feat: impl vault sync connector, define common abstractions.

README.md

@@ -117,7 +117,7 @@ Create the connector:
 AWSSecretManagerConnectorAsync connector = new AWSSecretManagerConnectorAsync(config);
 ```
 
-Get the secret in String:
+Get the secret as String:
 ```java
 connector.getSecret("secretName")
     .doOnNext(System.out::println);
@@ -184,7 +184,7 @@ Create the connector:
 GenericManagerAsync connector = configurator.getVaultClient();
 ```
 
-Get the secret in String:
+Get the secret as String:
 ```java
 connector.getSecret("my/secret/path")
     .doOnNext(System.out::println);
@@ -198,6 +198,51 @@ connector.getSecret("my/database/credentials", DBCredentials.class)
     })
 ```
 
+## Vault Sync
+
+```java
+dependencies {
+    // Reactor Core is required! 
+    implementation group: 'io.projectreactor', name: 'reactor-core', version: '3.4.17'
+    // vault-async dependency     
+    implementation 'com.github.bancolombia:vault-sync:<version-here>'
+}
+```
+
+Define your configuration:
+```java
+// Example Config
+VaultSecretManagerConfigurator configurator = VaultSecretManagerConfigurator.builder()
+        .withProperties(VaultSecretsManagerProperties.builder()
+                .host("localhost")
+                .port(8200)
+                .ssl(false)
+                .roleId("65903d42-6dd4-2aa3-6a61-xxxxxxxxxx")  // for authentication with vault
+                .secretId("0cce6d0b-e756-c12e-9729-xxxxxxxxx") // for authentication with vault
+                .build())
+        .build();
+```
+
+##### Configurations
+
+_Same as defined for Vault Async._
+
+Create the connector:
+```java
+GenericManagerAsync connector = configurator.getVaultClient();
+```
+
+Get the secret as String:
+```java
+String secret = connector.getSecret("my/secret/path");
+// ... continue your sync flow
+```
+Get the secret deserialized:
+```java
+DBCredentials creds = connector.getSecret("my/database/credentials",
+        DBCredentials.class);
+// ... continue your sync flow
+```
 
 ## Parameter Store Sync
 ```java
@@ -263,7 +308,7 @@ Create the connector:
 AWSParameterStoreConnectorAsync connector = new AWSParameterStoreConnectorAsync(config);
 ```
 
-Get the secret in String:
+Get the secret as String:
 ```java
 connector.getSecret("parameterName")
     .doOnNext(System.out::println);

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/connector/auth/K8sTokenReader.java → async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/connector/K8sTokenReader.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.connector.auth;
+package co.com.bancolombia.secretsmanager.connector;
 
 import co.com.bancolombia.secretsmanager.api.exceptions.SecretException;
 import reactor.core.publisher.Mono;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/connector/VaultAuthenticator.java

@@ -2,11 +2,10 @@
 
 import co.com.bancolombia.secretsmanager.api.exceptions.SecretException;
 import co.com.bancolombia.secretsmanager.commons.utils.GsonUtils;
-import co.com.bancolombia.secretsmanager.config.VaultSecretsManagerProperties;
-import co.com.bancolombia.secretsmanager.connector.auth.AuthResponse;
-import co.com.bancolombia.secretsmanager.connector.auth.K8sAuth;
-import co.com.bancolombia.secretsmanager.connector.auth.K8sTokenReader;
-import co.com.bancolombia.secretsmanager.connector.auth.RoleAuth;
+import co.com.bancolombia.secretsmanager.vault.auth.AuthResponse;
+import co.com.bancolombia.secretsmanager.vault.auth.K8sAuth;
+import co.com.bancolombia.secretsmanager.vault.auth.RoleAuth;
+import co.com.bancolombia.secretsmanager.vault.config.VaultSecretsManagerProperties;
 import com.github.benmanes.caffeine.cache.AsyncCache;
 import com.github.benmanes.caffeine.cache.Caffeine;
 import com.google.gson.Gson;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/connector/VaultSecretManagerConfigurator.java

@@ -1,11 +1,10 @@
 package co.com.bancolombia.secretsmanager.connector;
 
 import co.com.bancolombia.secretsmanager.api.exceptions.SecretException;
-import co.com.bancolombia.secretsmanager.config.VaultKeyStoreProperties;
-import co.com.bancolombia.secretsmanager.config.VaultSecretsManagerProperties;
-import co.com.bancolombia.secretsmanager.config.VaultTrustStoreProperties;
-import co.com.bancolombia.secretsmanager.connector.auth.K8sTokenReader;
-import co.com.bancolombia.secretsmanager.connector.ssl.SslConfig;
+import co.com.bancolombia.secretsmanager.vault.config.VaultKeyStoreProperties;
+import co.com.bancolombia.secretsmanager.vault.config.VaultSecretsManagerProperties;
+import co.com.bancolombia.secretsmanager.vault.config.VaultTrustStoreProperties;
+import co.com.bancolombia.secretsmanager.vault.ssl.SslConfig;
 import lombok.Builder;
 
 import java.net.http.HttpClient;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/connector/VaultSecretsManagerConnectorAsync.java

@@ -3,9 +3,9 @@
 import co.com.bancolombia.secretsmanager.api.GenericManagerAsync;
 import co.com.bancolombia.secretsmanager.api.exceptions.SecretException;
 import co.com.bancolombia.secretsmanager.commons.utils.GsonUtils;
-import co.com.bancolombia.secretsmanager.config.VaultSecretsManagerProperties;
-import co.com.bancolombia.secretsmanager.connector.auth.AuthResponse;
-import co.com.bancolombia.secretsmanager.connector.secret.SecretResponse;
+import co.com.bancolombia.secretsmanager.vault.config.VaultSecretsManagerProperties;
+import co.com.bancolombia.secretsmanager.vault.secret.SecretResponse;
+import co.com.bancolombia.secretsmanager.vault.auth.AuthResponse;
 import com.github.benmanes.caffeine.cache.AsyncCache;
 import com.github.benmanes.caffeine.cache.Caffeine;
 import reactor.core.publisher.Mono;

async/vault-async/src/test/java/co/com/bancolombia/secretsmanager/connector/auth/K8sTokenReaderTest.java → async/vault-async/src/test/java/co/com/bancolombia/secretsmanager/connector/K8sTokenReaderTest.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.connector.auth;
+package co.com.bancolombia.secretsmanager.connector;
 
 import lombok.SneakyThrows;
 import org.junit.Test;

async/vault-async/src/test/java/co/com/bancolombia/secretsmanager/connector/VaulAuthenticatorTest.java

@@ -1,7 +1,6 @@
 package co.com.bancolombia.secretsmanager.connector;
 
-import co.com.bancolombia.secretsmanager.config.VaultSecretsManagerProperties;
-import co.com.bancolombia.secretsmanager.connector.auth.K8sTokenReader;
+import co.com.bancolombia.secretsmanager.vault.config.VaultSecretsManagerProperties;
 import lombok.SneakyThrows;
 import okhttp3.mockwebserver.MockResponse;
 import okhttp3.mockwebserver.MockWebServer;

async/vault-async/src/test/java/co/com/bancolombia/secretsmanager/connector/VaultSecretManagerConfiguratorTest.java

@@ -1,9 +1,9 @@
 package co.com.bancolombia.secretsmanager.connector;
 
 import co.com.bancolombia.secretsmanager.api.exceptions.SecretException;
-import co.com.bancolombia.secretsmanager.config.VaultKeyStoreProperties;
-import co.com.bancolombia.secretsmanager.config.VaultSecretsManagerProperties;
-import co.com.bancolombia.secretsmanager.config.VaultTrustStoreProperties;
+import co.com.bancolombia.secretsmanager.vault.config.VaultKeyStoreProperties;
+import co.com.bancolombia.secretsmanager.vault.config.VaultSecretsManagerProperties;
+import co.com.bancolombia.secretsmanager.vault.config.VaultTrustStoreProperties;
 import lombok.SneakyThrows;
 import org.junit.Assert;
 import org.junit.Test;

async/vault-async/src/test/java/co/com/bancolombia/secretsmanager/connector/VaultSecretsManagerConnectorAsyncTest.java

@@ -1,7 +1,7 @@
 package co.com.bancolombia.secretsmanager.connector;
 
-import co.com.bancolombia.secretsmanager.config.VaultSecretsManagerProperties;
-import co.com.bancolombia.secretsmanager.connector.auth.AuthResponse;
+import co.com.bancolombia.secretsmanager.vault.auth.AuthResponse;
+import co.com.bancolombia.secretsmanager.vault.config.VaultSecretsManagerProperties;
 import lombok.AllArgsConstructor;
 import lombok.Getter;
 import lombok.NoArgsConstructor;

async/vault-async/vault-async.gradle

@@ -1,15 +1,15 @@
 dependencies {
     api project(":secrets-manager-api")
+    api project(":vault-commons")
     implementation "io.projectreactor.addons:reactor-extra:${reactorExtraVersion}"
     implementation "io.projectreactor:reactor-core:${reactorCoreVersion}"
     implementation "com.google.code.gson:gson:${gsonVersion}"
     implementation "com.github.ben-manes.caffeine:caffeine:${cafeineVersion}"
     testImplementation "io.projectreactor:reactor-test:${reactorCoreVersion}"
     testImplementation("com.squareup.okhttp3:mockwebserver:4.9.3")
-
 }
 
 ext {
     artifactId = 'vault-async'
-    artifactDescription = 'Secrets Manager'
+    artifactDescription = 'Secrets Manager async connector for Vault'
 }

gradle.properties

@@ -1,4 +1,4 @@
-version=4.3.1
+version=4.4.0
 springBootVersion=3.2.1
 reactorCoreVersion=3.6.1
 reactorExtraVersion=3.5.1

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/connector/auth/AuthResponse.java → sync/vault-commons/src/main/java/co/com/bancolombia/secretsmanager/vault/auth/AuthResponse.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.connector.auth;
+package co.com.bancolombia.secretsmanager.vault.auth;
 
 import lombok.AllArgsConstructor;
 import lombok.Builder;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/connector/auth/K8sAuth.java → sync/vault-commons/src/main/java/co/com/bancolombia/secretsmanager/vault/auth/K8sAuth.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.connector.auth;
+package co.com.bancolombia.secretsmanager.vault.auth;
 
 import lombok.AllArgsConstructor;
 import lombok.Builder;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/connector/auth/RoleAuth.java → sync/vault-commons/src/main/java/co/com/bancolombia/secretsmanager/vault/auth/RoleAuth.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.connector.auth;
+package co.com.bancolombia.secretsmanager.vault.auth;
 
 import com.google.gson.annotations.SerializedName;
 import lombok.AllArgsConstructor;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/config/CacheProperties.java → sync/vault-commons/src/main/java/co/com/bancolombia/secretsmanager/vault/config/CacheProperties.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.config;
+package co.com.bancolombia.secretsmanager.vault.config;
 
 import lombok.AllArgsConstructor;
 import lombok.Builder;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/config/HttpProperties.java → sync/vault-commons/src/main/java/co/com/bancolombia/secretsmanager/vault/config/HttpProperties.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.config;
+package co.com.bancolombia.secretsmanager.vault.config;
 
 import lombok.AllArgsConstructor;
 import lombok.Builder;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/config/VaultKeyStoreProperties.java → sync/vault-commons/src/main/java/co/com/bancolombia/secretsmanager/vault/config/VaultKeyStoreProperties.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.config;
+package co.com.bancolombia.secretsmanager.vault.config;
 
 import lombok.AllArgsConstructor;
 import lombok.Builder;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/config/VaultSecretsManagerProperties.java → sync/vault-commons/src/main/java/co/com/bancolombia/secretsmanager/vault/config/VaultSecretsManagerProperties.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.config;
+package co.com.bancolombia.secretsmanager.vault.config;
 
 import lombok.*;
 

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/config/VaultTrustStoreProperties.java → sync/vault-commons/src/main/java/co/com/bancolombia/secretsmanager/vault/config/VaultTrustStoreProperties.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.config;
+package co.com.bancolombia.secretsmanager.vault.config;
 
 import lombok.AllArgsConstructor;
 import lombok.Builder;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/connector/secret/SecretPayload.java → sync/vault-commons/src/main/java/co/com/bancolombia/secretsmanager/vault/secret/SecretPayload.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.connector.secret;
+package co.com.bancolombia.secretsmanager.vault.secret;
 
 import lombok.AllArgsConstructor;
 import lombok.Getter;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/connector/secret/SecretResponse.java → sync/vault-commons/src/main/java/co/com/bancolombia/secretsmanager/vault/secret/SecretResponse.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.connector.secret;
+package co.com.bancolombia.secretsmanager.vault.secret;
 
 import com.google.gson.annotations.SerializedName;
 import lombok.AllArgsConstructor;

async/vault-async/src/main/java/co/com/bancolombia/secretsmanager/connector/ssl/SslConfig.java → sync/vault-commons/src/main/java/co/com/bancolombia/secretsmanager/vault/ssl/SslConfig.java

@@ -1,4 +1,4 @@
-package co.com.bancolombia.secretsmanager.connector.ssl;
+package co.com.bancolombia.secretsmanager.vault.ssl;
 
 import co.com.bancolombia.secretsmanager.api.exceptions.SecretException;
 

async/vault-async/src/test/java/co/com/bancolombia/secretsmanager/ssl/SslConfigTest.java → sync/vault-commons/src/test/java/co/com/bancolombia/secretsmanager/vault/ssl/SslConfigTest.java

@@ -1,7 +1,7 @@
-package co.com.bancolombia.secretsmanager.ssl;
+package co.com.bancolombia.secretsmanager.vault.ssl;
 
 import co.com.bancolombia.secretsmanager.api.exceptions.SecretException;
-import co.com.bancolombia.secretsmanager.connector.ssl.SslConfig;
+import co.com.bancolombia.secretsmanager.vault.ssl.SslConfig;
 import lombok.SneakyThrows;
 import org.junit.Assert;
 import org.junit.Test;

sync/vault-commons/src/test/resources/certificate.arm

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDSDCCAjACAQEwDQYJKoZIhvcNAQELBQAwajELMAkGA1UEBhMCQ08xDDAKBgNV
+BAgMA0FOVDERMA8GA1UEBwwITUVERUxMSU4xEjAQBgNVBAoMCWxvY2FsaG9zdDES
+MBAGA1UECwwJbG9jYWxob3N0MRIwEAYDVQQDDAlsb2NhbGhvc3QwHhcNMjMxMjIy
+MDI1NzUxWhcNMjQwMzIxMDI1NzUxWjBqMQswCQYDVQQGEwJDTzEMMAoGA1UECAwD
+QU5UMREwDwYDVQQHDAhNRURFTExJTjESMBAGA1UECgwJbG9jYWxob3N0MRIwEAYD
+VQQLDAlsb2NhbGhvc3QxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALlAo5u+D/fD+v5A4oXcF/14m15mYX+cx0svOKBD
+dNigECPu4UghvmCia3pGFyRP72P1Cx3jye6ImLRCNL7JJFV7BuOiMk1OP+BkqAG0
+RNNt2okMsngkmHTyIHcBdu7QtNWewaZN7WRLa0cOgYMeKc1orftBNNfe7LpLtjuy
+wqzrqi3qI2Y2xXdjTWUVySXzDfVSCnLS+mYNHF5XEkqZXwA4j+rJN9ipeWXxm78G
+sft603a+u+f7PwvPHzMltHI7OxuaJpPC9KzUzgeJ9vzCMz/9Klmp/VrDjigqYMnW
+j3EB5eh7iXamJslexDotHZ2q6pQOq2OAPOVwsExPWc/ILkMCAwEAATANBgkqhkiG
+9w0BAQsFAAOCAQEAplB1L6fxpoQN0ynZdfRaXblvwLjzjVZe0j+p120JIGp8nsDK
+CwZvlu501j2y+yEZ4mUkNkbwe1U7bYd/KTexbsgrpzxfcqsPNGrs3te2k6m2Bkp1
+KS43rUKx9VvjIaYstx9akuCZmirTLWimCUOGTlsnqGLf5y806F+ifyHrBLkWa6ly
+cZGnGitFS/PzCR3gjoO1CNIDFU5bLhAMGFdC6lr7aHLVctTI2Q9O42PVCBf169nP
+10poZACmxQkuDvKVDRA6foNibTWbwHq2Ng//TORMdCts3BUf+cpXBX+zXj3qV3Nc
+CPgnQwLaeotV1iBhzrt/TtWmZI2eGGNB8oL2qA==
+-----END CERTIFICATE-----

sync/vault-commons/src/test/resources/client_cert.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDTjCCAjagAwIBAgIEZYwSAzANBgkqhkiG9w0BAQsFADBpMQswCQYDVQQGEwJD
+TzELMAkGA1UECAwCQU4xETAPBgNVBAcMCE1FREVMTElOMRIwEAYDVQQKDAlsb2Nh
+bGhvc3QxEjAQBgNVBAsMCWxvY2FsaG9zdDESMBAGA1UEAwwJbG9jYWxob3N0MB4X
+DTIzMTIyNzEyMDEwN1oXDTI0MTIyNjEyMDEwN1owaTELMAkGA1UEBhMCQ08xCzAJ
+BgNVBAgMAkFOMREwDwYDVQQHDAhNRURFTExJTjESMBAGA1UECgwJbG9jYWxob3N0
+MRIwEAYDVQQLDAlsb2NhbGhvc3QxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMkh7JoVfFX20p0pqtRS8rRUl+70mpeu
+32fGoN5pA1AdqTRZfOoGKoHnVhAG6C/5UoD5GOStKLVdsXVEtaWkBnyVAD3Imdj7
+450dU9+LATgSQYJbTL11OcZBizeiu6DfZmBtYWvmpPDIAPsZr6R+kcUIrzH3ZQjU
+/BAfwCEmdQYwW7gWL456mTvefnMXcraoS4sOlBrH5FGXkb0ESIHuXMUsOrvg3cgN
+8S9R7huZQTDCio605KZW3hjfngBSAFTKbxxNI8nt05i5Gd+PMjpTndBUT4xYPp8Y
+igjL5IE0j9xY6IfvHqn/GD5GzYYIjjer2eCGmXfHDNtHAnA/wgdArEsCAwEAATAN
+BgkqhkiG9w0BAQsFAAOCAQEAKUcvHUTOL+rNr4DvdS3N3PSvVsnldgcYoBGZH0nf
+QtSWdbtLXfnhzgQPP+ndvL8ZWrYyZAv6+/fV7eQ569436nu+ebPz43JYiUsPReSg
+qzcJn95JYJn1nW6CKBhkkFGmcDMidm6u0eSNKZdKc+vPdlQFcmqEXjEv7gMHmPrE
+rCwXKvxQZ1DEFett56DFqJvnOTD0lBAGl6pyROqsF5JjJVUXgGcHGbXll3/CzgvK
+803fOq4kgu/BNPxy/KyC6Ztz5Qgr+7/zFC52nyRJilWPOJwU64fHu+yHaR9sI6bn
+NE3wY5gnwzKHWL2jotlFfSuoXNpBW11JSdzfDDH5GWhMDQ==
+-----END CERTIFICATE-----

sync/vault-commons/vault-commons.gradle

@@ -0,0 +1,9 @@
+dependencies {
+    api project(":secrets-manager-api")
+    implementation "com.google.code.gson:gson:${gsonVersion}"
+}
+
+ext {
+    artifactId = 'vault-commons'
+    artifactDescription = 'Vault Secrets Manager base abstractions'
+}

sync/vault-sync/src/main/java/co/com/bancolombia/secretsmanager/vaultsync/connector/K8sTokenReader.java

@@ -0,0 +1,33 @@
+package co.com.bancolombia.secretsmanager.vaultsync.connector;
+
+import co.com.bancolombia.secretsmanager.api.exceptions.SecretException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+
+public class K8sTokenReader {
+
+    private final String tokenFile;
+
+    public K8sTokenReader() {
+        this.tokenFile = "/var/run/secrets/kubernetes.io/serviceaccount/token";
+    }
+
+    public K8sTokenReader(String tokenFile) {
+        this.tokenFile = tokenFile;
+    }
+
+    /**
+     * Reads the kubernetes service account token from the file system
+     * @return the kubernetes service account token
+     */
+    public String getKubernetesServiceAccountToken() throws SecretException {
+        try {
+            Path path = Paths.get(this.tokenFile);
+            return Files.readAllLines(path).get(0);
+        } catch (Exception e) {
+            throw new SecretException("Error reading kubernetes service account token: " + e.getMessage());
+        }
+    }
+
+}