diff --git a/changelog/10996.txt b/changelog/10996.txt new file mode 100644 index 000000000000..e79f99b8a4bf --- /dev/null +++ b/changelog/10996.txt @@ -0,0 +1,3 @@ +```release-note:feature +secrets/openldap: Added dynamic roles to OpenLDAP similar to the combined database engine +``` diff --git a/go.mod b/go.mod index 300a0d61e326..b39dba823c6c 100644 --- a/go.mod +++ b/go.mod @@ -95,7 +95,7 @@ require ( github.com/hashicorp/vault-plugin-secrets-gcpkms v0.7.0 github.com/hashicorp/vault-plugin-secrets-kv v0.7.0 github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.2.0 - github.com/hashicorp/vault-plugin-secrets-openldap v0.1.6-0.20210201204049-4f0f91977798 + github.com/hashicorp/vault-plugin-secrets-openldap v0.4.0 github.com/hashicorp/vault-plugin-secrets-terraform v0.1.0 github.com/hashicorp/vault/api v1.0.5-0.20210210214158-405eced08457 github.com/hashicorp/vault/sdk v0.1.14-0.20210127185906-6b455835fa8c diff --git a/go.sum b/go.sum index 7994f097f3b4..432e4dc7bd9e 100644 --- a/go.sum +++ b/go.sum @@ -535,8 +535,6 @@ github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed h1:5upAirOpQc github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMWxXQ9wFIaZeTI9F+hmhFiGpFmhOHzyShyFUhRm0H4= github.com/hashicorp/cap v0.0.0-20210204173447-5fcddadbf7c7 h1:6OHvaQs9ys66bR1yqHuoI231JAoalgGgxeqzQuVOfX0= github.com/hashicorp/cap v0.0.0-20210204173447-5fcddadbf7c7/go.mod h1:tIk5rB1nihW5+9bZjI7xlc8LGw8FYfiFMKOpHPbWgug= -github.com/hashicorp/consul-template v0.25.2-0.20210123001810-166043f8559d h1:DSrhJ8Nqyr3oleIu0rCjRV4j6f4CJSPUp5DljXKKu4w= -github.com/hashicorp/consul-template v0.25.2-0.20210123001810-166043f8559d/go.mod h1:kNLSN13aPJz/P0we1XNU+ZDsjkbzX+iHJ+dJOqFZck0= github.com/hashicorp/consul-template v0.25.2 h1:4xTeLZR/pWX2mESkXSvriOy+eI5vp9z3p7DF5wBlch0= github.com/hashicorp/consul-template v0.25.2/go.mod h1:5kVbPpbJvxZl3r9aV1Plqur9bszus668jkx6z2umb6o= github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE= @@ -687,8 +685,8 @@ github.com/hashicorp/vault-plugin-secrets-kv v0.7.0 h1:Sq5CmKWxQu+MtO6AXYM+STPHG github.com/hashicorp/vault-plugin-secrets-kv v0.7.0/go.mod h1:B/Cybh5aVF7LNAMHwVBxY8t7r2eL0C6HVGgTyP4nKK4= github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.2.0 h1:uTtKxt5qfwTj6PqwnwPdU0fg1lIaaoqTtauuNpI2Epc= github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.2.0/go.mod h1:JOqn2mWJJbTp9NaC0CSCc3q5HQA99LfeSqgpC3YS+oA= -github.com/hashicorp/vault-plugin-secrets-openldap v0.1.6-0.20210201204049-4f0f91977798 h1:G3S7rF/zHfQnYZglk+WvjzBuJyjQAnP0xdGL/4i3jzM= -github.com/hashicorp/vault-plugin-secrets-openldap v0.1.6-0.20210201204049-4f0f91977798/go.mod h1:GiFI8Bxwx3+fn0A3SyVp9XdYQhm3cOgN8GzwKxyJ9So= +github.com/hashicorp/vault-plugin-secrets-openldap v0.4.0 h1:av7AhykZLA/lSQpxStGP+bGdNNuAEhAejZdBVrzw3p0= +github.com/hashicorp/vault-plugin-secrets-openldap v0.4.0/go.mod h1:GiFI8Bxwx3+fn0A3SyVp9XdYQhm3cOgN8GzwKxyJ9So= github.com/hashicorp/vault-plugin-secrets-terraform v0.1.0 h1:g+r6TKJsD2aM0kUNWByuL4ffZTbZH/xO/sqDwTltOu0= github.com/hashicorp/vault-plugin-secrets-terraform v0.1.0/go.mod h1:7r/0t51X/ZtSRh/TjBk7gCm1CUMk50aqLAx811OsGQ8= github.com/hashicorp/vic v1.5.1-0.20190403131502-bbfe86ec9443 h1:O/pT5C1Q3mVXMyuqg7yuAWUg/jMZR1/0QTzTRdNR6Uw= diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_dynamic_creds.go b/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_dynamic_creds.go index 2c04e7592c57..17ba997ad6c8 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_dynamic_creds.go +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_dynamic_creds.go @@ -68,7 +68,7 @@ func (b *backend) pathDynamicCredsRead(ctx context.Context, req *logical.Request merr := multierror.Append(fmt.Errorf("failed to create user: %w", err)) _, err = b.executeLDIF(config.LDAP, dRole.RollbackLDIF, templateData, true) if err != nil { - merr = multierror.Append(fmt.Errorf("failed to roll back user creation: %w", err)) + merr = multierror.Append(merr, fmt.Errorf("failed to roll back user creation: %w", err)) } return nil, merr } diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_dynamic_roles.go b/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_dynamic_roles.go index aec5d4002a65..fad2b799fca8 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_dynamic_roles.go +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_dynamic_roles.go @@ -19,7 +19,7 @@ const ( secretCredsType = "creds" dynamicRolePath = "role/" - dynamicCredPath = "cred/" + dynamicCredPath = "creds/" ) func (b *backend) pathDynamicRoles() []*framework.Path { diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_static_roles.go b/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_static_roles.go index 407753e186c5..4ff93ff22c63 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_static_roles.go +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/path_static_roles.go @@ -3,7 +3,6 @@ package openldap import ( "context" "fmt" - "path" "time" "github.com/hashicorp/vault/sdk/framework" @@ -19,7 +18,7 @@ const ( func (b *backend) pathListStaticRoles() []*framework.Path { return []*framework.Path{ { - Pattern: path.Join(staticRolePath, framework.OptionalParamRegex("prefix")), + Pattern: staticRolePath + "?$", Operations: map[logical.Operation]framework.OperationHandler{ logical.ListOperation: &framework.PathOperation{ Callback: b.pathStaticRoleList, diff --git a/vendor/modules.txt b/vendor/modules.txt index ad35adb8b859..c747b2f4f6e1 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -591,7 +591,7 @@ github.com/hashicorp/vault-plugin-secrets-gcpkms github.com/hashicorp/vault-plugin-secrets-kv # github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.2.0 github.com/hashicorp/vault-plugin-secrets-mongodbatlas -# github.com/hashicorp/vault-plugin-secrets-openldap v0.1.6-0.20210201204049-4f0f91977798 +# github.com/hashicorp/vault-plugin-secrets-openldap v0.4.0 github.com/hashicorp/vault-plugin-secrets-openldap github.com/hashicorp/vault-plugin-secrets-openldap/client # github.com/hashicorp/vault-plugin-secrets-terraform v0.1.0