Skip to content

Commit 8610b4f

Browse files
aviadhahamiaviadhahami
authored
Merge pull request #282 from nodevault/copilot/research-and-implement-solution
Add missing transit commands, export commands object, fix commands TypeScript type
2 parents a42bd9e + 964b460 commit 8610b4f

File tree

5 files changed

+152
-5
lines changed

5 files changed

+152
-5
lines changed

features.md

Lines changed: 34 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -44,17 +44,17 @@
4444

4545
## vault.addKubernetesRole
4646

47-
`POST /auth/{{mount_point}}{{^mount_point}}kubernetes{{/mount_point}}/role/{{ role_name }}`
47+
`POST /auth/{{mount_point}}{{^mount_point}}{{kubernetesPath}}{{/mount_point}}/role/{{ role_name }}`
4848

4949

5050
## vault.getKubernetesRole
5151

52-
`GET /auth/{{mount_point}}{{^mount_point}}kubernetes{{/mount_point}}/role/{{ role_name }}`
52+
`GET /auth/{{mount_point}}{{^mount_point}}{{kubernetesPath}}{{/mount_point}}/role/{{ role_name }}`
5353

5454

5555
## vault.deleteKubernetesRole
5656

57-
`DELETE /auth/{{mount_point}}{{^mount_point}}kubernetes{{/mount_point}}/role/{{ role_name }}`
57+
`DELETE /auth/{{mount_point}}{{^mount_point}}{{kubernetesPath}}{{/mount_point}}/role/{{ role_name }}`
5858

5959

6060
## vault.addApproleRole
@@ -122,6 +122,31 @@
122122
`POST /transit/decrypt/{{name}}`
123123

124124

125+
## vault.rewrapData
126+
127+
`POST /transit/rewrap/{{name}}`
128+
129+
130+
## vault.transitCreateKey
131+
132+
`POST /transit/keys/{{name}}`
133+
134+
135+
## vault.transitReadKey
136+
137+
`GET /transit/keys/{{name}}`
138+
139+
140+
## vault.transitListKeys
141+
142+
`LIST /transit/keys`
143+
144+
145+
## vault.transitDeleteKey
146+
147+
`DELETE /transit/keys/{{name}}`
148+
149+
125150
## vault.generateDatabaseCredentials
126151

127152
`GET /{{databasePath}}/creds/{{name}}`
@@ -224,7 +249,7 @@
224249

225250
## vault.kubernetesLogin
226251

227-
`POST /auth/{{mount_point}}{{^mount_point}}kubernetes{{/mount_point}}/login`
252+
`POST /auth/{{mount_point}}{{^mount_point}}{{kubernetesPath}}{{/mount_point}}/login`
228253

229254

230255
## vault.awsIamLogin
@@ -257,6 +282,11 @@
257282
`POST /auth/cert/login`
258283

259284

285+
## vault.jwtLogin
286+
287+
`POST /auth/{{mount_point}}{{^mount_point}}jwt{{/mount_point}}/login`
288+
289+
260290
## vault.tokenAccessors
261291

262292
`LIST /auth/token/accessors`

index.d.ts

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,7 @@ declare namespace NodeVault {
5050
update(path: string, data: any, requestOptions?: Option): Promise<any>;
5151

5252
generateFunction(name: string, conf: functionConf): void;
53+
commands: { [name: string]: functionConf };
5354

5455
status(options?: Option): Promise<any>;
5556
initialized(options?: Option): Promise<any>;
@@ -126,13 +127,18 @@ declare namespace NodeVault {
126127
stepDown(options?: Option): Promise<any>;
127128
encryptData(options?: Option): Promise<any>;
128129
decryptData(options?: Option): Promise<any>;
130+
rewrapData(options?: Option): Promise<any>;
131+
transitCreateKey(options?: Option): Promise<any>;
132+
transitReadKey(options?: Option): Promise<any>;
133+
transitListKeys(options?: Option): Promise<any>;
134+
transitDeleteKey(options?: Option): Promise<any>;
129135
generateDatabaseCredentials(options?: Option): Promise<any>;
130136
}
131137

132138
interface VaultOptions {
133139
debug?(...args: any[]): any;
134140
tv4?(...args: any[]): any;
135-
commands?: Array<{ method: string, path: string, scheme: any }>;
141+
commands?: { [name: string]: functionConf };
136142
mustache?: any;
137143
"request-promise"?: any;
138144
Promise?: PromiseConstructor;

src/commands.js

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -451,6 +451,26 @@ module.exports = {
451451
method: 'POST',
452452
path: '/transit/decrypt/{{name}}',
453453
},
454+
rewrapData: {
455+
method: 'POST',
456+
path: '/transit/rewrap/{{name}}',
457+
},
458+
transitCreateKey: {
459+
method: 'POST',
460+
path: '/transit/keys/{{name}}',
461+
},
462+
transitReadKey: {
463+
method: 'GET',
464+
path: '/transit/keys/{{name}}',
465+
},
466+
transitListKeys: {
467+
method: 'LIST',
468+
path: '/transit/keys',
469+
},
470+
transitDeleteKey: {
471+
method: 'DELETE',
472+
path: '/transit/keys/{{name}}',
473+
},
454474
generateDatabaseCredentials: {
455475
method: 'GET',
456476
path: '/{{databasePath}}/creds/{{name}}',

src/index.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -286,6 +286,7 @@ module.exports = (config = {}) => {
286286
}
287287

288288
client.generateFunction = generateFunction;
289+
client.commands = commands;
289290

290291
// protecting global object properties from being added
291292
// enforcing the immutable rule: https://github.com/airbnb/javascript#iterators-and-generators

test/unit.js

Lines changed: 90 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -738,6 +738,96 @@ describe('node-vault', () => {
738738
});
739739
});
740740

741+
describe('transit commands', () => {
742+
it('should have rewrapData function', () => {
743+
vault.rewrapData.should.be.a('function');
744+
});
745+
746+
it('should have transitCreateKey function', () => {
747+
vault.transitCreateKey.should.be.a('function');
748+
});
749+
750+
it('should have transitReadKey function', () => {
751+
vault.transitReadKey.should.be.a('function');
752+
});
753+
754+
it('should have transitListKeys function', () => {
755+
vault.transitListKeys.should.be.a('function');
756+
});
757+
758+
it('should have transitDeleteKey function', () => {
759+
vault.transitDeleteKey.should.be.a('function');
760+
});
761+
762+
it('should call rewrapData with correct path and method', (done) => {
763+
const params = {
764+
method: 'POST',
765+
path: '/transit/rewrap/mykey',
766+
};
767+
vault.rewrapData({ name: 'mykey', ciphertext: 'vault:v1:abc' })
768+
.then(assertRequest(request, params, done))
769+
.catch(done);
770+
});
771+
772+
it('should call transitListKeys with correct method', (done) => {
773+
const params = {
774+
method: 'LIST',
775+
path: '/transit/keys',
776+
};
777+
vault.transitListKeys()
778+
.then(assertRequest(request, params, done))
779+
.catch(done);
780+
});
781+
782+
it('should call transitReadKey with correct path', (done) => {
783+
const params = {
784+
method: 'GET',
785+
path: '/transit/keys/mykey',
786+
};
787+
vault.transitReadKey({ name: 'mykey' })
788+
.then(assertRequest(request, params, done))
789+
.catch(done);
790+
});
791+
792+
it('should call transitCreateKey with correct path and method', (done) => {
793+
const params = {
794+
method: 'POST',
795+
path: '/transit/keys/mykey',
796+
};
797+
vault.transitCreateKey({ name: 'mykey', type: 'aes256-gcm96' })
798+
.then(assertRequest(request, params, done))
799+
.catch(done);
800+
});
801+
802+
it('should call transitDeleteKey with correct path and method', (done) => {
803+
const params = {
804+
method: 'DELETE',
805+
path: '/transit/keys/mykey',
806+
};
807+
vault.transitDeleteKey({ name: 'mykey' })
808+
.then(assertRequest(request, params, done))
809+
.catch(done);
810+
});
811+
});
812+
813+
describe('commands export', () => {
814+
it('should expose commands object on client', () => {
815+
vault.commands.should.be.an('object');
816+
});
817+
818+
it('should include encryptData in commands', () => {
819+
vault.commands.encryptData.should.be.an('object');
820+
vault.commands.encryptData.method.should.equal('POST');
821+
vault.commands.encryptData.path.should.equal('/transit/encrypt/{{name}}');
822+
});
823+
824+
it('should include rewrapData in commands', () => {
825+
vault.commands.rewrapData.should.be.an('object');
826+
vault.commands.rewrapData.method.should.equal('POST');
827+
vault.commands.rewrapData.path.should.equal('/transit/rewrap/{{name}}');
828+
});
829+
});
830+
741831
describe('request(options)', () => {
742832
it('should reject if options are undefined', (done) => {
743833
vault.request()

0 commit comments

Comments
 (0)