Skip to content

Commit 17e085f

Browse files
sam-iosam-io
authored
Merge pull request #1 from form3tech-oss/vault-auth
adds vault auth
2 parents dbb1999 + 749c729 commit 17e085f

File tree

4,961 files changed

+1753008
-19959
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

4,961 files changed

+1753008
-19959
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,3 +19,4 @@
1919
/.metrics.*.added
2020
/.metrics.*.removed
2121
/tools/src
22+
/assets

.travis.yml

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ services:
33
- docker
44
language: go
55
go:
6-
- '1.11'
6+
- 1.13.4
77
before_install:
88
- go get -v github.com/mattn/goveralls
99
- sudo wget -O /usr/local/bin/p2 https://github.com/wrouesnel/p2cli/releases/download/r4/p2
@@ -17,7 +17,20 @@ script:
1717
- go run mage.go docker
1818
env:
1919
global:
20-
- GIT_ASSETS_BRANCH=assets
20+
- GO111MODULE=off
21+
- GIT_ASSETS_BRANCH=assets
2122
branches:
2223
except:
23-
- assets
24+
- assets
25+
before_deploy:
26+
- find bin -maxdepth 1 -mindepth 1 -type d -exec tar cvf {}.tar {} \;
27+
deploy:
28+
provider: releases
29+
skip_cleanup: true
30+
file_glob: true
31+
api_key:
32+
secure: JgV78D/cxddwX6hB7Qh5SENteYt/mlKE+E3yU4UP6p1CY74jIoFdCxvBa4/GhVLHbJCxsQReC3LA5Xdj6VEyBmh/gUSHlqo4+Z9V6+dyqgpMahOGBalpmR7UHXjZxPUs3C8kF7JIYoUReYU50K2Ij9y0JadPGptdgpuJfZHHMq1YtYpoeCyZ1BjxNEHB1CxFSjlm4IQ+lP7HgzCk8jvP7j5ELV5aUhDH2fP9uHVAU2cg5a2iSucWThQqBXDIvAy3hYWbsRMOQZesmbqVlWMqzfMkIRNmhBONHBRwayOSEIbkgZTVMEzUvz0lB4eCojJXmnmudkku/kdk0O/k53R4tVstXVBmel30ro0f8d9VS/auLAx7h1u/FfhipyewXINf8iQ9wtpDeq7vr+MGhg7iPHVeydpUACzVd4GRB6ptCEZLWgR9Qypoz8nXXCoTUuo/41zisJBULU2sWLaxrMx7CPo78jMSEKgTstQbx8ZmkilikcUCgd9Cm3v8ySYEKOdGeKkHjHHLzwZd1fRG3Wpe46OY9UM58qDDK7vzGRo584xW/C4XaFgFKaFf2Cbj++fPv9hNH+CYsUykrthRhHyzjmXloB2j/ELYWDxO0zlmChqh6dTDMHlHo9Hzx9EGp5rEWoPjXyoW4KoBYOl5ik6rXmytWusaIKu+2GuMKRRYZzg=
33+
file: bin/*
34+
on:
35+
repo: form3tech-oss/postgres_exporter
36+
branch: master

cmd/postgres_exporter/postgres_exporter.go

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@ import (
1818
"time"
1919

2020
"github.com/blang/semver"
21+
"github.com/form3tech-oss/go-vault-client/pkg/vaultclient"
2122
"github.com/lib/pq"
2223
"github.com/prometheus/client_golang/prometheus"
2324
"github.com/prometheus/client_golang/prometheus/promhttp"
@@ -1479,6 +1480,39 @@ func (e *Exporter) scrapeDSN(ch chan<- prometheus.Metric, dsn string) error {
14791480
return server.Scrape(ch, e.disableSettingsMetrics)
14801481
}
14811482

1483+
func loadSecrets() (map[string]interface{}, error) {
1484+
result := make(map[string]interface{})
1485+
vaultAuth, err := vaultclient.NewVaultAuth(vaultclient.NewDefaultConfig())
1486+
if err != nil {
1487+
return nil, err
1488+
}
1489+
1490+
client, err := vaultAuth.VaultClient()
1491+
if err != nil {
1492+
return nil, err
1493+
}
1494+
1495+
secret, err := client.Logical().Read("/secret/application")
1496+
if err == nil {
1497+
for key, value := range secret.Data {
1498+
result[key] = value
1499+
}
1500+
} else {
1501+
log.Warnln("error reading vault secrets from /secret/application", err)
1502+
}
1503+
1504+
secret, err = client.Logical().Read("/secret/postgres_exporter")
1505+
if err == nil {
1506+
for key, value := range secret.Data {
1507+
result[key] = value
1508+
}
1509+
} else {
1510+
log.Warnln("error reading vault secrets from /secret/postgres_exporter", err)
1511+
}
1512+
1513+
return result, nil
1514+
}
1515+
14821516
// try to get the DataSource
14831517
// DATA_SOURCE_NAME always wins so we do not break older versions
14841518
// reading secrets from files wins over secrets in environment variables
@@ -1509,6 +1543,21 @@ func getDataSources() []string {
15091543
pass = os.Getenv("DATA_SOURCE_PASS")
15101544
}
15111545

1546+
if len(user) == 0 || len(pass) == 0 {
1547+
secrets, err := loadSecrets()
1548+
if err != nil {
1549+
panic(err)
1550+
}
1551+
1552+
if len(user) == 0 {
1553+
user = secrets["database-username"].(string)
1554+
}
1555+
1556+
if len(pass) == 0 {
1557+
pass = secrets["database-password"].(string)
1558+
}
1559+
}
1560+
15121561
ui := url.UserPassword(user, pass).String()
15131562
uri := os.Getenv("DATA_SOURCE_URI")
15141563
dsn = "postgresql://" + ui + "@" + uri

tools/vendor/github.com/kisielk/errcheck/go.sum

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)