Skip to content
This repository has been archived by the owner on Jan 12, 2024. It is now read-only.

Commit

Permalink
Update README and variable names
Browse files Browse the repository at this point in the history
  • Loading branch information
@sdford
sdford committed Apr 23, 2018
1 parent c38f90f commit d79c58e
Show file tree
Hide file tree
Showing 5 changed files with 23 additions and 23 deletions.
18 changes: 9 additions & 9 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@
[![Coverage Status](https://coveralls.io/repos/github/Nike-Inc/cerberus-java-client/badge.svg?branch=master)](https://coveralls.io/github/Nike-Inc/cerberus-java-client)
[![][license img]][license]

A java based client library for Cerberus that's built on top of Nike's Vault client.
A java based client library for Cerberus that's built on top of Nike's Cerberus client.

This library acts as a wrapper around the Nike developed Vault client by configuring the client to be Cerberus compatible.
This library acts as a wrapper around the Nike developed Cerberus client by configuring the client to be Cerberus compatible.

To learn more about Cerberus, please see the [Cerberus website](http://engineering.nike.com/cerberus/).

Expand All @@ -17,14 +17,14 @@ To learn more about Cerberus, please see the [Cerberus website](http://engineeri
2. Add the [Cerberus client dependency](https://bintray.com/nike/maven/cerberus-client) to your build (e.g. Maven, Gradle)
3. Provide an authentication mechanism.
- For local development it is easiest to export a `CERBERUS_TOKEN` that you copied from the Cerberus dashboard.
When running in AWS, your application will not need this environmetal variable, instead it will automatically
When running in AWS, your application will not need this environment variable, instead it will automatically
authenticate using its IAM role. Alternatively, set a `cerberus.token` System property.
- If you would like to test IAM authentication locally, you can do that by [assuming a role](http://docs.aws.amazon.com/cli/latest/userguide/cli-roles.html).
4. Access secrets from Cerberus using Java
``` java
String cerberusUrl = "https://cerberus.example.com";
VaultClient vaultClient = DefaultCerberusClientFactory.getClient(cerberusUrl);
Map<String,String> secrets = vaultClient.read("/app/my-sdb-name").getData();
CerberusClient cerberusClient = DefaultCerberusClientFactory.getClient(cerberusUrl);
Map<String,String> secrets = cerberusClient.read("/app/my-sdb-name").getData();
```

## Lambdas
Expand Down Expand Up @@ -68,8 +68,8 @@ Setup the CERBERUS_ADDR environmental variable and access Cerberus using Java:

``` java
String invokedFunctionArn = context.getInvokedFunctionArn();
VaultClient vaultClient = DefaultCerberusClientFactory.getClientForLambda(invokedFunctionArn);
Map<String,String> secrets = vaultClient.read("/app/my-sdb-name").getData();
CerberusClient cerberusClient = DefaultCerberusClientFactory.getClientForLambda(invokedFunctionArn);
Map<String,String> secrets = cerberusClient.read("/app/my-sdb-name").getData();
```

## More Configuration Options
Expand All @@ -83,8 +83,8 @@ Provide the URL directly using the factory method `DefaultCerberusClientFactory.
and then use the factory method that does not require a URL:

``` java
final VaultClient vaultClient = DefaultCerberusClientFactory.getClient();
Map<String,String> secrets = vaultClient.read("/app/my-sdb-name").getData();
final CerberusClient cerberusClient = DefaultCerberusClientFactory.getClient();
Map<String,String> secrets = cerberusClient.read("/app/my-sdb-name").getData();
```

### Configuring Credentials
Expand Down
6 changes: 3 additions & 3 deletions src/test/java/com/nike/cerberus/client/DefaultCerberusUrlResolverTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,21 +45,21 @@ public void setup() {
}

@Test
public void lookupVaultUrl_returns_url_if_env_variable_is_set() {
public void lookupCerberusUrl_returns_url_if_env_variable_is_set() {
when(System.getenv(DefaultCerberusUrlResolver.CERBERUS_ADDR_ENV_PROPERTY)).thenReturn(url);

assertThat(subject.resolve()).isEqualTo(url);
}

@Test
public void lookupVaultUrl_returns_url_if_sys_property_is_set() {
public void lookupCerberusUrl_returns_url_if_sys_property_is_set() {
when(System.getProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY)).thenReturn(url);

assertThat(subject.resolve()).isEqualTo(url);
}

@Test
public void lookupVaultUrl_returns_null_if_env_and_sys_not_set() {
public void lookupCerberusUrl_returns_null_if_env_and_sys_not_set() {
assertThat(subject.resolve()).isNull();
}
}
2 changes: 1 addition & 1 deletion src/test/java/com/nike/cerberus/client/StaticCerberusUrlResolverTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ public class StaticCerberusUrlResolverTest {
private final String testUrl = "https://localhost";

@Test(expected = IllegalArgumentException.class)
public void test_constructor_throws_error_if_vault_url_is_blank() {
public void test_constructor_throws_error_if_cerberus_url_is_blank() {
new StaticCerberusUrlResolver(" ");
}

Expand Down
14 changes: 7 additions & 7 deletions src/test/java/com/nike/cerberus/client/auth/aws/BaseAwsCredentialsProviderTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,14 +38,14 @@
public class BaseAwsCredentialsProviderTest extends BaseCredentialsProviderTest{
public static final Region REGION = RegionUtils.getRegion("us-west-2");
public static final String CERBERUS_TEST_ARN = "arn:aws:iam::123456789012:role/cerberus-test-role";
public static final String ERROR_RESPONSE = "Error calling vault";
public static final String ERROR_RESPONSE = "Error calling cerberus";

protected static final String MISSING_AUTH_DATA = "{}";


private BaseAwsCredentialsProvider provider;
private UrlResolver urlResolver;
private String vaultUrl;
private String cerberusUrl;
private MockWebServer mockWebServer;

@Before
Expand All @@ -57,7 +57,7 @@ public void setUp() throws Exception {
mockWebServer = new MockWebServer();
mockWebServer.start();

vaultUrl = "http://localhost:" + mockWebServer.getPort();
cerberusUrl = "http://localhost:" + mockWebServer.getPort();
}

@After
Expand All @@ -79,19 +79,19 @@ public void decryptToken_throws_exception_when_non_encrypted_data_provided() {

@Test(expected = CerberusServerException.class)
public void getEncryptedAuthData_throws_exception_on_bad_response_code() throws IOException {
when(urlResolver.resolve()).thenReturn(vaultUrl);
when(urlResolver.resolve()).thenReturn(cerberusUrl);

System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, vaultUrl);
System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, cerberusUrl);
mockWebServer.enqueue(new MockResponse().setResponseCode(400).setBody(ERROR_RESPONSE));

provider.getEncryptedAuthData(CERBERUS_TEST_ARN, REGION);
}

@Test(expected = CerberusClientException.class)
public void getEncryptedAuthData_throws_exception_on_missing_auth_data() throws IOException {
when(urlResolver.resolve()).thenReturn(vaultUrl);
when(urlResolver.resolve()).thenReturn(cerberusUrl);

System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, vaultUrl);
System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, cerberusUrl);
mockWebServer.enqueue(new MockResponse().setResponseCode(200).setBody(MISSING_AUTH_DATA));

provider.getEncryptedAuthData(CERBERUS_TEST_ARN, REGION);
Expand Down
6 changes: 3 additions & 3 deletions ...t/java/com/nike/cerberus/client/auth/aws/InstanceRoleCerberusCredentialsProviderTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,14 +85,14 @@ public void getCredentials_returns_valid_credentials() throws IOException {

MockWebServer mockWebServer = new MockWebServer();
mockWebServer.start();
final String vaultUrl = "http://localhost:" + mockWebServer.getPort();
final String cerberusUrl = "http://localhost:" + mockWebServer.getPort();

mockGetIamSecurityCredentials(DEFAULT_ROLE);
mockGetIamInstanceProfileInfo(GOOD_INSTANCE_PROFILE_ARN);
mockDecrypt(kmsClient, DECODED_AUTH_DATA);
when(urlResolver.resolve()).thenReturn(vaultUrl);
when(urlResolver.resolve()).thenReturn(cerberusUrl);

System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, vaultUrl);
System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, cerberusUrl);
mockWebServer.enqueue(new MockResponse().setResponseCode(200).setBody(AUTH_RESPONSE));

CerberusCredentials credentials = provider.getCredentials();
Expand Down

0 comments on commit d79c58e

Please sign in to comment.