From 8af67e1639e2125e084e93c2a753be048de2e759 Mon Sep 17 00:00:00 2001 From: Anton Averchenkov <84287187+averche@users.noreply.github.com> Date: Wed, 21 Feb 2024 14:07:00 -0500 Subject: [PATCH] openapi: Fix approle reponse duration types (#25510) --- builtin/credential/approle/path_role.go | 30 ++++++++++++------------- changelog/25510.txt | 3 +++ 2 files changed, 18 insertions(+), 15 deletions(-) create mode 100644 changelog/25510.txt diff --git a/builtin/credential/approle/path_role.go b/builtin/credential/approle/path_role.go index 2268427b548c..eaffcdaa453f 100644 --- a/builtin/credential/approle/path_role.go +++ b/builtin/credential/approle/path_role.go @@ -218,7 +218,7 @@ can only be set during role creation and once set, it can't be reset later.`, Description: "Number of times a secret ID can access the role, after which the secret ID will expire.", }, "secret_id_ttl": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: "Duration in seconds after which the issued secret ID expires.", }, @@ -233,12 +233,12 @@ can only be set during role creation and once set, it can't be reset later.`, Description: `Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.`, }, "token_explicit_max_ttl": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: "If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.", }, "token_max_ttl": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: "The maximum lifetime of the generated token", }, @@ -248,7 +248,7 @@ can only be set during role creation and once set, it can't be reset later.`, Description: "If true, the 'default' policy will not automatically be added to generated tokens", }, "token_period": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: "If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value.", }, @@ -264,7 +264,7 @@ can only be set during role creation and once set, it can't be reset later.`, Description: "The type of token to generate, service or batch", }, "token_ttl": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: "The initial ttl of the token to generate", }, @@ -274,7 +274,7 @@ can only be set during role creation and once set, it can't be reset later.`, Description: "The maximum number of times a token may be used, a value of zero means unlimited", }, "period": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: false, Description: tokenutil.DeprecationText("token_period"), Deprecated: true, @@ -656,7 +656,7 @@ to 0, meaning no expiration.`, Description: "OK", Fields: map[string]*framework.FieldSchema{ "secret_id_ttl": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: "Duration in seconds after which the issued secret ID should expire. Defaults to 0, meaning no expiration.", }, @@ -705,13 +705,13 @@ to 0, meaning no expiration.`, Description: "OK", Fields: map[string]*framework.FieldSchema{ "period": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: false, Description: tokenutil.DeprecationText("token_period"), Deprecated: true, }, "token_period": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: defTokenFields["token_period"].Description, }, @@ -799,7 +799,7 @@ to 0, meaning no expiration.`, Description: "OK", Fields: map[string]*framework.FieldSchema{ "token_ttl": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: defTokenFields["token_ttl"].Description, }, @@ -843,7 +843,7 @@ to 0, meaning no expiration.`, Description: "OK", Fields: map[string]*framework.FieldSchema{ "token_max_ttl": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: defTokenFields["token_max_ttl"].Description, }, @@ -955,7 +955,7 @@ Overrides secret_id_ttl role option when supplied. May not be longer than role's Description: "Accessor of the secret ID", }, "secret_id_ttl": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: "Duration in seconds after which the issued secret ID expires.", }, @@ -1008,7 +1008,7 @@ Overrides secret_id_ttl role option when supplied. May not be longer than role's Description: "Accessor of the secret ID", }, "secret_id_ttl": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: "Duration in seconds after which the issued secret ID expires.", }, @@ -1117,7 +1117,7 @@ Overrides secret_id_ttl role option when supplied. May not be longer than role's Description: "Accessor of the secret ID", }, "secret_id_ttl": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: "Duration in seconds after which the issued secret ID expires.", }, @@ -1257,7 +1257,7 @@ Overrides secret_id_ttl role option when supplied. May not be longer than role's Description: "Accessor of the secret ID", }, "secret_id_ttl": { - Type: framework.TypeDurationSecond, + Type: framework.TypeInt64, Required: true, Description: "Duration in seconds after which the issued secret ID expires.", }, diff --git a/changelog/25510.txt b/changelog/25510.txt new file mode 100644 index 000000000000..5eda94b0e609 --- /dev/null +++ b/changelog/25510.txt @@ -0,0 +1,3 @@ +```release-note:bug +openapi: Fixing approle reponse duration types +```