vault-usage-example/vault-api.go

package main

import (
	"log"
	"strconv"

	"github.com/gofiber/fiber/v2"
)

const (
	uriSecretData     = "/:secret/data/:path"
	uriSecretMetadata = "/:secret/metadata/:path"
)

func vaultApiSimpleKv2(c *fiber.Ctx, action string) error {
	secret := c.Params("secret")
	path := c.Params("path")
	if (secret == "") || (path == "") {
		return fiberNone(c)
	}

	log.Printf("%v %v %v", action, secret, path)

	return fiberOk(c)
}

func setupVaultApi(router fiber.Router) {
	// https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2

	/* read secret */
	router.Get(uriSecretData, func(c *fiber.Ctx) error {
		// return vaultApiSimpleKv2(c, "GET")

		secret := c.Params("secret")
		path := c.Params("path")
		if (secret == "") || (path == "") {
			return fiberNone(c)
		}

		var version int64 = -1
		if ver_s := c.Query("version"); ver_s != "" {
			var err error
			version, err = strconv.ParseInt(ver_s, 10, 0)
			if err != nil {
				return fiberNone(c)
			}
		}

		if version >= 0 {
			// version is sane
			log.Printf("GET %v %v v=%v", secret, path, version)
		} else {
			log.Printf("GET %v %v", secret, path)
		}

		return fiberOk(c)
	})
	/* create/update/patch secret */
	router.Post(uriSecretData, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "SET")
	})
	router.Patch(uriSecretData, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "SET")
	})
	/* delete secret */
	router.Delete(uriSecretData, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "DELETE")
	})
	/* delete/undelete secret */
	router.Post("/:secret/delete/:path", func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "DELETE")
	})
	router.Post("/:secret/undelete/:path", func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "UNDELETE")
	})
	/* destroy secret */
	router.Post("/:secret/destroy/:path", func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "DESTROY")
	})

	/* read subkeys */
	// router.Get("/:secret/subkeys/:path?version=:version&depth=:depth", fiberOk)
	router.Get("/:secret/subkeys/:path", func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "SUBKEYS")
	})

	/* read metadata */
	router.Get(uriSecretMetadata, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "META-GET")
	})
	/* create/update metadata */
	router.Post(uriSecretMetadata, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "META-SET")
	})
	router.Patch(uriSecretMetadata, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "META-SET")
	})
	/* delete metadata */
	router.Delete(uriSecretMetadata, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "META-DELETE")
	})
	/* list secrets */
	router.Add(MethodList, uriSecretMetadata, func(c *fiber.Ctx) error {
		return vaultApiSimpleKv2(c, "LIST")
	})
}
initial commit 2024-06-07 07:29:07 +03:00			`package main`

			`import (`
describe example api handler 2024-06-11 11:38:30 +03:00			`"log"`
			`"strconv"`

initial commit 2024-06-07 07:29:07 +03:00			`"github.com/gofiber/fiber/v2"`
			`)`

			`const (`
			`uriSecretData = "/:secret/data/:path"`
			`uriSecretMetadata = "/:secret/metadata/:path"`
			`)`

describe example api handler 2024-06-11 11:38:30 +03:00			`func vaultApiSimpleKv2(c *fiber.Ctx, action string) error {`
			`secret := c.Params("secret")`
			`path := c.Params("path")`
			`if (secret == "") \|\| (path == "") {`
			`return fiberNone(c)`
			`}`

			`log.Printf("%v %v %v", action, secret, path)`

			`return fiberOk(c)`
			`}`

initial commit 2024-06-07 07:29:07 +03:00			`func setupVaultApi(router fiber.Router) {`
			`// https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2`

			`/* read secret */`
describe example api handler 2024-06-11 11:38:30 +03:00			`router.Get(uriSecretData, func(c *fiber.Ctx) error {`
			`// return vaultApiSimpleKv2(c, "GET")`

			`secret := c.Params("secret")`
			`path := c.Params("path")`
			`if (secret == "") \|\| (path == "") {`
			`return fiberNone(c)`
			`}`

			`var version int64 = -1`
			`if ver_s := c.Query("version"); ver_s != "" {`
			`var err error`
			`version, err = strconv.ParseInt(ver_s, 10, 0)`
			`if err != nil {`
			`return fiberNone(c)`
initial commit 2024-06-07 07:29:07 +03:00			`}`
describe example api handler 2024-06-11 11:38:30 +03:00			`}`

			`if version >= 0 {`
			`// version is sane`
			`log.Printf("GET %v %v v=%v", secret, path, version)`
			`} else {`
			`log.Printf("GET %v %v", secret, path)`
			`}`

			`return fiberOk(c)`
initial commit 2024-06-07 07:29:07 +03:00			`})`
			`/* create/update/patch secret */`
describe example api handler 2024-06-11 11:38:30 +03:00			`router.Post(uriSecretData, func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "SET")`
			`})`
			`router.Patch(uriSecretData, func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "SET")`
			`})`
initial commit 2024-06-07 07:29:07 +03:00			`/* delete secret */`
describe example api handler 2024-06-11 11:38:30 +03:00			`router.Delete(uriSecretData, func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "DELETE")`
			`})`
initial commit 2024-06-07 07:29:07 +03:00			`/* delete/undelete secret */`
describe example api handler 2024-06-11 11:38:30 +03:00			`router.Post("/:secret/delete/:path", func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "DELETE")`
			`})`
			`router.Post("/:secret/undelete/:path", func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "UNDELETE")`
			`})`
initial commit 2024-06-07 07:29:07 +03:00			`/* destroy secret */`
describe example api handler 2024-06-11 11:38:30 +03:00			`router.Post("/:secret/destroy/:path", func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "DESTROY")`
			`})`
initial commit 2024-06-07 07:29:07 +03:00
			`/* read subkeys */`
			`// router.Get("/:secret/subkeys/:path?version=:version&depth=:depth", fiberOk)`
describe example api handler 2024-06-11 11:38:30 +03:00			`router.Get("/:secret/subkeys/:path", func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "SUBKEYS")`
initial commit 2024-06-07 07:29:07 +03:00			`})`

			`/* read metadata */`
describe example api handler 2024-06-11 11:38:30 +03:00			`router.Get(uriSecretMetadata, func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "META-GET")`
			`})`
initial commit 2024-06-07 07:29:07 +03:00			`/* create/update metadata */`
describe example api handler 2024-06-11 11:38:30 +03:00			`router.Post(uriSecretMetadata, func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "META-SET")`
			`})`
			`router.Patch(uriSecretMetadata, func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "META-SET")`
			`})`
initial commit 2024-06-07 07:29:07 +03:00			`/* delete metadata */`
describe example api handler 2024-06-11 11:38:30 +03:00			`router.Delete(uriSecretMetadata, func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "META-DELETE")`
			`})`
initial commit 2024-06-07 07:29:07 +03:00			`/* list secrets */`
describe example api handler 2024-06-11 11:38:30 +03:00			`router.Add(MethodList, uriSecretMetadata, func(c *fiber.Ctx) error {`
			`return vaultApiSimpleKv2(c, "LIST")`
			`})`
initial commit 2024-06-07 07:29:07 +03:00			`}`