Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add display attributes for OpenAPI OperationID's #172

Merged
merged 6 commits into from
Apr 17, 2023
Merged

Add display attributes for OpenAPI OperationID's #172

merged 6 commits into from
Apr 17, 2023

Conversation

averche
Copy link
Contributor

@averche averche commented Apr 8, 2023
edited
Loading

Overview

The display attributes added in this PR will be translated into OperationID's in vault-generated OpenAPI documents (when calling /sys/internal/specs/openapi with this plugin enabled). The OperationID's will, in turn, be translated into function / method names in generated OpenAPI-based libraries (e.g. hashicorp/vault-client-go & hashicorp/vault-client-dotnet).

This PR will introduce the following OperationIDs:

Path Method OperationID
"/auth/{gcp_mount_path}/config" "get" "google-cloud-read-auth-configuration"
"/auth/{gcp_mount_path}/config" "post" "google-cloud-configure-auth"
"/auth/{gcp_mount_path}/login" "post" "google-cloud-login"
"/auth/{gcp_mount_path}/role" "get" "google-cloud-list-roles"
"/auth/{gcp_mount_path}/role/{name}" "get" "google-cloud-read-role"
"/auth/{gcp_mount_path}/role/{name}" "post" "google-cloud-write-role"
"/auth/{gcp_mount_path}/role/{name}" "delete" "google-cloud-delete-role"
"/auth/{gcp_mount_path}/role/{name}/labels" "post" "google-cloud-edit-labels-for-role"
"/auth/{gcp_mount_path}/role/{name}/service-accounts" "post" "google-cloud-edit-service-accounts-for-role"
"/auth/{gcp_mount_path}/roles" "get" "google-cloud-list-roles2"

Related Issues/Pull Requests

@averche averche mentioned this pull request Apr 8, 2023
Merged
@averche averche requested review from a team April 8, 2023 19:30
@averche averche mentioned this pull request Apr 8, 2023
Merged
AnPucel
AnPucel reviewed Apr 12, 2023
View reviewed changes
plugin/backend.go
userAgentPluginName = "auth-gcp"

// operationPrefixGoogleCloud is used as a prefix for OpenAPI operation id's.
operationPrefixGoogleCloud = "google-cloud"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this the consistent naming throughout? vs GCP

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is how the plugin is referenced to in the docs. I felt gcp might be too obscure but I'm happy to change this if folks feel strongly about it.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't feel too strongly either way but maybe it would make sense to use gcp since (1) that is how we reference it everywhere except for the docs and (2) the operationID is an ID so I think the only thing that really matters is uniqueness.

Copy link
Contributor Author

@averche averche Apr 17, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(2) the operationID is an ID so I think the only thing that really matters is uniqueness.

The operationID is translated directly into method names and struct names in the library generated code. For example google-cloud-list-roles would be translated into:

func (a *Auth) GoogleCloudListRoles(ctx context.Context, options ...RequestOption) (*GoogleCloudListRolesResponse, error) {
    ...
}

vs

func (a *Auth) GcpListRoles(ctx context.Context,  options ...RequestOption) (*GcpListRolesResponse, error) {
    ...
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got it, thanks! google-cloud works for me!

AnPucel
AnPucel reviewed Apr 12, 2023
View reviewed changes
plugin/path_login.go Outdated Show resolved Hide resolved
AnPucel
AnPucel reviewed Apr 12, 2023
View reviewed changes
plugin/path_role.go
@@ -217,6 +236,11 @@ func pathsRole(b *GcpAuthBackend) []*framework.Path {
// Edit labels on an GCE role
{
Pattern: fmt.Sprintf("role/%s/labels", framework.GenericNameRegex("name")),
DisplayAttrs: &framework.DisplayAttributes{
OperationPrefix: operationPrefixGoogleCloud,
OperationVerb: "edit",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems like a new OperationVerb, should this be update for consistency?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This operation edits the labels with "add" / "remove" arrays. The name is also from the docs

@averche averche merged commit 79494c6 into main Apr 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fairclothjm fairclothjm fairclothjm approved these changes

@AnPucel AnPucel AnPucel approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@averche @fairclothjm @AnPucel