com.bettercloud.vault

Class VaultConfig

java.lang.Object

com.bettercloud.vault.VaultConfig

public final class VaultConfig
extends java.lang.Object

A container for the configuration settings needed to initialize a Vault driver instance.

There are two ways to create and setup a VaultConfig instance. The full-featured approach uses a builder pattern, calling setter methods for each value and then terminating with a call to build():

 final VaultConfig config = new VaultConfig()
                              .address("http://127.0.0.1:8200")
                              .token("eace6676-4d78-c687-4e54-03cad00e3abf")
                              .sslVerify(true)
                              .timeout(30)
                              .build();
 

If the only values that you need to set are address and token, then as a shortcut there is also a constructor method taking those two values:

 final VaultConfig config = new VaultConfig("http://127.0.0.1:8200", "eace6676-4d78-c687-4e54-03cad00e3abf");
 

Note that when using the shorthand convenience constructor, you should NOT set additional properties on the same instance afterward.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
protected static class	VaultConfig.EnvironmentLoader The code used to load environment variables is encapsulated within an inner class, so that a mock version of that environment loader can be used by unit tests.

Constructor Summary

Constructors

Modifier	Constructor and Description
	VaultConfig() Default constructor.
	VaultConfig(java.lang.String address) A convenience constructor, for quickly creating a VaultConfig instance with its address field populated.
	VaultConfig(java.lang.String address, java.lang.String token) A convenience constructor, for quickly creating a VaultConfig instance with its address and token fields populated.
protected	VaultConfig(java.lang.String address, java.lang.String token, VaultConfig.EnvironmentLoader environmentLoader) An overloaded version of the normal convenience constructor, used by unit tests to inject a mock environment variable loader and validate that loading logic.
protected	VaultConfig(java.lang.String address, VaultConfig.EnvironmentLoader environmentLoader) An overloaded version of the normal convenience constructor, used by unit tests to inject a mock environment variable loader and validate that loading logic.

Method Summary

Modifier and Type	Method and Description
VaultConfig	address(java.lang.String address) Sets the address (URL) of the Vault server instance to which API calls should be sent.
VaultConfig	build() This is the terminating method in the builder pattern.
protected VaultConfig	environmentLoader(VaultConfig.EnvironmentLoader environmentLoader) The code used to load environment variables is encapsulated within an inner class, so that a mock version of that environment loader can be used by unit tests.
java.lang.String	getAddress()
int	getMaxRetries()
java.lang.Integer	getOpenTimeout()
java.lang.String	getProxyAddress()
java.lang.String	getProxyPassword()
java.lang.Integer	getProxyPort()
java.lang.String	getProxyUsername()
java.lang.Integer	getReadTimeout()
int	getRetryIntervalMilliseconds()
java.lang.String	getSslPemFile()
java.lang.Integer	getSslTimeout()
java.lang.Integer	getTimeout()
java.lang.String	getToken()
java.lang.Boolean	isSslVerify()
VaultConfig	openTimeout(java.lang.Integer openTimeout) TODO: Not yet being used.
VaultConfig	proxyAddress(java.lang.String proxyAddress) TODO: Not yet being used.
VaultConfig	proxyPassword(java.lang.String proxyPassword) TODO: Not yet being used.
VaultConfig	proxyPort(java.lang.Integer proxyPort) TODO: Not yet being used.
VaultConfig	proxyUsername(java.lang.String proxyUsername) TODO: Not yet being used.
VaultConfig	readTimeout(java.lang.Integer readTimeout) TODO: Not yet being used.
protected void	setMaxRetries(int maxRetries) Sets the maximum number of times that an API operation will retry upon failure.
protected void	setRetryIntervalMilliseconds(int retryIntervalMilliseconds) Sets the period of time (in milliseconds) that the driver will wait in between retry attempts for a failing API operation.
VaultConfig	sslPemFile(java.lang.String sslPemFile) TODO: Not yet being used.
VaultConfig	sslTimeout(java.lang.Integer sslTimeout) TODO: Not yet being used.
VaultConfig	sslVerify(java.lang.Boolean sslVerify) TODO: Not yet being used.
VaultConfig	timeout(java.lang.Integer timeout) TODO: Not yet being used.
VaultConfig	token(java.lang.String token) Sets the root token used to access Vault.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

VaultConfig

public VaultConfig()

Default constructor. Should be used in conjunction with the builder pattern, calling additional property setter methods and ultimately finishing with a call to build().

Note that when using this builder pattern approach, you must either set address and token explicitly, or else have them available as runtime environment variables.

VaultConfig

public VaultConfig(java.lang.String address,
                   java.lang.String token)
            throws VaultException

A convenience constructor, for quickly creating a VaultConfig instance with its address and token fields populated.

Although address and token are the only two properties explicitly passed, the constructor will still look to the runtime environment variables to populate any other fields when values are present.

When using this approach to creating a VaultConfig instance, you should NOT make additional setter method calls after construction. If you need other properties set explicitly, then use the builder pattern approach.

Parameters:

address - The URL of the target Vault server

token - The access token to enable Vault access

Throws:

VaultException

VaultConfig

public VaultConfig(java.lang.String address)
            throws VaultException

A convenience constructor, for quickly creating a VaultConfig instance with its address field populated.

While the other convenience constructor requires root token parameter, this constructor version does not. So it IS possible to construct a VaultConfig object with no root token present. However, such an object will be of no use with most actual Vault API calls. This constructor is therefore meant to be used when you plan to programmatically retrieve a token (e.g. from the "userpass" backend) and populate it prior to making other API calls.

When using this approach to creating a VaultConfig instance, you should NOT make additional setter method calls after construction... other than the token scenario described immediately above. If you need any other properties set explicitly, then use the builder pattern approach.

Parameters:

address - The URL of the target Vault server

Throws:

VaultException

VaultConfig

protected VaultConfig(java.lang.String address,
                      java.lang.String token,
                      VaultConfig.EnvironmentLoader environmentLoader)
               throws VaultException

An overloaded version of the normal convenience constructor, used by unit tests to inject a mock environment variable loader and validate that loading logic.

Parameters:

address - The URL of the target Vault server

token - The access token to enable Vault access

environmentLoader - A (mock) environment loader implementation

Throws:

VaultException

VaultConfig

protected VaultConfig(java.lang.String address,
                      VaultConfig.EnvironmentLoader environmentLoader)
               throws VaultException

An overloaded version of the normal convenience constructor, used by unit tests to inject a mock environment variable loader and validate that loading logic.

Parameters:

address - The URL of the target Vault server

environmentLoader - A (mock) environment loader implementation

Throws:

VaultException

Method Detail

environmentLoader

protected VaultConfig environmentLoader(VaultConfig.EnvironmentLoader environmentLoader)

The code used to load environment variables is encapsulated within an inner class, so that a mock version of that environment loader can be used by unit tests.

This method is used by unit tests, to inject a mock environment variable when constructing a VaultConfig instance using the builder pattern approach rather than the convenience constructor. There really shouldn't ever be a need to call this method outside of a unit test context (hence the protected access level).

Parameters:

environmentLoader - An environment variable loader implementation (presumably a mock).

Returns:

address

public VaultConfig address(java.lang.String address)

Sets the address (URL) of the Vault server instance to which API calls should be sent. E.g. http://127.0.0.1:8200.

If no address is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_ADDR environment variable.

address is required for the Vault driver to function. If you do not supply it explicitly AND no environment variable value is found, then initialization of the VaultConfig object will fail.

Parameters:

address - The Vault server base URL

Returns:

token

public VaultConfig token(java.lang.String token)

Sets the root token used to access Vault.

If no token is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_TOKEN environment variable.

There are some cases where you might want to instantiate a VaultConfig object without a token (e.g. you plan to retrieve a token programmatically, with a call to the "userpass" auth backend, and populate it prior to making any other API calls). In such use cases, you can still use either the builder pattern approach or the single-argument convenience constructor.

Parameters:

token -

Returns:

proxyAddress

public VaultConfig proxyAddress(java.lang.String proxyAddress)

TODO: Not yet being used. Implement...

If no proxyAddress is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_PROXY_ADDRESS environment variable.

Parameters:

proxyAddress -

Returns:

proxyPort

public VaultConfig proxyPort(java.lang.Integer proxyPort)

TODO: Not yet being used. Implement...

If no proxyPort is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_PROXY_PORT environment variable.

Parameters:

proxyPort -

Returns:

proxyUsername

public VaultConfig proxyUsername(java.lang.String proxyUsername)

TODO: Not yet being used. Implement...

If no proxyUsername is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_PROXY_USERNAME environment variable.

Parameters:

proxyUsername -

Returns:

proxyPassword

public VaultConfig proxyPassword(java.lang.String proxyPassword)

TODO: Not yet being used. Implement...

If no proxyPassword is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_PROXY_PASSWORD environment variable.

Parameters:

proxyPassword -

Returns:

sslPemFile

public VaultConfig sslPemFile(java.lang.String sslPemFile)

TODO: Not yet being used. Implement...

If no sslPemFile is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_SSL_CERT environment variable.

Parameters:

sslPemFile -

Returns:

sslVerify

public VaultConfig sslVerify(java.lang.Boolean sslVerify)

TODO: Not yet being used. Implement...

If no sslVerify is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_SSL_VERIFY environment variable.

Parameters:

sslVerify -

Returns:

timeout

public VaultConfig timeout(java.lang.Integer timeout)

TODO: Not yet being used. Implement...

If no timeout is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_TIMEOUT environment variable.

Parameters:

timeout -

Returns:

sslTimeout

public VaultConfig sslTimeout(java.lang.Integer sslTimeout)

TODO: Not yet being used. Implement...

If no sslTimeout is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_SSL_TIMEOUT environment variable.

Parameters:

sslTimeout -

Returns:

openTimeout

public VaultConfig openTimeout(java.lang.Integer openTimeout)

TODO: Not yet being used. Implement...

If no openTimeout is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_OPEN_TIMEOUT environment variable.

Parameters:

openTimeout -

Returns:

readTimeout

public VaultConfig readTimeout(java.lang.Integer readTimeout)

TODO: Not yet being used. Implement...

If no readTimeout is explicitly set, either by this method in a builder pattern approach or else by one of the convenience constructors, then VaultConfig will look to the VAULT_READ_TIMEOUT environment variable.

Parameters:

readTimeout -

Returns:

setMaxRetries

protected void setMaxRetries(int maxRetries)

Sets the maximum number of times that an API operation will retry upon failure.

This method is not meant to be called from application-level code outside of this package (hence the protected access level. It is meant to be invoked via Vault.withRetries() in a builder pattern DSL-style.

Parameters:

maxRetries - The number of times that API operations will be retried when a failure occurs.

setRetryIntervalMilliseconds

protected void setRetryIntervalMilliseconds(int retryIntervalMilliseconds)

Sets the period of time (in milliseconds) that the driver will wait in between retry attempts for a failing API operation.

This method is not meant to be called from application-level code outside of this package (hence the protected access level. It is meant to be invoked via Vault.withRetries() in a builder pattern DSL-style.

Parameters:

retryIntervalMilliseconds - The number of milliseconds that the driver will wait in between retries.

build

public VaultConfig build()
                  throws VaultException

This is the terminating method in the builder pattern. The method that validates all of the fields that has been set already, uses environment variables when available to populate any unset fields, and returns a VaultConfig object that is ready for use.

Returns:

Throws:

VaultException - If the address field was left unset, and there is no VAULT_ADDR environment variable value with which to populate it.

getAddress

public java.lang.String getAddress()

getToken

public java.lang.String getToken()

getProxyAddress

public java.lang.String getProxyAddress()

getProxyPort

public java.lang.Integer getProxyPort()

getProxyUsername

public java.lang.String getProxyUsername()

getProxyPassword

public java.lang.String getProxyPassword()

getSslPemFile

public java.lang.String getSslPemFile()

isSslVerify

public java.lang.Boolean isSslVerify()

getTimeout

public java.lang.Integer getTimeout()

getSslTimeout

public java.lang.Integer getSslTimeout()

getOpenTimeout

public java.lang.Integer getOpenTimeout()

getReadTimeout

public java.lang.Integer getReadTimeout()

getMaxRetries

public int getMaxRetries()

getRetryIntervalMilliseconds

public int getRetryIntervalMilliseconds()