From d79c58e6863ab2647d57592ca451cb06783545ea Mon Sep 17 00:00:00 2001 From: Shaun Ford Date: Mon, 23 Apr 2018 15:52:36 -0700 Subject: [PATCH] Update README and variable names --- README.md | 18 +++++++++--------- .../client/DefaultCerberusUrlResolverTest.java | 6 +++--- .../client/StaticCerberusUrlResolverTest.java | 2 +- .../aws/BaseAwsCredentialsProviderTest.java | 14 +++++++------- ...nceRoleCerberusCredentialsProviderTest.java | 6 +++--- 5 files changed, 23 insertions(+), 23 deletions(-) diff --git a/README.md b/README.md index 0f564fc..da709f0 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,9 @@ [![Coverage Status](https://coveralls.io/repos/github/Nike-Inc/cerberus-java-client/badge.svg?branch=master)](https://coveralls.io/github/Nike-Inc/cerberus-java-client) [![][license img]][license] -A java based client library for Cerberus that's built on top of Nike's Vault client. +A java based client library for Cerberus that's built on top of Nike's Cerberus client. -This library acts as a wrapper around the Nike developed Vault client by configuring the client to be Cerberus compatible. +This library acts as a wrapper around the Nike developed Cerberus client by configuring the client to be Cerberus compatible. To learn more about Cerberus, please see the [Cerberus website](http://engineering.nike.com/cerberus/). @@ -17,14 +17,14 @@ To learn more about Cerberus, please see the [Cerberus website](http://engineeri 2. Add the [Cerberus client dependency](https://bintray.com/nike/maven/cerberus-client) to your build (e.g. Maven, Gradle) 3. Provide an authentication mechanism. - For local development it is easiest to export a `CERBERUS_TOKEN` that you copied from the Cerberus dashboard. - When running in AWS, your application will not need this environmetal variable, instead it will automatically + When running in AWS, your application will not need this environment variable, instead it will automatically authenticate using its IAM role. Alternatively, set a `cerberus.token` System property. - If you would like to test IAM authentication locally, you can do that by [assuming a role](http://docs.aws.amazon.com/cli/latest/userguide/cli-roles.html). 4. Access secrets from Cerberus using Java ``` java String cerberusUrl = "https://cerberus.example.com"; - VaultClient vaultClient = DefaultCerberusClientFactory.getClient(cerberusUrl); - Map secrets = vaultClient.read("/app/my-sdb-name").getData(); + CerberusClient cerberusClient = DefaultCerberusClientFactory.getClient(cerberusUrl); + Map secrets = cerberusClient.read("/app/my-sdb-name").getData(); ``` ## Lambdas @@ -68,8 +68,8 @@ Setup the CERBERUS_ADDR environmental variable and access Cerberus using Java: ``` java String invokedFunctionArn = context.getInvokedFunctionArn(); - VaultClient vaultClient = DefaultCerberusClientFactory.getClientForLambda(invokedFunctionArn); - Map secrets = vaultClient.read("/app/my-sdb-name").getData(); + CerberusClient cerberusClient = DefaultCerberusClientFactory.getClientForLambda(invokedFunctionArn); + Map secrets = cerberusClient.read("/app/my-sdb-name").getData(); ``` ## More Configuration Options @@ -83,8 +83,8 @@ Provide the URL directly using the factory method `DefaultCerberusClientFactory. and then use the factory method that does not require a URL: ``` java - final VaultClient vaultClient = DefaultCerberusClientFactory.getClient(); - Map secrets = vaultClient.read("/app/my-sdb-name").getData(); + final CerberusClient cerberusClient = DefaultCerberusClientFactory.getClient(); + Map secrets = cerberusClient.read("/app/my-sdb-name").getData(); ``` ### Configuring Credentials diff --git a/src/test/java/com/nike/cerberus/client/DefaultCerberusUrlResolverTest.java b/src/test/java/com/nike/cerberus/client/DefaultCerberusUrlResolverTest.java index fc7012f..8194a9f 100644 --- a/src/test/java/com/nike/cerberus/client/DefaultCerberusUrlResolverTest.java +++ b/src/test/java/com/nike/cerberus/client/DefaultCerberusUrlResolverTest.java @@ -45,21 +45,21 @@ public void setup() { } @Test - public void lookupVaultUrl_returns_url_if_env_variable_is_set() { + public void lookupCerberusUrl_returns_url_if_env_variable_is_set() { when(System.getenv(DefaultCerberusUrlResolver.CERBERUS_ADDR_ENV_PROPERTY)).thenReturn(url); assertThat(subject.resolve()).isEqualTo(url); } @Test - public void lookupVaultUrl_returns_url_if_sys_property_is_set() { + public void lookupCerberusUrl_returns_url_if_sys_property_is_set() { when(System.getProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY)).thenReturn(url); assertThat(subject.resolve()).isEqualTo(url); } @Test - public void lookupVaultUrl_returns_null_if_env_and_sys_not_set() { + public void lookupCerberusUrl_returns_null_if_env_and_sys_not_set() { assertThat(subject.resolve()).isNull(); } } diff --git a/src/test/java/com/nike/cerberus/client/StaticCerberusUrlResolverTest.java b/src/test/java/com/nike/cerberus/client/StaticCerberusUrlResolverTest.java index d735f9c..6d48689 100644 --- a/src/test/java/com/nike/cerberus/client/StaticCerberusUrlResolverTest.java +++ b/src/test/java/com/nike/cerberus/client/StaticCerberusUrlResolverTest.java @@ -28,7 +28,7 @@ public class StaticCerberusUrlResolverTest { private final String testUrl = "https://localhost"; @Test(expected = IllegalArgumentException.class) - public void test_constructor_throws_error_if_vault_url_is_blank() { + public void test_constructor_throws_error_if_cerberus_url_is_blank() { new StaticCerberusUrlResolver(" "); } diff --git a/src/test/java/com/nike/cerberus/client/auth/aws/BaseAwsCredentialsProviderTest.java b/src/test/java/com/nike/cerberus/client/auth/aws/BaseAwsCredentialsProviderTest.java index ee012d1..0d1b2fd 100644 --- a/src/test/java/com/nike/cerberus/client/auth/aws/BaseAwsCredentialsProviderTest.java +++ b/src/test/java/com/nike/cerberus/client/auth/aws/BaseAwsCredentialsProviderTest.java @@ -38,14 +38,14 @@ public class BaseAwsCredentialsProviderTest extends BaseCredentialsProviderTest{ public static final Region REGION = RegionUtils.getRegion("us-west-2"); public static final String CERBERUS_TEST_ARN = "arn:aws:iam::123456789012:role/cerberus-test-role"; - public static final String ERROR_RESPONSE = "Error calling vault"; + public static final String ERROR_RESPONSE = "Error calling cerberus"; protected static final String MISSING_AUTH_DATA = "{}"; private BaseAwsCredentialsProvider provider; private UrlResolver urlResolver; - private String vaultUrl; + private String cerberusUrl; private MockWebServer mockWebServer; @Before @@ -57,7 +57,7 @@ public void setUp() throws Exception { mockWebServer = new MockWebServer(); mockWebServer.start(); - vaultUrl = "http://localhost:" + mockWebServer.getPort(); + cerberusUrl = "http://localhost:" + mockWebServer.getPort(); } @After @@ -79,9 +79,9 @@ public void decryptToken_throws_exception_when_non_encrypted_data_provided() { @Test(expected = CerberusServerException.class) public void getEncryptedAuthData_throws_exception_on_bad_response_code() throws IOException { - when(urlResolver.resolve()).thenReturn(vaultUrl); + when(urlResolver.resolve()).thenReturn(cerberusUrl); - System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, vaultUrl); + System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, cerberusUrl); mockWebServer.enqueue(new MockResponse().setResponseCode(400).setBody(ERROR_RESPONSE)); provider.getEncryptedAuthData(CERBERUS_TEST_ARN, REGION); @@ -89,9 +89,9 @@ public void getEncryptedAuthData_throws_exception_on_bad_response_code() throws @Test(expected = CerberusClientException.class) public void getEncryptedAuthData_throws_exception_on_missing_auth_data() throws IOException { - when(urlResolver.resolve()).thenReturn(vaultUrl); + when(urlResolver.resolve()).thenReturn(cerberusUrl); - System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, vaultUrl); + System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, cerberusUrl); mockWebServer.enqueue(new MockResponse().setResponseCode(200).setBody(MISSING_AUTH_DATA)); provider.getEncryptedAuthData(CERBERUS_TEST_ARN, REGION); diff --git a/src/test/java/com/nike/cerberus/client/auth/aws/InstanceRoleCerberusCredentialsProviderTest.java b/src/test/java/com/nike/cerberus/client/auth/aws/InstanceRoleCerberusCredentialsProviderTest.java index 1d03f21..ab99926 100644 --- a/src/test/java/com/nike/cerberus/client/auth/aws/InstanceRoleCerberusCredentialsProviderTest.java +++ b/src/test/java/com/nike/cerberus/client/auth/aws/InstanceRoleCerberusCredentialsProviderTest.java @@ -85,14 +85,14 @@ public void getCredentials_returns_valid_credentials() throws IOException { MockWebServer mockWebServer = new MockWebServer(); mockWebServer.start(); - final String vaultUrl = "http://localhost:" + mockWebServer.getPort(); + final String cerberusUrl = "http://localhost:" + mockWebServer.getPort(); mockGetIamSecurityCredentials(DEFAULT_ROLE); mockGetIamInstanceProfileInfo(GOOD_INSTANCE_PROFILE_ARN); mockDecrypt(kmsClient, DECODED_AUTH_DATA); - when(urlResolver.resolve()).thenReturn(vaultUrl); + when(urlResolver.resolve()).thenReturn(cerberusUrl); - System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, vaultUrl); + System.setProperty(DefaultCerberusUrlResolver.CERBERUS_ADDR_SYS_PROPERTY, cerberusUrl); mockWebServer.enqueue(new MockResponse().setResponseCode(200).setBody(AUTH_RESPONSE)); CerberusCredentials credentials = provider.getCredentials();