v1.14.6/builtin/logical/nomad/backend.go - hashicorp/vault - Git at Google

 // Copyright (c) HashiCorp, Inc.
 // SPDX-License-Identifier: MPL-2.0

 package nomad

 import (
 	"context"

 	"github.com/hashicorp/nomad/api"
 	"github.com/hashicorp/vault/sdk/framework"
 	"github.com/hashicorp/vault/sdk/logical"
 )

 const operationPrefixNomad = "nomad"

 // Factory returns a Nomad backend that satisfies the logical.Backend interface
 func Factory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error) {
 	b := Backend()
 	if err := b.Setup(ctx, conf); err != nil {
 		return nil, err
 	}
 	return b, nil
 }

 // Backend returns the configured Nomad backend
 func Backend() *backend {
 	var b backend
 	b.Backend = &framework.Backend{
 		PathsSpecial: &logical.Paths{
 			SealWrapStorage: []string{
 				"config/access",
 			},
 		},

 		Paths: []*framework.Path{
 			pathConfigAccess(&b),
 			pathConfigLease(&b),
 			pathListRoles(&b),
 			pathRoles(&b),
 			pathCredsCreate(&b),
 		},

 		Secrets: []*framework.Secret{
 			secretToken(&b),
 		},
 		BackendType: logical.TypeLogical,
 	}

 	return &b
 }

 type backend struct {
 	*framework.Backend
 }

 func clientFromConfig(conf *accessConfig) (*api.Client, error) {
 	nomadConf := api.DefaultConfig()
 	if conf != nil {
 		if conf.Address != "" {
 			nomadConf.Address = conf.Address
 		}
 		if conf.Token != "" {
 			nomadConf.SecretID = conf.Token
 		}
 		if conf.CACert != "" {
 			nomadConf.TLSConfig.CACertPEM = []byte(conf.CACert)
 		}
 		if conf.ClientCert != "" {
 			nomadConf.TLSConfig.ClientCertPEM = []byte(conf.ClientCert)
 		}
 		if conf.ClientKey != "" {
 			nomadConf.TLSConfig.ClientKeyPEM = []byte(conf.ClientKey)
 		}
 	}
 	return api.NewClient(nomadConf)
 }

 func (b *backend) client(ctx context.Context, s logical.Storage) (*api.Client, error) {
 	conf, err := b.readConfigAccess(ctx, s)
 	if err != nil {
 		return nil, err
 	}

 	return clientFromConfig(conf)
 }
	// Copyright (c) HashiCorp, Inc.
	// SPDX-License-Identifier: MPL-2.0

	package nomad

	import (
	"context"

	"github.com/hashicorp/nomad/api"
	"github.com/hashicorp/vault/sdk/framework"
	"github.com/hashicorp/vault/sdk/logical"
	)

	const operationPrefixNomad = "nomad"

	// Factory returns a Nomad backend that satisfies the logical.Backend interface
	func Factory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error) {
	b := Backend()
	if err := b.Setup(ctx, conf); err != nil {
	return nil, err
	}
	return b, nil
	}

	// Backend returns the configured Nomad backend
	func Backend() *backend {
	var b backend
	b.Backend = &framework.Backend{
	PathsSpecial: &logical.Paths{
	SealWrapStorage: []string{
	"config/access",
	},
	},

	Paths: []*framework.Path{
	pathConfigAccess(&b),
	pathConfigLease(&b),
	pathListRoles(&b),
	pathRoles(&b),
	pathCredsCreate(&b),
	},

	Secrets: []*framework.Secret{
	secretToken(&b),
	},
	BackendType: logical.TypeLogical,
	}

	return &b
	}

	type backend struct {
	*framework.Backend
	}

	func clientFromConfig(conf accessConfig) (api.Client, error) {
	nomadConf := api.DefaultConfig()
	if conf != nil {
	if conf.Address != "" {
	nomadConf.Address = conf.Address
	}
	if conf.Token != "" {
	nomadConf.SecretID = conf.Token
	}
	if conf.CACert != "" {
	nomadConf.TLSConfig.CACertPEM = []byte(conf.CACert)
	}
	if conf.ClientCert != "" {
	nomadConf.TLSConfig.ClientCertPEM = []byte(conf.ClientCert)
	}
	if conf.ClientKey != "" {
	nomadConf.TLSConfig.ClientKeyPEM = []byte(conf.ClientKey)
	}
	}
	return api.NewClient(nomadConf)
	}

	func (b backend) client(ctx context.Context, s logical.Storage) (api.Client, error) {
	conf, err := b.readConfigAccess(ctx, s)
	if err != nil {
	return nil, err
	}

	return clientFromConfig(conf)
	}