spacewander commented on code in PR #8412: URL: https://github.com/apache/apisix/pull/8412#discussion_r1033299250
########## apisix/kms/vault.lua: ########## @@ -0,0 +1,94 @@ +-- +-- Licensed to the Apache Software Foundation (ASF) under one or more +-- contributor license agreements. See the NOTICE file distributed with +-- this work for additional information regarding copyright ownership. +-- The ASF licenses this file to You under the Apache License, Version 2.0 +-- (the "License"); you may not use this file except in compliance with +-- the License. You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +--- Vault Tools. +-- Vault is an identity-based secrets and encryption management system. + +local core = require("apisix.core") +local http = require("resty.http") +local json = require("cjson") + +local norm_path = require("pl.path").normpath +local string = require("apisix.core.string") + +local find = string.find +local sub = string.sub +local reverse = string.reverse + +local _M = {} + + +local function make_request_to_vault(conf, method, key, data) + local httpc = http.new() + -- config timeout or default to 5000 ms + httpc:set_timeout((conf.timeout or 5)*1000) + + local req_addr = conf.uri .. norm_path("/v1/" + .. conf.prefix .. "/" .. key) + + local res, err = httpc:request_uri(req_addr, { + method = method, + headers = { + ["X-Vault-Token"] = conf.token + }, + body = core.json.encode(data or {}, true) + }) + + if not res then + return nil, err + end + + return res.body +end + +-- key is the vault kv engine path +local function get(conf, key) + core.log.info("fetching data from vault for key: ", key) + + local idx = find(reverse(key), "/") Review Comment: We can use the rfind_char instead? https://github.com/apache/apisix/blob/164a3222fa8ef159a21726fb4a6bd7ab1ccb785c/apisix/core/string.lua#L86 ########## apisix/kms/vault.lua: ########## @@ -0,0 +1,94 @@ +-- +-- Licensed to the Apache Software Foundation (ASF) under one or more +-- contributor license agreements. See the NOTICE file distributed with +-- this work for additional information regarding copyright ownership. +-- The ASF licenses this file to You under the Apache License, Version 2.0 +-- (the "License"); you may not use this file except in compliance with +-- the License. You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +--- Vault Tools. +-- Vault is an identity-based secrets and encryption management system. + +local core = require("apisix.core") +local http = require("resty.http") +local json = require("cjson") Review Comment: Why don't we use core.json? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
