ref: 422f587a1a75f9264fc3eabc086c55b1abc62ead
src/main/java/net/lulli/certsigner/strategy/vault/VaultCaSetup.java
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
package net.lulli.certsigner.strategy.vault; import net.lulli.certsigner.network.VaultLocal; import net.lulli.certsigner.strategy.CASetupStrategy; import net.lulli.certsigner.ca.CaData; import java.util.Base64; import java.util.HashMap; import java.util.Objects; public class VaultCaSetup implements CASetupStrategy { private static String vaultEndpoint = System.getenv("VAULT_ENDPOINT"); private static String vaultToken = System.getenv("VAULT_TOKEN"); private static final String VAULT_PATH = "cert-auth"; private final VaultLocal vaultLocal; private final String serviceName; public VaultCaSetup(String serviceName) { Objects.requireNonNull(serviceName); this.serviceName = serviceName; this.vaultLocal = new VaultLocal(vaultEndpoint, vaultToken); } @Override public void initialize() { var rootSubject = "CN=root-cert, O=" + serviceName; var data = new HashMap<String, String>(); CaData caData = CaData.withSubject(rootSubject); data.put("certificate", Base64.getEncoder().encodeToString(caData.certificate().getBytes())); data.put("privateKey", Base64.getEncoder().encodeToString(caData.privateKey().getBytes())); vaultLocal.storeSecret(VAULT_PATH + "/" + serviceName, data); } } |