From c69d5c360d2ec605ad7a58ddcfa94ea937f350a0 Mon Sep 17 00:00:00 2001 From: Geoff Wilson Date: Thu, 19 Sep 2024 11:07:56 -0400 Subject: [PATCH] get the kv engine mount from config --- app/lib/services/vault_service.rb | 3 +-- config/astral.yml | 1 + 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/lib/services/vault_service.rb b/app/lib/services/vault_service.rb index 5566ede..6b52142 100644 --- a/app/lib/services/vault_service.rb +++ b/app/lib/services/vault_service.rb @@ -41,8 +41,7 @@ def enable_engine(mount, type) end def kv_mount - # TODO should this be dynamic based on identity? - "astralkv" + Rails.configuration.astral[:vault_kv_mount] end end end diff --git a/config/astral.yml b/config/astral.yml index 76592b4..4d97f43 100644 --- a/config/astral.yml +++ b/config/astral.yml @@ -2,6 +2,7 @@ shared: vault_addr: <%= ENV["VAULT_ADDR"] %> vault_token: <%= ENV["VAULT_TOKEN"] %> vault_cert_path: "pki_int/issue/learn" + vault_kv_mount: <%= ENV["VAULT_KV_MOUNT"] || "astralkv" %> jwt_signing_key: <%= ENV["JWT_SIGNING_KEY"] %> cert_ttl: <%= ENV["CERT_TTL"] %> app_registry_addr: <%= ENV["APP_REGISTRY_ADDR"] %>