Merge pull request #513 from turkenh/remove-in-tree-vault

Remove in-tree Vault implementation
crossplane · Aug 15, 2023 · 4f3cb3d · 4f3cb3d
2 parents 8814d0b + 4a83a57
commit 4f3cb3d
Show file tree

Hide file tree

Showing 14 changed files with 0 additions and 3,024 deletions.
diff --git a/apis/common/v1/connection_details.go b/apis/common/v1/connection_details.go
@@ -93,9 +93,6 @@ const (
 	// Secrets.
 	SecretStoreKubernetes SecretStoreType = "Kubernetes"
 
-	// SecretStoreVault indicates that secret store type is Vault.
-	SecretStoreVault SecretStoreType = "Vault"
-
 	// SecretStorePlugin indicates that secret store type is Plugin and will be used with external secret stores.
 	SecretStorePlugin SecretStoreType = "Plugin"
 )
@@ -122,13 +119,6 @@ type SecretStoreConfig struct {
 	// +optional
 	Kubernetes *KubernetesSecretStoreConfig `json:"kubernetes,omitempty"`
 
-	// Vault configures a Vault secret store.
-	// Deprecated: This API is scheduled to be removed in a future release.
-	// Vault should be used as a plugin going forward. See
-	// https://github.com/crossplane-contrib/ess-plugin-vault for more information.
-	// +optional
-	Vault *VaultSecretStoreConfig `json:"vault,omitempty"`
-
 	// Plugin configures External secret store as a plugin.
 	// +optional
 	Plugin *PluginStoreConfig `json:"plugin,omitempty"`
@@ -173,83 +163,3 @@ type KubernetesSecretStoreConfig struct {
 	// TODO(turkenh): Support additional identities like
 	// https://github.com/crossplane-contrib/provider-kubernetes/blob/4d722ef914e6964e80e190317daca9872ae98738/apis/v1alpha1/types.go#L34
 }
-
-// VaultAuthMethod represent a Vault authentication method.
-// https://www.vaultproject.io/docs/auth
-type VaultAuthMethod string
-
-const (
-	// VaultAuthToken indicates that "Token Auth" will be used to
-	// authenticate to Vault.
-	// https://www.vaultproject.io/docs/auth/token
-	VaultAuthToken VaultAuthMethod = "Token"
-)
-
-// VaultAuthTokenConfig represents configuration for Vault Token Auth Method.
-// https://www.vaultproject.io/docs/auth/token
-type VaultAuthTokenConfig struct {
-	// Source of the credentials.
-	// +kubebuilder:validation:Enum=None;Secret;Environment;Filesystem
-	Source CredentialsSource `json:"source"`
-
-	// CommonCredentialSelectors provides common selectors for extracting
-	// credentials.
-	CommonCredentialSelectors `json:",inline"`
-}
-
-// VaultAuthConfig required to authenticate to a Vault API.
-type VaultAuthConfig struct {
-	// Method configures which auth method will be used.
-	Method VaultAuthMethod `json:"method"`
-	// Token configures Token Auth for Vault.
-	// +optional
-	Token *VaultAuthTokenConfig `json:"token,omitempty"`
-}
-
-// VaultCABundleConfig represents configuration for configuring a CA bundle.
-type VaultCABundleConfig struct {
-	// Source of the credentials.
-	// +kubebuilder:validation:Enum=None;Secret;Environment;Filesystem
-	Source CredentialsSource `json:"source"`
-
-	// CommonCredentialSelectors provides common selectors for extracting
-	// credentials.
-	CommonCredentialSelectors `json:",inline"`
-}
-
-// VaultKVVersion represent API version of the Vault KV engine
-// https://www.vaultproject.io/docs/secrets/kv
-type VaultKVVersion string
-
-const (
-	// VaultKVVersionV1 indicates that Secret API is KV Secrets Engine Version 1
-	// https://www.vaultproject.io/docs/secrets/kv/kv-v1
-	VaultKVVersionV1 VaultKVVersion = "v1"
-
-	// VaultKVVersionV2 indicates that Secret API is KV Secrets Engine Version 2
-	// https://www.vaultproject.io/docs/secrets/kv/kv-v2
-	VaultKVVersionV2 VaultKVVersion = "v2"
-)
-
-// VaultSecretStoreConfig represents the required configuration for a Vault
-// secret store.
-type VaultSecretStoreConfig struct {
-	// Server is the url of the Vault server, e.g. "https://vault.acme.org"
-	Server string `json:"server"`
-
-	// MountPath is the mount path of the KV secrets engine.
-	MountPath string `json:"mountPath"`
-
-	// Version of the KV Secrets engine of Vault.
-	// https://www.vaultproject.io/docs/secrets/kv
-	// +optional
-	// +kubebuilder:default=v2
-	Version *VaultKVVersion `json:"version,omitempty"`
-
-	// CABundle configures CA bundle for Vault Server.
-	// +optional
-	CABundle *VaultCABundleConfig `json:"caBundle,omitempty"`
-
-	// Auth configures an authentication method for Vault.
-	Auth VaultAuthConfig `json:"auth"`
-}
diff --git a/apis/common/v1/zz_generated.deepcopy.go b/apis/common/v1/zz_generated.deepcopy.go
diff --git a/go.mod b/go.mod
@@ -7,7 +7,6 @@ require (
 	github.com/bufbuild/buf v1.25.1
 	github.com/go-logr/logr v1.2.4
 	github.com/google/go-cmp v0.5.9
-	github.com/hashicorp/vault/api v1.9.2
 	github.com/spf13/afero v1.9.5
 	golang.org/x/time v0.3.0
 	google.golang.org/grpc v1.57.0
@@ -29,7 +28,6 @@ require (
 	github.com/bufbuild/connect-go v1.9.0 // indirect
 	github.com/bufbuild/connect-opentelemetry-go v0.4.0 // indirect
 	github.com/bufbuild/protocompile v0.6.0 // indirect
-	github.com/cenkalti/backoff/v3 v3.0.0 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/containerd/stargz-snapshotter/estargz v0.14.3 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
@@ -46,7 +44,6 @@ require (
 	github.com/felixge/fgprof v0.9.3 // indirect
 	github.com/fsnotify/fsnotify v1.6.0 // indirect
 	github.com/go-chi/chi/v5 v5.0.10 // indirect
-	github.com/go-jose/go-jose/v3 v3.0.0 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/jsonpointer v0.19.6 // indirect
 	github.com/go-openapi/jsonreference v0.20.2 // indirect
@@ -61,15 +58,6 @@ require (
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/pprof v0.0.0-20230705174524-200ffdc848b8 // indirect
 	github.com/google/uuid v1.3.0 // indirect
-	github.com/hashicorp/errwrap v1.1.0 // indirect
-	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
-	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.1 // indirect
-	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
-	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 // indirect
-	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
-	github.com/hashicorp/go-sockaddr v1.0.2 // indirect
-	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/imdario/mergo v0.3.16 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jdxcode/netrc v0.0.0-20221124155335-4616370d1a84 // indirect
@@ -82,7 +70,6 @@ require (
 	github.com/mattn/go-isatty v0.0.17 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
-	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/moby/term v0.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
@@ -99,7 +86,6 @@ require (
 	github.com/prometheus/procfs v0.10.0 // indirect
 	github.com/rs/cors v1.9.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/ryanuber/go-glob v1.0.0 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/spf13/cobra v1.7.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect