From 3f18d6e4b4b6ebb435eb07e4e9e489adffe262f8 Mon Sep 17 00:00:00 2001 From: Humble Chirammal Date: Mon, 24 Jan 2022 18:27:54 +0530 Subject: [PATCH] rbd: Unexport IntegratedDEK struct from kms This commit unexport IntegratedDEK struct from KMS implementation Signed-off-by: Humble Chirammal --- internal/kms/kms.go | 10 +++++----- internal/kms/secretskms.go | 2 +- internal/kms/vault.go | 12 ++++++------ internal/kms/vault_tokens.go | 2 +- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/internal/kms/kms.go b/internal/kms/kms.go index e886321ac..01ac65310 100644 --- a/internal/kms/kms.go +++ b/internal/kms/kms.go @@ -359,20 +359,20 @@ type DEKStore interface { RemoveDEK(volumeID string) error } -// IntegratedDEK is a DEKStore that can not be configured. Either the KMS does +// integratedDEK is a DEKStore that can not be configured. Either the KMS does // not use a DEK, or the DEK is stored in the KMS without additional // configuration options. -type IntegratedDEK struct{} +type integratedDEK struct{} -func (i IntegratedDEK) RequiresDEKStore() DEKStoreType { +func (i integratedDEK) RequiresDEKStore() DEKStoreType { return DEKStoreIntegrated } -func (i IntegratedDEK) EncryptDEK(volumeID, plainDEK string) (string, error) { +func (i integratedDEK) EncryptDEK(volumeID, plainDEK string) (string, error) { return plainDEK, nil } -func (i IntegratedDEK) DecryptDEK(volumeID, encyptedDEK string) (string, error) { +func (i integratedDEK) DecryptDEK(volumeID, encyptedDEK string) (string, error) { return encyptedDEK, nil } diff --git a/internal/kms/secretskms.go b/internal/kms/secretskms.go index 541a0d466..5c6f0ab1b 100644 --- a/internal/kms/secretskms.go +++ b/internal/kms/secretskms.go @@ -50,7 +50,7 @@ const ( // SecretsKMS is default KMS implementation that means no KMS is in use. type SecretsKMS struct { - IntegratedDEK + integratedDEK passphrase string } diff --git a/internal/kms/vault.go b/internal/kms/vault.go index 6a2f2c744..6abe6f0f5 100644 --- a/internal/kms/vault.go +++ b/internal/kms/vault.go @@ -87,9 +87,9 @@ type vaultConnection struct { vaultDestroyKeys bool } -type VaultKMS struct { +type vaultKMS struct { vaultConnection - IntegratedDEK + integratedDEK // vaultPassphrasePath (VPP) used to be added before the "key" of the // secret (like /v1/secret/data//key) @@ -329,7 +329,7 @@ var _ = RegisterProvider(Provider{ // InitVaultKMS returns an interface to HashiCorp Vault KMS. func initVaultKMS(args ProviderInitArgs) (EncryptionKMS, error) { - kms := &VaultKMS{} + kms := &vaultKMS{} err := kms.initConnection(args.Config) if err != nil { return nil, fmt.Errorf("failed to initialize Vault connection: %w", err) @@ -392,7 +392,7 @@ func initVaultKMS(args ProviderInitArgs) (EncryptionKMS, error) { // FetchDEK returns passphrase from Vault. The passphrase is stored in a // data.data.passphrase structure. -func (kms *VaultKMS) FetchDEK(key string) (string, error) { +func (kms *vaultKMS) FetchDEK(key string) (string, error) { s, err := kms.secrets.GetSecret(filepath.Join(kms.vaultPassphrasePath, key), kms.keyContext) if err != nil { return "", err @@ -411,7 +411,7 @@ func (kms *VaultKMS) FetchDEK(key string) (string, error) { } // StoreDEK saves new passphrase in Vault. -func (kms *VaultKMS) StoreDEK(key, value string) error { +func (kms *vaultKMS) StoreDEK(key, value string) error { data := map[string]interface{}{ "data": map[string]string{ "passphrase": value, @@ -428,7 +428,7 @@ func (kms *VaultKMS) StoreDEK(key, value string) error { } // RemoveDEK deletes passphrase from Vault. -func (kms *VaultKMS) RemoveDEK(key string) error { +func (kms *vaultKMS) RemoveDEK(key string) error { pathKey := filepath.Join(kms.vaultPassphrasePath, key) err := kms.secrets.DeleteSecret(pathKey, kms.getDeleteKeyContext()) if err != nil { diff --git a/internal/kms/vault_tokens.go b/internal/kms/vault_tokens.go index d9eee0816..a9cb88f56 100644 --- a/internal/kms/vault_tokens.go +++ b/internal/kms/vault_tokens.go @@ -186,7 +186,7 @@ Example JSON structure in the KMS config is, */ type vaultTenantConnection struct { vaultConnection - IntegratedDEK + integratedDEK client *kubernetes.Clientset