Created
June 16, 2021 15:57
-
-
Save joemiller/d8aeb5d3e70266665dc92315512ee837 to your computer and use it in GitHub Desktop.
demo of vault token renewer go routine from internal project
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| type VaultDriver struct { | |
| vaultClient *vaultapi.Client | |
| project string | |
| } | |
| func (d VaultDriver) TokenRenewer(ctx context.Context) error { | |
| renewer, err := d.vaultClient.NewRenewer(&vaultapi.RenewerInput{ | |
| Secret: &vaultapi.Secret{ | |
| Auth: &vaultapi.SecretAuth{ | |
| ClientToken: d.vaultClient.Token(), | |
| Renewable: true, | |
| LeaseDuration: 600, | |
| }, | |
| }, | |
| }) | |
| if err != nil { | |
| return errors.Wrap(err, "Unable to start vault token renewer.") | |
| } | |
| go renewer.Renew() | |
| defer renewer.Stop() | |
| for { | |
| select { | |
| case err := <-renewer.DoneCh(): | |
| if err != nil { | |
| logrus.Errorf("failed to renew vault token: %s", err) | |
| } | |
| return errors.Wrap(err, "Vault token renwal failed. Maybe Lease expired?") | |
| case <-renewer.RenewCh(): | |
| logrus.Info("Successfully renewed vault token") | |
| case <-ctx.Done(): | |
| return nil | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment