-
Notifications
You must be signed in to change notification settings - Fork 4.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into f-mysql-static
* master: (47 commits) Add the ability to use a dev Consul node for dev storage (#6965) Update CHANGELOG.md Correct API docs examples (#6963) Fix test changelog++ Allow turning on client auth in test clusters (#6958) Update vendoring Update SDK version Make CA certificate optional in ClientTLSConfig Update vendor Combined Database backend: remove create/delete support (#6951) Bump sdk Move tls config creation to tlsutil (#6956) Update JWT tips (#6955) raft join tls (#6932) changelog++ UI - add kmip engine (#6936) Pass context to Cassandra queries (#6954) Minor clean up JWT provider docs (#6952) update azure instructions (#6858) ...
- Loading branch information
Showing
787 changed files
with
108,741 additions
and
16,589 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,130 @@ | ||
package api | ||
|
||
import ( | ||
"context" | ||
"io" | ||
"net/http" | ||
|
||
"github.com/hashicorp/vault/sdk/helper/consts" | ||
) | ||
|
||
// RaftJoinResponse represents the response of the raft join API | ||
type RaftJoinResponse struct { | ||
Joined bool `json:"joined"` | ||
} | ||
|
||
// RaftJoinRequest represents the parameters consumed by the raft join API | ||
type RaftJoinRequest struct { | ||
LeaderAPIAddr string `json:"leader_api_addr"` | ||
LeaderCACert string `json:"leader_ca_cert":` | ||
LeaderClientCert string `json:"leader_client_cert"` | ||
LeaderClientKey string `json:"leader_client_key"` | ||
Retry bool `json:"retry"` | ||
} | ||
|
||
// RaftJoin adds the node from which this call is invoked from to the raft | ||
// cluster represented by the leader address in the parameter. | ||
func (c *Sys) RaftJoin(opts *RaftJoinRequest) (*RaftJoinResponse, error) { | ||
r := c.c.NewRequest("POST", "/v1/sys/storage/raft/join") | ||
|
||
if err := r.SetJSONBody(opts); err != nil { | ||
return nil, err | ||
} | ||
|
||
ctx, cancelFunc := context.WithCancel(context.Background()) | ||
defer cancelFunc() | ||
resp, err := c.c.RawRequestWithContext(ctx, r) | ||
if err != nil { | ||
return nil, err | ||
} | ||
defer resp.Body.Close() | ||
|
||
var result RaftJoinResponse | ||
err = resp.DecodeJSON(&result) | ||
return &result, err | ||
} | ||
|
||
// RaftSnapshot invokes the API that takes the snapshot of the raft cluster and | ||
// writes it to the supplied io.Writer. | ||
func (c *Sys) RaftSnapshot(snapWriter io.Writer) error { | ||
r := c.c.NewRequest("GET", "/v1/sys/storage/raft/snapshot") | ||
r.URL.RawQuery = r.Params.Encode() | ||
|
||
req, err := http.NewRequest(http.MethodGet, r.URL.RequestURI(), nil) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
req.URL.User = r.URL.User | ||
req.URL.Scheme = r.URL.Scheme | ||
req.URL.Host = r.URL.Host | ||
req.Host = r.URL.Host | ||
|
||
if r.Headers != nil { | ||
for header, vals := range r.Headers { | ||
for _, val := range vals { | ||
req.Header.Add(header, val) | ||
} | ||
} | ||
} | ||
|
||
if len(r.ClientToken) != 0 { | ||
req.Header.Set(consts.AuthHeaderName, r.ClientToken) | ||
} | ||
|
||
if len(r.WrapTTL) != 0 { | ||
req.Header.Set("X-Vault-Wrap-TTL", r.WrapTTL) | ||
} | ||
|
||
if len(r.MFAHeaderVals) != 0 { | ||
for _, mfaHeaderVal := range r.MFAHeaderVals { | ||
req.Header.Add("X-Vault-MFA", mfaHeaderVal) | ||
} | ||
} | ||
|
||
if r.PolicyOverride { | ||
req.Header.Set("X-Vault-Policy-Override", "true") | ||
} | ||
|
||
// Avoiding the use of RawRequestWithContext which reads the response body | ||
// to determine if the body contains error message. | ||
var result *Response | ||
resp, err := c.c.config.HttpClient.Do(req) | ||
if resp == nil { | ||
return nil | ||
} | ||
|
||
result = &Response{Response: resp} | ||
if err := result.Error(); err != nil { | ||
return err | ||
} | ||
|
||
_, err = io.Copy(snapWriter, resp.Body) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
return nil | ||
} | ||
|
||
// RaftSnapshotRestore reads the snapshot from the io.Reader and installs that | ||
// snapshot, returning the cluster to the state defined by it. | ||
func (c *Sys) RaftSnapshotRestore(snapReader io.Reader, force bool) error { | ||
path := "/v1/sys/storage/raft/snapshot" | ||
if force { | ||
path = "/v1/sys/storage/raft/snapshot-force" | ||
} | ||
r := c.c.NewRequest("POST", path) | ||
|
||
r.Body = snapReader | ||
|
||
ctx, cancelFunc := context.WithCancel(context.Background()) | ||
defer cancelFunc() | ||
resp, err := c.c.RawRequestWithContext(ctx, r) | ||
if err != nil { | ||
return err | ||
} | ||
defer resp.Body.Close() | ||
|
||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.