com.bettercloud.vault

Class VaultConfig

java.lang.Object

com.bettercloud.vault.VaultConfig

All Implemented Interfaces:

java.io.Serializable

public class VaultConfig
extends java.lang.Object
implements java.io.Serializable

A container for the configuration settings needed to initialize a Vault driver instance.

Construct instances of this class using a builder pattern, calling setter methods for each value and then terminating with a call to build():

 final VaultConfig config = new VaultConfig()
                              .address("http://127.0.0.1:8200")
                              .token("eace6676-4d78-c687-4e54-03cad00e3abf")
                              .sslConfig(new SslConfig().verify(false).build())
                              .timeout(30)
                              .build();
 

See Also:

SslConfig, Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
protected static java.lang.String	VAULT_TOKEN

Constructor Summary

Constructors

Constructor and Description
VaultConfig()

Method Summary

Modifier and Type	Method and Description
VaultConfig	address(java.lang.String address) Sets the address (URL) of the Vault server instance to which API calls should be sent.
VaultConfig	build() This is the terminating method in the builder pattern.
VaultConfig	environmentLoader(EnvironmentLoader environmentLoader) The code used to load environment variables is encapsulated here, so that a mock version of that environment loader can be used by unit tests.
VaultConfig	openTimeout(java.lang.Integer openTimeout) The number of seconds to wait before giving up on establishing an HTTP(S) connection to the Vault server.
VaultConfig	readTimeout(java.lang.Integer readTimeout) After an HTTP(S) connection has already been established, this is the number of seconds to wait for all data to finish downloading.
protected void	setMaxRetries(int maxRetries) Sets the maximum number of times that an API operation will retry upon failure.
protected void	setRetryIntervalMilliseconds(int retryIntervalMilliseconds) Sets the period of time (in milliseconds) that the driver will wait in between retry attempts for a failing API operation.
VaultConfig	sslConfig(SslConfig sslConfig) A container for SSL-related configuration options (e.g.
VaultConfig	token(java.lang.String token) Sets the token used to access Vault.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

VAULT_TOKEN

protected static final java.lang.String VAULT_TOKEN

See Also:

Constant Field Values

Constructor Detail

VaultConfig

public VaultConfig()

Method Detail

environmentLoader

public VaultConfig environmentLoader(EnvironmentLoader environmentLoader)

The code used to load environment variables is encapsulated here, so that a mock version of that environment loader can be used by unit tests.

This method is primarily intended for use by unit tests, to inject a mock environment variable when constructing a VaultConfig instance using the builder pattern approach rather than the convenience constructor. This method's access level was therefore originally set to protected, but was bumped up to public due to community request for the ability to disable environment loading altogether (see https://github.com/BetterCloud/vault-java-driver/issues/77). Note that if you do override this, however, then obviously all of the environment checking discussed in the documentation becomes disabled.

Parameters:

environmentLoader - An environment variable loader implementation (presumably a mock)

Returns:

This object, with environmentLoader populated, ready for additional builder-pattern method calls or else finalization with the build() method

address

public VaultConfig address(java.lang.String address)

Sets the address (URL) of the Vault server instance to which API calls should be sent. E.g. http://127.0.0.1:8200.

If no address is explicitly set, the object will look to the VAULT_ADDR environment variable.

address is required for the Vault driver to function. If you do not supply it explicitly AND no environment variable value is found, then initialization of the VaultConfig object will fail.

Parameters:

address - The Vault server base URL

Returns:

This object, with address populated, ready for additional builder-pattern method calls or else finalization with the build() method

token

public VaultConfig token(java.lang.String token)

Sets the token used to access Vault.

If no token is explicitly set, then the object will look to the VAULT_TOKEN environment variable.

There are some cases where you might want to instantiate a VaultConfig object without a token (e.g. you plan to retrieve a token programmatically, with a call to the "userpass" auth backend, and populate it prior to making any other API calls).

Parameters:

token - The token to use for accessing Vault

Returns:

This object, with token populated, ready for additional builder-pattern method calls or else finalization with the build() method

sslConfig

public VaultConfig sslConfig(SslConfig sslConfig)

A container for SSL-related configuration options (e.g. certificates).

Although typically necessary in most production environments, this is not strictly required (e.g. if your Vault server address begins with "http://" instead of "https://", then any SSL config will be ignored). However, if your Vault server uses HTTPS, and you wish to skip SSL certificate verification (NOT RECOMMENDED FOR PRODUCTION!), then you must supply an SslConfig object with SslConfig.verify(Boolean) explicitly set to false.

Parameters:

sslConfig - SSL-related configuration options

Returns:

This object, with SSL configuration options populated, ready for additional builder-pattern method calls or else finalization with the build() method

openTimeout

public VaultConfig openTimeout(java.lang.Integer openTimeout)

The number of seconds to wait before giving up on establishing an HTTP(S) connection to the Vault server.

If no openTimeout is explicitly set, then the object will look to the VAULT_OPEN_TIMEOUT environment variable.

Parameters:

openTimeout - Number of seconds to wait for an HTTP(S) connection to successfully establish

Returns:

This object, with openTimeout populated, ready for additional builder-pattern method calls or else finalization with the build() method

readTimeout

public VaultConfig readTimeout(java.lang.Integer readTimeout)

After an HTTP(S) connection has already been established, this is the number of seconds to wait for all data to finish downloading.

If no readTimeout is explicitly set, then the object will look to the VAULT_READ_TIMEOUT environment variable.

Parameters:

readTimeout - Number of seconds to wait for all data to be retrieved from an established HTTP(S) connection

Returns:

This object, with readTimeout populated, ready for additional builder-pattern method calls or else finalization with the build() method

setMaxRetries

protected void setMaxRetries(int maxRetries)

Sets the maximum number of times that an API operation will retry upon failure.

This method is not meant to be called from application-level code outside of this package (hence the protected access level. It is meant to be invoked via Vault.withRetries() in a builder pattern DSL-style.

Parameters:

maxRetries - The number of times that API operations will be retried when a failure occurs.

setRetryIntervalMilliseconds

protected void setRetryIntervalMilliseconds(int retryIntervalMilliseconds)

Sets the period of time (in milliseconds) that the driver will wait in between retry attempts for a failing API operation.

This method is not meant to be called from application-level code outside of this package (hence the protected access level. It is meant to be invoked via Vault.withRetries() in a builder pattern DSL-style.

Parameters:

retryIntervalMilliseconds - The number of milliseconds that the driver will wait in between retries.

build

public VaultConfig build()
                  throws VaultException

This is the terminating method in the builder pattern. The method that validates all of the fields that has been set already, uses environment variables when available to populate any unset fields, and returns a VaultConfig object that is ready for use.

Returns:

This object, with all available config options parsed and loaded

Throws:

VaultException - If the address field was left unset, and there is no VAULT_ADDR environment variable value with which to populate it.