Merge branch 'pradeepchhetri-master'

physical/mysql.go

@@ -0,0 +1,175 @@
+package physical
+
+import (
+	"database/sql"
+	"fmt"
+	"sort"
+	"strings"
+	"time"
+
+	"github.com/armon/go-metrics"
+	_ "github.com/go-sql-driver/mysql"
+)
+
+// MySQLBackend is a physical backend that stores data
+// within MySQL database.
+type MySQLBackend struct {
+	dbTable    string
+	client     *sql.DB
+	statements map[string]*sql.Stmt
+}
+
+// newMySQLBackend constructs a MySQL backend using the given API client and
+// server address and credential for accessing mysql database.
+func newMySQLBackend(conf map[string]string) (Backend, error) {
+	// Get the MySQL credentials to perform read/write operations.
+	username, ok := conf["username"]
+	if !ok || username == "" {
+		return nil, fmt.Errorf("missing username")
+	}
+	password, ok := conf["password"]
+	if !ok || username == "" {
+		return nil, fmt.Errorf("missing password")
+	}
+
+	// Get or set MySQL server address. Defaults to localhost and default port(3306)
+	address, ok := conf["address"]
+	if !ok {
+		address = "127.0.0.1:3306"
+	}
+
+	// Get the MySQL database and table details.
+	database, ok := conf["database"]
+	if !ok {
+		database = "vault"
+	}
+	table, ok := conf["table"]
+	if !ok {
+		table = "vault"
+	}
+	dbTable := database + "." + table
+
+	// Create MySQL handle for the database.
+	dsn := username + ":" + password + "@tcp(" + address + ")/"
+	db, err := sql.Open("mysql", dsn)
+	if err != nil {
+		return nil, fmt.Errorf("failed to connect to mysql: %v", err)
+	}
+
+	// Create the required database if it doesn't exists.
+	if _, err := db.Exec("CREATE DATABASE IF NOT EXISTS " + database); err != nil {
+		return nil, fmt.Errorf("failed to create mysql database: %v", err)
+	}
+
+	// Create the required table if it doesn't exists.
+	create_query := "CREATE TABLE IF NOT EXISTS " + dbTable +
+		" (vault_key varchar(512), vault_value mediumblob, PRIMARY KEY (vault_key))"
+	if _, err := db.Exec(create_query); err != nil {
+		return nil, fmt.Errorf("failed to create mysql table: %v", err)
+	}
+
+	// Setup the backend.
+	m := &MySQLBackend{
+		dbTable:    dbTable,
+		client:     db,
+		statements: make(map[string]*sql.Stmt),
+	}
+
+	// Prepare all the statements required
+	statements := map[string]string{
+		"put": "INSERT INTO " + dbTable +
+			" VALUES( ?, ? ) ON DUPLICATE KEY UPDATE vault_value=VALUES(vault_value)",
+		"get":    "SELECT vault_value FROM " + dbTable + " WHERE vault_key = ?",
+		"delete": "DELETE FROM " + dbTable + " WHERE vault_key = ?",
+		"list":   "SELECT vault_key FROM " + dbTable + " WHERE vault_key LIKE ?",
+	}
+	for name, query := range statements {
+		if err := m.prepare(name, query); err != nil {
+			return nil, err
+		}
+	}
+	return m, nil
+}
+
+// prepare is a helper to prepare a query for future execution
+func (m *MySQLBackend) prepare(name, query string) error {
+	stmt, err := m.client.Prepare(query)
+	if err != nil {
+		return fmt.Errorf("failed to prepare '%s': %v", name, err)
+	}
+	m.statements[name] = stmt
+	return nil
+}
+
+// Put is used to insert or update an entry.
+func (m *MySQLBackend) Put(entry *Entry) error {
+	defer metrics.MeasureSince([]string{"mysql", "put"}, time.Now())
+
+	_, err := m.statements["put"].Exec(entry.Key, entry.Value)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// Get is used to fetch and entry.
+func (m *MySQLBackend) Get(key string) (*Entry, error) {
+	defer metrics.MeasureSince([]string{"mysql", "get"}, time.Now())
+
+	var result []byte
+	err := m.statements["get"].QueryRow(key).Scan(&result)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	ent := &Entry{
+		Key:   key,
+		Value: result,
+	}
+	return ent, nil
+}
+
+// Delete is used to permanently delete an entry
+func (m *MySQLBackend) Delete(key string) error {
+	defer metrics.MeasureSince([]string{"mysql", "delete"}, time.Now())
+
+	_, err := m.statements["delete"].Exec(key)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// List is used to list all the keys under a given
+// prefix, up to the next prefix.
+func (m *MySQLBackend) List(prefix string) ([]string, error) {
+	defer metrics.MeasureSince([]string{"mysql", "list"}, time.Now())
+
+	// Add the % wildcard to the prefix to do the prefix search
+	likePrefix := prefix + "%"
+	rows, err := m.statements["list"].Query(likePrefix)
+
+	var keys []string
+	for rows.Next() {
+		var key string
+		err = rows.Scan(&key)
+		if err != nil {
+			return nil, fmt.Errorf("failed to scan rows: %v", err)
+		}
+
+		key = strings.TrimPrefix(key, prefix)
+		if i := strings.Index(key, "/"); i == -1 {
+			// Add objects only from the current 'folder'
+			keys = append(keys, key)
+		} else if i != -1 {
+			// Add truncated 'folder' paths
+			keys = appendIfMissing(keys, string(key[:i+1]))
+		}
+	}
+
+	sort.Strings(keys)
+	return keys, nil
+}

physical/mysql_test.go

@@ -0,0 +1,53 @@
+package physical
+
+import (
+	"os"
+	"testing"
+
+	_ "github.com/go-sql-driver/mysql"
+)
+
+func TestMySQLBackend(t *testing.T) {
+	address := os.Getenv("MYSQL_ADDR")
+	if address == "" {
+		t.SkipNow()
+	}
+
+	database := os.Getenv("MYSQL_DB")
+	if database == "" {
+		database = "test"
+	}
+
+	table := os.Getenv("MYSQL_TABLE")
+	if table == "" {
+		table = "test"
+	}
+
+	username := os.Getenv("MYSQL_USERNAME")
+	password := os.Getenv("MYSQL_PASSWORD")
+
+	// Run vault tests
+	b, err := NewBackend("mysql", map[string]string{
+		"address":  address,
+		"database": database,
+		"table":    table,
+		"username": username,
+		"password": password,
+	})
+
+	if err != nil {
+		t.Fatalf("Failed to create new backend: %v", err)
+	}
+
+	defer func() {
+		mysql := b.(*MySQLBackend)
+		_, err := mysql.client.Exec("DROP TABLE " + mysql.dbTable)
+		if err != nil {
+			t.Fatalf("Failed to drop table: %v", err)
+		}
+	}()
+
+	testBackend(t, b)
+	testBackend_ListPrefix(t, b)
+
+}

physical/physical.go

@@ -84,4 +84,5 @@ var BuiltinBackends = map[string]Factory{
 	"file":      newFileBackend,
 	"s3":        newS3Backend,
 	"etcd":      newEtcdBackend,
+	"mysql":     newMySQLBackend,
 }

website/source/docs/config/index.html.md

@@ -76,6 +76,8 @@ durability, etc.
   * `s3` - Store data within an S3 bucket [S3](http://aws.amazon.com/s3/).
       This backend does not support HA.
 
+  * `mysql` - Store data within MySQL. This backend does not support HA.
+
   * `inmem` - Store data in-memory. This is only really useful for
       development and experimentation. Data is lost whenever Vault is
       restarted.
@@ -143,6 +145,21 @@ For S3, the following options are supported:
 
   * `region` (optional) - The AWS region. It can be sourced from the AWS_DEFAULT_REGION environment variable and will default to "us-east-1" if not specified.
 
+#### Backend Reference: MySQL
+
+The MySQL backend has the following options:
+
+  * `username` (required) - The MySQL username to connect with.
+
+  * `password` (required) - The MySQL password to connect with.
+
+  * `address` (optional) - The address of the MySQL host. Defaults to
+    "127.0.0.1:3306.
+
+  * `database` (optional) - The name of the database to use. Defaults to "vault".
+
+  * `table` (optional) - The name of the table to use. Defaults to "vault".
+
 #### Backend Reference: Inmem
 
 The in-memory backend has no configuration options.