diff --git a/backend.go b/backend.go index 6ae2271c..b8c0b20e 100644 --- a/backend.go +++ b/backend.go @@ -36,6 +36,12 @@ const ( // defaultMaxVersions is the number of versions to keep around unless set by // the config or key configuration. defaultMaxVersions uint32 = 10 + + // operationPrefixKVv1 is used as prefixes for OpenAPI operation id's. + operationPrefixKVv1 = "kv-v1" + + // operationPrefixKVv2 is used as prefixes for OpenAPI operation id's. + operationPrefixKVv2 = "kv-v2" ) // versionedKVBackend implements logical.Backend diff --git a/go.mod b/go.mod index a87774ab..b2136afb 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 github.com/hashicorp/vault/api v1.9.0 - github.com/hashicorp/vault/sdk v0.8.1 + github.com/hashicorp/vault/sdk v0.9.0 github.com/mitchellh/mapstructure v1.5.0 google.golang.org/protobuf v1.30.0 ) @@ -27,7 +27,7 @@ require ( github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-immutable-radix v1.3.1 // indirect github.com/hashicorp/go-kms-wrapping/entropy/v2 v2.0.0 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.7 // indirect + github.com/hashicorp/go-kms-wrapping/v2 v2.0.8 // indirect github.com/hashicorp/go-plugin v1.4.5 // indirect github.com/hashicorp/go-retryablehttp v0.6.6 // indirect github.com/hashicorp/go-rootcerts v1.0.2 // indirect @@ -49,7 +49,7 @@ require ( github.com/pkg/errors v0.9.1 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect go.uber.org/atomic v1.9.0 // indirect - golang.org/x/crypto v0.5.0 // indirect + golang.org/x/crypto v0.6.0 // indirect golang.org/x/net v0.8.0 // indirect golang.org/x/sys v0.6.0 // indirect golang.org/x/text v0.8.0 // indirect diff --git a/go.sum b/go.sum index 36b89d97..d80ae17b 100644 --- a/go.sum +++ b/go.sum @@ -96,8 +96,8 @@ github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJ github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= github.com/hashicorp/go-kms-wrapping/entropy/v2 v2.0.0 h1:pSjQfW3vPtrOTcasTUKgCTQT7OGPPTTMVRrOfU6FJD8= github.com/hashicorp/go-kms-wrapping/entropy/v2 v2.0.0/go.mod h1:xvb32K2keAc+R8DSFG2IwDcydK9DBQE+fGA5fsw6hSk= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.7 h1:P+dh3M6k5aNl2wXrA9s6zquMHWPaYIkotCffiMIYt6U= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.7/go.mod h1:sDQAfwJGv25uGPZA04x87ERglCG6avnRcBT9wYoMII8= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.8 h1:9Q2lu1YbbmiAgvYZ7Pr31RdlVonUpX+mmDL7Z7qTA2U= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.8/go.mod h1:qTCjxGig/kjuj3hk1z8pOUrzbse/GxB1tGfbrq8tGJg= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= @@ -129,8 +129,8 @@ github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/vault/api v1.9.0 h1:ab7dI6W8DuCY7yCU8blo0UCYl2oHre/dloCmzMWg9w8= github.com/hashicorp/vault/api v1.9.0/go.mod h1:lloELQP4EyhjnCQhF8agKvWIVTmxbpEJj70b98959sM= -github.com/hashicorp/vault/sdk v0.8.1 h1:bdlhIpxBmJuOZ5Anumao1xeiLocR2eQrBRuJynZfTac= -github.com/hashicorp/vault/sdk v0.8.1/go.mod h1:kEpyfUU2ECGWf6XohKVFzvJ97ybSnXvxsTsBkbeVcQg= +github.com/hashicorp/vault/sdk v0.9.0 h1:Cbu9ezaZafZTXnen98QKVmufEPquhZ+r1ORZ7csNLFU= +github.com/hashicorp/vault/sdk v0.9.0/go.mod h1:VX9d+xF62YBNtiEc4l3Z2aea9HVtAS49EoniuXzHtC4= github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d h1:kJCB4vdITiW1eC1vq2e6IsrXKrZit1bv/TDYFGMp4BQ= github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= @@ -222,8 +222,8 @@ go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE= -golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= +golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc= +golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= diff --git a/passthrough.go b/passthrough.go index 9cfb9f9e..bdd1ad32 100644 --- a/passthrough.go +++ b/passthrough.go @@ -58,6 +58,10 @@ func LeaseSwitchedPassthroughBackend(ctx context.Context, conf *logical.BackendC { Pattern: framework.MatchAllRegex("path"), + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixKVv1, + }, + Fields: map[string]*framework.FieldSchema{ "path": { Type: framework.TypeString, @@ -68,6 +72,9 @@ func LeaseSwitchedPassthroughBackend(ctx context.Context, conf *logical.BackendC Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handleRead(), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "read", + }, Responses: map[int][]framework.Response{ http.StatusOK: {{ Description: http.StatusText(http.StatusOK), @@ -77,6 +84,9 @@ func LeaseSwitchedPassthroughBackend(ctx context.Context, conf *logical.BackendC }, logical.CreateOperation: &framework.PathOperation{ Callback: b.handleWrite(), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "write", + }, Responses: map[int][]framework.Response{ http.StatusNoContent: {{ Description: http.StatusText(http.StatusNoContent), @@ -85,6 +95,9 @@ func LeaseSwitchedPassthroughBackend(ctx context.Context, conf *logical.BackendC }, logical.UpdateOperation: &framework.PathOperation{ Callback: b.handleWrite(), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "write", + }, Responses: map[int][]framework.Response{ http.StatusNoContent: {{ Description: http.StatusText(http.StatusNoContent), @@ -93,6 +106,9 @@ func LeaseSwitchedPassthroughBackend(ctx context.Context, conf *logical.BackendC }, logical.DeleteOperation: &framework.PathOperation{ Callback: b.handleDelete(), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "delete", + }, Responses: map[int][]framework.Response{ http.StatusNoContent: {{ Description: http.StatusText(http.StatusNoContent), @@ -101,6 +117,9 @@ func LeaseSwitchedPassthroughBackend(ctx context.Context, conf *logical.BackendC }, logical.ListOperation: &framework.PathOperation{ Callback: b.handleList(), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "list", + }, Responses: map[int][]framework.Response{ http.StatusOK: {{ Description: http.StatusText(http.StatusOK), diff --git a/path_config.go b/path_config.go index 524e48b8..44087462 100644 --- a/path_config.go +++ b/path_config.go @@ -20,6 +20,11 @@ import ( func pathConfig(b *versionedKVBackend) *framework.Path { return &framework.Path{ Pattern: "config$", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixKVv2, + }, + Fields: map[string]*framework.FieldSchema{ "max_versions": { Type: framework.TypeInt, @@ -37,10 +42,14 @@ disables the use of delete_version_after on all keys. A zero duration clears the current setting. Accepts a Go duration format string.`, }, }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.UpdateOperation: &framework.PathOperation{ Callback: b.upgradeCheck(b.pathConfigWrite()), - Summary: "Configure backend level settings that are applied to every key in the key-value store.", + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "configure", + }, + Summary: "Configure backend level settings that are applied to every key in the key-value store.", Responses: map[int][]framework.Response{ http.StatusNoContent: {{ Description: http.StatusText(http.StatusNoContent), @@ -49,7 +58,11 @@ clears the current setting. Accepts a Go duration format string.`, }, logical.ReadOperation: &framework.PathOperation{ Callback: b.upgradeCheck(b.pathConfigRead()), - Summary: "Read the backend level settings.", + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "read", + OperationSuffix: "configuration", + }, + Summary: "Read the backend level settings.", Responses: map[int][]framework.Response{ http.StatusOK: {{ Description: http.StatusText(http.StatusOK), diff --git a/path_data.go b/path_data.go index c33498c0..6b81c85a 100644 --- a/path_data.go +++ b/path_data.go @@ -58,6 +58,11 @@ func pathData(b *versionedKVBackend) *framework.Path { return &framework.Path{ Pattern: "data/" + matchAllNoTrailingSlashRegex("path"), + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixKVv2, + }, + Fields: map[string]*framework.FieldSchema{ "path": { Type: framework.TypeString, @@ -83,15 +88,24 @@ version matches the version specified in the cas parameter.`, }, Operations: map[logical.Operation]framework.OperationHandler{ logical.UpdateOperation: &framework.PathOperation{ - Callback: b.upgradeCheck(b.pathDataWrite()), + Callback: b.upgradeCheck(b.pathDataWrite()), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "write", + }, Responses: updateCreatePatchResponseSchema, }, logical.CreateOperation: &framework.PathOperation{ - Callback: b.upgradeCheck(b.pathDataWrite()), + Callback: b.upgradeCheck(b.pathDataWrite()), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "write", + }, Responses: updateCreatePatchResponseSchema, }, logical.ReadOperation: &framework.PathOperation{ Callback: b.upgradeCheck(b.pathDataRead()), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "read", + }, Responses: map[int][]framework.Response{ http.StatusOK: {{ Description: http.StatusText(http.StatusOK), @@ -110,6 +124,9 @@ version matches the version specified in the cas parameter.`, }, logical.DeleteOperation: &framework.PathOperation{ Callback: b.upgradeCheck(b.pathDataDelete()), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "delete", + }, Responses: map[int][]framework.Response{ http.StatusNoContent: {{ Description: http.StatusText(http.StatusNoContent), @@ -117,7 +134,10 @@ version matches the version specified in the cas parameter.`, }, }, logical.PatchOperation: &framework.PathOperation{ - Callback: b.upgradeCheck(b.pathDataPatch()), + Callback: b.upgradeCheck(b.pathDataPatch()), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "patch", + }, Responses: updateCreatePatchResponseSchema, }, }, diff --git a/path_delete.go b/path_delete.go index 6978efea..6c64ca60 100644 --- a/path_delete.go +++ b/path_delete.go @@ -20,6 +20,13 @@ func pathsDelete(b *versionedKVBackend) []*framework.Path { return []*framework.Path{ { Pattern: "delete/" + framework.MatchAllRegex("path"), + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixKVv2, + OperationVerb: "delete", + OperationSuffix: "versions", + }, + Fields: map[string]*framework.FieldSchema{ "path": { Type: framework.TypeString, @@ -30,6 +37,7 @@ func pathsDelete(b *versionedKVBackend) []*framework.Path { Description: "The versions to be archived. The versioned data will not be deleted, but it will no longer be returned in normal get requests.", }, }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.UpdateOperation: &framework.PathOperation{ Callback: b.upgradeCheck(b.pathDeleteWrite()), @@ -46,6 +54,13 @@ func pathsDelete(b *versionedKVBackend) []*framework.Path { }, { Pattern: "undelete/" + framework.MatchAllRegex("path"), + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixKVv2, + OperationVerb: "undelete", + OperationSuffix: "versions", + }, + Fields: map[string]*framework.FieldSchema{ "path": { Type: framework.TypeString, @@ -56,6 +71,7 @@ func pathsDelete(b *versionedKVBackend) []*framework.Path { Description: "The versions to unarchive. The versions will be restored and their data will be returned on normal get requests.", }, }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.UpdateOperation: &framework.PathOperation{ Callback: b.upgradeCheck(b.pathUndeleteWrite()), diff --git a/path_destroy.go b/path_destroy.go index 57f3894f..919b70ca 100644 --- a/path_destroy.go +++ b/path_destroy.go @@ -17,6 +17,13 @@ import ( func pathDestroy(b *versionedKVBackend) *framework.Path { return &framework.Path{ Pattern: "destroy/" + framework.MatchAllRegex("path"), + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixKVv2, + OperationVerb: "destroy", + OperationSuffix: "versions", + }, + Fields: map[string]*framework.FieldSchema{ "path": { Type: framework.TypeString, diff --git a/path_metadata.go b/path_metadata.go index 776ffcdb..8ed5540d 100644 --- a/path_metadata.go +++ b/path_metadata.go @@ -25,6 +25,12 @@ import ( func pathMetadata(b *versionedKVBackend) *framework.Path { return &framework.Path{ Pattern: "metadata/" + framework.MatchAllRegex("path"), + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixKVv2, + OperationSuffix: "metadata", + }, + Fields: map[string]*framework.FieldSchema{ "path": { Type: framework.TypeString, @@ -59,6 +65,7 @@ version-agnostic information about a secret. `, }, }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.UpdateOperation: &framework.PathOperation{ Callback: b.upgradeCheck(b.pathMetadataWrite()), diff --git a/path_subkeys.go b/path_subkeys.go index b38c83d1..b60e6ae2 100644 --- a/path_subkeys.go +++ b/path_subkeys.go @@ -21,6 +21,13 @@ import ( func pathSubkeys(b *versionedKVBackend) *framework.Path { return &framework.Path{ Pattern: "subkeys/" + framework.MatchAllRegex("path"), + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixKVv2, + OperationVerb: "read", + OperationSuffix: "subkeys", + }, + Fields: map[string]*framework.FieldSchema{ "path": { Type: framework.TypeString,