• Home
• net.nemerosa.ontrack
• ontrack-extension-vault
• 3.34.13
• source code
• VaultConfidentialStore.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

net.nemerosa.ontrack.extension.vault.VaultConfidentialStore Maven / Gradle / Ivy

package net.nemerosa.ontrack.extension.vault;

import net.nemerosa.ontrack.model.security.AbstractConfidentialStore;
import net.nemerosa.ontrack.model.support.OntrackConfigProperties;
import org.apache.commons.lang3.Validate;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Component;
import org.springframework.vault.core.VaultOperations;
import org.springframework.vault.support.VaultResponseSupport;

import java.io.IOException;

import static net.nemerosa.ontrack.extension.vault.VaultExtensionFeature.VAULT_KEY_STORE_PROPERTY;

@Component
@ConditionalOnProperty(name = OntrackConfigProperties.KEY_STORE, havingValue = VAULT_KEY_STORE_PROPERTY)
public class VaultConfidentialStore extends AbstractConfidentialStore {

    private final VaultOperations vaultOperations;
    private final VaultConfigProperties configProperties;

    @Autowired
    public VaultConfidentialStore(VaultOperations vaultOperations, VaultConfigProperties configProperties) {
        this.vaultOperations = vaultOperations;
        this.configProperties = configProperties;
        LoggerFactory.getLogger(VaultConfidentialStore.class).info(
                "[key-store] Using Vault store at {}",
                configProperties.getUri()
        );
    }

    protected String getPath(String key) {
        return String.format("%s/%s", configProperties.getPrefix(), key);
    }

    @Override
    public void store(String key, byte[] payload) throws IOException {
        Validate.notNull(payload, "Key payload must not be null");
        vaultOperations.write(
                getPath(key),
                new Key(payload)
        );
    }

    @Override
    public byte[] load(String key) throws IOException {
        VaultResponseSupport support = vaultOperations.read(
                getPath(key),
                Key.class
        );
        return support != null ? support.getData().getPayload() : null;
    }

}