def is_mounted(backend, path, backends): """Determine whether a backend of a certain type is mounted""" for mount_name, values in backends.items(): b_norm = normalize_vault_path(mount_name) m_norm = normalize_vault_path(path) if (m_norm == b_norm) and values['type'] == backend: return True return False
def get_backend(backend, path, backends): """Returns mountpoint details for a backend""" m_norm = normalize_vault_path(path) for mount_name, values in backends.items(): b_norm = normalize_vault_path(mount_name) if (m_norm == b_norm) and values['type'] == backend: return values return None
def prune(self, vault_client): """Will remove any mount point which is not actually defined in this context. """ existing = getattr(vault_client, SecretBackend.list_fun)()['data'].items() for mount_name, _values in existing: # ignore system paths and cubbyhole mount_path = normalize_vault_path(mount_name) if mount_path.startswith('sys') or mount_path == 'cubbyhole': continue exists = [resource.path for resource in self.mounts() if normalize_vault_path(resource.path) == mount_path] if not exists: LOG.info("removed unknown mount %s", mount_path) getattr(vault_client, SecretBackend.unmount_fun)(mount_path)
def prune(self, vault_client): """Will remove any mount point which is not actually defined in this context. """ existing = getattr(vault_client, SecretBackend.list_fun)()['data'].items() for mount_name, _values in existing: # ignore system paths and cubbyhole mount_path = normalize_vault_path(mount_name) if mount_path.startswith('sys') or mount_path == 'cubbyhole': continue exists = [ resource.path for resource in self.mounts() if normalize_vault_path(resource.path) == mount_path ] if not exists: LOG.info("removed unknown mount %s", mount_path) getattr(vault_client, SecretBackend.unmount_fun)(mount_path)
def fetch(self, vault_client, backends): """Updates local resource with context on whether this backend is actually mounted and available""" if not is_mounted(self.backend, self.path, backends) or \ self.tune_prefix is None: return backend_details = get_backend(self.backend, self.path, backends) self.existing = backend_details['config'] if backend_details['description']: self.existing['description'] = backend_details['description'] if vault_client.version is None: return if not self.managed: return a_prefix = self.tune_prefix if self.tune_prefix: a_prefix = "%s/" % self.tune_prefix v_path = "sys/mounts/%s%s/tune" % (a_prefix, self.path) t_resp = vault_client.read(v_path) if 'data' not in t_resp: e_msg = "Unable to retrieve tuning info for %s" % self raise aomi_excep.VaultData(e_msg) e_obj = t_resp['data'] e_obj['description'] = None n_path = normalize_vault_path(self.path) if n_path in backends: a_mount = backends[n_path] if 'description' in a_mount and a_mount['description']: e_obj['description'] = a_mount['description'] self.existing = e_obj