Project

hocho-jwt

0.0
No commit activity in last 3 years
No release in over 3 years
hocho-jwtsorah/hocho-jwtHomepageDocumentationSource CodeBug TrackerWiki
Pass JWT to servers using hocho
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
1,941
Stars
1
Forks
0
Watchers
3
 Releases
Current version
0.1.0
Total releases
1
First release
2020-05-11
Latest release
2020-05-11
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2020-05-10
Reverse Dependencies
0

 Dependencies

Runtime

hocho
>= 0
jwt
>= 0
 Project Readme

hocho-jwt: Pass JWT to servers on hocho apply

hocho plugin to issue and sign JWT (JSON Web Token) and pass it to a host as a node attribute on hocho apply.

Use cases

  • Use with step-ca (smallstep/certificates): allow servers to get certificates from step-ca during initial provision with hocho

Installation

Add this line to your Gemfile:

gem 'hocho-jwt'

Usage

# hocho.yml
property_providers:
  - add_default:
      properties:
        hocho_jwt:
          ## JWT will be issued when host.properties.jwt.issue is present
          issue: false

          ## Lifetime in seconds
          duration: 120

          ## Claims
          claims:
            iss: hocho
          
          ## Set false to skip when issue=true but no signing key is present.
          fail_when_no_signing_key: true
  - jwt:
      algorithm: ES256

      ## Signing Private Key
      # EC256: openssl ecparam -name prime256v1 -genkey -noout -out key.pem
      # RS256: openssl genrsa -noout -out key.pem 2048
      signing_key:
        ## Key ID
        # kid_string: key-id
        # kid_file: path/to/kid
        # kid_env: HOCHO_JWT_KID
        ## String to PEM or Base64 encoded DER
        # pem_string: "..."
        # pem_file: /path/to/jwk
        # pem_env: HOCHO_JWT_KEY

      ## Templates are rendered using ERB, and `host` (Hocho::Host) is given. 
      ## Invalid DNS names will be removed.
      sub_template: "<%= host.name %>"
# hocho host.yml
myhost.example.org:
  properties:
    hocho_jwt:
      issue: true
      claims:
        # this overrides sub_template
        # sub: "static-subject.example.org"
        aud: 'audience'
        customclaim: test
        customclaimarray: ['test']
        
# itamae recipe

file "/etc/jwt.txt" do
  content "#{node[:hocho_jwt][:token]}\n"
  owner 'root'
  group 'root'
  mode  '0640'
end

execute "do-something-with-token"

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/hocho-jwt.

License

The gem is available as open source under the terms of the MIT License.