51 lines
892 B
Go
51 lines
892 B
Go
package vault
|
|
|
|
import (
|
|
"fmt"
|
|
"github.com/drone/drone/plugins/internal"
|
|
"io/ioutil"
|
|
"time"
|
|
)
|
|
|
|
/*
|
|
Vault JSON Response
|
|
{
|
|
"auth": {
|
|
"client_token" = "token",
|
|
"lease_duration" = "1234s"
|
|
}
|
|
}
|
|
*/
|
|
type VaultAuth struct {
|
|
Token string `json:"client_token"`
|
|
Lease string `json:"lease_duration"`
|
|
}
|
|
type VaultResp struct {
|
|
Auth VaultAuth
|
|
}
|
|
|
|
func getKubernetesToken(addr, role, mountPoint, tokenFile string) (string, time.Duration, error) {
|
|
b, err := ioutil.ReadFile(tokenFile)
|
|
if err != nil {
|
|
return "", 0, err
|
|
}
|
|
|
|
var resp VaultResp
|
|
path := fmt.Sprintf("%s/v1/auth/%s/login", addr, mountPoint)
|
|
data := map[string]string{
|
|
"jwt": string(b),
|
|
"role": role,
|
|
}
|
|
|
|
err = internal.Send("POST", path, data, &resp)
|
|
if err != nil {
|
|
return "", 0, err
|
|
}
|
|
|
|
ttl, err := time.ParseDuration(resp.Auth.Lease)
|
|
if err != nil {
|
|
return "", 0, err
|
|
}
|
|
|
|
return resp.Auth.Token, ttl, nil
|
|
}
|