credstash 0.7.0

Credstash is a utility for managing credentials in the AWS cloud
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70

extern crate credstash;

use credstash::{CredStashClient, CredStashCredential, CredstashItem};
use ring;
use std::str;
use tokio::runtime::Runtime;

// This test assumes you have already have an AWS infrastructure running.
// Both table and the KMS key should be present for the test to pass.
#[test]
fn credstash_basic_workflow() {
    let mut rt = Runtime::new().unwrap();

    // put credential
    let table_name = "credential-store".to_string();
    let app = CredStashClient::new(CredStashCredential::DefaultCredentialsProvider, None).unwrap();
    let put_future = rt.block_on(async {
        app.put_secret(
            table_name.clone(),
            "hello12".to_string(),
            "world12".to_string(),
            None,
            vec![],
            None,
            None,
            ring::hmac::HMAC_SHA256,
        )
        .await
    });

    assert!(put_future.is_ok());

    // get credential
    let result: CredstashItem = rt
        .block_on(async {
            app.get_secret(table_name.clone(), "hello12".to_string(), vec![], None)
                .await
        })
        .unwrap();
    let secret_utf8 = str::from_utf8(&result.credential_value).unwrap();
    assert_eq!("world12".to_string(), secret_utf8);

    // put auto increment
    let put_auto_secret_future = app.put_secret_auto_version(
        table_name.clone(),
        "hello12".to_string(),
        "world12".to_string(),
        None,
        vec![],
        None,
        ring::hmac::HMAC_SHA256,
    );
    let result = rt.block_on(async { put_auto_secret_future.await });
    assert!(result.is_ok());

    // get version
    let get_version_future = app.get_highest_version(table_name.clone(), "hello12".to_string());
    let result = rt.block_on(async { get_version_future.await });
    assert_eq!(result.unwrap(), 2);

    // get all secrets
    let get_all_future = app.get_all_secrets(table_name.clone(), vec![], None);
    let result = rt.block_on(async { get_all_future.await });
    assert_eq!(result.unwrap().len() >= 1, true);

    // delete credential
    let delete_future = app.delete_secret(table_name, "hello12".to_string());
    let res = rt.block_on(async { delete_future.await });
    assert!(res.is_ok());
}