Adding Response Structures to PKI Config #18376
Conversation
|
@AnPucel can you provide a link (either to docs or source code) to what you're using as references for the fields? |
I mostly followed the callback and looked at the structure of the response that was being returned there. So, it's a little tedious, but they're usually in the same file. |
| Description: "OK", | ||
| Fields: map[string]*framework.FieldSchema{ | ||
| "expiry": { | ||
| Type: framework.TypeString, |
There was a problem hiding this comment.
[note]
lots of these fields are durations, maybe we can add a format field to framework.FieldSchema eventually to make it more explicit
https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.1.md#data-types
https://pkg.go.dev/github.com/go-openapi/strfmt#section-readme
There was a problem hiding this comment.
We have TypeDurationSecond, but I don't know if the response is formatted correctly for that always?
Sometimes there are also string time.Time value when its a concrete date instead of a duration though.
There was a problem hiding this comment.
Agreed, since we have the tests now, would it be possible to try it out with TypeTime and TypeDurationSecond?
vault/sdk/framework/openapi.go
Lines 805 to 807 in 40f599b
vault/sdk/framework/openapi.go
Lines 785 to 787 in 40f599b
There was a problem hiding this comment.
Same comment applies to:
- auto_rebuild_grace_period
- ocsp_expiry
- delta_rebuild_interval
- expiry
There was a problem hiding this comment.
Sure! I did update this on a few other PRs. So, I forgot to go back and do it here.
There was a problem hiding this comment.
With regard to this, the user sees these as string, e.g. 15m and then it gets parsed into a duration when it's handled. Shouldn't it reflect what the user sees or should it be a duration?
https://developer.hashicorp.com/vault/api-docs/secret/pki#expiry
Co-authored-by: Anton Averchenkov <[email protected]>
| }, | ||
| "enable_templating": { | ||
| Type: framework.TypeBool, | ||
| Description: `Whether or not to enable templating of the |
There was a problem hiding this comment.
It might be good to reuse descriptions of response/parmas especially for these configs, but we can do the refactoring after this merges.
There was a problem hiding this comment.
Yes! That works for me. I tried to keep them consistent. I can definitely update these with better ones after the fact.
AnPucel
force-pushed
the
anpucel/PKIResponseStructures
branch
from
de44314 to
4548149
Compare
| Description: "OK", | ||
| Fields: map[string]*framework.FieldSchema{ | ||
| "expiry": { | ||
| Type: framework.TypeString, |
There was a problem hiding this comment.
Agreed, since we have the tests now, would it be possible to try it out with TypeTime and TypeDurationSecond?
vault/sdk/framework/openapi.go
Lines 805 to 807 in 40f599b
vault/sdk/framework/openapi.go
Lines 785 to 787 in 40f599b
| Description: "OK", | ||
| Fields: map[string]*framework.FieldSchema{ | ||
| "expiry": { | ||
| Type: framework.TypeString, |
There was a problem hiding this comment.
Same comment applies to:
- auto_rebuild_grace_period
- ocsp_expiry
- delta_rebuild_interval
- expiry
Adding Response Structures to PKI Config. Corresponding response structures are linked below each file name
Please see this RFC for implementation details.
config/caconfig/issuersroot/replaceconfig/keysconfig/clusterconfig/crlconfig/urlsRelated PRs: