Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support v2 KV mount #156

Merged
merged 3 commits into from
Oct 26, 2018
Merged

Conversation

Mongey
Copy link
Contributor

@Mongey Mongey commented Aug 12, 2018

Should address #140

Borrows a lot of code from the cli, kv get in hashicorp/vault/command, since it's not public api.

@jwierzbo
Copy link

jwierzbo commented Sep 3, 2018

@Mongey are you going to update the code in this PR?

@tyrannosaurus-becks
Copy link
Contributor

@Mongey excited about this one. Is it still a WIP or ready for review?

@ghost ghost added the size/L label Sep 27, 2018
@ghost ghost added the size/L label Sep 27, 2018
@ghost ghost added the size/L label Sep 27, 2018
@ghost ghost added the size/L label Sep 27, 2018
@ghost ghost added the size/L label Sep 27, 2018
@ghost ghost added size/L size/XL and removed size/L labels Sep 27, 2018
@ghost ghost added the size/XL label Sep 27, 2018
@Mongey Mongey changed the title Support KV v2 datasource Support v2 KV mount Sep 27, 2018
@ghost ghost added the size/XL label Sep 27, 2018
@Mongey
Copy link
Contributor Author

Mongey commented Sep 27, 2018

@tyrannosaurus-becks This should be ready for some 📝 now. Ended up being a bit more work than expected, but should support all v2 crud operations + data source, while preserving v1 compatibility.

@tyrannosaurus-becks
Copy link
Contributor

@Mongey thank you! I will get to reviewing this next week.

Copy link
Contributor

@tyrannosaurus-becks tyrannosaurus-becks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Mongey thanks for writing this, it looks great! Just a couple minor questions.

Type: schema.TypeInt,
Required: false,
Optional: true,
Default: -1,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm curious about why the default of -1 here? Just curious. I recently learned that there's a paradigm in the Terraform providers of starting at version 0 which is the default if unset here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is actually to retrieve the latest version of the secret from Vault, rather than the Terraform state version. I've extracted it to a constant to (hopefully) better represent what it does.

return fmt.Sprintf("%s %s %s", strings.Repeat("=", equalSigns/2), header, strings.Repeat("=", equalSigns/2))
}

func kvParseVersionsFlags(versions []string) []string {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This doesn't appear to be used either.

}
}

func getHeaderForMap(header string, data map[string]interface{}) string {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This doesn't appear to be used.

originalPath := path // if the path belongs to a v2 endpoint, it will be modified
mountPath, v2, err := isKVv2(path, client)
if err != nil {
return fmt.Errorf("Error determining if it's a v2 path: %s", err)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be possible to lower case this error?

@@ -120,8 +134,17 @@ func genericSecretResourceDelete(d *schema.ResourceData, meta interface{}) error

path := d.Id()

mountPath, v2, err := isKVv2(path, client)
if err != nil {
return fmt.Errorf("Error determining if it's a v2 path: %s", err)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lowercase?

@ghost ghost added size/L and removed size/XL labels Oct 8, 2018
@Mongey Mongey force-pushed the cm-versioned-kv branch 2 times, most recently from 3aacc44 to fedfdad Compare October 8, 2018 18:31
This is used to represent retrieving the latest version of a secret from
Vault.
Copy link
Contributor

@tyrannosaurus-becks tyrannosaurus-becks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Mongey this looks fantastic. Also I note you fixed some of the tests that are currently failing on master. Thank you!

if err != nil {
// If we get a 404 we are using an older version of vault, default to
// version 1
if resp != nil && resp.StatusCode == 404 {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This needs to check for 403 as well, for older vault versions.

dandandy pushed a commit to dandandy/terraform-provider-vault that referenced this pull request Jun 17, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants