lmrc-cli 0.3.16

CLI tool for scaffolding LMRC Stack infrastructure projects
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

//! HTTP handlers for Vault secrets endpoints

use axum::{
    extract::{State, Path},
    Json,
};
use lmrc_http_common::{HttpResult, SuccessResponse, EmptyResponse};
use crate::state::AppState;
use super::{service::VaultService, models::*};

/// GET /api/vault/secrets/*path
/// Read secret from Vault
pub async fn read_secret(
    State(state): State<AppState>,
    Path(path): Path<String>,
) -> HttpResult<Json<SuccessResponse<SecretResponse>>> {
    tracing::info!("Reading secret from path: {}", path);

    let service = VaultService::new(
        state.config.vault_addr.clone(),
        state.config.vault_token.clone(),
    )?;

    let secret = service.read_secret(&path).await?;

    Ok(Json(SuccessResponse::new(secret)))
}

/// POST /api/vault/secrets/*path
/// Write secret to Vault
pub async fn write_secret(
    State(state): State<AppState>,
    Path(path): Path<String>,
    Json(request): Json<WriteSecretRequest>,
) -> HttpResult<Json<SuccessResponse<SecretResponse>>> {
    tracing::info!("Writing secret to path: {}", path);

    let service = VaultService::new(
        state.config.vault_addr.clone(),
        state.config.vault_token.clone(),
    )?;

    let secret = service.write_secret(&path, request.data).await?;

    Ok(Json(SuccessResponse::new(secret)))
}

/// DELETE /api/vault/secrets/*path
/// Delete secret from Vault
pub async fn delete_secret(
    State(state): State<AppState>,
    Path(path): Path<String>,
) -> HttpResult<Json<EmptyResponse>> {
    tracing::info!("Deleting secret from path: {}", path);

    let service = VaultService::new(
        state.config.vault_addr.clone(),
        state.config.vault_token.clone(),
    )?;

    service.delete_secret(&path).await?;

    Ok(Json(EmptyResponse::new()))
}

/// POST /api/vault/auth/token
/// Generate Vault token for service authentication
pub async fn create_token(
    State(state): State<AppState>,
    Json(request): Json<CreateTokenRequest>,
) -> HttpResult<Json<SuccessResponse<TokenResponse>>> {
    tracing::info!("Creating Vault token with policies: {:?}", request.policies);

    let service = VaultService::new(
        state.config.vault_addr.clone(),
        state.config.vault_token.clone(),
    )?;

    let token = service.create_token(request.policies, request.ttl).await?;

    Ok(Json(SuccessResponse::new(token)))
}