Pull a bunch of code from puppet-consul, adapt for Vault.

.fixtures.yml

@@ -0,0 +1,6 @@
+fixtures:
+  repositories:
+    stdlib: "git://github.com/puppetlabs/puppetlabs-stdlib.git"
+    staging: "https://github.com/nanliu/puppet-staging.git"
+  symlinks:
+    vault: "#{source_dir}"

.travis.yml

@@ -0,0 +1,36 @@
+---
+language: ruby
+bundler_args: --without development
+before_install: rm Gemfile.lock || true
+rvm:
+  - 1.9.3
+  - 2.0.0
+  - 2.1.0
+script: bundle exec rake test
+env:
+  - PUPPET_VERSION="~> 2.7.0"
+  - PUPPET_VERSION="~> 3.1.0"
+  - PUPPET_VERSION="~> 3.2.0"
+  - PUPPET_VERSION="~> 3.3.0"
+  - PUPPET_VERSION="~> 3.4.0"
+  - PUPPET_VERSION="~> 3.5.0"
+  - PUPPET_VERSION="~> 3.7.0"
+  - PUPPET_VERSION="~> 3.7.4" FUTURE_PARSER=yes
+matrix:
+  exclude:
+  - rvm: 1.9.3
+    env: PUPPET_VERSION="~> 2.7.0"
+  - rvm: 2.0.0
+    env: PUPPET_VERSION="~> 2.7.0"
+  - rvm: 2.0.0
+    env: PUPPET_VERSION="~> 3.1.0"
+  - rvm: 2.1.0
+    env: PUPPET_VERSION="~> 2.7.0"
+  - rvm: 2.1.0
+    env: PUPPET_VERSION="~> 3.1.0"
+  - rvm: 2.1.0
+    env: PUPPET_VERSION="~> 3.2.0"
+  - rvm: 2.1.0
+    env: PUPPET_VERSION="~> 3.3.0"
+  - rvm: 2.1.0
+    env: PUPPET_VERSION="~> 3.4.0"

Gemfile

@@ -0,0 +1,18 @@
+source "http://rubygems.org"
+
+group :test do
+  gem "rake"
+  gem 'beaker', '~> 1.11.0'
+  gem "puppet-blacksmith"
+  gem "puppet", '~> 3.7.0'
+  gem "puppet-lint"
+  gem "rspec-puppet", :git => 'https://github.com/rodjek/rspec-puppet.git'
+  gem "puppet-syntax"
+  gem "puppetlabs_spec_helper"
+  gem "hiera-puppet-helper"
+end
+
+group :development do
+  gem 'json'
+  gem 'beaker-rspec'
+end

Gemfile.lock

@@ -0,0 +1,177 @@
+GIT
+  remote: https://github.com/rodjek/rspec-puppet.git
+  revision: 81ea952031acb2c7c8f5f6a34712be613a1eeca7
+  specs:
+    rspec-puppet (2.3.0)
+      rspec
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    CFPropertyList (2.3.1)
+    addressable (2.3.8)
+    autoparse (0.3.3)
+      addressable (>= 2.3.1)
+      extlib (>= 0.9.15)
+      multi_json (>= 1.0.0)
+    aws-sdk (1.64.0)
+      aws-sdk-v1 (= 1.64.0)
+    aws-sdk-v1 (1.64.0)
+      json (~> 1.4)
+      nokogiri (>= 1.4.4)
+    beaker (1.11.2)
+      aws-sdk (~> 1.38)
+      blimpy (~> 0.6)
+      docker-api
+      fission (~> 0.4)
+      google-api-client (~> 0.7.1)
+      inifile (~> 2.0)
+      json (~> 1.8)
+      mime-types (~> 1.25)
+      net-scp (~> 1.1)
+      net-ssh (~> 2.6)
+      nokogiri (= 1.5.10)
+      rbvmomi (= 1.8.1)
+      unf (~> 0.1)
+    beaker-rspec (3.0.0)
+      beaker (~> 1.10)
+      rspec
+      serverspec (~> 1.0)
+      specinfra (~> 1.0)
+    blimpy (0.6.7)
+      fog
+      minitar
+      thor
+    builder (3.2.2)
+    diff-lcs (1.2.5)
+    docker-api (1.21.4)
+      excon (>= 0.38.0)
+      json
+    domain_name (0.5.24)
+      unf (>= 0.0.5, < 1.0.0)
+    excon (0.45.3)
+    extlib (0.9.16)
+    facter (1.7.6)
+    faraday (0.9.1)
+      multipart-post (>= 1.2, < 3)
+    fission (0.5.0)
+      CFPropertyList (~> 2.2)
+    fog (1.11.1)
+      builder
+      excon (~> 0.20)
+      formatador (~> 0.2.0)
+      json (~> 1.7)
+      mime-types
+      net-scp (~> 1.1)
+      net-ssh (>= 2.1.3)
+      nokogiri (~> 1.5.0)
+      ruby-hmac
+    formatador (0.2.5)
+    google-api-client (0.7.1)
+      addressable (>= 2.3.2)
+      autoparse (>= 0.3.3)
+      extlib (>= 0.9.15)
+      faraday (>= 0.9.0)
+      jwt (>= 0.1.5)
+      launchy (>= 2.1.1)
+      multi_json (>= 1.0.0)
+      retriable (>= 1.4)
+      signet (>= 0.5.0)
+      uuidtools (>= 2.1.0)
+    hiera (1.3.4)
+      json_pure
+    hiera-puppet-helper (1.0.1)
+    highline (1.7.2)
+    http-cookie (1.0.2)
+      domain_name (~> 0.5)
+    inifile (2.0.2)
+    json (1.8.2)
+    json_pure (1.8.2)
+    jwt (1.5.0)
+    launchy (2.4.3)
+      addressable (~> 2.3)
+    metaclass (0.0.4)
+    mime-types (1.25.1)
+    minitar (0.5.4)
+    mocha (1.1.0)
+      metaclass (~> 0.0.1)
+    multi_json (1.11.0)
+    multipart-post (2.0.0)
+    net-scp (1.2.1)
+      net-ssh (>= 2.6.5)
+    net-ssh (2.9.2)
+    netrc (0.10.3)
+    nokogiri (1.5.10)
+    puppet (3.7.5)
+      facter (> 1.6, < 3)
+      hiera (~> 1.0)
+      json_pure
+    puppet-blacksmith (3.3.1)
+      puppet (>= 2.7.16)
+      rest-client
+    puppet-lint (1.1.0)
+    puppet-syntax (2.0.0)
+      rake
+    puppetlabs_spec_helper (0.10.3)
+      mocha
+      puppet-lint
+      puppet-syntax
+      rake
+      rspec-puppet
+    rake (10.4.2)
+    rbvmomi (1.8.1)
+      builder
+      nokogiri (>= 1.4.1)
+      trollop
+    rest-client (1.8.0)
+      http-cookie (>= 1.0.2, < 2.0)
+      mime-types (>= 1.16, < 3.0)
+      netrc (~> 0.7)
+    retriable (2.0.2)
+    rspec (2.99.0)
+      rspec-core (~> 2.99.0)
+      rspec-expectations (~> 2.99.0)
+      rspec-mocks (~> 2.99.0)
+    rspec-core (2.99.2)
+    rspec-expectations (2.99.2)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-its (1.0.1)
+      rspec-core (>= 2.99.0.beta1)
+      rspec-expectations (>= 2.99.0.beta1)
+    rspec-mocks (2.99.3)
+    ruby-hmac (0.4.0)
+    serverspec (1.16.0)
+      highline
+      net-ssh
+      rspec (~> 2.99)
+      rspec-its
+      specinfra (~> 1.27)
+    signet (0.6.0)
+      addressable (~> 2.3)
+      extlib (~> 0.9)
+      faraday (~> 0.9)
+      jwt (~> 1.0)
+      multi_json (~> 1.10)
+    specinfra (1.27.5)
+    thor (0.19.1)
+    trollop (2.1.2)
+    unf (0.1.4)
+      unf_ext
+    unf_ext (0.0.7.1)
+    uuidtools (2.1.5)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  beaker (~> 1.11.0)
+  beaker-rspec
+  hiera-puppet-helper
+  json
+  puppet (~> 3.7.0)
+  puppet-blacksmith
+  puppet-lint
+  puppet-syntax
+  puppetlabs_spec_helper
+  rake
+  rspec-puppet!

README.md

@@ -1,2 +1,37 @@
 # puppet-vault
-Puppet module for managing Hashicorp's Vault
+Puppet module for managing Hashicorp's [Vault](https://vaultproject.io/)
+
+##Installation
+
+To simply install the vault binary:
+
+```puppet
+include vault
+```
+
+To run it in server mode:
+```puppet
+class { 'vault':
+  service_enable => true,
+  service_ensure => 'running',
+  manage_service => true,
+}
+```
+
+## What this module handles
+This module handles installing the vault binary, writing a config file for server mode, and creating an init script.
+
+It does not:
+
+ - [initialize](https://vaultproject.io/intro/getting-started/deploy.html) the vault
+ - [unseal] the vault on startup
+ - Provide a way to get secrets from Vault within puppet. For that, look at [puppet-vaultize-file](https://github.com/EvanKrall/puppet-vaultize-file)
+
+##Development
+Open an [issue](https://github.com/EvanKrall/puppet-vault/issues) or
+[fork](https://github.com/EvanKrall/puppet-vault/fork) and open a
+[Pull Request](https://github.com/EvanKrall/puppet-vault/pulls)
+
+##Acknowledgements
+
+Much of the initial code was adapted from [solarkennedy/puppet-consul](https://github.com/solarkennedy/puppet-consul). Thank you to the contributors to that project.

Rakefile

@@ -0,0 +1,41 @@
+require 'bundler/setup'
+require 'puppetlabs_spec_helper/rake_tasks'
+require 'puppet-lint/tasks/puppet-lint'
+require 'puppet-syntax/tasks/puppet-syntax'
+
+# These two gems aren't always present, for instance
+# on Travis with --without development
+begin
+  require 'puppet_blacksmith/rake_tasks'
+rescue LoadError
+end
+
+PuppetLint.configuration.send("disable_80chars")
+PuppetLint.configuration.log_format = "%{path}:%{linenumber}:%{check}:%{KIND}:%{message}"
+PuppetLint.configuration.fail_on_warnings = true
+
+# Forsake support for Puppet 2.6.2 for the benefit of cleaner code.
+# http://puppet-lint.com/checks/class_parameter_defaults/
+PuppetLint.configuration.send('disable_class_parameter_defaults')
+# http://puppet-lint.com/checks/class_inherits_from_params_class/
+PuppetLint.configuration.send('disable_class_inherits_from_params_class')
+
+exclude_paths = [
+  "pkg/**/*",
+  "vendor/**/*",
+  "spec/**/*",
+]
+PuppetLint.configuration.ignore_paths = exclude_paths
+PuppetSyntax.exclude_paths = exclude_paths
+
+desc "Run acceptance tests"
+RSpec::Core::RakeTask.new(:acceptance) do |t|
+  t.pattern = 'spec/acceptance'
+end
+
+desc "Run syntax, lint, and spec tests."
+task :test => [
+  :syntax,
+  :lint,
+  :spec,
+]

lib/puppet/parser/functions/vault_sorted_json.rb

@@ -0,0 +1,40 @@
+require 'json'
+
+def sorted_json(obj)
+  case obj
+    when String, Fixnum, Float, TrueClass, FalseClass, NilClass
+      return obj.to_json
+    when Array
+      arrayRet = []
+      obj.each do |a|
+        arrayRet.push(sorted_json(a))
+      end
+      return "[" << arrayRet.join(',') << "]";
+    when Hash
+      ret = []
+      obj.keys.sort.each do |k|
+        ret.push(k.to_json << ":" << sorted_json(obj[k]))
+      end
+      return "{" << ret.join(",") << "}";
+    else
+      raise Exception("Unable to handle object of type <%s>" % obj.class.to_s)
+  end
+end
+
+module Puppet::Parser::Functions
+  newfunction(:vault_sorted_json, :type => :rvalue, :doc => <<-EOS
+This function takes data, outputs making sure the hash keys are sorted
+
+*Examples:*
+
+    sorted_json({'key'=>'value'})
+
+Would return: {'key':'value'}
+    EOS
+  ) do |arguments|
+    raise(Puppet::ParseError, "sorted_json(): Wrong number of arguments " +
+      "given (#{arguments.size} for 1)") if arguments.size != 1
+    json = arguments[0].delete_if {|key, value| value == :undef }
+    return sorted_json(json)
+  end
+end