scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-30 18:17:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Plugins: Consistently use plugin_version (#17171)

Browse Source 
* Delete Sha field, rename RunningSha -> RunningSha256
* Rename version -> plugin_version
This commit is contained in:
Tom Proctor
2022-09-20 12:35:50 +01:00
committed by GitHub
parent 158a55d789
commit d6d03ac373
13 changed files with 581 additions and 681 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
api/sys_mounts.go
View File

@@ -247,7 +247,7 @@ type MountInput struct {
SealWrap bool `json:"seal_wrap" mapstructure:"seal_wrap"` SealWrap bool `json:"seal_wrap" mapstructure:"seal_wrap"`
ExternalEntropyAccess bool `json:"external_entropy_access" mapstructure:"external_entropy_access"` ExternalEntropyAccess bool `json:"external_entropy_access" mapstructure:"external_entropy_access"`
Options map[string]string `json:"options"` Options map[string]string `json:"options"`
Version string `json:"version,omitempty"` PluginVersion string `json:"plugin_version,omitempty"`
// Deprecated: Newer server responses should be returning this information in the // Deprecated: Newer server responses should be returning this information in the
// Type field (json: "type") instead. // Type field (json: "type") instead.
@@ -282,10 +282,9 @@ type MountOutput struct {
Local bool `json:"local"` Local bool `json:"local"`
SealWrap bool `json:"seal_wrap" mapstructure:"seal_wrap"` SealWrap bool `json:"seal_wrap" mapstructure:"seal_wrap"`
ExternalEntropyAccess bool `json:"external_entropy_access" mapstructure:"external_entropy_access"` ExternalEntropyAccess bool `json:"external_entropy_access" mapstructure:"external_entropy_access"`
Version string `json:"version"` PluginVersion string `json:"plugin_version" mapstructure:"plugin_version"`
RunningVersion string `json:"running_version"` RunningVersion string `json:"running_plugin_version" mapstructure:"running_plugin_version"`
Sha string `json:"sha"` RunningSha256 string `json:"running_sha256" mapstructure:"running_sha256"`
RunningSha string `json:"running_sha"`
DeprecationStatus string `json:"deprecation_status" mapstructure:"deprecation_status"` DeprecationStatus string `json:"deprecation_status" mapstructure:"deprecation_status"`
} }

40
api/sys_mounts_test.go
View File

@@ -38,7 +38,7 @@ func TestListMounts(t *testing.T) {
t.Errorf("Unexpected mount: %s: %+v", path, mount) t.Errorf("Unexpected mount: %s: %+v", path, mount)
continue continue
} }
if expected.Type != mount.Type || expected.Version != mount.Version { if expected.Type != mount.Type || expected.Version != mount.PluginVersion {
t.Errorf("Mount did not match: %s -> expected %+v but got %+v", path, expected, mount) t.Errorf("Mount did not match: %s -> expected %+v but got %+v", path, expected, mount)
} }
} }
@@ -49,7 +49,7 @@ func TestListMounts(t *testing.T) {
t.Errorf("Expected mount not found mount: %s: %+v", path, expected) t.Errorf("Expected mount not found mount: %s: %+v", path, expected)
continue continue
} }
if expected.Type != mount.Type || expected.Version != mount.Version { if expected.Type != mount.Type || expected.Version != mount.PluginVersion {
t.Errorf("Mount did not match: %s -> expected %+v but got %+v", path, expected, mount) t.Errorf("Mount did not match: %s -> expected %+v but got %+v", path, expected, mount)
} }
} }
@@ -76,13 +76,12 @@ const listMountsResponse = `{
"external_entropy_access": false, "external_entropy_access": false,
"local": true, "local": true,
"options": null, "options": null,
"running_sha": "", "plugin_version": "v1.0.0",
"running_version": "", "running_sha256": "",
"running_plugin_version": "",
"seal_wrap": false, "seal_wrap": false,
"sha": "",
"type": "cubbyhole", "type": "cubbyhole",
"uuid": "575063dc-5ef8-4487-c842-22c494c19a6f", "uuid": "575063dc-5ef8-4487-c842-22c494c19a6f"
"version": "v1.0.0"
}, },
"identity/": { "identity/": {
"accessor": "identity_6e01c327", "accessor": "identity_6e01c327",
@@ -98,13 +97,12 @@ const listMountsResponse = `{
"external_entropy_access": false, "external_entropy_access": false,
"local": false, "local": false,
"options": null, "options": null,
"running_sha": "", "plugin_version": "",
"running_version": "", "running_sha256": "",
"running_plugin_version": "",
"seal_wrap": false, "seal_wrap": false,
"sha": "",
"type": "identity", "type": "identity",
"uuid": "187d7eba-3471-554b-c2d9-1479612c8046", "uuid": "187d7eba-3471-554b-c2d9-1479612c8046"
"version": ""
}, },
"secret/": { "secret/": {
"accessor": "kv_3e2f282f", "accessor": "kv_3e2f282f",
@@ -119,13 +117,12 @@ const listMountsResponse = `{
"options": { "options": {
"version": "2" "version": "2"
}, },
"running_sha": "", "plugin_version": "",
"running_version": "", "running_sha256": "",
"running_plugin_version": "",
"seal_wrap": false, "seal_wrap": false,
"sha": "",
"type": "kv", "type": "kv",
"uuid": "13375e0f-876e-7e96-0a3e-076f37b6b69d", "uuid": "13375e0f-876e-7e96-0a3e-076f37b6b69d"
"version": ""
}, },
"sys/": { "sys/": {
"accessor": "system_93503264", "accessor": "system_93503264",
@@ -141,13 +138,12 @@ const listMountsResponse = `{
"external_entropy_access": false, "external_entropy_access": false,
"local": false, "local": false,
"options": null, "options": null,
"running_sha": "", "plugin_version": "",
"running_version": "", "running_sha256": "",
"running_plugin_version": "",
"seal_wrap": true, "seal_wrap": true,
"sha": "",
"type": "system", "type": "system",
"uuid": "1373242d-cc4d-c023-410b-7f336e7ba0a8", "uuid": "1373242d-cc4d-c023-410b-7f336e7ba0a8"
"version": ""
} }
} }
}` }`

4
command/auth_enable.go
View File

@@ -204,7 +204,7 @@ func (c *AuthEnableCommand) Flags() *FlagSets {
Name: "plugin-version", Name: "plugin-version",
Target: &c.flagPluginVersion, Target: &c.flagPluginVersion,
Default: "", Default: "",
Usage: "Select the version of the plugin to enable.", Usage: "Select the semantic version of the plugin to enable.",
}) })
return set return set
@@ -270,7 +270,7 @@ func (c *AuthEnableCommand) Run(args []string) int {
authOpts := &api.EnableAuthOptions{ authOpts := &api.EnableAuthOptions{
Type: authType, Type: authType,
Version: c.flagPluginVersion, PluginVersion: c.flagPluginVersion,
Description: c.flagDescription, Description: c.flagDescription,
Local: c.flagLocal, Local: c.flagLocal,
SealWrap: c.flagSealWrap, SealWrap: c.flagSealWrap,

4
command/auth_list.go
View File

@@ -121,7 +121,7 @@ func (c *AuthListCommand) simpleMounts(auths map[string]*api.AuthMount) []string
out := []string{"Path | Type | Accessor | Description | Version"} out := []string{"Path | Type | Accessor | Description | Version"}
for _, path := range paths { for _, path := range paths {
mount := auths[path] mount := auths[path]
out = append(out, fmt.Sprintf("%s | %s | %s | %s | %s", path, mount.Type, mount.Accessor, mount.Description, mount.Version)) out = append(out, fmt.Sprintf("%s | %s | %s | %s | %s", path, mount.Type, mount.Accessor, mount.Description, mount.PluginVersion))
} }
return out return out
@@ -175,7 +175,7 @@ func (c *AuthListCommand) detailedMounts(auths map[string]*api.AuthMount) []stri
mount.Options, mount.Options,
mount.Description, mount.Description,
mount.UUID, mount.UUID,
mount.Version, mount.PluginVersion,
mount.DeprecationStatus, mount.DeprecationStatus,
)) ))
} }

14
command/plugin_deregister.go
View File

@@ -19,7 +19,7 @@ var (
type PluginDeregisterCommand struct { type PluginDeregisterCommand struct {
*BaseCommand *BaseCommand
flagVersion string flagPluginVersion string
} }
func (c *PluginDeregisterCommand) Synopsis() string { func (c *PluginDeregisterCommand) Synopsis() string {
@@ -54,9 +54,9 @@ func (c *PluginDeregisterCommand) Flags() *FlagSets {
f.StringVar(&StringVar{ f.StringVar(&StringVar{
Name: "version", Name: "version",
Target: &c.flagVersion, Target: &c.flagPluginVersion,
Completion: complete.PredictAnything, Completion: complete.PredictAnything,
Usage: "Version of the plugin to deregister. If unset, " + Usage: "Semantic version of the plugin to deregister. If unset, " +
"only an unversioned plugin may be deregistered.", "only an unversioned plugin may be deregistered.",
}) })
@@ -108,10 +108,10 @@ func (c *PluginDeregisterCommand) Run(args []string) int {
return 2 return 2
} }
pluginName := strings.TrimSpace(pluginNameRaw) pluginName := strings.TrimSpace(pluginNameRaw)
if c.flagVersion != "" { if c.flagPluginVersion != "" {
_, err := semver.NewSemver(c.flagVersion) _, err := semver.NewSemver(c.flagPluginVersion)
if err != nil { if err != nil {
c.UI.Error(fmt.Sprintf("version %q is not a valid semantic version: %v", c.flagVersion, err)) c.UI.Error(fmt.Sprintf("version %q is not a valid semantic version: %v", c.flagPluginVersion, err))
return 2 return 2
} }
} }
@@ -119,7 +119,7 @@ func (c *PluginDeregisterCommand) Run(args []string) int {
if err := client.Sys().DeregisterPlugin(&api.DeregisterPluginInput{ if err := client.Sys().DeregisterPlugin(&api.DeregisterPluginInput{
Name: pluginName, Name: pluginName,
Type: pluginType, Type: pluginType,
Version: c.flagVersion, Version: c.flagPluginVersion,
}); err != nil { }); err != nil {
c.UI.Error(fmt.Sprintf("Error deregistering plugin named %s: %s", pluginName, err)) c.UI.Error(fmt.Sprintf("Error deregistering plugin named %s: %s", pluginName, err))
return 2 return 2

2
command/plugin_register.go
View File

@@ -85,7 +85,7 @@ func (c *PluginRegisterCommand) Flags() *FlagSets {
Name: "version", Name: "version",
Target: &c.flagVersion, Target: &c.flagVersion,
Completion: complete.PredictAnything, Completion: complete.PredictAnything,
Usage: "Version of the plugin. Optional.", Usage: "Semantic version of the plugin. Optional.",
}) })
return set return set

104
http/handler_test.go
View File

@@ -411,13 +411,12 @@ func TestSysMounts_headerAuth(t *testing.T) {
"max_lease_ttl": json.Number("0"), "max_lease_ttl": json.Number("0"),
"force_no_cache": false, "force_no_cache": false,
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]interface{}{"version": "1"}, "options": map[string]interface{}{"version": "1"},
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"), "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
"version": "",
}, },
"sys/": map[string]interface{}{ "sys/": map[string]interface{}{
"description": "system endpoints used for control, policy and debugging", "description": "system endpoints used for control, policy and debugging",
@@ -429,13 +428,12 @@ func TestSysMounts_headerAuth(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"passthrough_request_headers": []interface{}{"Accept"}, "passthrough_request_headers": []interface{}{"Accept"},
}, },
"local": false, "local": false,
"seal_wrap": true, "seal_wrap": true,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.DefaultBuiltinVersion, "running_plugin_version": versions.DefaultBuiltinVersion,
"version": "",
}, },
"cubbyhole/": map[string]interface{}{ "cubbyhole/": map[string]interface{}{
"description": "per-token private secret storage", "description": "per-token private secret storage",
@@ -446,13 +444,12 @@ func TestSysMounts_headerAuth(t *testing.T) {
"max_lease_ttl": json.Number("0"), "max_lease_ttl": json.Number("0"),
"force_no_cache": false, "force_no_cache": false,
}, },
"local": true, "local": true,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "cubbyhole"), "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "cubbyhole"),
"version": "",
}, },
"identity/": map[string]interface{}{ "identity/": map[string]interface{}{
"description": "identity store", "description": "identity store",
@@ -464,13 +461,12 @@ func TestSysMounts_headerAuth(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"passthrough_request_headers": []interface{}{"Authorization"}, "passthrough_request_headers": []interface{}{"Authorization"},
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "identity"), "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "identity"),
"version": "",
}, },
}, },
"secret/": map[string]interface{}{ "secret/": map[string]interface{}{
@@ -482,13 +478,12 @@ func TestSysMounts_headerAuth(t *testing.T) {
"max_lease_ttl": json.Number("0"), "max_lease_ttl": json.Number("0"),
"force_no_cache": false, "force_no_cache": false,
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]interface{}{"version": "1"}, "options": map[string]interface{}{"version": "1"},
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"), "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
"version": "",
}, },
"sys/": map[string]interface{}{ "sys/": map[string]interface{}{
"description": "system endpoints used for control, policy and debugging", "description": "system endpoints used for control, policy and debugging",
@@ -500,13 +495,12 @@ func TestSysMounts_headerAuth(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"passthrough_request_headers": []interface{}{"Accept"}, "passthrough_request_headers": []interface{}{"Accept"},
}, },
"local": false, "local": false,
"seal_wrap": true, "seal_wrap": true,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.DefaultBuiltinVersion, "running_plugin_version": versions.DefaultBuiltinVersion,
"version": "",
}, },
"cubbyhole/": map[string]interface{}{ "cubbyhole/": map[string]interface{}{
"description": "per-token private secret storage", "description": "per-token private secret storage",
@@ -517,13 +511,12 @@ func TestSysMounts_headerAuth(t *testing.T) {
"max_lease_ttl": json.Number("0"), "max_lease_ttl": json.Number("0"),
"force_no_cache": false, "force_no_cache": false,
}, },
"local": true, "local": true,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "cubbyhole"), "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "cubbyhole"),
"version": "",
}, },
"identity/": map[string]interface{}{ "identity/": map[string]interface{}{
"description": "identity store", "description": "identity store",
@@ -535,13 +528,12 @@ func TestSysMounts_headerAuth(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"passthrough_request_headers": []interface{}{"Authorization"}, "passthrough_request_headers": []interface{}{"Authorization"},
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "identity"), "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "identity"),
"version": "",
}, },
} }
testResponseStatus(t, resp, 200) testResponseStatus(t, resp, 200)

144
http/sys_auth_test.go
View File

@@ -40,13 +40,12 @@ func TestSysAuth(t *testing.T) {
"token_type": "default-service", "token_type": "default-service",
"force_no_cache": false, "force_no_cache": false,
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": "", "running_plugin_version": "",
"version": "",
}, },
}, },
"token/": map[string]interface{}{ "token/": map[string]interface{}{
@@ -59,13 +58,12 @@ func TestSysAuth(t *testing.T) {
"token_type": "default-service", "token_type": "default-service",
"force_no_cache": false, "force_no_cache": false,
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": "", "running_plugin_version": "",
"version": "",
}, },
} }
testResponseStatus(t, resp, 200) testResponseStatus(t, resp, 200)
@@ -125,13 +123,12 @@ func TestSysEnableAuth(t *testing.T) {
"token_type": "default-service", "token_type": "default-service",
"force_no_cache": false, "force_no_cache": false,
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]interface{}{}, "options": map[string]interface{}{},
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeCredential, "approle"), "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeCredential, "approle"),
"version": "",
}, },
"token/": map[string]interface{}{ "token/": map[string]interface{}{
"description": "token based credentials", "description": "token based credentials",
@@ -143,13 +140,12 @@ func TestSysEnableAuth(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"token_type": "default-service", "token_type": "default-service",
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": "", "running_plugin_version": "",
"version": "",
}, },
}, },
"foo/": map[string]interface{}{ "foo/": map[string]interface{}{
@@ -163,13 +159,12 @@ func TestSysEnableAuth(t *testing.T) {
"token_type": "default-service", "token_type": "default-service",
"force_no_cache": false, "force_no_cache": false,
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]interface{}{}, "options": map[string]interface{}{},
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeCredential, "approle"), "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeCredential, "approle"),
"version": "",
}, },
"token/": map[string]interface{}{ "token/": map[string]interface{}{
"description": "token based credentials", "description": "token based credentials",
@@ -181,13 +176,12 @@ func TestSysEnableAuth(t *testing.T) {
"token_type": "default-service", "token_type": "default-service",
"force_no_cache": false, "force_no_cache": false,
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": "", "running_plugin_version": "",
"version": "",
}, },
} }
testResponseStatus(t, resp, 200) testResponseStatus(t, resp, 200)
@@ -252,10 +246,9 @@ func TestSysDisableAuth(t *testing.T) {
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": "", "running_plugin_version": "",
"version": "",
}, },
}, },
"token/": map[string]interface{}{ "token/": map[string]interface{}{
@@ -271,10 +264,9 @@ func TestSysDisableAuth(t *testing.T) {
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": "", "running_plugin_version": "",
"version": "",
}, },
} }
testResponseStatus(t, resp, 200) testResponseStatus(t, resp, 200)
@@ -528,13 +520,12 @@ func TestSysRemountAuth(t *testing.T) {
"token_type": "default-service", "token_type": "default-service",
"force_no_cache": false, "force_no_cache": false,
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]interface{}{}, "options": map[string]interface{}{},
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"), "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
"version": "",
}, },
"token/": map[string]interface{}{ "token/": map[string]interface{}{
"description": "token based credentials", "description": "token based credentials",
@@ -546,13 +537,12 @@ func TestSysRemountAuth(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"token_type": "default-service", "token_type": "default-service",
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": "", "running_plugin_version": "",
"version": "",
}, },
}, },
"bar/": map[string]interface{}{ "bar/": map[string]interface{}{
@@ -565,13 +555,12 @@ func TestSysRemountAuth(t *testing.T) {
"token_type": "default-service", "token_type": "default-service",
"force_no_cache": false, "force_no_cache": false,
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]interface{}{}, "options": map[string]interface{}{},
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"), "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
"version": "",
}, },
"token/": map[string]interface{}{ "token/": map[string]interface{}{
"description": "token based credentials", "description": "token based credentials",
@@ -583,13 +572,12 @@ func TestSysRemountAuth(t *testing.T) {
"token_type": "default-service", "token_type": "default-service",
"force_no_cache": false, "force_no_cache": false,
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": interface{}(nil), "options": interface{}(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_sha256": "",
"running_version": "", "running_plugin_version": "",
"version": "",
}, },
} }
testResponseStatus(t, resp, 200) testResponseStatus(t, resp, 200)

728
http/sys_mount_test.go
View File

File diff suppressed because it is too large Load Diff

11
vault/logical_system.go
View File

@@ -896,10 +896,9 @@ func (b *SystemBackend) mountInfo(ctx context.Context, entry *MountEntry) map[st
"external_entropy_access": entry.ExternalEntropyAccess, "external_entropy_access": entry.ExternalEntropyAccess,
"options": entry.Options, "options": entry.Options,
"uuid": entry.UUID, "uuid": entry.UUID,
"version": entry.Version, "plugin_version": entry.Version,
"sha": entry.Sha, "running_plugin_version": entry.RunningVersion,
"running_version": entry.RunningVersion, "running_sha256": entry.RunningSha256,
"running_sha": entry.RunningSha,
} }
entryConfig := map[string]interface{}{ entryConfig := map[string]interface{}{
"default_lease_ttl": int64(entry.Config.DefaultLeaseTTL.Seconds()), "default_lease_ttl": int64(entry.Config.DefaultLeaseTTL.Seconds()),
@@ -999,7 +998,7 @@ func (b *SystemBackend) handleMount(ctx context.Context, req *logical.Request, d
sealWrap := data.Get("seal_wrap").(bool) sealWrap := data.Get("seal_wrap").(bool)
externalEntropyAccess := data.Get("external_entropy_access").(bool) externalEntropyAccess := data.Get("external_entropy_access").(bool)
options := data.Get("options").(map[string]string) options := data.Get("options").(map[string]string)
version := data.Get("version").(string) version := data.Get("plugin_version").(string)
if version != "" { if version != "" {
v, err := semver.NewSemver(version) v, err := semver.NewSemver(version)
if err != nil { if err != nil {
@@ -2256,7 +2255,7 @@ func (b *SystemBackend) handleEnableAuth(ctx context.Context, req *logical.Reque
sealWrap := data.Get("seal_wrap").(bool) sealWrap := data.Get("seal_wrap").(bool)
externalEntropyAccess := data.Get("external_entropy_access").(bool) externalEntropyAccess := data.Get("external_entropy_access").(bool)
options := data.Get("options").(map[string]string) options := data.Get("options").(map[string]string)
version := data.Get("version").(string) version := data.Get("plugin_version").(string)
if version != "" { if version != "" {
v, err := semver.NewSemver(version) v, err := semver.NewSemver(version)
if err != nil { if err != nil {

4
vault/logical_system_paths.go
View File

@@ -1600,7 +1600,7 @@ func (b *SystemBackend) authPaths() []*framework.Path {
Type: framework.TypeKVPairs, Type: framework.TypeKVPairs,
Description: strings.TrimSpace(sysHelp["auth_options"][0]), Description: strings.TrimSpace(sysHelp["auth_options"][0]),
}, },
"version": { "plugin_version": {
Type: framework.TypeString, Type: framework.TypeString,
Description: strings.TrimSpace(sysHelp["plugin-catalog_version"][0]), Description: strings.TrimSpace(sysHelp["plugin-catalog_version"][0]),
}, },
@@ -1975,7 +1975,7 @@ func (b *SystemBackend) mountPaths() []*framework.Path {
Type: framework.TypeKVPairs, Type: framework.TypeKVPairs,
Description: strings.TrimSpace(sysHelp["mount_options"][0]), Description: strings.TrimSpace(sysHelp["mount_options"][0]),
}, },
"version": { "plugin_version": {
Type: framework.TypeString, Type: framework.TypeString,
Description: strings.TrimSpace(sysHelp["plugin-catalog_version"][0]), Description: strings.TrimSpace(sysHelp["plugin-catalog_version"][0]),
}, },

191
vault/logical_system_test.go
View File

@@ -173,10 +173,9 @@ func TestSystemBackend_mounts(t *testing.T) {
"options": map[string]string{ "options": map[string]string{
"version": "1", "version": "1",
}, },
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
"version": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
}, },
"sys/": map[string]interface{}{ "sys/": map[string]interface{}{
"type": "system", "type": "system",
@@ -190,13 +189,12 @@ func TestSystemBackend_mounts(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"passthrough_request_headers": []string{"Accept"}, "passthrough_request_headers": []string{"Accept"},
}, },
"local": false, "local": false,
"seal_wrap": true, "seal_wrap": true,
"options": map[string]string(nil), "options": map[string]string(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.DefaultBuiltinVersion,
"version": "", "running_sha256": "",
"running_version": versions.DefaultBuiltinVersion,
}, },
"cubbyhole/": map[string]interface{}{ "cubbyhole/": map[string]interface{}{
"description": "per-token private secret storage", "description": "per-token private secret storage",
@@ -209,13 +207,12 @@ func TestSystemBackend_mounts(t *testing.T) {
"max_lease_ttl": resp.Data["cubbyhole/"].(map[string]interface{})["config"].(map[string]interface{})["max_lease_ttl"].(int64), "max_lease_ttl": resp.Data["cubbyhole/"].(map[string]interface{})["config"].(map[string]interface{})["max_lease_ttl"].(int64),
"force_no_cache": false, "force_no_cache": false,
}, },
"local": true, "local": true,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]string(nil), "options": map[string]string(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "cubbyhole"),
"version": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "cubbyhole"),
}, },
"identity/": map[string]interface{}{ "identity/": map[string]interface{}{
"description": "identity store", "description": "identity store",
@@ -229,13 +226,12 @@ func TestSystemBackend_mounts(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"passthrough_request_headers": []string{"Authorization"}, "passthrough_request_headers": []string{"Authorization"},
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]string(nil), "options": map[string]string(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "identity"),
"version": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "identity"),
}, },
} }
if diff := deep.Equal(resp.Data, exp); len(diff) > 0 { if diff := deep.Equal(resp.Data, exp); len(diff) > 0 {
@@ -302,10 +298,9 @@ func TestSystemBackend_mount(t *testing.T) {
"options": map[string]string{ "options": map[string]string{
"version": "1", "version": "1",
}, },
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
"version": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
}, },
"sys/": map[string]interface{}{ "sys/": map[string]interface{}{
"type": "system", "type": "system",
@@ -319,13 +314,12 @@ func TestSystemBackend_mount(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"passthrough_request_headers": []string{"Accept"}, "passthrough_request_headers": []string{"Accept"},
}, },
"local": false, "local": false,
"seal_wrap": true, "seal_wrap": true,
"options": map[string]string(nil), "options": map[string]string(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.DefaultBuiltinVersion,
"version": "", "running_sha256": "",
"running_version": versions.DefaultBuiltinVersion,
}, },
"cubbyhole/": map[string]interface{}{ "cubbyhole/": map[string]interface{}{
"description": "per-token private secret storage", "description": "per-token private secret storage",
@@ -338,13 +332,12 @@ func TestSystemBackend_mount(t *testing.T) {
"max_lease_ttl": resp.Data["cubbyhole/"].(map[string]interface{})["config"].(map[string]interface{})["max_lease_ttl"].(int64), "max_lease_ttl": resp.Data["cubbyhole/"].(map[string]interface{})["config"].(map[string]interface{})["max_lease_ttl"].(int64),
"force_no_cache": false, "force_no_cache": false,
}, },
"local": true, "local": true,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]string(nil), "options": map[string]string(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "cubbyhole"),
"version": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "cubbyhole"),
}, },
"identity/": map[string]interface{}{ "identity/": map[string]interface{}{
"description": "identity store", "description": "identity store",
@@ -358,13 +351,12 @@ func TestSystemBackend_mount(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"passthrough_request_headers": []string{"Authorization"}, "passthrough_request_headers": []string{"Authorization"},
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]string(nil), "options": map[string]string(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "identity"),
"version": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "identity"),
}, },
"prod/secret/": map[string]interface{}{ "prod/secret/": map[string]interface{}{
"description": "", "description": "",
@@ -382,10 +374,9 @@ func TestSystemBackend_mount(t *testing.T) {
"options": map[string]string{ "options": map[string]string{
"version": "1", "version": "1",
}, },
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
"version": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
}, },
} }
if diff := deep.Equal(resp.Data, exp); len(diff) > 0 { if diff := deep.Equal(resp.Data, exp); len(diff) > 0 {
@@ -1855,13 +1846,12 @@ func TestSystemBackend_authTable(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"token_type": "default-service", "token_type": "default-service",
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]string(nil), "options": map[string]string(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": "",
"version": "", "running_sha256": "",
"running_version": "",
}, },
} }
if diff := deep.Equal(resp.Data, exp); diff != nil { if diff := deep.Equal(resp.Data, exp); diff != nil {
@@ -1923,13 +1913,12 @@ func TestSystemBackend_enableAuth(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"token_type": "default-service", "token_type": "default-service",
}, },
"local": true, "local": true,
"seal_wrap": true, "seal_wrap": true,
"options": map[string]string{}, "options": map[string]string{},
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.DefaultBuiltinVersion,
"version": "", "running_sha256": "",
"running_version": versions.DefaultBuiltinVersion,
}, },
"token/": map[string]interface{}{ "token/": map[string]interface{}{
"type": "token", "type": "token",
@@ -1943,13 +1932,12 @@ func TestSystemBackend_enableAuth(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"token_type": "default-service", "token_type": "default-service",
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]string(nil), "options": map[string]string(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": "",
"version": "", "running_sha256": "",
"running_version": "",
}, },
} }
if diff := deep.Equal(resp.Data, exp); diff != nil { if diff := deep.Equal(resp.Data, exp); diff != nil {
@@ -3327,10 +3315,9 @@ func TestSystemBackend_InternalUIMounts(t *testing.T) {
"options": map[string]string{ "options": map[string]string{
"version": "1", "version": "1",
}, },
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
"version": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "kv"),
}, },
"sys/": map[string]interface{}{ "sys/": map[string]interface{}{
"type": "system", "type": "system",
@@ -3344,13 +3331,12 @@ func TestSystemBackend_InternalUIMounts(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"passthrough_request_headers": []string{"Accept"}, "passthrough_request_headers": []string{"Accept"},
}, },
"local": false, "local": false,
"seal_wrap": true, "seal_wrap": true,
"options": map[string]string(nil), "options": map[string]string(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.DefaultBuiltinVersion,
"version": "", "running_sha256": "",
"running_version": versions.DefaultBuiltinVersion,
}, },
"cubbyhole/": map[string]interface{}{ "cubbyhole/": map[string]interface{}{
"description": "per-token private secret storage", "description": "per-token private secret storage",
@@ -3363,13 +3349,12 @@ func TestSystemBackend_InternalUIMounts(t *testing.T) {
"max_lease_ttl": resp.Data["secret"].(map[string]interface{})["cubbyhole/"].(map[string]interface{})["config"].(map[string]interface{})["max_lease_ttl"].(int64), "max_lease_ttl": resp.Data["secret"].(map[string]interface{})["cubbyhole/"].(map[string]interface{})["config"].(map[string]interface{})["max_lease_ttl"].(int64),
"force_no_cache": false, "force_no_cache": false,
}, },
"local": true, "local": true,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]string(nil), "options": map[string]string(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "cubbyhole"),
"version": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "cubbyhole"),
}, },
"identity/": map[string]interface{}{ "identity/": map[string]interface{}{
"description": "identity store", "description": "identity store",
@@ -3383,13 +3368,12 @@ func TestSystemBackend_InternalUIMounts(t *testing.T) {
"force_no_cache": false, "force_no_cache": false,
"passthrough_request_headers": []string{"Authorization"}, "passthrough_request_headers": []string{"Authorization"},
}, },
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"options": map[string]string(nil), "options": map[string]string(nil),
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "identity"),
"version": "", "running_sha256": "",
"running_version": versions.GetBuiltinVersion(consts.PluginTypeSecrets, "identity"),
}, },
}, },
"auth": map[string]interface{}{ "auth": map[string]interface{}{
@@ -3408,10 +3392,9 @@ func TestSystemBackend_InternalUIMounts(t *testing.T) {
"uuid": resp.Data["auth"].(map[string]interface{})["token/"].(map[string]interface{})["uuid"], "uuid": resp.Data["auth"].(map[string]interface{})["token/"].(map[string]interface{})["uuid"],
"local": false, "local": false,
"seal_wrap": false, "seal_wrap": false,
"sha": "", "plugin_version": "",
"running_sha": "", "running_plugin_version": "",
"version": "", "running_sha256": "",
"running_version": "",
}, },
}, },
} }

7
vault/mount.go
View File

@@ -331,10 +331,9 @@ type MountEntry struct {
synthesizedConfigCache sync.Map synthesizedConfigCache sync.Map
// version info // version info
Version string `json:"version,omitempty"` // The semantic version of the mounted plugin, e.g. v1.2.3. Version string `json:"plugin_version,omitempty"` // The semantic version of the mounted plugin, e.g. v1.2.3.
Sha string `json:"sha,omitempty"` // The SHA256 sum of the plugin binary. RunningVersion string `json:"running_plugin_version,omitempty"` // The semantic version of the mounted plugin as reported by the plugin.
RunningVersion string `json:"running_version,omitempty"` // The semantic version of the mounted plugin as reported by the plugin. RunningSha256 string `json:"running_sha256,omitempty"`
RunningSha string `json:"running_sha,omitempty"`
} }
// MountConfig is used to hold settable options // MountConfig is used to hold settable options