UNPKG

hashi-vault-js

Version:

A node.js module to interact with the Hashicorp Vault API.

github.com/rod4n4m1/hashi-vault-js

rod4n4m1/hashi-vault-js

99 lines (88 loc) 3.4 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
//Simple test // source process.env // node PKI-smoke-test.js const ClientCert = process.env.CLIENT_CERT; const ClientKey = process.env.CLIENT_KEY; const CACert = process.env.CA_CERT; const VaultUrl = process.env.VAULT_URL; const RootToken = process.env.VAULT_ROOT_TOKEN; const Vault = require('../Vault'); const vault = new Vault( { https: true, cert: ClientCert, key: ClientKey, cacert: CACert, baseUrl: VaultUrl, rootPath: 'pki', timeout: 5000, proxy: false }); const CertParams = { role: "acme", commonName: "www.vault.acme.com", altNames: "www1.vault.acme.com", ipSans: "10.0.0.200", uriSans: "", otherSans: "", ttL: "365d", format: "pem_bundle", pkFormat: "der", excludeCnFromSans: false }; vault.healthCheck().then(function(data) { console.log('> healthCheck output: \n',data); if (!data.sealed) { vault.genPkiCertificate(RootToken, CertParams).then(function(data){ console.log('>>>> genPkiCertificate output: \n',data); vault.revokePkiCertificate(RootToken, data.serial_number).then(function(data){ console.log('>>>>> revokePkiCertificate output: \n',data); }).catch(function(revokeError){ console.error('>>>>> revokePkiCertificate error: \n',revokeError); }); }).catch(function(genError){ console.error('>>>> genPkiCertificate error: \n',genError); }); vault.setCrlConfig(RootToken, '720h', false).then(function(data){ console.log('>>>> setCrlConfig output: \n',data); vault.readCrlConfig(RootToken).then(function(data){ console.log('>>>> readCrlConfig output: \n',data); }).catch(function(readError){ console.error('>>>>> readCrlConfig error: \n',readError); }); }).catch(function(setError){ console.error('>>>> setCrlConfig error: \n',setError); }); vault.setPkiUrls(RootToken, [ 'https://127.0.0.1:8200/v1/pki/ca/pem' ], [ 'https://127.0.0.1:8200/v1/pki/crl' ], [ 'https://127.0.0.1:8200/v1/pki/oscp' ]).then(function(data){ console.log('>>>> setPkiUrls output: \n',data); vault.readPkiUrls(RootToken).then(function(data){ console.log('>>>>> readPkiUrls output: \n',data); }).catch(function(readError){ console.error('>>>>> readPkiUrls error: \n',readError); }); }).catch(function(setError){ console.error('>>>> setPkiUrls error: \n',readError); }); vault.rotatePkiCrl(RootToken).then(function(data){ console.log('>>>> rotatePkiCrl output: \n',data); vault.readPkiCrl('pem').then(function(data){ console.log('>>>>> readPkiCrl output: \n',data); }).catch(function(readError){ console.error('>>>>> readPkiCrl error: \n',readError); }); }).catch(function(rotateError){ console.error('>>> rotatePkiCrl error: \n',rotateError); }); vault.listCertificates(RootToken).then(function(data){ console.log('>>>> listCertificates output: \n',data); vault.readCertificate(data.keys[0]).then(function(data){ console.log('>>>>> readCertificate output: \n',data); }).catch(function(readError){ console.error('>>>>> readCertificate error: \n',readError); }); }).catch(function(listError){ console.error('>>>> listCertificates error: \n',listError); }); } }).catch(function(healthError){ console.error('> healthCheck error: \n',healthError); });