUnit)1