Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Run all builtins as plugins #5536

Merged
merged 54 commits into from
Nov 7, 2018
Merged

Run all builtins as plugins #5536

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
54 commits
Select commit Hold shift + click to select a range
97c24d7
run all builtins as plugins
Oct 23, 2018
8cd2d92
merge master
Oct 23, 2018
7ac1b95
fix tests
Oct 23, 2018
fc3343a
Merge branch 'opensource-master' into run-all-buitins-as-plugins
Oct 23, 2018
fd9a1b8
Merge branch 'opensource-master' into run-all-buitins-as-plugins
Oct 23, 2018
4c66440
strip extra space from import
Oct 24, 2018
e8f4954
fix some tests
Oct 24, 2018
887eb24
remove unnecessary plugin type db argument
Oct 30, 2018
d8fe340
Merge branch 'opensource-master' into run-all-buitins-as-plugins
Oct 30, 2018
ad70d44
Merge branch 'opensource-master' into run-all-buitins-as-plugins
Oct 30, 2018
c258561
strip field for auth plugin requests
Oct 30, 2018
6ec7fd4
add backend type to the token store
Oct 31, 2018
376039f
support plugin-name for auth enablement
Oct 31, 2018
1534d44
support plugin-name for secrets enablement
Oct 31, 2018
9205291
re-add listing plugins to command
Oct 31, 2018
5ace05a
move type to before name at CLI
Oct 31, 2018
7554817
re-add the registrys BuiltinFactory
Oct 31, 2018
e1506ce
prefix catalog storage with plugin type
Nov 1, 2018
56f3d7b
add check for entry type
Nov 1, 2018
8933dc9
merge master
Nov 1, 2018
ec28bd6
Merge branch 'opensource-master' into run-all-buitins-as-plugins
Nov 1, 2018
4b414a8
add test explanation
Nov 1, 2018
c9acd4d
use a slash not a dash to prefix storage
Nov 2, 2018
857f614
move kv back to registry and automatically mount it
Nov 2, 2018
f8c71dd
update plugin type parsing
Nov 2, 2018
e2784fd
Fix upgrades
Nov 2, 2018
8961834
Fix upgrade
Nov 2, 2018
101936f
Merge pull request #5676 from hashicorp/run-all-buitins-as-plugins-up…
Nov 2, 2018
e10b27f
merge master
Nov 2, 2018
3bfaf1e
list plugins by type in the catalog
Nov 5, 2018
f48eb7a
ensure kv is automatically mounted
Nov 5, 2018
0d6c304
add devPluginType flag
Nov 6, 2018
c5f2e81
populate the flag
Nov 6, 2018
11d09b7
Update listing API/CLI to support listing all plugin types
calvn Nov 6, 2018
59e62a9
s/NamesByType/PluginsByType/
calvn Nov 6, 2018
a67416c
Merge pull request #5696 from hashicorp/b-plugins-listing
Nov 6, 2018
7605763
Upgrade plugins to typed plugins (#5695)
briankassouf Nov 6, 2018
e6a0674
remove space from internal-ui-resultant-acl
briankassouf Nov 6, 2018
6d57143
change PluginType const to uint32
Nov 6, 2018
363abe3
re-add plugin_name to logical_system_paths
Nov 6, 2018
a9d491f
fix plugin list command
Nov 6, 2018
8aaf887
merge master
Nov 6, 2018
1a8e3f8
update config.PluginNameDeprecated to logicalType
briankassouf Nov 6, 2018
ef5e51f
update config.PluginNameDeprecated to logicalType
briankassouf Nov 6, 2018
0e093ba
update config.PluginNameDeprecated to logicalType
briankassouf Nov 6, 2018
a446776
update config.PluginNameDeprecated to logicalType
briankassouf Nov 6, 2018
0931816
automatically sort plugins from dev flag
Nov 6, 2018
aab2e8c
merge master
Nov 6, 2018
ce8cb57
Determine plugin type if using the old untyped API (#5713)
briankassouf Nov 6, 2018
8d32f46
Reuse the same path spec (#5715)
briankassouf Nov 7, 2018
f6d2ee9
support listing at parent plugin catalog
Nov 7, 2018
442b667
Revert "support listing at parent plugin catalog"
Nov 7, 2018
ba57fa0
try listing if getting fails
Nov 7, 2018
5b6d88c
Merge pull request #5717 from hashicorp/backwards-compat
Nov 7, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions api/api_integration_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ import (
"github.com/hashicorp/vault/builtin/logical/database"
"github.com/hashicorp/vault/builtin/logical/pki"
"github.com/hashicorp/vault/builtin/logical/transit"
"github.com/hashicorp/vault/helper/builtinplugins"
"github.com/hashicorp/vault/logical"
"github.com/hashicorp/vault/vault"

Expand Down Expand Up @@ -56,6 +57,7 @@ func testVaultServerUnseal(t testing.TB) (*api.Client, []string, func()) {
"pki": pki.Factory,
"transit": transit.Factory,
},
BuiltinRegistry: builtinplugins.Registry,
})
}

Expand Down
3 changes: 0 additions & 3 deletions api/sys_mounts.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,6 @@ type MountInput struct {
Description string `json:"description"`
Config MountConfigInput `json:"config"`
Local bool `json:"local"`
PluginName string `json:"plugin_name,omitempty"`
SealWrap bool `json:"seal_wrap" mapstructure:"seal_wrap"`
Options map[string]string `json:"options"`
}
Expand All @@ -144,7 +143,6 @@ type MountConfigInput struct {
Description *string `json:"description,omitempty" mapstructure:"description"`
MaxLeaseTTL string `json:"max_lease_ttl" mapstructure:"max_lease_ttl"`
ForceNoCache bool `json:"force_no_cache" mapstructure:"force_no_cache"`
PluginName string `json:"plugin_name,omitempty" mapstructure:"plugin_name"`
AuditNonHMACRequestKeys []string `json:"audit_non_hmac_request_keys,omitempty" mapstructure:"audit_non_hmac_request_keys"`
AuditNonHMACResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"`
ListingVisibility string `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"`
Expand All @@ -166,7 +164,6 @@ type MountConfigOutput struct {
DefaultLeaseTTL int `json:"default_lease_ttl" mapstructure:"default_lease_ttl"`
MaxLeaseTTL int `json:"max_lease_ttl" mapstructure:"max_lease_ttl"`
ForceNoCache bool `json:"force_no_cache" mapstructure:"force_no_cache"`
PluginName string `json:"plugin_name,omitempty" mapstructure:"plugin_name"`
AuditNonHMACRequestKeys []string `json:"audit_non_hmac_request_keys,omitempty" mapstructure:"audit_non_hmac_request_keys"`
AuditNonHMACResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"`
ListingVisibility string `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"`
Expand Down
24 changes: 19 additions & 5 deletions api/sys_plugins.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,15 @@ import (
"context"
"fmt"
"net/http"

"github.com/hashicorp/vault/helper/consts"
)

// ListPluginsInput is used as input to the ListPlugins function.
type ListPluginsInput struct{}
type ListPluginsInput struct {
// Type of the plugin. Required.
Type consts.PluginType `json:"type"`
}

// ListPluginsResponse is the response from the ListPlugins call.
type ListPluginsResponse struct {
Expand All @@ -18,7 +23,7 @@ type ListPluginsResponse struct {
// ListPlugins lists all plugins in the catalog and returns their names as a
// list of strings.
func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) {
path := "/v1/sys/plugins/catalog"
path := fmt.Sprintf("/v1/sys/plugins/catalog/%s", i.Type)
req := c.c.NewRequest("LIST", path)

ctx, cancelFunc := context.WithCancel(context.Background())
Expand All @@ -44,6 +49,9 @@ func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) {
// GetPluginInput is used as input to the GetPlugin function.
type GetPluginInput struct {
Name string `json:"-"`

// Type of the plugin. Required.
Type consts.PluginType `json:"type"`
}

// GetPluginResponse is the response from the GetPlugin call.
Expand All @@ -56,7 +64,7 @@ type GetPluginResponse struct {
}

func (c *Sys) GetPlugin(i *GetPluginInput) (*GetPluginResponse, error) {
path := fmt.Sprintf("/v1/sys/plugins/catalog/%s", i.Name)
path := fmt.Sprintf("/v1/sys/plugins/catalog/%s/%s", i.Type, i.Name)
req := c.c.NewRequest(http.MethodGet, path)

ctx, cancelFunc := context.WithCancel(context.Background())
Expand All @@ -82,6 +90,9 @@ type RegisterPluginInput struct {
// Name is the name of the plugin. Required.
Name string `json:"-"`

// Type of the plugin. Required.
Type consts.PluginType `json:"type"`

// Args is the list of args to spawn the process with.
Args []string `json:"args,omitempty"`

Expand All @@ -94,7 +105,7 @@ type RegisterPluginInput struct {

// RegisterPlugin registers the plugin with the given information.
func (c *Sys) RegisterPlugin(i *RegisterPluginInput) error {
path := fmt.Sprintf("/v1/sys/plugins/catalog/%s", i.Name)
path := fmt.Sprintf("/v1/sys/plugins/catalog/%s/%s", i.Type, i.Name)
req := c.c.NewRequest(http.MethodPut, path)
if err := req.SetJSONBody(i); err != nil {
return err
Expand All @@ -113,12 +124,15 @@ func (c *Sys) RegisterPlugin(i *RegisterPluginInput) error {
type DeregisterPluginInput struct {
// Name is the name of the plugin. Required.
Name string `json:"-"`

// Type of the plugin. Required.
Type consts.PluginType `json:"type"`
}

// DeregisterPlugin removes the plugin with the given name from the plugin
// catalog.
func (c *Sys) DeregisterPlugin(i *DeregisterPluginInput) error {
path := fmt.Sprintf("/v1/sys/plugins/catalog/%s", i.Name)
path := fmt.Sprintf("/v1/sys/plugins/catalog/%s/%s", i.Type, i.Name)
req := c.c.NewRequest(http.MethodDelete, path)

ctx, cancelFunc := context.WithCancel(context.Background())
Expand Down
56 changes: 33 additions & 23 deletions builtin/credential/app-id/backend_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ func TestBackend_basic(t *testing.T) {
return b, nil
}
logicaltest.Test(t, logicaltest.TestCase{
Factory: factory,
CredentialFactory: factory,
Steps: []logicaltest.TestStep{
testAccStepMapAppId(t),
testAccStepMapUserId(t),
Expand Down Expand Up @@ -65,7 +65,7 @@ func TestBackend_basic(t *testing.T) {

func TestBackend_cidr(t *testing.T) {
logicaltest.Test(t, logicaltest.TestCase{
Factory: Factory,
CredentialFactory: Factory,
Steps: []logicaltest.TestStep{
testAccStepMapAppIdDisplayName(t),
testAccStepMapUserIdCidr(t, "192.168.1.0/16"),
Expand All @@ -78,7 +78,7 @@ func TestBackend_cidr(t *testing.T) {

func TestBackend_displayName(t *testing.T) {
logicaltest.Test(t, logicaltest.TestCase{
Factory: Factory,
CredentialFactory: Factory,
Steps: []logicaltest.TestStep{
testAccStepMapAppIdDisplayName(t),
testAccStepMapUserId(t),
Expand All @@ -93,8 +93,9 @@ func TestBackend_displayName(t *testing.T) {

func testAccStepMapAppId(t *testing.T) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "map/app-id/foo",
IsAuthBackendRequest: true,
tyrannosaurus-becks marked this conversation as resolved.
Show resolved Hide resolved
Operation: logical.UpdateOperation,
Path: "map/app-id/foo",
Data: map[string]interface{}{
"value": "foo,bar",
},
Expand All @@ -103,8 +104,9 @@ func testAccStepMapAppId(t *testing.T) logicaltest.TestStep {

func testAccStepMapAppIdDisplayName(t *testing.T) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "map/app-id/foo",
IsAuthBackendRequest: true,
Operation: logical.UpdateOperation,
Path: "map/app-id/foo",
Data: map[string]interface{}{
"display_name": "tubbin",
"value": "foo,bar",
Expand All @@ -114,8 +116,9 @@ func testAccStepMapAppIdDisplayName(t *testing.T) logicaltest.TestStep {

func testAccStepMapUserId(t *testing.T) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "map/user-id/42",
IsAuthBackendRequest: true,
Operation: logical.UpdateOperation,
Path: "map/user-id/42",
Data: map[string]interface{}{
"value": "foo",
},
Expand All @@ -124,15 +127,17 @@ func testAccStepMapUserId(t *testing.T) logicaltest.TestStep {

func testAccStepDeleteUserId(t *testing.T) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.DeleteOperation,
Path: "map/user-id/42",
IsAuthBackendRequest: true,
Operation: logical.DeleteOperation,
Path: "map/user-id/42",
}
}

func testAccStepMapUserIdCidr(t *testing.T, cidr string) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "map/user-id/42",
IsAuthBackendRequest: true,
Operation: logical.UpdateOperation,
Path: "map/user-id/42",
Data: map[string]interface{}{
"value": "foo",
"cidr_block": cidr,
Expand All @@ -148,8 +153,9 @@ func testAccLogin(t *testing.T, display string) logicaltest.TestStep {
return nil
}
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "login",
IsAuthBackendRequest: true,
Operation: logical.UpdateOperation,
Path: "login",
Data: map[string]interface{}{
"app_id": "foo",
"user_id": "42",
Expand All @@ -172,8 +178,9 @@ func testAccLoginAppIDInPath(t *testing.T, display string) logicaltest.TestStep
return nil
}
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "login/foo",
IsAuthBackendRequest: true,
Operation: logical.UpdateOperation,
Path: "login/foo",
Data: map[string]interface{}{
"user_id": "42",
},
Expand All @@ -194,8 +201,9 @@ func testAccLoginCidr(t *testing.T, ip string, err bool) logicaltest.TestStep {
}

return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "login",
IsAuthBackendRequest: true,
Operation: logical.UpdateOperation,
Path: "login",
Data: map[string]interface{}{
"app_id": "foo",
"user_id": "42",
Expand All @@ -210,8 +218,9 @@ func testAccLoginCidr(t *testing.T, ip string, err bool) logicaltest.TestStep {

func testAccLoginInvalid(t *testing.T) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "login",
IsAuthBackendRequest: true,
Operation: logical.UpdateOperation,
Path: "login",
Data: map[string]interface{}{
"app_id": "foo",
"user_id": "48",
Expand All @@ -225,8 +234,9 @@ func testAccLoginInvalid(t *testing.T) logicaltest.TestStep {

func testAccLoginDeleted(t *testing.T) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "login",
IsAuthBackendRequest: true,
Operation: logical.UpdateOperation,
Path: "login",
Data: map[string]interface{}{
"app_id": "foo",
"user_id": "42",
Expand Down
0 builtin/credential/approle/cmd/main.go → ...in/credential/approle/cmd/approle/main.go
View file
Open in desktop
File renamed without changes.
36 changes: 20 additions & 16 deletions builtin/credential/aws/backend_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -476,40 +476,44 @@ func TestBackend_ConfigClient(t *testing.T) {
}

stepCreate := logicaltest.TestStep{
Operation: logical.CreateOperation,
Path: "config/client",
Data: data,
IsAuthBackendRequest: true,
Operation: logical.CreateOperation,
Path: "config/client",
Data: data,
}

stepUpdate := logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "config/client",
Data: data,
IsAuthBackendRequest: true,
Operation: logical.UpdateOperation,
Path: "config/client",
Data: data,
}

data3 := map[string]interface{}{"access_key": "",
"secret_key": "mCtSM8ZUEQ3mOFVZYPBQkf2sO6F/W7a5TVzrl3Oj",
}
stepInvalidAccessKey := logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "config/client",
Data: data3,
ErrorOk: true,
IsAuthBackendRequest: true,
Operation: logical.UpdateOperation,
Path: "config/client",
Data: data3,
ErrorOk: true,
}

data4 := map[string]interface{}{"access_key": "accesskey",
"secret_key": "",
}
stepInvalidSecretKey := logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "config/client",
Data: data4,
ErrorOk: true,
IsAuthBackendRequest: true,
Operation: logical.UpdateOperation,
Path: "config/client",
Data: data4,
ErrorOk: true,
}

logicaltest.Test(t, logicaltest.TestCase{
AcceptanceTest: false,
Backend: b,
AcceptanceTest: false,
CredentialBackend: b,
Steps: []logicaltest.TestStep{
stepCreate,
stepInvalidAccessKey,
Expand Down
Loading