Add ACME client counts to vault operator usage (#26525)

* Add ACME client counts to vault operator usage * add changelog * remove a few errors
2025-10-29 17:52:32 +00:00 · 2024-04-29 08:51:37 -07:00
parent 0441021034
commit 75b0418d51
3 changed files with 21 additions and 7 deletions
--- a/changelog/26525.txt
+++ b/changelog/26525.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+core/activity: Include ACME clients in vault operator usage response
+```
--- a/command/command_testonly/operator_usage_testonly_test.go
+++ b/command/command_testonly/operator_usage_testonly_test.go
@@ -58,10 +58,12 @@ func TestOperatorUsageCommandRun(t *testing.T) {
 		NewClientsSeen(6, clientcountutil.WithClientType("entity")).
 		NewClientsSeen(4, clientcountutil.WithClientType("non-entity-token")).
 		NewClientsSeen(2, clientcountutil.WithClientType("secret-sync")).
+		NewClientsSeen(7, clientcountutil.WithClientType("pki-acme")).
 		NewCurrentMonthData().
 		NewClientsSeen(3, clientcountutil.WithClientType("entity")).
 		NewClientsSeen(4, clientcountutil.WithClientType("non-entity-token")).
 		NewClientsSeen(5, clientcountutil.WithClientType("secret-sync")).
+		NewClientsSeen(8, clientcountutil.WithClientType("pki-acme")).
 		Write(context.Background(), generation.WriteOptions_WRITE_ENTITIES, generation.WriteOptions_WRITE_PRECOMPUTED_QUERIES)
 	require.NoError(t, err)

@@ -84,12 +86,14 @@ func TestOperatorUsageCommandRun(t *testing.T) {
 	require.Equal(t, fmt.Sprintf("Period end: %s", end), outputLines[1])

 	require.Contains(t, outputLines[3], "Secret sync")
+	require.Contains(t, outputLines[3], "ACME clients")
 	nsCounts := strings.Fields(outputLines[5])
 	require.Equal(t, "[root]", nsCounts[0])
 	require.Equal(t, "9", nsCounts[1])
 	require.Equal(t, "8", nsCounts[2])
 	require.Equal(t, "7", nsCounts[3])
-	require.Equal(t, "24", nsCounts[4])
+	require.Equal(t, "15", nsCounts[4])
+	require.Equal(t, "39", nsCounts[5])

 	totalCounts := strings.Fields(outputLines[7])
 	require.Equal(t, "Total", totalCounts[0])
--- a/command/operator_usage.go
+++ b/command/operator_usage.go
@@ -132,7 +132,7 @@ func (c *OperatorUsageCommand) Run(args []string) int {
 	c.outputTimestamps(resp.Data)

 	out := []string{
-		"Namespace path | Distinct entities | Non-Entity tokens | Secret syncs | Active clients",
+		"Namespace path | Distinct entities | Non-Entity tokens | Secret syncs | ACME clients | Active clients",
 	}

 	out = append(out, c.namespacesOutput(resp.Data)...)
@@ -198,6 +198,7 @@ type UsageResponse struct {
 	// token clients instead of each individual token.
 	tokenCount  int64
 	secretSyncs int64
+	acmeCount   int64
 	clientCount int64
 }

@@ -245,6 +246,9 @@ func (c *OperatorUsageCommand) parseNamespaceCount(rawVal interface{}) (UsageRes
 	// don't error if the secret syncs key is missing
 	ret.secretSyncs, _ = jsonNumberOK(counts, "secret_syncs")

+	// don't error if acme clients is missing
+	ret.acmeCount, _ = jsonNumberOK(counts, "acme_clients")
+
 	ret.clientCount, ok = jsonNumberOK(counts, "clients")
 	if !ok {
 		return ret, errors.New("missing clients")
@@ -277,8 +281,8 @@ func (c *OperatorUsageCommand) namespacesOutput(data map[string]interface{}) []s
 			sortOrder = "2" + val.namespacePath
 		}

-		formattedLine := fmt.Sprintf("%s | %d | %d | %d | %d",
-			val.namespacePath, val.entityCount, val.tokenCount, val.secretSyncs, val.clientCount)
+		formattedLine := fmt.Sprintf("%s | %d | %d | %d | %d | %d",
+			val.namespacePath, val.entityCount, val.tokenCount, val.secretSyncs, val.acmeCount, val.clientCount)
 		nsOut = append(nsOut, UsageCommandNamespace{
 			formattedLine: formattedLine,
 			sortOrder:     sortOrder,
@@ -299,7 +303,7 @@ func (c *OperatorUsageCommand) namespacesOutput(data map[string]interface{}) []s

 func (c *OperatorUsageCommand) totalOutput(data map[string]interface{}) []string {
 	// blank line separating it from namespaces
-	out := []string{"  |  |  |  |  "}
+	out := []string{"  |  |  |  |  |  "}

 	total, ok := data["total"].(map[string]interface{})
 	if !ok {
@@ -321,13 +325,16 @@ func (c *OperatorUsageCommand) totalOutput(data map[string]interface{}) []string
 	// don't error if secret syncs key is missing
 	secretSyncs, _ := jsonNumberOK(total, "secret_syncs")

+	// don't error if acme clients is missing
+	acmeCount, _ := jsonNumberOK(total, "acme_clients")
+
 	clientCount, ok := jsonNumberOK(total, "clients")
 	if !ok {
 		c.UI.Error("missing clients in total")
 		return out
 	}

-	out = append(out, fmt.Sprintf("Total | %d | %d | %d | %d",
-		entityCount, tokenCount, secretSyncs, clientCount))
+	out = append(out, fmt.Sprintf("Total | %d | %d | %d | %d | %d",
+		entityCount, tokenCount, secretSyncs, acmeCount, clientCount))
 	return out
 }