diff --git a/checkstyle.xml b/checkstyle.xml
index 3b7f764..578c56b 100644
--- a/checkstyle.xml
+++ b/checkstyle.xml
@@ -29,6 +29,11 @@
+
+
+
+
+
@@ -41,10 +46,6 @@
-
-
-
-
@@ -53,9 +54,6 @@
-
-
-
@@ -150,11 +148,13 @@
-
+
@@ -180,11 +180,8 @@
-
-
-
diff --git a/pom.xml b/pom.xml
index efed747..4b91bad 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,7 +22,7 @@
com.deciphernow
vault-maven-plugin
- 1.1.1-SNAPSHOT
+ 2.0.0-SNAPSHOT
maven-plugin
Vault Maven Plugin
@@ -74,13 +74,13 @@
UTF-8
UTF-8
1.0.0
- 2.17
- 3.6.1
+ 3.1.2
+ 3.8.1
0.20.1
${version.surefire.plugin}
2.3.23
19.0
- 0.7.9
+ 0.8.7
${version.jacoco}
1.8
1.8
@@ -96,7 +96,7 @@
3.0.1
2.19.1
0.6.5
- 2.0.0
+ 5.1.0
@@ -181,7 +181,7 @@
-
+
io.fabric8
docker-maven-plugin
${version.docker.plugin}
@@ -245,7 +245,7 @@
-
+
org.apache.maven.plugins
maven-checkstyle-plugin
${version.checkstyle.plugin}
diff --git a/src/main/java/com/deciphernow/maven/plugins/vault/VaultMojo.java b/src/main/java/com/deciphernow/maven/plugins/vault/VaultMojo.java
index de9bd71..3aa2e39 100644
--- a/src/main/java/com/deciphernow/maven/plugins/vault/VaultMojo.java
+++ b/src/main/java/com/deciphernow/maven/plugins/vault/VaultMojo.java
@@ -36,4 +36,5 @@ abstract class VaultMojo extends AbstractMojo {
@Parameter(property = "skipExecution", defaultValue = "false")
protected boolean skipExecution;
+
}
diff --git a/src/main/java/com/deciphernow/maven/plugins/vault/Vaults.java b/src/main/java/com/deciphernow/maven/plugins/vault/Vaults.java
index 73b3093..212dbec 100644
--- a/src/main/java/com/deciphernow/maven/plugins/vault/Vaults.java
+++ b/src/main/java/com/deciphernow/maven/plugins/vault/Vaults.java
@@ -16,13 +16,6 @@
package com.deciphernow.maven.plugins.vault;
-import com.bettercloud.vault.Vault;
-import com.bettercloud.vault.VaultConfig;
-import com.bettercloud.vault.VaultException;
-import com.deciphernow.maven.plugins.vault.config.Mapping;
-import com.deciphernow.maven.plugins.vault.config.Path;
-import com.deciphernow.maven.plugins.vault.config.Server;
-
import java.io.File;
import java.util.HashMap;
import java.util.List;
@@ -30,6 +23,15 @@
import java.util.NoSuchElementException;
import java.util.Properties;
+import com.deciphernow.maven.plugins.vault.config.Mapping;
+import com.deciphernow.maven.plugins.vault.config.Path;
+import com.deciphernow.maven.plugins.vault.config.Server;
+
+import com.bettercloud.vault.SslConfig;
+import com.bettercloud.vault.Vault;
+import com.bettercloud.vault.VaultConfig;
+import com.bettercloud.vault.VaultException;
+
/**
* Provides static methods for working with Vault.
*/
@@ -48,7 +50,8 @@ public final class Vaults {
/**
* Initializes a new instance of the {@link Vaults} class.
*/
- private Vaults() {}
+ private Vaults() {
+ }
/**
* Pulls secrets from one or more Vault servers and paths and updates a {@link Properties} instance with the values.
@@ -62,7 +65,8 @@ public static void pull(List servers, Properties properties) throws Vaul
if (server.isSkipExecution()) {
continue;
}
- Vault vault = vault(server.getUrl(), server.getToken(), server.getSslVerify(), server.getSslCertificate());
+ Vault vault = vault(server.getUrl(), server.getToken(), server.getKvVersion(), server.getSslVerify(),
+ server.getSslCertificate());
for (Path path : server.getPaths()) {
Map secrets = get(vault, path.getName());
for (Mapping mapping : path.getMappings()) {
@@ -88,7 +92,8 @@ public static void push(List servers, Properties properties) throws Vaul
if (server.isSkipExecution()) {
continue;
}
- Vault vault = vault(server.getUrl(), server.getToken(), server.getSslVerify(), server.getSslCertificate());
+ Vault vault = vault(server.getUrl(), server.getToken(), server.getKvVersion(), server.getSslVerify(),
+ server.getSslCertificate());
for (Path path : server.getPaths()) {
Map secrets = exists(vault, path.getName()) ? get(vault, path.getName()) : new HashMap<>();
for (Mapping mapping : path.getMappings()) {
@@ -112,7 +117,7 @@ public static void push(List servers, Properties properties) throws Vaul
* @throws VaultException if an exception is thrown connecting to vault
*/
private static boolean exists(Vault vault, String path) throws VaultException {
- return !vault.logical().list(path).isEmpty();
+ return !vault.logical().list(path).getData().isEmpty();
}
/**
@@ -137,8 +142,8 @@ private static Map get(Vault vault, String path) throws VaultExc
* @return the data
* @throws VaultException if an exception is thrown connecting to vault or the path does not exist
*/
- private static void set(Vault vault, String path, Map secrets) throws VaultException {
- vault.logical().write(path, secrets);
+ private static void set(Vault vault, String path, Map secrets) throws VaultException {
+ vault.logical().write(path, (Map) secrets);
}
/**
@@ -146,23 +151,31 @@ private static void set(Vault vault, String path, Map secrets) t
*
* @param server the server
* @param token the token
+ * @param kvVersion kv engine version
* @param sslCertificate the certificate file or null if not needed
* @param sslVerify {@code true} if the connection should be verified; otherwise, {@code false}
* @return the vault
*/
private static Vault vault(String server,
String token,
- boolean sslVerify,
+ int kvVersion, boolean sslVerify,
File sslCertificate) throws VaultException {
+ final SslConfig sslConfig;
+ if (sslVerify) {
+ sslConfig = new SslConfig();
+ sslConfig.pemFile(sslCertificate);
+ } else {
+ sslConfig = null;
+ }
+
VaultConfig vaultConfig = new VaultConfig()
.address(server)
.openTimeout(OPEN_TIMEOUT)
.readTimeout(READ_TIMEOUT)
- .sslVerify(sslVerify)
- .token(token);
- if (sslCertificate != null) {
- vaultConfig.sslPemFile(sslCertificate);
- }
+ .sslConfig(sslConfig)
+ .token(token)
+ .engineVersion(kvVersion)
+ .build();
return new Vault(vaultConfig);
}
diff --git a/src/main/java/com/deciphernow/maven/plugins/vault/config/Mapping.java b/src/main/java/com/deciphernow/maven/plugins/vault/config/Mapping.java
index 470528a..6441d77 100644
--- a/src/main/java/com/deciphernow/maven/plugins/vault/config/Mapping.java
+++ b/src/main/java/com/deciphernow/maven/plugins/vault/config/Mapping.java
@@ -31,7 +31,8 @@ public class Mapping implements Serializable {
/**
* Initializes a new instance of the {@link Mapping} class.
*/
- public Mapping() { }
+ public Mapping() {
+ }
/**
* Initializes a new instance of the {@link Mapping} class.
@@ -67,7 +68,8 @@ public String getProperty() {
*
* @return the hash code
*/
- public int hashCode() {
+ @Override
+public int hashCode() {
return Objects.hash(this.key, this.property);
}
@@ -76,7 +78,8 @@ public int hashCode() {
*
* @return {@code true} if the this mapping is equal to the object; otherwise, {@code false}
*/
- public boolean equals(Object object) {
+ @Override
+public boolean equals(Object object) {
if (object instanceof Mapping) {
Mapping that = (Mapping) object;
return Objects.equals(this.key, that.key)
diff --git a/src/main/java/com/deciphernow/maven/plugins/vault/config/Path.java b/src/main/java/com/deciphernow/maven/plugins/vault/config/Path.java
index d2bd193..38b0712 100644
--- a/src/main/java/com/deciphernow/maven/plugins/vault/config/Path.java
+++ b/src/main/java/com/deciphernow/maven/plugins/vault/config/Path.java
@@ -32,7 +32,8 @@ public class Path implements Serializable {
/**
* Initializes a new instance of the {@link Path} class.
*/
- public Path() { }
+ public Path() {
+ }
/**
* Initializes a new instance of the {@link Path} class.
@@ -68,7 +69,8 @@ public List getMappings() {
*
* @return the hash code
*/
- public int hashCode() {
+ @Override
+public int hashCode() {
return Objects.hash(this.name, this.mappings);
}
@@ -77,7 +79,8 @@ public int hashCode() {
*
* @return {@code true} if the this path is equal to the object; otherwise, {@code false}
*/
- public boolean equals(Object object) {
+ @Override
+public boolean equals(Object object) {
if (object instanceof Path) {
Path that = (Path) object;
return Objects.equals(this.name, that.name)
diff --git a/src/main/java/com/deciphernow/maven/plugins/vault/config/Server.java b/src/main/java/com/deciphernow/maven/plugins/vault/config/Server.java
index efe1dbd..482470e 100644
--- a/src/main/java/com/deciphernow/maven/plugins/vault/config/Server.java
+++ b/src/main/java/com/deciphernow/maven/plugins/vault/config/Server.java
@@ -38,10 +38,13 @@ public class Server implements Serializable {
private boolean skipExecution;
+ private int kvVersion = 2;
+
/**
* Initializes a new instance of the {@link Server} class.
*/
- public Server() { }
+ public Server() {
+ }
/**
* Initializes a new instance of the {@link Server} class.
@@ -52,13 +55,14 @@ public Server() { }
* @param sslCertificate the SSL certificate file or null
* @param paths the paths for the server
*/
- public Server(String url, String token, boolean sslVerify, File sslCertificate, List paths,
+ public Server(String url, String token, int kvVersion, boolean sslVerify, File sslCertificate, List paths,
boolean skipExecution) {
this.paths = paths;
this.sslCertificate = sslCertificate;
this.sslVerify = sslVerify;
this.token = token;
this.url = url;
+ this.kvVersion = kvVersion;
this.skipExecution = skipExecution;
}
@@ -107,6 +111,14 @@ public String getUrl() {
return this.url;
}
+ /**
+ * Gets the KV version of this secret.
+ * @return the version
+ */
+ public int getKvVersion() {
+ return this.kvVersion;
+ }
+
/**
* Indicates if server execution should be skipped.
*
@@ -121,8 +133,10 @@ public boolean isSkipExecution() {
*
* @return the hash code
*/
- public int hashCode() {
- return Objects.hash(this.sslCertificate, this.sslVerify, this.token, this.url, this.paths, this.skipExecution);
+ @Override
+public int hashCode() {
+ return Objects.hash(this.sslCertificate, this.sslVerify, this.token, this.url, this.kvVersion,
+ this.paths, this.skipExecution);
}
/**
@@ -130,7 +144,8 @@ public int hashCode() {
*
* @return {@code true} if the this server is equal to the object; otherwise, {@code false}
*/
- public boolean equals(Object object) {
+ @Override
+public boolean equals(Object object) {
if (object instanceof Server) {
Server that = (Server) object;
return Objects.equals(this.paths, that.paths)
@@ -138,6 +153,7 @@ public boolean equals(Object object) {
&& Objects.equals(this.skipExecution, that.skipExecution)
&& Objects.equals(this.sslCertificate, that.sslCertificate)
&& Objects.equals(this.token, that.token)
+ && Objects.equals(this.kvVersion, that.kvVersion)
&& Objects.equals(this.url, that.url);
}
return false;
diff --git a/src/test/java/com/deciphernow/maven/plugins/vault/IntTestPullMojo.java b/src/test/java/com/deciphernow/maven/plugins/vault/IntTestPullMojo.java
index 77ec5de..844f16d 100644
--- a/src/test/java/com/deciphernow/maven/plugins/vault/IntTestPullMojo.java
+++ b/src/test/java/com/deciphernow/maven/plugins/vault/IntTestPullMojo.java
@@ -46,6 +46,7 @@ public class IntTestPullMojo {
private static final String VAULT_PORT = System.getProperty("vault.port", "443");
private static final String VAULT_SERVER = String.format("https://%s:%s", VAULT_HOST, VAULT_PORT);
private static final String VAULT_TOKEN = System.getProperty("vault.token");
+ private static final int KV_VERSION = Integer.parseInt(System.getProperty("vault.kv.version", "2"));
private static Mapping randomMapping() {
return new Mapping(UUID.randomUUID().toString(), UUID.randomUUID().toString());
@@ -72,7 +73,7 @@ private Fixture() throws URISyntaxException {
List paths = randomPaths(10, 10);
File certificate = new File(VAULT_CERTIFICATE.toURI());
System.out.println(String.format("%s/%s", VAULT_SERVER, VAULT_TOKEN));
- this.servers = ImmutableList.of(new Server(VAULT_SERVER, VAULT_TOKEN, true, certificate, paths, false));
+ this.servers = ImmutableList.of(new Server(VAULT_SERVER, VAULT_TOKEN, KV_VERSION, true, certificate, paths, false));
this.properties = new Properties();
this.servers.stream().forEach(server -> {
server.getPaths().stream().forEach(path -> {
diff --git a/src/test/java/com/deciphernow/maven/plugins/vault/IntTestPushMojo.java b/src/test/java/com/deciphernow/maven/plugins/vault/IntTestPushMojo.java
index a3f9d1e..51a15a7 100644
--- a/src/test/java/com/deciphernow/maven/plugins/vault/IntTestPushMojo.java
+++ b/src/test/java/com/deciphernow/maven/plugins/vault/IntTestPushMojo.java
@@ -46,6 +46,7 @@ public class IntTestPushMojo {
private static final String VAULT_PORT = System.getProperty("vault.port", "443");
private static final String VAULT_SERVER = String.format("https://%s:%s", VAULT_HOST, VAULT_PORT);
private static final String VAULT_TOKEN = System.getProperty("vault.token");
+ private static final int KV_VERSION = Integer.parseInt(System.getProperty("vault.kv.version", "2"));
private static Mapping randomMapping() {
return new Mapping(UUID.randomUUID().toString(), UUID.randomUUID().toString());
@@ -72,7 +73,7 @@ private Fixture() throws URISyntaxException {
List paths = randomPaths(10, 10);
File certificate = new File(VAULT_CERTIFICATE.toURI());
System.out.println(String.format("%s/%s", VAULT_SERVER, VAULT_TOKEN));
- this.servers = ImmutableList.of(new Server(VAULT_SERVER, VAULT_TOKEN, true, certificate, paths, false));
+ this.servers = ImmutableList.of(new Server(VAULT_SERVER, VAULT_TOKEN, KV_VERSION, true, certificate, paths, false));
this.properties = new Properties();
this.servers.stream().forEach(server -> {
server.getPaths().stream().forEach(path -> {
diff --git a/src/test/java/com/deciphernow/maven/plugins/vault/IntTestVaults.java b/src/test/java/com/deciphernow/maven/plugins/vault/IntTestVaults.java
index 9430134..4357c69 100644
--- a/src/test/java/com/deciphernow/maven/plugins/vault/IntTestVaults.java
+++ b/src/test/java/com/deciphernow/maven/plugins/vault/IntTestVaults.java
@@ -47,6 +47,7 @@ public class IntTestVaults {
private static final String VAULT_PORT = System.getProperty("vault.port", "443");
private static final String VAULT_SERVER = String.format("https://%s:%s", VAULT_HOST, VAULT_PORT);
private static final String VAULT_TOKEN = System.getProperty("vault.token");
+ private static final int KV_VERSION = Integer.parseInt(System.getProperty("vault.kv.version", "2"));
private static Mapping randomMapping() {
return new Mapping(UUID.randomUUID().toString(), UUID.randomUUID().toString());
@@ -74,7 +75,7 @@ private Fixture() throws URISyntaxException {
File certificate = new File(VAULT_CERTIFICATE.toURI());
boolean skipExecution = false;
System.out.println(String.format("%s/%s", VAULT_SERVER, VAULT_TOKEN));
- this.servers = ImmutableList.of(new Server(VAULT_SERVER, VAULT_TOKEN, true, certificate, paths, skipExecution));
+ this.servers = ImmutableList.of(new Server(VAULT_SERVER, VAULT_TOKEN, KV_VERSION, true, certificate, paths, skipExecution));
this.properties = new Properties();
this.servers.stream().forEach(server -> {
server.getPaths().stream().forEach(path -> {
diff --git a/src/test/java/com/deciphernow/maven/plugins/vault/config/TestServer.java b/src/test/java/com/deciphernow/maven/plugins/vault/config/TestServer.java
index 398b1d1..e29f038 100644
--- a/src/test/java/com/deciphernow/maven/plugins/vault/config/TestServer.java
+++ b/src/test/java/com/deciphernow/maven/plugins/vault/config/TestServer.java
@@ -40,7 +40,7 @@ public class TestServer {
private static final boolean SKIP_EXECUTION = RANDOM.nextBoolean();
private static final String TOKEN = UUID.randomUUID().toString();
private static final String URL = UUID.randomUUID().toString();
- private static final Server INSTANCE = new Server(URL, TOKEN, SSL_VERIFY, SSL_CERTIFICATE, PATHS, SKIP_EXECUTION);
+ private static final Server INSTANCE = new Server(URL, TOKEN, 2, SSL_VERIFY, SSL_CERTIFICATE, PATHS, SKIP_EXECUTION);
private static Path randomPath(int mappingCount) {
return new Path(UUID.randomUUID().toString(), randomMappings(mappingCount));