Feature/upstream secrets endpoint

acornies commented 5 years ago

Addresses #69 by implementing the /system/secrets (upstream) gateway API using Vault secrets v1.

Includes:

Vault service for login and token renewal for preconfigured App Role
New secrets handler for GET,PUT,POST,DELETE
Light refactor of current function secrets implementation based on secret API management
Removal of deprecated vars
Vagrant provisioning updates: provision vagrant
add nomadACL cli param

hashicorp-cla commented 5 years ago

All committers have signed the CLA.

alexellis commented 5 years ago

I think this looks pretty decent. Have you thought about doing some validation on secret names? I think we left the out of the other providers so if you do this it would be great to get a PR to them too

nicholasjackson commented 5 years ago

Hey @acornies

Getting a couple of test failures on CI, I am guessing this is a go mod issue, it seems to work fine when I run the tests locally. Could you check this out pls?

# github.com/hashicorp/faas-nomad/handlers
handlers/secrets.go:101:15: undefined: requests.Secret
handlers/secrets.go:103:29: undefined: requests.Secret
handlers/secrets.go:113:13: undefined: requests.Secret
handlers/secrets.go:137:13: undefined: requests.Secret
# github.com/hashicorp/faas-nomad/handlers [github.com/hashicorp/faas-nomad/handlers.test]
handlers/secrets.go:101: undefined: requests.Secret
handlers/secrets.go:103: undefined: requests.Secret
handlers/secrets.go:113: undefined: requests.Secret

hashicorp / faas-nomad

Feature/upstream secrets endpoint #70