From de6ef7f99b94623fda9ba513914e3887d2accb50 Mon Sep 17 00:00:00 2001 From: "Scott G. Miller" Date: Fri, 5 Jun 2020 16:12:11 -0500 Subject: [PATCH 1/9] Add backend type fileld --- sdk/logical/audit.go | 1 + 1 file changed, 1 insertion(+) diff --git a/sdk/logical/audit.go b/sdk/logical/audit.go index 8ba70f37e01a..8912a04fe044 100644 --- a/sdk/logical/audit.go +++ b/sdk/logical/audit.go @@ -5,6 +5,7 @@ type LogInput struct { Auth *Auth Request *Request Response *Response + BackendType string OuterErr error NonHMACReqDataKeys []string NonHMACRespDataKeys []string From 2b91f3dea271eadb9b04e9e1d81dc480aa792195 Mon Sep 17 00:00:00 2001 From: "Scott G. Miller" Date: Mon, 8 Jun 2020 10:52:18 -0500 Subject: [PATCH 2/9] Add backend type to audit logs --- audit/format.go | 2 ++ vault/request_handling.go | 1 + 2 files changed, 3 insertions(+) diff --git a/audit/format.go b/audit/format.go index a25aa8bcde34..0fa00c3c3402 100644 --- a/audit/format.go +++ b/audit/format.go @@ -289,6 +289,7 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config }, Response: &AuditResponse{ + Backend: in.BackendType, Auth: respAuth, Secret: respSecret, Data: resp.Data, @@ -350,6 +351,7 @@ type AuditRequest struct { type AuditResponse struct { Auth *AuditAuth `json:"auth,omitempty"` + Backend string `json:"backend,omitempty"` Secret *AuditSecret `json:"secret,omitempty"` Data map[string]interface{} `json:"data,omitempty"` Warnings []string `json:"warnings,omitempty"` diff --git a/vault/request_handling.go b/vault/request_handling.go index 9dcea9abe037..6a913b414067 100644 --- a/vault/request_handling.go +++ b/vault/request_handling.go @@ -548,6 +548,7 @@ func (c *Core) handleCancelableRequest(ctx context.Context, ns *namespace.Namesp Auth: auth, Request: req, Response: auditResp, + BackendType: entry.Type, OuterErr: err, NonHMACReqDataKeys: nonHMACReqDataKeys, NonHMACRespDataKeys: nonHMACRespDataKeys, From f6105bead8622508ab8ff805501a4ae84fd47013 Mon Sep 17 00:00:00 2001 From: "Scott G. Miller" Date: Mon, 8 Jun 2020 13:58:44 -0500 Subject: [PATCH 3/9] Rename to MountType --- audit/format.go | 16 ++++++++-------- sdk/logical/audit.go | 2 +- vault/request_handling.go | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/audit/format.go b/audit/format.go index 0fa00c3c3402..a16934eb4e9b 100644 --- a/audit/format.go +++ b/audit/format.go @@ -289,14 +289,14 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config }, Response: &AuditResponse{ - Backend: in.BackendType, - Auth: respAuth, - Secret: respSecret, - Data: resp.Data, - Warnings: resp.Warnings, - Redirect: resp.Redirect, - WrapInfo: respWrapInfo, - Headers: resp.Headers, + MountType: in.MountType, + Auth: respAuth, + Secret: respSecret, + Data: resp.Data, + Warnings: resp.Warnings, + Redirect: resp.Redirect, + WrapInfo: respWrapInfo, + Headers: resp.Headers, }, } diff --git a/sdk/logical/audit.go b/sdk/logical/audit.go index 8912a04fe044..5fee122d6321 100644 --- a/sdk/logical/audit.go +++ b/sdk/logical/audit.go @@ -5,7 +5,7 @@ type LogInput struct { Auth *Auth Request *Request Response *Response - BackendType string + MountType string OuterErr error NonHMACReqDataKeys []string NonHMACRespDataKeys []string diff --git a/vault/request_handling.go b/vault/request_handling.go index 6a913b414067..ee1678f7882f 100644 --- a/vault/request_handling.go +++ b/vault/request_handling.go @@ -548,7 +548,7 @@ func (c *Core) handleCancelableRequest(ctx context.Context, ns *namespace.Namesp Auth: auth, Request: req, Response: auditResp, - BackendType: entry.Type, + MountType: entry.Type, OuterErr: err, NonHMACReqDataKeys: nonHMACReqDataKeys, NonHMACRespDataKeys: nonHMACRespDataKeys, From 90151f7553869ff5cfbc11e9ef893c8ffdba720e Mon Sep 17 00:00:00 2001 From: "Scott G. Miller" Date: Mon, 8 Jun 2020 14:00:39 -0500 Subject: [PATCH 4/9] More rename... --- audit/format.go | 16 ++++++++-------- .../hashicorp/vault/sdk/logical/audit.go | 1 + 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/audit/format.go b/audit/format.go index a16934eb4e9b..5c83de34a098 100644 --- a/audit/format.go +++ b/audit/format.go @@ -350,14 +350,14 @@ type AuditRequest struct { } type AuditResponse struct { - Auth *AuditAuth `json:"auth,omitempty"` - Backend string `json:"backend,omitempty"` - Secret *AuditSecret `json:"secret,omitempty"` - Data map[string]interface{} `json:"data,omitempty"` - Warnings []string `json:"warnings,omitempty"` - Redirect string `json:"redirect,omitempty"` - WrapInfo *AuditResponseWrapInfo `json:"wrap_info,omitempty"` - Headers map[string][]string `json:"headers,omitempty"` + Auth *AuditAuth `json:"auth,omitempty"` + MountType string `json:"mount_type,omitempty"` + Secret *AuditSecret `json:"secret,omitempty"` + Data map[string]interface{} `json:"data,omitempty"` + Warnings []string `json:"warnings,omitempty"` + Redirect string `json:"redirect,omitempty"` + WrapInfo *AuditResponseWrapInfo `json:"wrap_info,omitempty"` + Headers map[string][]string `json:"headers,omitempty"` } type AuditAuth struct { diff --git a/vendor/github.com/hashicorp/vault/sdk/logical/audit.go b/vendor/github.com/hashicorp/vault/sdk/logical/audit.go index 8ba70f37e01a..5fee122d6321 100644 --- a/vendor/github.com/hashicorp/vault/sdk/logical/audit.go +++ b/vendor/github.com/hashicorp/vault/sdk/logical/audit.go @@ -5,6 +5,7 @@ type LogInput struct { Auth *Auth Request *Request Response *Response + MountType string OuterErr error NonHMACReqDataKeys []string NonHMACRespDataKeys []string From 8339575454d55f8b8c1894aed640aa7a06427ea2 Mon Sep 17 00:00:00 2001 From: "Scott G. Miller" Date: Mon, 8 Jun 2020 14:02:09 -0500 Subject: [PATCH 5/9] Update vendored sdk for some reason --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 450cad6da87e..0e191c65e4a6 100644 --- a/go.mod +++ b/go.mod @@ -92,7 +92,7 @@ require ( github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.1.2 github.com/hashicorp/vault-plugin-secrets-openldap v0.1.3 github.com/hashicorp/vault/api v1.0.5-0.20200519221902-385fac77e20f - github.com/hashicorp/vault/sdk v0.1.14-0.20200519221838-e0cfd64bc267 + github.com/hashicorp/vault/sdk v0.1.14-0.20200608185844-f6105bead862 github.com/influxdata/influxdb v0.0.0-20190411212539-d24b7ba8c4c4 github.com/jcmturner/gokrb5/v8 v8.0.0 github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f From 8167bc2297bbb544f121a6eecc2cce9af74e0476 Mon Sep 17 00:00:00 2001 From: "Scott G. Miller" Date: Mon, 15 Jun 2020 09:25:30 -0500 Subject: [PATCH 6/9] Add MountType to requests also --- audit/format.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/audit/format.go b/audit/format.go index 5c83de34a098..c211ffb99e11 100644 --- a/audit/format.go +++ b/audit/format.go @@ -114,6 +114,7 @@ func (f *AuditFormatter) FormatRequest(ctx context.Context, w io.Writer, config ClientToken: req.ClientToken, ClientTokenAccessor: req.ClientTokenAccessor, Operation: req.Operation, + MountType: req.MountType, Namespace: &AuditNamespace{ ID: ns.ID, Path: ns.Path, @@ -275,6 +276,7 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config ClientToken: req.ClientToken, ClientTokenAccessor: req.ClientTokenAccessor, Operation: req.Operation, + MountType: req.MountType, Namespace: &AuditNamespace{ ID: ns.ID, Path: ns.Path, @@ -337,6 +339,7 @@ type AuditRequest struct { ID string `json:"id,omitempty"` ReplicationCluster string `json:"replication_cluster,omitempty"` Operation logical.Operation `json:"operation,omitempty"` + MountType string `json:"mount_type,omitempty"` ClientToken string `json:"client_token,omitempty"` ClientTokenAccessor string `json:"client_token_accessor,omitempty"` Namespace *AuditNamespace `json:"namespace,omitempty"` From d4b3c4b29c624f55781744a0e12c6283fa740d2e Mon Sep 17 00:00:00 2001 From: "Scott G. Miller" Date: Mon, 15 Jun 2020 14:18:32 -0500 Subject: [PATCH 7/9] Use MountType field from Request, negating the need for modifying LogInput --- audit/format.go | 2 +- go.sum | 1 + sdk/logical/audit.go | 1 - vault/request_handling.go | 1 - vendor/github.com/hashicorp/vault/sdk/logical/audit.go | 1 - 5 files changed, 2 insertions(+), 4 deletions(-) diff --git a/audit/format.go b/audit/format.go index c211ffb99e11..89d0934ac8ed 100644 --- a/audit/format.go +++ b/audit/format.go @@ -291,7 +291,7 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config }, Response: &AuditResponse{ - MountType: in.MountType, + MountType: req.MountType, Auth: respAuth, Secret: respSecret, Data: resp.Data, diff --git a/go.sum b/go.sum index a77b4318b88f..97d91c8e82a6 100644 --- a/go.sum +++ b/go.sum @@ -752,6 +752,7 @@ github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsT github.com/prometheus/procfs v0.0.8 h1:+fpWZdT24pJBiqJdAwYBjPSk+5YmQzYNPYzQsdzLkt8= github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= +github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a h1:9ZKAASQSHhDYGoxY8uLVpewe1GDZ2vu2Tr/vTdVAkFQ= github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= diff --git a/sdk/logical/audit.go b/sdk/logical/audit.go index 5fee122d6321..8ba70f37e01a 100644 --- a/sdk/logical/audit.go +++ b/sdk/logical/audit.go @@ -5,7 +5,6 @@ type LogInput struct { Auth *Auth Request *Request Response *Response - MountType string OuterErr error NonHMACReqDataKeys []string NonHMACRespDataKeys []string diff --git a/vault/request_handling.go b/vault/request_handling.go index ee1678f7882f..9dcea9abe037 100644 --- a/vault/request_handling.go +++ b/vault/request_handling.go @@ -548,7 +548,6 @@ func (c *Core) handleCancelableRequest(ctx context.Context, ns *namespace.Namesp Auth: auth, Request: req, Response: auditResp, - MountType: entry.Type, OuterErr: err, NonHMACReqDataKeys: nonHMACReqDataKeys, NonHMACRespDataKeys: nonHMACRespDataKeys, diff --git a/vendor/github.com/hashicorp/vault/sdk/logical/audit.go b/vendor/github.com/hashicorp/vault/sdk/logical/audit.go index 5fee122d6321..8ba70f37e01a 100644 --- a/vendor/github.com/hashicorp/vault/sdk/logical/audit.go +++ b/vendor/github.com/hashicorp/vault/sdk/logical/audit.go @@ -5,7 +5,6 @@ type LogInput struct { Auth *Auth Request *Request Response *Response - MountType string OuterErr error NonHMACReqDataKeys []string NonHMACRespDataKeys []string From 63a7b911b4d82601754673721cec8a8b3b2a0239 Mon Sep 17 00:00:00 2001 From: "Scott G. Miller" Date: Mon, 15 Jun 2020 14:19:16 -0500 Subject: [PATCH 8/9] Bump go.mod --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 07ccd0653ade..bd5e89162f6e 100644 --- a/go.mod +++ b/go.mod @@ -92,7 +92,7 @@ require ( github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.1.2 github.com/hashicorp/vault-plugin-secrets-openldap v0.1.3 github.com/hashicorp/vault/api v1.0.5-0.20200519221902-385fac77e20f - github.com/hashicorp/vault/sdk v0.1.14-0.20200608185844-f6105bead862 + github.com/hashicorp/vault/sdk d4b3c4b29c624f55781744a0e12c6283fa740d2e github.com/influxdata/influxdb v0.0.0-20190411212539-d24b7ba8c4c4 github.com/jcmturner/gokrb5/v8 v8.0.0 github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f From e7d34c847f1ca8ac33b63376bf90d64b535a1879 Mon Sep 17 00:00:00 2001 From: "Scott G. Miller" Date: Mon, 15 Jun 2020 14:20:07 -0500 Subject: [PATCH 9/9] Accept go.mod sdk change --- go.mod | 2 +- vendor/modules.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index bd5e89162f6e..48a0cbbb3ed0 100644 --- a/go.mod +++ b/go.mod @@ -92,7 +92,7 @@ require ( github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.1.2 github.com/hashicorp/vault-plugin-secrets-openldap v0.1.3 github.com/hashicorp/vault/api v1.0.5-0.20200519221902-385fac77e20f - github.com/hashicorp/vault/sdk d4b3c4b29c624f55781744a0e12c6283fa740d2e + github.com/hashicorp/vault/sdk v0.1.14-0.20200615191832-d4b3c4b29c62 github.com/influxdata/influxdb v0.0.0-20190411212539-d24b7ba8c4c4 github.com/jcmturner/gokrb5/v8 v8.0.0 github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f diff --git a/vendor/modules.txt b/vendor/modules.txt index 170003e27e56..b304f3957dd7 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -457,7 +457,7 @@ github.com/hashicorp/vault-plugin-secrets-openldap github.com/hashicorp/vault-plugin-secrets-openldap/client # github.com/hashicorp/vault/api v1.0.5-0.20200519221902-385fac77e20f => ./api github.com/hashicorp/vault/api -# github.com/hashicorp/vault/sdk v0.1.14-0.20200519221838-e0cfd64bc267 => ./sdk +# github.com/hashicorp/vault/sdk v0.1.14-0.20200615191832-d4b3c4b29c62 => ./sdk github.com/hashicorp/vault/sdk/database/dbplugin github.com/hashicorp/vault/sdk/database/helper/connutil github.com/hashicorp/vault/sdk/database/helper/credsutil