scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-03 03:58:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move checkHCLKeys into hclutil (#4749)

Browse Source
This commit is contained in:
Calvin Leung Huang
2018-06-12 12:38:08 -04:00
committed by GitHub
parent 86924f3dce
commit c212a86606
6 changed files with 48 additions and 148 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
api/ssh_agent.go
View File

@@ -13,6 +13,7 @@ import (
"github.com/hashicorp/go-rootcerts" "github.com/hashicorp/go-rootcerts"
"github.com/hashicorp/hcl" "github.com/hashicorp/hcl"
"github.com/hashicorp/hcl/hcl/ast" "github.com/hashicorp/hcl/hcl/ast"
"github.com/hashicorp/vault/helper/hclutil"
"github.com/mitchellh/mapstructure" "github.com/mitchellh/mapstructure"
) )
@@ -160,7 +161,7 @@ func ParseSSHHelperConfig(contents string) (*SSHHelperConfig, error) {
"tls_skip_verify", "tls_skip_verify",
"tls_server_name", "tls_server_name",
} }
if err := checkHCLKeys(list, valid); err != nil { if err := hclutil.CheckHCLKeys(list, valid); err != nil {
return nil, multierror.Prefix(err, "ssh_helper:") return nil, multierror.Prefix(err, "ssh_helper:")
} }
@@ -228,30 +229,3 @@ func (c *SSHHelper) Verify(otp string) (*SSHVerifyResponse, error) {
} }
return &verifyResp, nil return &verifyResp, nil
} }
func checkHCLKeys(node ast.Node, valid []string) error {
var list *ast.ObjectList
switch n := node.(type) {
case *ast.ObjectList:
list = n
case *ast.ObjectType:
list = n.List
default:
return fmt.Errorf("cannot check HCL keys of type %T", n)
}
validMap := make(map[string]struct{}, len(valid))
for _, v := range valid {
validMap[v] = struct{}{}
}
var result error
for _, item := range list.Items {
key := item.Keys[0].Token.Value().(string)
if _, ok := validMap[key]; !ok {
result = multierror.Append(result, fmt.Errorf("invalid key %q on line %d", key, item.Assign.Line))
}
}
return result
}

31
command/config.go
View File

@@ -1,10 +1,6 @@
package command package command
import ( import (
"fmt"
"github.com/hashicorp/go-multierror"
"github.com/hashicorp/hcl/hcl/ast"
"github.com/hashicorp/vault/command/config" "github.com/hashicorp/vault/command/config"
) )
@@ -56,30 +52,3 @@ func ParseConfig(contents string) (*DefaultConfig, error) {
conf, err := config.ParseConfig(contents) conf, err := config.ParseConfig(contents)
return (*DefaultConfig)(conf), err return (*DefaultConfig)(conf), err
} }
func checkHCLKeys(node ast.Node, valid []string) error {
var list *ast.ObjectList
switch n := node.(type) {
case *ast.ObjectList:
list = n
case *ast.ObjectType:
list = n.List
default:
return fmt.Errorf("cannot check HCL keys of type %T", n)
}
validMap := make(map[string]struct{}, len(valid))
for _, v := range valid {
validMap[v] = struct{}{}
}
var result error
for _, item := range list.Items {
key := item.Keys[0].Token.Value().(string)
if _, ok := validMap[key]; !ok {
result = multierror.Append(result, fmt.Errorf("invalid key %q on line %d", key, item.Assign.Line))
}
}
return result
}

31
command/config/config.go
View File

@@ -6,9 +6,9 @@ import (
"os" "os"
"github.com/hashicorp/errwrap" "github.com/hashicorp/errwrap"
"github.com/hashicorp/go-multierror"
"github.com/hashicorp/hcl" "github.com/hashicorp/hcl"
"github.com/hashicorp/hcl/hcl/ast" "github.com/hashicorp/hcl/hcl/ast"
"github.com/hashicorp/vault/helper/hclutil"
"github.com/mitchellh/go-homedir" "github.com/mitchellh/go-homedir"
) )
@@ -89,7 +89,7 @@ func ParseConfig(contents string) (*DefaultConfig, error) {
valid := []string{ valid := []string{
"token_helper", "token_helper",
} }
if err := checkHCLKeys(list, valid); err != nil { if err := hclutil.CheckHCLKeys(list, valid); err != nil {
return nil, err return nil, err
} }
@@ -99,30 +99,3 @@ func ParseConfig(contents string) (*DefaultConfig, error) {
} }
return &c, nil return &c, nil
} }
func checkHCLKeys(node ast.Node, valid []string) error {
var list *ast.ObjectList
switch n := node.(type) {
case *ast.ObjectList:
list = n
case *ast.ObjectType:
list = n.List
default:
return fmt.Errorf("cannot check HCL keys of type %T", n)
}
validMap := make(map[string]struct{}, len(valid))
for _, v := range valid {
validMap[v] = struct{}{}
}
var result error
for _, item := range list.Items {
key := item.Keys[0].Token.Value().(string)
if _, ok := validMap[key]; !ok {
result = multierror.Append(result, fmt.Errorf("invalid key %q on line %d", key, item.Assign.Line))
}
}
return result
}

36
command/server/config.go
View File

@@ -16,6 +16,7 @@ import (
"github.com/hashicorp/go-multierror" "github.com/hashicorp/go-multierror"
"github.com/hashicorp/hcl" "github.com/hashicorp/hcl"
"github.com/hashicorp/hcl/hcl/ast" "github.com/hashicorp/hcl/hcl/ast"
"github.com/hashicorp/vault/helper/hclutil"
"github.com/hashicorp/vault/helper/parseutil" "github.com/hashicorp/vault/helper/parseutil"
) )
@@ -438,7 +439,7 @@ func ParseConfig(d string, logger log.Logger) (*Config, error) {
"disable_clustering", "disable_clustering",
"disable_sealwrap", "disable_sealwrap",
} }
if err := checkHCLKeys(list, valid); err != nil { if err := hclutil.CheckHCLKeys(list, valid); err != nil {
return nil, err return nil, err
} }
@@ -769,7 +770,7 @@ func parseSeal(result *Config, list *ast.ObjectList, blockName string) error {
return fmt.Errorf("invalid seal type %q", key) return fmt.Errorf("invalid seal type %q", key)
} }
if err := checkHCLKeys(item.Val, valid); err != nil { if err := hclutil.CheckHCLKeys(item.Val, valid); err != nil {
return multierror.Prefix(err, fmt.Sprintf("%s.%s:", blockName, key)) return multierror.Prefix(err, fmt.Sprintf("%s.%s:", blockName, key))
} }
@@ -817,7 +818,7 @@ func parseListeners(result *Config, list *ast.ObjectList) error {
"tls_client_ca_file", "tls_client_ca_file",
"token", "token",
} }
if err := checkHCLKeys(item.Val, valid); err != nil { if err := hclutil.CheckHCLKeys(item.Val, valid); err != nil {
return multierror.Prefix(err, fmt.Sprintf("listeners.%s:", key)) return multierror.Prefix(err, fmt.Sprintf("listeners.%s:", key))
} }
@@ -867,7 +868,7 @@ func parseTelemetry(result *Config, list *ast.ObjectList) error {
"statsd_address", "statsd_address",
"statsite_address", "statsite_address",
} }
if err := checkHCLKeys(item.Val, valid); err != nil { if err := hclutil.CheckHCLKeys(item.Val, valid); err != nil {
return multierror.Prefix(err, "telemetry:") return multierror.Prefix(err, "telemetry:")
} }
@@ -885,30 +886,3 @@ func parseTelemetry(result *Config, list *ast.ObjectList) error {
} }
return nil return nil
} }
func checkHCLKeys(node ast.Node, valid []string) error {
var list *ast.ObjectList
switch n := node.(type) {
case *ast.ObjectList:
list = n
case *ast.ObjectType:
list = n.List
default:
return fmt.Errorf("cannot check HCL keys of type %T", n)
}
validMap := make(map[string]struct{}, len(valid))
for _, v := range valid {
validMap[v] = struct{}{}
}
var result error
for _, item := range list.Items {
key := item.Keys[0].Token.Value().(string)
if _, ok := validMap[key]; !ok {
result = multierror.Append(result, fmt.Errorf("invalid key %q on line %d", key, item.Assign.Line))
}
}
return result
}

36
helper/hclutil/hcl.go Normal file
View File

@@ -0,0 +1,36 @@
package hclutil
import (
"fmt"
multierror "github.com/hashicorp/go-multierror"
"github.com/hashicorp/hcl/hcl/ast"
)
// CheckHCLKeys checks whether the keys in the AST list contains any of the valid keys provided.
func CheckHCLKeys(node ast.Node, valid []string) error {
var list *ast.ObjectList
switch n := node.(type) {
case *ast.ObjectList:
list = n
case *ast.ObjectType:
list = n.List
default:
return fmt.Errorf("cannot check HCL keys of type %T", n)
}
validMap := make(map[string]struct{}, len(valid))
for _, v := range valid {
validMap[v] = struct{}{}
}
var result error
for _, item := range list.Items {
key := item.Keys[0].Token.Value().(string)
if _, ok := validMap[key]; !ok {
result = multierror.Append(result, fmt.Errorf("invalid key %q on line %d", key, item.Assign.Line))
}
}
return result
}

32
vault/policy.go
View File

@@ -10,6 +10,7 @@ import (
"github.com/hashicorp/go-multierror" "github.com/hashicorp/go-multierror"
"github.com/hashicorp/hcl" "github.com/hashicorp/hcl"
"github.com/hashicorp/hcl/hcl/ast" "github.com/hashicorp/hcl/hcl/ast"
"github.com/hashicorp/vault/helper/hclutil"
"github.com/hashicorp/vault/helper/parseutil" "github.com/hashicorp/vault/helper/parseutil"
"github.com/mitchellh/copystructure" "github.com/mitchellh/copystructure"
) )
@@ -168,7 +169,7 @@ func ParseACLPolicy(rules string) (*Policy, error) {
"name", "name",
"path", "path",
} }
if err := checkHCLKeys(list, valid); err != nil { if err := hclutil.CheckHCLKeys(list, valid); err != nil {
return nil, errwrap.Wrapf("failed to parse policy: {{err}}", err) return nil, errwrap.Wrapf("failed to parse policy: {{err}}", err)
} }
@@ -205,7 +206,7 @@ func parsePaths(result *Policy, list *ast.ObjectList) error {
"min_wrapping_ttl", "min_wrapping_ttl",
"max_wrapping_ttl", "max_wrapping_ttl",
} }
if err := checkHCLKeys(item.Val, valid); err != nil { if err := hclutil.CheckHCLKeys(item.Val, valid); err != nil {
return multierror.Prefix(err, fmt.Sprintf("path %q:", key)) return multierror.Prefix(err, fmt.Sprintf("path %q:", key))
} }
@@ -305,30 +306,3 @@ func parsePaths(result *Policy, list *ast.ObjectList) error {
result.Paths = paths result.Paths = paths
return nil return nil
} }
func checkHCLKeys(node ast.Node, valid []string) error {
var list *ast.ObjectList
switch n := node.(type) {
case *ast.ObjectList:
list = n
case *ast.ObjectType:
list = n.List
default:
return fmt.Errorf("cannot check HCL keys of type %T", n)
}
validMap := make(map[string]struct{}, len(valid))
for _, v := range valid {
validMap[v] = struct{}{}
}
var result error
for _, item := range list.Items {
key := item.Keys[0].Token.Value().(string)
if _, ok := validMap[key]; !ok {
result = multierror.Append(result, fmt.Errorf("invalid key %q on line %d", key, item.Assign.Line))
}
}
return result
}