scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-02 19:47:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
02bc25417a79d585d3234ec52a519bb44f8bcb7d
vault/command/healthcheck/shared.go
hc-github-team-secure-vault-core 02bc25417a Trap errors related to vault pki list-intermediate issuer reading (#19165) (#19177) 
* Rename files to match test suite and existing pattern

* Factor out issuer loading into a dedicated function

 - Add a little more checks/validation when loading the a PKI issuer
 - Factor out the issuer loading into a dedicated function
 - Leverage existing health check code to parse issuer certificates

* Read parent issuer once instead of reloading it for every child

 - Read in our parent issuer once instead of running it for every child
   we want to compare against
 - Provides clearer error message that we have failed reading from which
   path to the end user

* PR Feedback

 - Rename a variable for clarity
 - Use readIssuer in the validation of the parent issuer within
   pkiIssuer
 - Add some missing return 1 statements in error handlers that had been
   missed

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-02-14 09:51:12 -05:00

56 lines
1.1 KiB
Go
Raw Blame History

package healthcheck
import (
"fmt"
"github.com/hashicorp/vault/sdk/logical"
)
func StringList(source interface{}) ([]string, error) {
if source == nil {
return nil, nil
}
if value, ok := source.([]string); ok {
return value, nil
}
if rValues, ok := source.([]interface{}); ok {
var result []string
for index, rValue := range rValues {
value, ok := rValue.(string)
if !ok {
return nil, fmt.Errorf("unknown source type for []string coercion at index %v: %T", index, rValue)
}
result = append(result, value)
}
return result, nil
}
return nil, fmt.Errorf("unknown source type for []string coercion: %T", source)
}
func fetchMountTune(e *Executor, versionError func()) (bool, *PathFetch, map[string]interface{}, error) {
tuneRet, err := e.FetchIfNotFetched(logical.ReadOperation, "/sys/mounts/{{mount}}/tune")
if err != nil {
return true, nil, nil, err
}
if !tuneRet.IsSecretOK() {
if tuneRet.IsUnsupportedPathError() {
versionError()
}
return true, nil, nil, nil
}
var data map[string]interface{} = nil
if len(tuneRet.Secret.Data) > 0 {
data = tuneRet.Secret.Data
}
return false, tuneRet, data, nil
}
Reference in New Issue View Git Blame Copy Permalink