From 545a4b1242bf69e7fee8c068da70eba37bf43e45 Mon Sep 17 00:00:00 2001 From: Matthew Irish Date: Wed, 18 Sep 2019 14:07:18 -0500 Subject: [PATCH] expose 'storage_type' on the sys/seal-status endpoint (#7486) * expose 'storage_type' on the sys/seal-status endpoint * add comments * Update vault/core.go Co-Authored-By: Brian Kassouf --- api/sys_seal.go | 1 + command/server.go | 1 + http/sys_seal.go | 3 +++ vault/core.go | 12 ++++++++++++ 4 files changed, 17 insertions(+) diff --git a/api/sys_seal.go b/api/sys_seal.go index 301d3f26a1..20d41a28f3 100644 --- a/api/sys_seal.go +++ b/api/sys_seal.go @@ -77,6 +77,7 @@ type SealStatusResponse struct { ClusterName string `json:"cluster_name,omitempty"` ClusterID string `json:"cluster_id,omitempty"` RecoverySeal bool `json:"recovery_seal"` + StorageType string `json:"storage_type,omitempty"` } type UnsealOpts struct { diff --git a/command/server.go b/command/server.go index 32e43fd4a0..ad0a40e5a8 100644 --- a/command/server.go +++ b/command/server.go @@ -664,6 +664,7 @@ func (c *ServerCommand) Run(args []string) int { coreConfig := &vault.CoreConfig{ Physical: backend, RedirectAddr: config.Storage.RedirectAddr, + StorageType: config.Storage.Type, HAPhysical: nil, Seal: barrierSeal, AuditBackends: c.AuditBackends, diff --git a/http/sys_seal.go b/http/sys_seal.go index 7b657f0487..384d6c5ab7 100644 --- a/http/sys_seal.go +++ b/http/sys_seal.go @@ -198,6 +198,7 @@ func handleSysSealStatusRaw(core *vault.Core, w http.ResponseWriter, r *http.Req Initialized: false, Sealed: true, RecoverySeal: core.SealAccess().RecoveryKeySupported(), + StorageType: core.StorageType(), }) return } @@ -233,6 +234,7 @@ func handleSysSealStatusRaw(core *vault.Core, w http.ResponseWriter, r *http.Req ClusterName: clusterName, ClusterID: clusterID, RecoverySeal: core.SealAccess().RecoveryKeySupported(), + StorageType: core.StorageType(), }) } @@ -249,6 +251,7 @@ type SealStatusResponse struct { ClusterName string `json:"cluster_name,omitempty"` ClusterID string `json:"cluster_id,omitempty"` RecoverySeal bool `json:"recovery_seal"` + StorageType string `json:"storage_type,omitempty"` } // Note: because we didn't provide explicit tagging in the past we can't do it diff --git a/vault/core.go b/vault/core.go index 8da65417cb..7979361585 100644 --- a/vault/core.go +++ b/vault/core.go @@ -172,6 +172,9 @@ type Core struct { // HABackend may be available depending on the physical backend ha physical.HABackend + // storageType is the the storage type set in the storage configuration + storageType string + // redirectAddr is the address we advertise as leader if held redirectAddr string @@ -474,6 +477,8 @@ type CoreConfig struct { Physical physical.Backend `json:"physical" structs:"physical" mapstructure:"physical"` + StorageType string `json:"storage_type" structs:"storage_type" mapstructure:"storage_type"` + // May be nil, which disables HA operations HAPhysical physical.HABackend `json:"ha_physical" structs:"ha_physical" mapstructure:"ha_physical"` @@ -546,6 +551,7 @@ func (c *CoreConfig) Clone() *CoreConfig { DisableCache: c.DisableCache, DisableMlock: c.DisableMlock, CacheSize: c.CacheSize, + StorageType: c.StorageType, RedirectAddr: c.RedirectAddr, ClusterAddr: c.ClusterAddr, DefaultLeaseTTL: c.DefaultLeaseTTL, @@ -613,6 +619,7 @@ func NewCore(conf *CoreConfig) (*Core, error) { devToken: conf.DevToken, physical: conf.Physical, underlyingPhysical: conf.Physical, + storageType: conf.StorageType, redirectAddr: conf.RedirectAddr, clusterAddr: new(atomic.Value), clusterListener: new(atomic.Value), @@ -1820,6 +1827,11 @@ func (c *Core) SealAccess() *SealAccess { return NewSealAccess(c.seal) } +// StorageType returns a string equal to the storage configuration's type. +func (c *Core) StorageType() string { + return c.storageType +} + func (c *Core) Logger() log.Logger { return c.logger }