mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-12-23 21:40:20 +00:00
rebase: bump github.com/hashicorp/vault/api from 1.4.1 to 1.5.0
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.4.1 to 1.5.0. - [Release notes](https://github.com/hashicorp/vault/releases) - [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/vault/compare/v1.4.1...v1.5.0) --- updated-dependencies: - dependency-name: github.com/hashicorp/vault/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
parent
190504713a
commit
4652b8facf
2
go.mod
2
go.mod
@ -14,7 +14,7 @@ require (
|
||||
github.com/golang/protobuf v1.5.2
|
||||
github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
|
||||
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0
|
||||
github.com/hashicorp/vault/api v1.4.1
|
||||
github.com/hashicorp/vault/api v1.5.0
|
||||
github.com/kubernetes-csi/csi-lib-utils v0.11.0
|
||||
github.com/kubernetes-csi/external-snapshotter/client/v4 v4.2.0
|
||||
github.com/libopenstorage/secrets v0.0.0-20210908194121-a1d19aa9713a
|
||||
|
4
go.sum
4
go.sum
@ -648,8 +648,8 @@ github.com/hashicorp/vault/api v1.0.5-0.20191122173911-80fcc7907c78/go.mod h1:Uf
|
||||
github.com/hashicorp/vault/api v1.0.5-0.20200215224050-f6547fa8e820/go.mod h1:3f12BMfgDGjTsTtIUj+ZKZwSobQpZtYGFIEehOv5z1o=
|
||||
github.com/hashicorp/vault/api v1.0.5-0.20200317185738-82f498082f02/go.mod h1:3f12BMfgDGjTsTtIUj+ZKZwSobQpZtYGFIEehOv5z1o=
|
||||
github.com/hashicorp/vault/api v1.0.5-0.20200902155336-f9d5ce5a171a/go.mod h1:R3Umvhlxi2TN7Ex2hzOowyeNb+SfbVWI973N+ctaFMk=
|
||||
github.com/hashicorp/vault/api v1.4.1 h1:mWLfPT0RhxBitjKr6swieCEP2v5pp/M//t70S3kMLRo=
|
||||
github.com/hashicorp/vault/api v1.4.1/go.mod h1:LkMdrZnWNrFaQyYYazWVn7KshilfDidgVBq6YiTq/bM=
|
||||
github.com/hashicorp/vault/api v1.5.0 h1:Bp6yc2bn7CWkOrVIzFT/Qurzx528bdavF3nz590eu28=
|
||||
github.com/hashicorp/vault/api v1.5.0/go.mod h1:LkMdrZnWNrFaQyYYazWVn7KshilfDidgVBq6YiTq/bM=
|
||||
github.com/hashicorp/vault/sdk v0.1.8/go.mod h1:tHZfc6St71twLizWNHvnnbiGFo1aq0eD2jGPLtP8kAU=
|
||||
github.com/hashicorp/vault/sdk v0.1.14-0.20190730042320-0dc007d98cc8/go.mod h1:B+hVj7TpuQY1Y/GPbCpffmgd+tSEwvhkWnjtSYCaS2M=
|
||||
github.com/hashicorp/vault/sdk v0.1.14-0.20191108161836-82f2b5571044/go.mod h1:PcekaFGiPJyHnFy+NZhP6ll650zEw51Ag7g/YEa+EOU=
|
||||
|
206
vendor/github.com/hashicorp/vault/api/auth_token.go
generated
vendored
206
vendor/github.com/hashicorp/vault/api/auth_token.go
generated
vendored
@ -2,6 +2,7 @@ package api
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
// TokenAuth is used to perform token backend operations on Vault
|
||||
@ -15,14 +16,19 @@ func (a *Auth) Token() *TokenAuth {
|
||||
}
|
||||
|
||||
func (c *TokenAuth) Create(opts *TokenCreateRequest) (*Secret, error) {
|
||||
r := c.c.NewRequest("POST", "/v1/auth/token/create")
|
||||
return c.CreateWithContext(context.Background(), opts)
|
||||
}
|
||||
|
||||
func (c *TokenAuth) CreateWithContext(ctx context.Context, opts *TokenCreateRequest) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/create")
|
||||
if err := r.SetJSONBody(opts); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -32,14 +38,19 @@ func (c *TokenAuth) Create(opts *TokenCreateRequest) (*Secret, error) {
|
||||
}
|
||||
|
||||
func (c *TokenAuth) CreateOrphan(opts *TokenCreateRequest) (*Secret, error) {
|
||||
r := c.c.NewRequest("POST", "/v1/auth/token/create-orphan")
|
||||
return c.CreateOrphanWithContext(context.Background(), opts)
|
||||
}
|
||||
|
||||
func (c *TokenAuth) CreateOrphanWithContext(ctx context.Context, opts *TokenCreateRequest) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/create-orphan")
|
||||
if err := r.SetJSONBody(opts); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -49,14 +60,19 @@ func (c *TokenAuth) CreateOrphan(opts *TokenCreateRequest) (*Secret, error) {
|
||||
}
|
||||
|
||||
func (c *TokenAuth) CreateWithRole(opts *TokenCreateRequest, roleName string) (*Secret, error) {
|
||||
r := c.c.NewRequest("POST", "/v1/auth/token/create/"+roleName)
|
||||
return c.CreateWithRoleWithContext(context.Background(), opts, roleName)
|
||||
}
|
||||
|
||||
func (c *TokenAuth) CreateWithRoleWithContext(ctx context.Context, opts *TokenCreateRequest, roleName string) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/create/"+roleName)
|
||||
if err := r.SetJSONBody(opts); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -66,16 +82,21 @@ func (c *TokenAuth) CreateWithRole(opts *TokenCreateRequest, roleName string) (*
|
||||
}
|
||||
|
||||
func (c *TokenAuth) Lookup(token string) (*Secret, error) {
|
||||
r := c.c.NewRequest("POST", "/v1/auth/token/lookup")
|
||||
return c.LookupWithContext(context.Background(), token)
|
||||
}
|
||||
|
||||
func (c *TokenAuth) LookupWithContext(ctx context.Context, token string) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/lookup")
|
||||
if err := r.SetJSONBody(map[string]interface{}{
|
||||
"token": token,
|
||||
}); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -85,16 +106,21 @@ func (c *TokenAuth) Lookup(token string) (*Secret, error) {
|
||||
}
|
||||
|
||||
func (c *TokenAuth) LookupAccessor(accessor string) (*Secret, error) {
|
||||
r := c.c.NewRequest("POST", "/v1/auth/token/lookup-accessor")
|
||||
return c.LookupAccessorWithContext(context.Background(), accessor)
|
||||
}
|
||||
|
||||
func (c *TokenAuth) LookupAccessorWithContext(ctx context.Context, accessor string) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/lookup-accessor")
|
||||
if err := r.SetJSONBody(map[string]interface{}{
|
||||
"accessor": accessor,
|
||||
}); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -104,11 +130,16 @@ func (c *TokenAuth) LookupAccessor(accessor string) (*Secret, error) {
|
||||
}
|
||||
|
||||
func (c *TokenAuth) LookupSelf() (*Secret, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/auth/token/lookup-self")
|
||||
return c.LookupSelfWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *TokenAuth) LookupSelfWithContext(ctx context.Context) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/auth/token/lookup-self")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -118,7 +149,14 @@ func (c *TokenAuth) LookupSelf() (*Secret, error) {
|
||||
}
|
||||
|
||||
func (c *TokenAuth) RenewAccessor(accessor string, increment int) (*Secret, error) {
|
||||
r := c.c.NewRequest("POST", "/v1/auth/token/renew-accessor")
|
||||
return c.RenewAccessorWithContext(context.Background(), accessor, increment)
|
||||
}
|
||||
|
||||
func (c *TokenAuth) RenewAccessorWithContext(ctx context.Context, accessor string, increment int) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/renew-accessor")
|
||||
if err := r.SetJSONBody(map[string]interface{}{
|
||||
"accessor": accessor,
|
||||
"increment": increment,
|
||||
@ -126,9 +164,7 @@ func (c *TokenAuth) RenewAccessor(accessor string, increment int) (*Secret, erro
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -138,7 +174,14 @@ func (c *TokenAuth) RenewAccessor(accessor string, increment int) (*Secret, erro
|
||||
}
|
||||
|
||||
func (c *TokenAuth) Renew(token string, increment int) (*Secret, error) {
|
||||
r := c.c.NewRequest("PUT", "/v1/auth/token/renew")
|
||||
return c.RenewWithContext(context.Background(), token, increment)
|
||||
}
|
||||
|
||||
func (c *TokenAuth) RenewWithContext(ctx context.Context, token string, increment int) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/renew")
|
||||
if err := r.SetJSONBody(map[string]interface{}{
|
||||
"token": token,
|
||||
"increment": increment,
|
||||
@ -146,9 +189,7 @@ func (c *TokenAuth) Renew(token string, increment int) (*Secret, error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -158,16 +199,21 @@ func (c *TokenAuth) Renew(token string, increment int) (*Secret, error) {
|
||||
}
|
||||
|
||||
func (c *TokenAuth) RenewSelf(increment int) (*Secret, error) {
|
||||
r := c.c.NewRequest("PUT", "/v1/auth/token/renew-self")
|
||||
return c.RenewSelfWithContext(context.Background(), increment)
|
||||
}
|
||||
|
||||
func (c *TokenAuth) RenewSelfWithContext(ctx context.Context, increment int) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/renew-self")
|
||||
|
||||
body := map[string]interface{}{"increment": increment}
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -176,10 +222,18 @@ func (c *TokenAuth) RenewSelf(increment int) (*Secret, error) {
|
||||
return ParseSecret(resp.Body)
|
||||
}
|
||||
|
||||
// RenewTokenAsSelf behaves like renew-self, but authenticates using a provided
|
||||
// token instead of the token attached to the client.
|
||||
// RenewTokenAsSelf wraps RenewTokenAsSelfWithContext using context.Background.
|
||||
func (c *TokenAuth) RenewTokenAsSelf(token string, increment int) (*Secret, error) {
|
||||
r := c.c.NewRequest("PUT", "/v1/auth/token/renew-self")
|
||||
return c.RenewTokenAsSelfWithContext(context.Background(), token, increment)
|
||||
}
|
||||
|
||||
// RenewTokenAsSelfWithContext behaves like renew-self, but authenticates using a provided
|
||||
// token instead of the token attached to the client.
|
||||
func (c *TokenAuth) RenewTokenAsSelfWithContext(ctx context.Context, token string, increment int) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/renew-self")
|
||||
r.ClientToken = token
|
||||
|
||||
body := map[string]interface{}{"increment": increment}
|
||||
@ -187,9 +241,7 @@ func (c *TokenAuth) RenewTokenAsSelf(token string, increment int) (*Secret, erro
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -198,19 +250,25 @@ func (c *TokenAuth) RenewTokenAsSelf(token string, increment int) (*Secret, erro
|
||||
return ParseSecret(resp.Body)
|
||||
}
|
||||
|
||||
// RevokeAccessor revokes a token associated with the given accessor
|
||||
// along with all the child tokens.
|
||||
// RevokeAccessor wraps RevokeAccessorWithContext using context.Background.
|
||||
func (c *TokenAuth) RevokeAccessor(accessor string) error {
|
||||
r := c.c.NewRequest("POST", "/v1/auth/token/revoke-accessor")
|
||||
return c.RevokeAccessorWithContext(context.Background(), accessor)
|
||||
}
|
||||
|
||||
// RevokeAccessorWithContext revokes a token associated with the given accessor
|
||||
// along with all the child tokens.
|
||||
func (c *TokenAuth) RevokeAccessorWithContext(ctx context.Context, accessor string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/revoke-accessor")
|
||||
if err := r.SetJSONBody(map[string]interface{}{
|
||||
"accessor": accessor,
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -219,19 +277,25 @@ func (c *TokenAuth) RevokeAccessor(accessor string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// RevokeOrphan revokes a token without revoking the tree underneath it (so
|
||||
// child tokens are orphaned rather than revoked)
|
||||
// RevokeOrphan wraps RevokeOrphanWithContext using context.Background.
|
||||
func (c *TokenAuth) RevokeOrphan(token string) error {
|
||||
r := c.c.NewRequest("PUT", "/v1/auth/token/revoke-orphan")
|
||||
return c.RevokeOrphanWithContext(context.Background(), token)
|
||||
}
|
||||
|
||||
// RevokeOrphanWithContext revokes a token without revoking the tree underneath it (so
|
||||
// child tokens are orphaned rather than revoked)
|
||||
func (c *TokenAuth) RevokeOrphanWithContext(ctx context.Context, token string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/revoke-orphan")
|
||||
if err := r.SetJSONBody(map[string]interface{}{
|
||||
"token": token,
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -240,15 +304,21 @@ func (c *TokenAuth) RevokeOrphan(token string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// RevokeSelf revokes the token making the call. The `token` parameter is kept
|
||||
// RevokeSelf wraps RevokeSelfWithContext using context.Background.
|
||||
func (c *TokenAuth) RevokeSelf(token string) error {
|
||||
return c.RevokeSelfWithContext(context.Background(), token)
|
||||
}
|
||||
|
||||
// RevokeSelfWithContext revokes the token making the call. The `token` parameter is kept
|
||||
// for backwards compatibility but is ignored; only the client's set token has
|
||||
// an effect.
|
||||
func (c *TokenAuth) RevokeSelf(token string) error {
|
||||
r := c.c.NewRequest("PUT", "/v1/auth/token/revoke-self")
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *TokenAuth) RevokeSelfWithContext(ctx context.Context, token string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/revoke-self")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -257,20 +327,26 @@ func (c *TokenAuth) RevokeSelf(token string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// RevokeTree is the "normal" revoke operation that revokes the given token and
|
||||
// RevokeTree wraps RevokeTreeWithContext using context.Background.
|
||||
func (c *TokenAuth) RevokeTree(token string) error {
|
||||
return c.RevokeTreeWithContext(context.Background(), token)
|
||||
}
|
||||
|
||||
// RevokeTreeWithContext is the "normal" revoke operation that revokes the given token and
|
||||
// the entire tree underneath -- all of its child tokens, their child tokens,
|
||||
// etc.
|
||||
func (c *TokenAuth) RevokeTree(token string) error {
|
||||
r := c.c.NewRequest("PUT", "/v1/auth/token/revoke")
|
||||
func (c *TokenAuth) RevokeTreeWithContext(ctx context.Context, token string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/revoke")
|
||||
if err := r.SetJSONBody(map[string]interface{}{
|
||||
"token": token,
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
188
vendor/github.com/hashicorp/vault/api/client.go
generated
vendored
188
vendor/github.com/hashicorp/vault/api/client.go
generated
vendored
@ -53,6 +53,14 @@ const (
|
||||
HeaderIndex = "X-Vault-Index"
|
||||
HeaderForward = "X-Vault-Forward"
|
||||
HeaderInconsistent = "X-Vault-Inconsistent"
|
||||
TLSErrorString = "This error usually means that the server is running with TLS disabled\n" +
|
||||
"but the client is configured to use TLS. Please either enable TLS\n" +
|
||||
"on the server or run the client with -address set to an address\n" +
|
||||
"that uses the http protocol:\n\n" +
|
||||
" vault <command> -address http://<address>\n\n" +
|
||||
"You can also set the VAULT_ADDR environment variable:\n\n\n" +
|
||||
" VAULT_ADDR=http://<address> vault <command>\n\n" +
|
||||
"where <address> is replaced by the actual address to the server."
|
||||
)
|
||||
|
||||
// Deprecated values
|
||||
@ -1089,6 +1097,9 @@ func (c *Client) NewRequest(method, requestPath string) *Request {
|
||||
// RawRequest performs the raw request given. This request may be against
|
||||
// a Vault server not configured with this client. This is an advanced operation
|
||||
// that generally won't need to be called externally.
|
||||
//
|
||||
// Deprecated: This method should not be used directly. Use higher level
|
||||
// methods instead.
|
||||
func (c *Client) RawRequest(r *Request) (*Response, error) {
|
||||
return c.RawRequestWithContext(context.Background(), r)
|
||||
}
|
||||
@ -1096,7 +1107,19 @@ func (c *Client) RawRequest(r *Request) (*Response, error) {
|
||||
// RawRequestWithContext performs the raw request given. This request may be against
|
||||
// a Vault server not configured with this client. This is an advanced operation
|
||||
// that generally won't need to be called externally.
|
||||
//
|
||||
// Deprecated: This method should not be used directly. Use higher level
|
||||
// methods instead.
|
||||
func (c *Client) RawRequestWithContext(ctx context.Context, r *Request) (*Response, error) {
|
||||
// Note: we purposefully do not call cancel manually. The reason is
|
||||
// when canceled, the request.Body will EOF when reading due to the way
|
||||
// it streams data in. Cancel will still be run when the timeout is
|
||||
// hit, so this doesn't really harm anything.
|
||||
ctx, _ = c.withConfiguredTimeout(ctx)
|
||||
return c.rawRequestWithContext(ctx, r)
|
||||
}
|
||||
|
||||
func (c *Client) rawRequestWithContext(ctx context.Context, r *Request) (*Response, error) {
|
||||
c.modifyLock.RLock()
|
||||
token := c.token
|
||||
|
||||
@ -1108,7 +1131,6 @@ func (c *Client) RawRequestWithContext(ctx context.Context, r *Request) (*Respon
|
||||
checkRetry := c.config.CheckRetry
|
||||
backoff := c.config.Backoff
|
||||
httpClient := c.config.HttpClient
|
||||
timeout := c.config.Timeout
|
||||
outputCurlString := c.config.OutputCurlString
|
||||
logger := c.config.Logger
|
||||
c.config.modifyLock.RUnlock()
|
||||
@ -1127,12 +1149,9 @@ func (c *Client) RawRequestWithContext(ctx context.Context, r *Request) (*Respon
|
||||
limiter.Wait(ctx)
|
||||
}
|
||||
|
||||
// Sanity check the token before potentially erroring from the API
|
||||
idx := strings.IndexFunc(token, func(c rune) bool {
|
||||
return !unicode.IsPrint(c)
|
||||
})
|
||||
if idx != -1 {
|
||||
return nil, fmt.Errorf("configured Vault token contains non-printable characters and cannot be used")
|
||||
// check the token before potentially erroring from the API
|
||||
if err := validateToken(token); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
redirectCount := 0
|
||||
@ -1157,13 +1176,6 @@ START:
|
||||
return nil, LastOutputStringError
|
||||
}
|
||||
|
||||
if timeout != 0 {
|
||||
// Note: we purposefully do not call cancel manually. The reason is
|
||||
// when canceled, the request.Body will EOF when reading due to the way
|
||||
// it streams data in. Cancel will still be run when the timeout is
|
||||
// hit, so this doesn't really harm anything.
|
||||
ctx, _ = context.WithTimeout(ctx, timeout)
|
||||
}
|
||||
req.Request = req.Request.WithContext(ctx)
|
||||
|
||||
if backoff == nil {
|
||||
@ -1192,17 +1204,7 @@ START:
|
||||
}
|
||||
if err != nil {
|
||||
if strings.Contains(err.Error(), "tls: oversized") {
|
||||
err = errwrap.Wrapf(
|
||||
"{{err}}\n\n"+
|
||||
"This error usually means that the server is running with TLS disabled\n"+
|
||||
"but the client is configured to use TLS. Please either enable TLS\n"+
|
||||
"on the server or run the client with -address set to an address\n"+
|
||||
"that uses the http protocol:\n\n"+
|
||||
" vault <command> -address http://<address>\n\n"+
|
||||
"You can also set the VAULT_ADDR environment variable:\n\n\n"+
|
||||
" VAULT_ADDR=http://<address> vault <command>\n\n"+
|
||||
"where <address> is replaced by the actual address to the server.",
|
||||
err)
|
||||
err = errwrap.Wrapf("{{err}}\n\n"+TLSErrorString, err)
|
||||
}
|
||||
return result, err
|
||||
}
|
||||
@ -1249,6 +1251,120 @@ START:
|
||||
return result, nil
|
||||
}
|
||||
|
||||
// httpRequestWithContext avoids the use of the go-retryable library found in RawRequestWithContext and is
|
||||
// useful when making calls where a net/http client is desirable. A single redirect (status code 301, 302,
|
||||
// or 307) will be followed but all retry and timeout logic is the responsibility of the caller as is
|
||||
// closing the Response body.
|
||||
func (c *Client) httpRequestWithContext(ctx context.Context, r *Request) (*Response, error) {
|
||||
req, err := http.NewRequestWithContext(ctx, r.Method, r.URL.RequestURI(), r.Body)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
c.modifyLock.RLock()
|
||||
token := c.token
|
||||
|
||||
c.config.modifyLock.RLock()
|
||||
limiter := c.config.Limiter
|
||||
httpClient := c.config.HttpClient
|
||||
outputCurlString := c.config.OutputCurlString
|
||||
if c.headers != nil {
|
||||
for header, vals := range c.headers {
|
||||
for _, val := range vals {
|
||||
req.Header.Add(header, val)
|
||||
}
|
||||
}
|
||||
}
|
||||
c.config.modifyLock.RUnlock()
|
||||
c.modifyLock.RUnlock()
|
||||
|
||||
// OutputCurlString logic relies on the request type to be retryable.Request as
|
||||
if outputCurlString {
|
||||
return nil, fmt.Errorf("output-curl-string is not implemented for this request")
|
||||
}
|
||||
|
||||
req.URL.User = r.URL.User
|
||||
req.URL.Scheme = r.URL.Scheme
|
||||
req.URL.Host = r.URL.Host
|
||||
req.Host = r.URL.Host
|
||||
|
||||
if len(r.ClientToken) != 0 {
|
||||
req.Header.Set(consts.AuthHeaderName, r.ClientToken)
|
||||
}
|
||||
|
||||
if len(r.WrapTTL) != 0 {
|
||||
req.Header.Set("X-Vault-Wrap-TTL", r.WrapTTL)
|
||||
}
|
||||
|
||||
if len(r.MFAHeaderVals) != 0 {
|
||||
for _, mfaHeaderVal := range r.MFAHeaderVals {
|
||||
req.Header.Add("X-Vault-MFA", mfaHeaderVal)
|
||||
}
|
||||
}
|
||||
|
||||
if r.PolicyOverride {
|
||||
req.Header.Set("X-Vault-Policy-Override", "true")
|
||||
}
|
||||
|
||||
if limiter != nil {
|
||||
limiter.Wait(ctx)
|
||||
}
|
||||
|
||||
// check the token before potentially erroring from the API
|
||||
if err := validateToken(token); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var result *Response
|
||||
|
||||
resp, err := httpClient.Do(req)
|
||||
|
||||
if resp != nil {
|
||||
result = &Response{Response: resp}
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
if strings.Contains(err.Error(), "tls: oversized") {
|
||||
err = errwrap.Wrapf("{{err}}\n\n"+TLSErrorString, err)
|
||||
}
|
||||
return result, err
|
||||
}
|
||||
|
||||
// Check for a redirect, only allowing for a single redirect
|
||||
if resp.StatusCode == 301 || resp.StatusCode == 302 || resp.StatusCode == 307 {
|
||||
// Parse the updated location
|
||||
respLoc, err := resp.Location()
|
||||
if err != nil {
|
||||
return result, fmt.Errorf("redirect failed: %s", err)
|
||||
}
|
||||
|
||||
// Ensure a protocol downgrade doesn't happen
|
||||
if req.URL.Scheme == "https" && respLoc.Scheme != "https" {
|
||||
return result, fmt.Errorf("redirect would cause protocol downgrade")
|
||||
}
|
||||
|
||||
// Update the request
|
||||
req.URL = respLoc
|
||||
|
||||
// Reset the request body if any
|
||||
if err := r.ResetJSONBody(); err != nil {
|
||||
return result, fmt.Errorf("redirect failed: %s", err)
|
||||
}
|
||||
|
||||
// Retry the request
|
||||
resp, err = httpClient.Do(req)
|
||||
if err != nil {
|
||||
return result, fmt.Errorf("redirect failed: %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
if err := result.Error(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return result, nil
|
||||
}
|
||||
|
||||
type (
|
||||
RequestCallback func(*Request)
|
||||
ResponseCallback func(*Response)
|
||||
@ -1278,6 +1394,17 @@ func (c *Client) WithResponseCallbacks(callbacks ...ResponseCallback) *Client {
|
||||
return &c2
|
||||
}
|
||||
|
||||
// withConfiguredTimeout wraps the context with a timeout from the client configuration.
|
||||
func (c *Client) withConfiguredTimeout(ctx context.Context) (context.Context, context.CancelFunc) {
|
||||
timeout := c.ClientTimeout()
|
||||
|
||||
if timeout > 0 {
|
||||
return context.WithTimeout(ctx, timeout)
|
||||
}
|
||||
|
||||
return ctx, func() {}
|
||||
}
|
||||
|
||||
// RecordState returns a response callback that will record the state returned
|
||||
// by Vault in a response header.
|
||||
func RecordState(state *string) ResponseCallback {
|
||||
@ -1466,3 +1593,14 @@ func (w *replicationStateStore) states() []string {
|
||||
copy(c, w.store)
|
||||
return c
|
||||
}
|
||||
|
||||
// validateToken will check for non-printable characters to prevent a call that will fail at the api
|
||||
func validateToken(t string) error {
|
||||
idx := strings.IndexFunc(t, func(c rune) bool {
|
||||
return !unicode.IsPrint(c)
|
||||
})
|
||||
if idx != -1 {
|
||||
return fmt.Errorf("configured Vault token contains non-printable characters and cannot be used")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
17
vendor/github.com/hashicorp/vault/api/help.go
generated
vendored
17
vendor/github.com/hashicorp/vault/api/help.go
generated
vendored
@ -3,16 +3,23 @@ package api
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
// Help reads the help information for the given path.
|
||||
// Help wraps HelpWithContext using context.Background.
|
||||
func (c *Client) Help(path string) (*Help, error) {
|
||||
r := c.NewRequest("GET", fmt.Sprintf("/v1/%s", path))
|
||||
return c.HelpWithContext(context.Background(), path)
|
||||
}
|
||||
|
||||
// HelpWithContext reads the help information for the given path.
|
||||
func (c *Client) HelpWithContext(ctx context.Context, path string) (*Help, error) {
|
||||
ctx, cancelFunc := c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.NewRequest(http.MethodGet, fmt.Sprintf("/v1/%s", path))
|
||||
r.Params.Add("help", "1")
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
89
vendor/github.com/hashicorp/vault/api/logical.go
generated
vendored
89
vendor/github.com/hashicorp/vault/api/logical.go
generated
vendored
@ -5,6 +5,7 @@ import (
|
||||
"context"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"strings"
|
||||
@ -30,7 +31,7 @@ var (
|
||||
return os.Getenv(EnvVaultWrapTTL)
|
||||
}
|
||||
|
||||
if (operation == "PUT" || operation == "POST") && path == "sys/wrapping/wrap" {
|
||||
if (operation == http.MethodPut || operation == http.MethodPost) && path == "sys/wrapping/wrap" {
|
||||
return DefaultWrappingTTL
|
||||
}
|
||||
|
||||
@ -49,11 +50,22 @@ func (c *Client) Logical() *Logical {
|
||||
}
|
||||
|
||||
func (c *Logical) Read(path string) (*Secret, error) {
|
||||
return c.ReadWithData(path, nil)
|
||||
return c.ReadWithDataWithContext(context.Background(), path, nil)
|
||||
}
|
||||
|
||||
func (c *Logical) ReadWithContext(ctx context.Context, path string) (*Secret, error) {
|
||||
return c.ReadWithDataWithContext(ctx, path, nil)
|
||||
}
|
||||
|
||||
func (c *Logical) ReadWithData(path string, data map[string][]string) (*Secret, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/"+path)
|
||||
return c.ReadWithDataWithContext(context.Background(), path, data)
|
||||
}
|
||||
|
||||
func (c *Logical) ReadWithDataWithContext(ctx context.Context, path string, data map[string][]string) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/"+path)
|
||||
|
||||
var values url.Values
|
||||
for k, v := range data {
|
||||
@ -69,9 +81,7 @@ func (c *Logical) ReadWithData(path string, data map[string][]string) (*Secret,
|
||||
r.Params = values
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if resp != nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -97,15 +107,20 @@ func (c *Logical) ReadWithData(path string, data map[string][]string) (*Secret,
|
||||
}
|
||||
|
||||
func (c *Logical) List(path string) (*Secret, error) {
|
||||
return c.ListWithContext(context.Background(), path)
|
||||
}
|
||||
|
||||
func (c *Logical) ListWithContext(ctx context.Context, path string) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest("LIST", "/v1/"+path)
|
||||
// Set this for broader compatibility, but we use LIST above to be able to
|
||||
// handle the wrapping lookup function
|
||||
r.Method = "GET"
|
||||
r.Method = http.MethodGet
|
||||
r.Params.Set("list", "true")
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if resp != nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -131,10 +146,11 @@ func (c *Logical) List(path string) (*Secret, error) {
|
||||
}
|
||||
|
||||
func (c *Logical) Write(path string, data map[string]interface{}) (*Secret, error) {
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
return c.WriteWithContext(context.Background(), path, data)
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("PUT", "/v1/"+path)
|
||||
func (c *Logical) WriteWithContext(ctx context.Context, path string, data map[string]interface{}) (*Secret, error) {
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/"+path)
|
||||
if err := r.SetJSONBody(data); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -143,7 +159,7 @@ func (c *Logical) Write(path string, data map[string]interface{}) (*Secret, erro
|
||||
}
|
||||
|
||||
func (c *Logical) JSONMergePatch(ctx context.Context, path string, data map[string]interface{}) (*Secret, error) {
|
||||
r := c.c.NewRequest("PATCH", "/v1/"+path)
|
||||
r := c.c.NewRequest(http.MethodPatch, "/v1/"+path)
|
||||
r.Headers.Set("Content-Type", "application/merge-patch+json")
|
||||
if err := r.SetJSONBody(data); err != nil {
|
||||
return nil, err
|
||||
@ -153,14 +169,21 @@ func (c *Logical) JSONMergePatch(ctx context.Context, path string, data map[stri
|
||||
}
|
||||
|
||||
func (c *Logical) WriteBytes(path string, data []byte) (*Secret, error) {
|
||||
r := c.c.NewRequest("PUT", "/v1/"+path)
|
||||
return c.WriteBytesWithContext(context.Background(), path, data)
|
||||
}
|
||||
|
||||
func (c *Logical) WriteBytesWithContext(ctx context.Context, path string, data []byte) (*Secret, error) {
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/"+path)
|
||||
r.BodyBytes = data
|
||||
|
||||
return c.write(context.Background(), path, r)
|
||||
return c.write(ctx, path, r)
|
||||
}
|
||||
|
||||
func (c *Logical) write(ctx context.Context, path string, request *Request) (*Secret, error) {
|
||||
resp, err := c.c.RawRequestWithContext(ctx, request)
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, request)
|
||||
if resp != nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -185,11 +208,22 @@ func (c *Logical) write(ctx context.Context, path string, request *Request) (*Se
|
||||
}
|
||||
|
||||
func (c *Logical) Delete(path string) (*Secret, error) {
|
||||
return c.DeleteWithData(path, nil)
|
||||
return c.DeleteWithContext(context.Background(), path)
|
||||
}
|
||||
|
||||
func (c *Logical) DeleteWithContext(ctx context.Context, path string) (*Secret, error) {
|
||||
return c.DeleteWithDataWithContext(ctx, path, nil)
|
||||
}
|
||||
|
||||
func (c *Logical) DeleteWithData(path string, data map[string][]string) (*Secret, error) {
|
||||
r := c.c.NewRequest("DELETE", "/v1/"+path)
|
||||
return c.DeleteWithDataWithContext(context.Background(), path, data)
|
||||
}
|
||||
|
||||
func (c *Logical) DeleteWithDataWithContext(ctx context.Context, path string, data map[string][]string) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, "/v1/"+path)
|
||||
|
||||
var values url.Values
|
||||
for k, v := range data {
|
||||
@ -205,9 +239,7 @@ func (c *Logical) DeleteWithData(path string, data map[string][]string) (*Secret
|
||||
r.Params = values
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if resp != nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -232,6 +264,13 @@ func (c *Logical) DeleteWithData(path string, data map[string][]string) (*Secret
|
||||
}
|
||||
|
||||
func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) {
|
||||
return c.UnwrapWithContext(context.Background(), wrappingToken)
|
||||
}
|
||||
|
||||
func (c *Logical) UnwrapWithContext(ctx context.Context, wrappingToken string) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
var data map[string]interface{}
|
||||
wt := strings.TrimSpace(wrappingToken)
|
||||
if wrappingToken != "" {
|
||||
@ -244,14 +283,12 @@ func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) {
|
||||
}
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/wrapping/unwrap")
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/wrapping/unwrap")
|
||||
if err := r.SetJSONBody(data); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if resp != nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
|
3
vendor/github.com/hashicorp/vault/api/output_string.go
generated
vendored
3
vendor/github.com/hashicorp/vault/api/output_string.go
generated
vendored
@ -2,6 +2,7 @@ package api
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
retryablehttp "github.com/hashicorp/go-retryablehttp"
|
||||
@ -45,7 +46,7 @@ func (d *OutputStringError) parseRequest() {
|
||||
if d.TLSSkipVerify {
|
||||
d.parsedCurlString += "--insecure "
|
||||
}
|
||||
if d.Request.Method != "GET" {
|
||||
if d.Request.Method != http.MethodGet {
|
||||
d.parsedCurlString = fmt.Sprintf("%s-X %s ", d.parsedCurlString, d.Request.Method)
|
||||
}
|
||||
if d.ClientCACert != "" {
|
||||
|
12
vendor/github.com/hashicorp/vault/api/plugin_helpers.go
generated
vendored
12
vendor/github.com/hashicorp/vault/api/plugin_helpers.go
generated
vendored
@ -1,6 +1,7 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"encoding/base64"
|
||||
@ -67,9 +68,14 @@ func (f *PluginAPIClientMeta) GetTLSConfig() *TLSConfig {
|
||||
return nil
|
||||
}
|
||||
|
||||
// VaultPluginTLSProvider is run inside a plugin and retrieves the response
|
||||
// wrapped TLS certificate from vault. It returns a configured TLS Config.
|
||||
// VaultPluginTLSProvider wraps VaultPluginTLSProviderContext using context.Background.
|
||||
func VaultPluginTLSProvider(apiTLSConfig *TLSConfig) func() (*tls.Config, error) {
|
||||
return VaultPluginTLSProviderContext(context.Background(), apiTLSConfig)
|
||||
}
|
||||
|
||||
// VaultPluginTLSProviderContext is run inside a plugin and retrieves the response
|
||||
// wrapped TLS certificate from vault. It returns a configured TLS Config.
|
||||
func VaultPluginTLSProviderContext(ctx context.Context, apiTLSConfig *TLSConfig) func() (*tls.Config, error) {
|
||||
if os.Getenv(PluginMetadataModeEnv) == "true" {
|
||||
return nil
|
||||
}
|
||||
@ -121,7 +127,7 @@ func VaultPluginTLSProvider(apiTLSConfig *TLSConfig) func() (*tls.Config, error)
|
||||
// Reset token value to make sure nothing has been set by default
|
||||
client.ClearToken()
|
||||
|
||||
secret, err := client.Logical().Unwrap(unwrapToken)
|
||||
secret, err := client.Logical().UnwrapWithContext(ctx, unwrapToken)
|
||||
if err != nil {
|
||||
return nil, errwrap.Wrapf("error during token unwrap request: {{err}}", err)
|
||||
}
|
||||
|
35
vendor/github.com/hashicorp/vault/api/ssh.go
generated
vendored
35
vendor/github.com/hashicorp/vault/api/ssh.go
generated
vendored
@ -3,6 +3,7 @@ package api
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
// SSH is used to return a client to invoke operations on SSH backend.
|
||||
@ -24,16 +25,22 @@ func (c *Client) SSHWithMountPoint(mountPoint string) *SSH {
|
||||
}
|
||||
}
|
||||
|
||||
// Credential invokes the SSH backend API to create a credential to establish an SSH session.
|
||||
// Credential wraps CredentialWithContext using context.Background.
|
||||
func (c *SSH) Credential(role string, data map[string]interface{}) (*Secret, error) {
|
||||
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/%s/creds/%s", c.MountPoint, role))
|
||||
return c.CredentialWithContext(context.Background(), role, data)
|
||||
}
|
||||
|
||||
// CredentialWithContext invokes the SSH backend API to create a credential to establish an SSH session.
|
||||
func (c *SSH) CredentialWithContext(ctx context.Context, role string, data map[string]interface{}) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/%s/creds/%s", c.MountPoint, role))
|
||||
if err := r.SetJSONBody(data); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -42,17 +49,23 @@ func (c *SSH) Credential(role string, data map[string]interface{}) (*Secret, err
|
||||
return ParseSecret(resp.Body)
|
||||
}
|
||||
|
||||
// SignKey signs the given public key and returns a signed public key to pass
|
||||
// along with the SSH request.
|
||||
// SignKey wraps SignKeyWithContext using context.Background.
|
||||
func (c *SSH) SignKey(role string, data map[string]interface{}) (*Secret, error) {
|
||||
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/%s/sign/%s", c.MountPoint, role))
|
||||
return c.SignKeyWithContext(context.Background(), role, data)
|
||||
}
|
||||
|
||||
// SignKeyWithContext signs the given public key and returns a signed public key to pass
|
||||
// along with the SSH request.
|
||||
func (c *SSH) SignKeyWithContext(ctx context.Context, role string, data map[string]interface{}) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/%s/sign/%s", c.MountPoint, role))
|
||||
if err := r.SetJSONBody(data); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
15
vendor/github.com/hashicorp/vault/api/ssh_agent.go
generated
vendored
15
vendor/github.com/hashicorp/vault/api/ssh_agent.go
generated
vendored
@ -6,6 +6,7 @@ import (
|
||||
"crypto/x509"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"os"
|
||||
|
||||
"github.com/hashicorp/errwrap"
|
||||
@ -206,18 +207,24 @@ func (c *Client) SSHHelperWithMountPoint(mountPoint string) *SSHHelper {
|
||||
// an echo response message is returned. This feature is used by ssh-helper to verify if
|
||||
// its configured correctly.
|
||||
func (c *SSHHelper) Verify(otp string) (*SSHVerifyResponse, error) {
|
||||
return c.VerifyWithContext(context.Background(), otp)
|
||||
}
|
||||
|
||||
// VerifyWithContext the same as Verify but with a custom context.
|
||||
func (c *SSHHelper) VerifyWithContext(ctx context.Context, otp string) (*SSHVerifyResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
data := map[string]interface{}{
|
||||
"otp": otp,
|
||||
}
|
||||
verifyPath := fmt.Sprintf("/v1/%s/verify", c.MountPoint)
|
||||
r := c.c.NewRequest("PUT", verifyPath)
|
||||
r := c.c.NewRequest(http.MethodPut, verifyPath)
|
||||
if err := r.SetJSONBody(data); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
49
vendor/github.com/hashicorp/vault/api/sys_audit.go
generated
vendored
49
vendor/github.com/hashicorp/vault/api/sys_audit.go
generated
vendored
@ -4,23 +4,29 @@ import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
|
||||
"github.com/mitchellh/mapstructure"
|
||||
)
|
||||
|
||||
func (c *Sys) AuditHash(path string, input string) (string, error) {
|
||||
return c.AuditHashWithContext(context.Background(), path, input)
|
||||
}
|
||||
|
||||
func (c *Sys) AuditHashWithContext(ctx context.Context, path string, input string) (string, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
body := map[string]interface{}{
|
||||
"input": input,
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/sys/audit-hash/%s", path))
|
||||
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/sys/audit-hash/%s", path))
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
@ -47,11 +53,16 @@ func (c *Sys) AuditHash(path string, input string) (string, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) ListAudit() (map[string]*Audit, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/audit")
|
||||
return c.ListAuditWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) ListAuditWithContext(ctx context.Context) (map[string]*Audit, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/audit")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -85,14 +96,19 @@ func (c *Sys) EnableAudit(
|
||||
}
|
||||
|
||||
func (c *Sys) EnableAuditWithOptions(path string, options *EnableAuditOptions) error {
|
||||
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/sys/audit/%s", path))
|
||||
return c.EnableAuditWithOptionsWithContext(context.Background(), path, options)
|
||||
}
|
||||
|
||||
func (c *Sys) EnableAuditWithOptionsWithContext(ctx context.Context, path string, options *EnableAuditOptions) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/sys/audit/%s", path))
|
||||
if err := r.SetJSONBody(options); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -102,11 +118,16 @@ func (c *Sys) EnableAuditWithOptions(path string, options *EnableAuditOptions) e
|
||||
}
|
||||
|
||||
func (c *Sys) DisableAudit(path string) error {
|
||||
r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/audit/%s", path))
|
||||
return c.DisableAuditWithContext(context.Background(), path)
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) DisableAuditWithContext(ctx context.Context, path string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, fmt.Sprintf("/v1/sys/audit/%s", path))
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
|
36
vendor/github.com/hashicorp/vault/api/sys_auth.go
generated
vendored
36
vendor/github.com/hashicorp/vault/api/sys_auth.go
generated
vendored
@ -4,16 +4,22 @@ import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
|
||||
"github.com/mitchellh/mapstructure"
|
||||
)
|
||||
|
||||
func (c *Sys) ListAuth() (map[string]*AuthMount, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/auth")
|
||||
return c.ListAuthWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) ListAuthWithContext(ctx context.Context) (map[string]*AuthMount, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/auth")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -45,14 +51,19 @@ func (c *Sys) EnableAuth(path, authType, desc string) error {
|
||||
}
|
||||
|
||||
func (c *Sys) EnableAuthWithOptions(path string, options *EnableAuthOptions) error {
|
||||
r := c.c.NewRequest("POST", fmt.Sprintf("/v1/sys/auth/%s", path))
|
||||
return c.EnableAuthWithOptionsWithContext(context.Background(), path, options)
|
||||
}
|
||||
|
||||
func (c *Sys) EnableAuthWithOptionsWithContext(ctx context.Context, path string, options *EnableAuthOptions) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, fmt.Sprintf("/v1/sys/auth/%s", path))
|
||||
if err := r.SetJSONBody(options); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -62,11 +73,16 @@ func (c *Sys) EnableAuthWithOptions(path string, options *EnableAuthOptions) err
|
||||
}
|
||||
|
||||
func (c *Sys) DisableAuth(path string) error {
|
||||
r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/auth/%s", path))
|
||||
return c.DisableAuthWithContext(context.Background(), path)
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) DisableAuthWithContext(ctx context.Context, path string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, fmt.Sprintf("/v1/sys/auth/%s", path))
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
|
23
vendor/github.com/hashicorp/vault/api/sys_capabilities.go
generated
vendored
23
vendor/github.com/hashicorp/vault/api/sys_capabilities.go
generated
vendored
@ -4,15 +4,30 @@ import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
|
||||
"github.com/mitchellh/mapstructure"
|
||||
)
|
||||
|
||||
func (c *Sys) CapabilitiesSelf(path string) ([]string, error) {
|
||||
return c.Capabilities(c.c.Token(), path)
|
||||
return c.CapabilitiesSelfWithContext(context.Background(), path)
|
||||
}
|
||||
|
||||
func (c *Sys) CapabilitiesSelfWithContext(ctx context.Context, path string) ([]string, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
return c.CapabilitiesWithContext(ctx, c.c.Token(), path)
|
||||
}
|
||||
|
||||
func (c *Sys) Capabilities(token, path string) ([]string, error) {
|
||||
return c.CapabilitiesWithContext(context.Background(), token, path)
|
||||
}
|
||||
|
||||
func (c *Sys) CapabilitiesWithContext(ctx context.Context, token, path string) ([]string, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
body := map[string]string{
|
||||
"token": token,
|
||||
"path": path,
|
||||
@ -23,14 +38,12 @@ func (c *Sys) Capabilities(token, path string) ([]string, error) {
|
||||
reqPath = fmt.Sprintf("%s-self", reqPath)
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("POST", reqPath)
|
||||
r := c.c.NewRequest(http.MethodPost, reqPath)
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
36
vendor/github.com/hashicorp/vault/api/sys_config_cors.go
generated
vendored
36
vendor/github.com/hashicorp/vault/api/sys_config_cors.go
generated
vendored
@ -3,16 +3,22 @@ package api
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"net/http"
|
||||
|
||||
"github.com/mitchellh/mapstructure"
|
||||
)
|
||||
|
||||
func (c *Sys) CORSStatus() (*CORSResponse, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/config/cors")
|
||||
return c.CORSStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) CORSStatusWithContext(ctx context.Context) (*CORSResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/config/cors")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -36,14 +42,19 @@ func (c *Sys) CORSStatus() (*CORSResponse, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) ConfigureCORS(req *CORSRequest) error {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/config/cors")
|
||||
return c.ConfigureCORSWithContext(context.Background(), req)
|
||||
}
|
||||
|
||||
func (c *Sys) ConfigureCORSWithContext(ctx context.Context, req *CORSRequest) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/config/cors")
|
||||
if err := r.SetJSONBody(req); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -51,11 +62,16 @@ func (c *Sys) ConfigureCORS(req *CORSRequest) error {
|
||||
}
|
||||
|
||||
func (c *Sys) DisableCORS() error {
|
||||
r := c.c.NewRequest("DELETE", "/v1/sys/config/cors")
|
||||
return c.DisableCORSWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) DisableCORSWithContext(ctx context.Context) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/config/cors")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
|
117
vendor/github.com/hashicorp/vault/api/sys_generate_root.go
generated
vendored
117
vendor/github.com/hashicorp/vault/api/sys_generate_root.go
generated
vendored
@ -1,25 +1,41 @@
|
||||
package api
|
||||
|
||||
import "context"
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func (c *Sys) GenerateRootStatus() (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootStatusCommon("/v1/sys/generate-root/attempt")
|
||||
return c.GenerateRootStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateDROperationTokenStatus() (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootStatusCommon("/v1/sys/replication/dr/secondary/generate-operation-token/attempt")
|
||||
return c.GenerateDROperationTokenStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateRecoveryOperationTokenStatus() (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootStatusCommon("/v1/sys/generate-recovery-token/attempt")
|
||||
return c.GenerateRecoveryOperationTokenStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
func (c *Sys) generateRootStatusCommon(path string) (*GenerateRootStatusResponse, error) {
|
||||
r := c.c.NewRequest("GET", path)
|
||||
func (c *Sys) GenerateRootStatusWithContext(ctx context.Context) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootStatusCommonWithContext(ctx, "/v1/sys/generate-root/attempt")
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) GenerateDROperationTokenStatusWithContext(ctx context.Context) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootStatusCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/attempt")
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateRecoveryOperationTokenStatusWithContext(ctx context.Context) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootStatusCommonWithContext(ctx, "/v1/sys/generate-recovery-token/attempt")
|
||||
}
|
||||
|
||||
func (c *Sys) generateRootStatusCommonWithContext(ctx context.Context, path string) (*GenerateRootStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, path)
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -31,31 +47,44 @@ func (c *Sys) generateRootStatusCommon(path string) (*GenerateRootStatusResponse
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateRootInit(otp, pgpKey string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootInitCommon("/v1/sys/generate-root/attempt", otp, pgpKey)
|
||||
return c.GenerateRootInitWithContext(context.Background(), otp, pgpKey)
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateDROperationTokenInit(otp, pgpKey string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootInitCommon("/v1/sys/replication/dr/secondary/generate-operation-token/attempt", otp, pgpKey)
|
||||
return c.GenerateDROperationTokenInitWithContext(context.Background(), otp, pgpKey)
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateRecoveryOperationTokenInit(otp, pgpKey string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootInitCommon("/v1/sys/generate-recovery-token/attempt", otp, pgpKey)
|
||||
return c.GenerateRecoveryOperationTokenInitWithContext(context.Background(), otp, pgpKey)
|
||||
}
|
||||
|
||||
func (c *Sys) generateRootInitCommon(path, otp, pgpKey string) (*GenerateRootStatusResponse, error) {
|
||||
func (c *Sys) GenerateRootInitWithContext(ctx context.Context, otp, pgpKey string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootInitCommonWithContext(ctx, "/v1/sys/generate-root/attempt", otp, pgpKey)
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateDROperationTokenInitWithContext(ctx context.Context, otp, pgpKey string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootInitCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/attempt", otp, pgpKey)
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateRecoveryOperationTokenInitWithContext(ctx context.Context, otp, pgpKey string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootInitCommonWithContext(ctx, "/v1/sys/generate-recovery-token/attempt", otp, pgpKey)
|
||||
}
|
||||
|
||||
func (c *Sys) generateRootInitCommonWithContext(ctx context.Context, path, otp, pgpKey string) (*GenerateRootStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
body := map[string]interface{}{
|
||||
"otp": otp,
|
||||
"pgp_key": pgpKey,
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("PUT", path)
|
||||
r := c.c.NewRequest(http.MethodPut, path)
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -67,23 +96,36 @@ func (c *Sys) generateRootInitCommon(path, otp, pgpKey string) (*GenerateRootSta
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateRootCancel() error {
|
||||
return c.generateRootCancelCommon("/v1/sys/generate-root/attempt")
|
||||
return c.GenerateRootCancelWithContext(context.Background())
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateDROperationTokenCancel() error {
|
||||
return c.generateRootCancelCommon("/v1/sys/replication/dr/secondary/generate-operation-token/attempt")
|
||||
return c.GenerateDROperationTokenCancelWithContext(context.Background())
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateRecoveryOperationTokenCancel() error {
|
||||
return c.generateRootCancelCommon("/v1/sys/generate-recovery-token/attempt")
|
||||
return c.GenerateRecoveryOperationTokenCancelWithContext(context.Background())
|
||||
}
|
||||
|
||||
func (c *Sys) generateRootCancelCommon(path string) error {
|
||||
r := c.c.NewRequest("DELETE", path)
|
||||
func (c *Sys) GenerateRootCancelWithContext(ctx context.Context) error {
|
||||
return c.generateRootCancelCommonWithContext(ctx, "/v1/sys/generate-root/attempt")
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) GenerateDROperationTokenCancelWithContext(ctx context.Context) error {
|
||||
return c.generateRootCancelCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/attempt")
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateRecoveryOperationTokenCancelWithContext(ctx context.Context) error {
|
||||
return c.generateRootCancelCommonWithContext(ctx, "/v1/sys/generate-recovery-token/attempt")
|
||||
}
|
||||
|
||||
func (c *Sys) generateRootCancelCommonWithContext(ctx context.Context, path string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, path)
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -91,31 +133,44 @@ func (c *Sys) generateRootCancelCommon(path string) error {
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateRootUpdate(shard, nonce string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootUpdateCommon("/v1/sys/generate-root/update", shard, nonce)
|
||||
return c.GenerateRootUpdateWithContext(context.Background(), shard, nonce)
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateDROperationTokenUpdate(shard, nonce string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootUpdateCommon("/v1/sys/replication/dr/secondary/generate-operation-token/update", shard, nonce)
|
||||
return c.GenerateDROperationTokenUpdateWithContext(context.Background(), shard, nonce)
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateRecoveryOperationTokenUpdate(shard, nonce string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootUpdateCommon("/v1/sys/generate-recovery-token/update", shard, nonce)
|
||||
return c.GenerateRecoveryOperationTokenUpdateWithContext(context.Background(), shard, nonce)
|
||||
}
|
||||
|
||||
func (c *Sys) generateRootUpdateCommon(path, shard, nonce string) (*GenerateRootStatusResponse, error) {
|
||||
func (c *Sys) GenerateRootUpdateWithContext(ctx context.Context, shard, nonce string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootUpdateCommonWithContext(ctx, "/v1/sys/generate-root/update", shard, nonce)
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateDROperationTokenUpdateWithContext(ctx context.Context, shard, nonce string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootUpdateCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/update", shard, nonce)
|
||||
}
|
||||
|
||||
func (c *Sys) GenerateRecoveryOperationTokenUpdateWithContext(ctx context.Context, shard, nonce string) (*GenerateRootStatusResponse, error) {
|
||||
return c.generateRootUpdateCommonWithContext(ctx, "/v1/sys/generate-recovery-token/update", shard, nonce)
|
||||
}
|
||||
|
||||
func (c *Sys) generateRootUpdateCommonWithContext(ctx context.Context, path, shard, nonce string) (*GenerateRootStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
body := map[string]interface{}{
|
||||
"key": shard,
|
||||
"nonce": nonce,
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("PUT", path)
|
||||
r := c.c.NewRequest(http.MethodPut, path)
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
12
vendor/github.com/hashicorp/vault/api/sys_hastatus.go
generated
vendored
12
vendor/github.com/hashicorp/vault/api/sys_hastatus.go
generated
vendored
@ -2,15 +2,21 @@ package api
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
"time"
|
||||
)
|
||||
|
||||
func (c *Sys) HAStatus() (*HAStatusResponse, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/ha-status")
|
||||
return c.HAStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) HAStatusWithContext(ctx context.Context) (*HAStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/ha-status")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
18
vendor/github.com/hashicorp/vault/api/sys_health.go
generated
vendored
18
vendor/github.com/hashicorp/vault/api/sys_health.go
generated
vendored
@ -1,9 +1,19 @@
|
||||
package api
|
||||
|
||||
import "context"
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func (c *Sys) Health() (*HealthResponse, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/health")
|
||||
return c.HealthWithContext(context.Background())
|
||||
}
|
||||
|
||||
func (c *Sys) HealthWithContext(ctx context.Context) (*HealthResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/health")
|
||||
// If the code is 400 or above it will automatically turn into an error,
|
||||
// but the sys/health API defaults to returning 5xx when not sealed or
|
||||
// inited, so we force this code to be something else so we parse correctly
|
||||
@ -13,9 +23,7 @@ func (c *Sys) Health() (*HealthResponse, error) {
|
||||
r.Params.Add("drsecondarycode", "299")
|
||||
r.Params.Add("performancestandbycode", "299")
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
29
vendor/github.com/hashicorp/vault/api/sys_init.go
generated
vendored
29
vendor/github.com/hashicorp/vault/api/sys_init.go
generated
vendored
@ -1,13 +1,21 @@
|
||||
package api
|
||||
|
||||
import "context"
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func (c *Sys) InitStatus() (bool, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/init")
|
||||
return c.InitStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) InitStatusWithContext(ctx context.Context) (bool, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/init")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
@ -19,14 +27,19 @@ func (c *Sys) InitStatus() (bool, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) Init(opts *InitRequest) (*InitResponse, error) {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/init")
|
||||
return c.InitWithContext(context.Background(), opts)
|
||||
}
|
||||
|
||||
func (c *Sys) InitWithContext(ctx context.Context, opts *InitRequest) (*InitResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/init")
|
||||
if err := r.SetJSONBody(opts); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
12
vendor/github.com/hashicorp/vault/api/sys_leader.go
generated
vendored
12
vendor/github.com/hashicorp/vault/api/sys_leader.go
generated
vendored
@ -2,15 +2,21 @@ package api
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
"time"
|
||||
)
|
||||
|
||||
func (c *Sys) Leader() (*LeaderResponse, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/leader")
|
||||
return c.LeaderWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) LeaderWithContext(ctx context.Context) (*LeaderResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/leader")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
75
vendor/github.com/hashicorp/vault/api/sys_leases.go
generated
vendored
75
vendor/github.com/hashicorp/vault/api/sys_leases.go
generated
vendored
@ -3,10 +3,18 @@ package api
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func (c *Sys) Renew(id string, increment int) (*Secret, error) {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/leases/renew")
|
||||
return c.RenewWithContext(context.Background(), id, increment)
|
||||
}
|
||||
|
||||
func (c *Sys) RenewWithContext(ctx context.Context, id string, increment int) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/leases/renew")
|
||||
|
||||
body := map[string]interface{}{
|
||||
"increment": increment,
|
||||
@ -16,9 +24,7 @@ func (c *Sys) Renew(id string, increment int) (*Secret, error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -28,7 +34,14 @@ func (c *Sys) Renew(id string, increment int) (*Secret, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) Lookup(id string) (*Secret, error) {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/leases/lookup")
|
||||
return c.LookupWithContext(context.Background(), id)
|
||||
}
|
||||
|
||||
func (c *Sys) LookupWithContext(ctx context.Context, id string) (*Secret, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/leases/lookup")
|
||||
|
||||
body := map[string]interface{}{
|
||||
"lease_id": id,
|
||||
@ -37,9 +50,7 @@ func (c *Sys) Lookup(id string) (*Secret, error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -49,7 +60,14 @@ func (c *Sys) Lookup(id string) (*Secret, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) Revoke(id string) error {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/leases/revoke")
|
||||
return c.RevokeWithContext(context.Background(), id)
|
||||
}
|
||||
|
||||
func (c *Sys) RevokeWithContext(ctx context.Context, id string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/leases/revoke")
|
||||
body := map[string]interface{}{
|
||||
"lease_id": id,
|
||||
}
|
||||
@ -57,9 +75,7 @@ func (c *Sys) Revoke(id string) error {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -67,11 +83,16 @@ func (c *Sys) Revoke(id string) error {
|
||||
}
|
||||
|
||||
func (c *Sys) RevokePrefix(id string) error {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/leases/revoke-prefix/"+id)
|
||||
return c.RevokePrefixWithContext(context.Background(), id)
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RevokePrefixWithContext(ctx context.Context, id string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/leases/revoke-prefix/"+id)
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -79,11 +100,16 @@ func (c *Sys) RevokePrefix(id string) error {
|
||||
}
|
||||
|
||||
func (c *Sys) RevokeForce(id string) error {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/leases/revoke-force/"+id)
|
||||
return c.RevokeForceWithContext(context.Background(), id)
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RevokeForceWithContext(ctx context.Context, id string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/leases/revoke-force/"+id)
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -91,6 +117,13 @@ func (c *Sys) RevokeForce(id string) error {
|
||||
}
|
||||
|
||||
func (c *Sys) RevokeWithOptions(opts *RevokeOptions) error {
|
||||
return c.RevokeWithOptionsWithContext(context.Background(), opts)
|
||||
}
|
||||
|
||||
func (c *Sys) RevokeWithOptionsWithContext(ctx context.Context, opts *RevokeOptions) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
if opts == nil {
|
||||
return errors.New("nil options provided")
|
||||
}
|
||||
@ -105,7 +138,7 @@ func (c *Sys) RevokeWithOptions(opts *RevokeOptions) error {
|
||||
}
|
||||
path += opts.LeaseID
|
||||
|
||||
r := c.c.NewRequest("PUT", path)
|
||||
r := c.c.NewRequest(http.MethodPut, path)
|
||||
if !opts.Force {
|
||||
body := map[string]interface{}{
|
||||
"sync": opts.Sync,
|
||||
@ -115,9 +148,7 @@ func (c *Sys) RevokeWithOptions(opts *RevokeOptions) error {
|
||||
}
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
|
3
vendor/github.com/hashicorp/vault/api/sys_monitor.go
generated
vendored
3
vendor/github.com/hashicorp/vault/api/sys_monitor.go
generated
vendored
@ -4,12 +4,13 @@ import (
|
||||
"bufio"
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
// Monitor returns a channel that outputs strings containing the log messages
|
||||
// coming from the server.
|
||||
func (c *Sys) Monitor(ctx context.Context, logLevel string) (chan string, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/monitor")
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/monitor")
|
||||
|
||||
if logLevel == "" {
|
||||
r.Params.Add("log_level", "info")
|
||||
|
103
vendor/github.com/hashicorp/vault/api/sys_mounts.go
generated
vendored
103
vendor/github.com/hashicorp/vault/api/sys_mounts.go
generated
vendored
@ -4,17 +4,23 @@ import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"github.com/mitchellh/mapstructure"
|
||||
)
|
||||
|
||||
func (c *Sys) ListMounts() (map[string]*MountOutput, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/mounts")
|
||||
return c.ListMountsWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) ListMountsWithContext(ctx context.Context) (map[string]*MountOutput, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/mounts")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -38,14 +44,19 @@ func (c *Sys) ListMounts() (map[string]*MountOutput, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) Mount(path string, mountInfo *MountInput) error {
|
||||
r := c.c.NewRequest("POST", fmt.Sprintf("/v1/sys/mounts/%s", path))
|
||||
return c.MountWithContext(context.Background(), path, mountInfo)
|
||||
}
|
||||
|
||||
func (c *Sys) MountWithContext(ctx context.Context, path string, mountInfo *MountInput) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, fmt.Sprintf("/v1/sys/mounts/%s", path))
|
||||
if err := r.SetJSONBody(mountInfo); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -55,27 +66,37 @@ func (c *Sys) Mount(path string, mountInfo *MountInput) error {
|
||||
}
|
||||
|
||||
func (c *Sys) Unmount(path string) error {
|
||||
r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/mounts/%s", path))
|
||||
return c.UnmountWithContext(context.Background(), path)
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) UnmountWithContext(ctx context.Context, path string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, fmt.Sprintf("/v1/sys/mounts/%s", path))
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
// Remount kicks off a remount operation, polls the status endpoint using
|
||||
// the migration ID till either success or failure state is observed
|
||||
// Remount wraps RemountWithContext using context.Background.
|
||||
func (c *Sys) Remount(from, to string) error {
|
||||
remountResp, err := c.StartRemount(from, to)
|
||||
return c.RemountWithContext(context.Background(), from, to)
|
||||
}
|
||||
|
||||
// RemountWithContext kicks off a remount operation, polls the status endpoint using
|
||||
// the migration ID till either success or failure state is observed
|
||||
func (c *Sys) RemountWithContext(ctx context.Context, from, to string) error {
|
||||
remountResp, err := c.StartRemountWithContext(ctx, from, to)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
for {
|
||||
remountStatusResp, err := c.RemountStatus(remountResp.MigrationID)
|
||||
remountStatusResp, err := c.RemountStatusWithContext(ctx, remountResp.MigrationID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -89,21 +110,27 @@ func (c *Sys) Remount(from, to string) error {
|
||||
}
|
||||
}
|
||||
|
||||
// StartRemount kicks off a mount migration and returns a response with the migration ID
|
||||
// StartRemount wraps StartRemountWithContext using context.Background.
|
||||
func (c *Sys) StartRemount(from, to string) (*MountMigrationOutput, error) {
|
||||
return c.StartRemountWithContext(context.Background(), from, to)
|
||||
}
|
||||
|
||||
// StartRemountWithContext kicks off a mount migration and returns a response with the migration ID
|
||||
func (c *Sys) StartRemountWithContext(ctx context.Context, from, to string) (*MountMigrationOutput, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
body := map[string]interface{}{
|
||||
"from": from,
|
||||
"to": to,
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("POST", "/v1/sys/remount")
|
||||
r := c.c.NewRequest(http.MethodPost, "/v1/sys/remount")
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -125,13 +152,19 @@ func (c *Sys) StartRemount(from, to string) (*MountMigrationOutput, error) {
|
||||
return &result, err
|
||||
}
|
||||
|
||||
// RemountStatus checks the status of a mount migration operation with the provided ID
|
||||
// RemountStatus wraps RemountStatusWithContext using context.Background.
|
||||
func (c *Sys) RemountStatus(migrationID string) (*MountMigrationStatusOutput, error) {
|
||||
r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/remount/status/%s", migrationID))
|
||||
return c.RemountStatusWithContext(context.Background(), migrationID)
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
// RemountStatusWithContext checks the status of a mount migration operation with the provided ID
|
||||
func (c *Sys) RemountStatusWithContext(ctx context.Context, migrationID string) (*MountMigrationStatusOutput, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, fmt.Sprintf("/v1/sys/remount/status/%s", migrationID))
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -154,14 +187,19 @@ func (c *Sys) RemountStatus(migrationID string) (*MountMigrationStatusOutput, er
|
||||
}
|
||||
|
||||
func (c *Sys) TuneMount(path string, config MountConfigInput) error {
|
||||
r := c.c.NewRequest("POST", fmt.Sprintf("/v1/sys/mounts/%s/tune", path))
|
||||
return c.TuneMountWithContext(context.Background(), path, config)
|
||||
}
|
||||
|
||||
func (c *Sys) TuneMountWithContext(ctx context.Context, path string, config MountConfigInput) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, fmt.Sprintf("/v1/sys/mounts/%s/tune", path))
|
||||
if err := r.SetJSONBody(config); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -169,11 +207,16 @@ func (c *Sys) TuneMount(path string, config MountConfigInput) error {
|
||||
}
|
||||
|
||||
func (c *Sys) MountConfig(path string) (*MountConfigOutput, error) {
|
||||
r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/mounts/%s/tune", path))
|
||||
return c.MountConfigWithContext(context.Background(), path)
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) MountConfigWithContext(ctx context.Context, path string) (*MountConfigOutput, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, fmt.Sprintf("/v1/sys/mounts/%s/tune", path))
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
98
vendor/github.com/hashicorp/vault/api/sys_plugins.go
generated
vendored
98
vendor/github.com/hashicorp/vault/api/sys_plugins.go
generated
vendored
@ -29,14 +29,22 @@ type ListPluginsResponse struct {
|
||||
Names []string `json:"names"`
|
||||
}
|
||||
|
||||
// ListPlugins lists all plugins in the catalog and returns their names as a
|
||||
// list of strings.
|
||||
// ListPlugins wraps ListPluginsWithContext using context.Background.
|
||||
func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) {
|
||||
return c.ListPluginsWithContext(context.Background(), i)
|
||||
}
|
||||
|
||||
// ListPluginsWithContext lists all plugins in the catalog and returns their names as a
|
||||
// list of strings.
|
||||
func (c *Sys) ListPluginsWithContext(ctx context.Context, i *ListPluginsInput) (*ListPluginsResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
path := ""
|
||||
method := ""
|
||||
if i.Type == consts.PluginTypeUnknown {
|
||||
path = "/v1/sys/plugins/catalog"
|
||||
method = "GET"
|
||||
method = http.MethodGet
|
||||
} else {
|
||||
path = fmt.Sprintf("/v1/sys/plugins/catalog/%s", i.Type)
|
||||
method = "LIST"
|
||||
@ -46,13 +54,11 @@ func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) {
|
||||
if method == "LIST" {
|
||||
// Set this for broader compatibility, but we use LIST above to be able
|
||||
// to handle the wrapping lookup function
|
||||
req.Method = "GET"
|
||||
req.Method = http.MethodGet
|
||||
req.Params.Set("list", "true")
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, req)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, req)
|
||||
if err != nil && resp == nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -66,7 +72,7 @@ func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) {
|
||||
// switch it to a LIST.
|
||||
if resp.StatusCode == 405 {
|
||||
req.Params.Set("list", "true")
|
||||
resp, err := c.c.RawRequestWithContext(ctx, req)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -142,14 +148,20 @@ type GetPluginResponse struct {
|
||||
SHA256 string `json:"sha256"`
|
||||
}
|
||||
|
||||
// GetPlugin retrieves information about the plugin.
|
||||
// GetPlugin wraps GetPluginWithContext using context.Background.
|
||||
func (c *Sys) GetPlugin(i *GetPluginInput) (*GetPluginResponse, error) {
|
||||
return c.GetPluginWithContext(context.Background(), i)
|
||||
}
|
||||
|
||||
// GetPluginWithContext retrieves information about the plugin.
|
||||
func (c *Sys) GetPluginWithContext(ctx context.Context, i *GetPluginInput) (*GetPluginResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
path := catalogPathByType(i.Type, i.Name)
|
||||
req := c.c.NewRequest(http.MethodGet, path)
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, req)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -183,8 +195,16 @@ type RegisterPluginInput struct {
|
||||
SHA256 string `json:"sha256,omitempty"`
|
||||
}
|
||||
|
||||
// RegisterPlugin registers the plugin with the given information.
|
||||
// RegisterPlugin wraps RegisterPluginWithContext using context.Background.
|
||||
func (c *Sys) RegisterPlugin(i *RegisterPluginInput) error {
|
||||
return c.RegisterPluginWithContext(context.Background(), i)
|
||||
}
|
||||
|
||||
// RegisterPluginWithContext registers the plugin with the given information.
|
||||
func (c *Sys) RegisterPluginWithContext(ctx context.Context, i *RegisterPluginInput) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
path := catalogPathByType(i.Type, i.Name)
|
||||
req := c.c.NewRequest(http.MethodPut, path)
|
||||
|
||||
@ -192,9 +212,7 @@ func (c *Sys) RegisterPlugin(i *RegisterPluginInput) error {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, req)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, req)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -210,15 +228,21 @@ type DeregisterPluginInput struct {
|
||||
Type consts.PluginType `json:"type"`
|
||||
}
|
||||
|
||||
// DeregisterPlugin removes the plugin with the given name from the plugin
|
||||
// catalog.
|
||||
// DeregisterPlugin wraps DeregisterPluginWithContext using context.Background.
|
||||
func (c *Sys) DeregisterPlugin(i *DeregisterPluginInput) error {
|
||||
return c.DeregisterPluginWithContext(context.Background(), i)
|
||||
}
|
||||
|
||||
// DeregisterPluginWithContext removes the plugin with the given name from the plugin
|
||||
// catalog.
|
||||
func (c *Sys) DeregisterPluginWithContext(ctx context.Context, i *DeregisterPluginInput) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
path := catalogPathByType(i.Type, i.Name)
|
||||
req := c.c.NewRequest(http.MethodDelete, path)
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, req)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, req)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -237,9 +261,17 @@ type ReloadPluginInput struct {
|
||||
Scope string `json:"scope"`
|
||||
}
|
||||
|
||||
// ReloadPlugin reloads mounted plugin backends, possibly returning
|
||||
// reloadId for a cluster scoped reload
|
||||
// ReloadPlugin wraps ReloadPluginWithContext using context.Background.
|
||||
func (c *Sys) ReloadPlugin(i *ReloadPluginInput) (string, error) {
|
||||
return c.ReloadPluginWithContext(context.Background(), i)
|
||||
}
|
||||
|
||||
// ReloadPluginWithContext reloads mounted plugin backends, possibly returning
|
||||
// reloadId for a cluster scoped reload
|
||||
func (c *Sys) ReloadPluginWithContext(ctx context.Context, i *ReloadPluginInput) (string, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
path := "/v1/sys/plugins/reload/backend"
|
||||
req := c.c.NewRequest(http.MethodPut, path)
|
||||
|
||||
@ -247,10 +279,7 @@ func (c *Sys) ReloadPlugin(i *ReloadPluginInput) (string, error) {
|
||||
return "", err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
|
||||
resp, err := c.c.RawRequestWithContext(ctx, req)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, req)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
@ -287,16 +316,21 @@ type ReloadPluginStatusInput struct {
|
||||
ReloadID string `json:"reload_id"`
|
||||
}
|
||||
|
||||
// ReloadPluginStatus retrieves the status of a reload operation
|
||||
// ReloadPluginStatus wraps ReloadPluginStatusWithContext using context.Background.
|
||||
func (c *Sys) ReloadPluginStatus(reloadStatusInput *ReloadPluginStatusInput) (*ReloadStatusResponse, error) {
|
||||
return c.ReloadPluginStatusWithContext(context.Background(), reloadStatusInput)
|
||||
}
|
||||
|
||||
// ReloadPluginStatusWithContext retrieves the status of a reload operation
|
||||
func (c *Sys) ReloadPluginStatusWithContext(ctx context.Context, reloadStatusInput *ReloadPluginStatusInput) (*ReloadStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
path := "/v1/sys/plugins/reload/backend/status"
|
||||
req := c.c.NewRequest(http.MethodGet, path)
|
||||
req.Params.Add("reload_id", reloadStatusInput.ReloadID)
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
|
||||
resp, err := c.c.RawRequestWithContext(ctx, req)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
49
vendor/github.com/hashicorp/vault/api/sys_policy.go
generated
vendored
49
vendor/github.com/hashicorp/vault/api/sys_policy.go
generated
vendored
@ -4,20 +4,26 @@ import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
|
||||
"github.com/mitchellh/mapstructure"
|
||||
)
|
||||
|
||||
func (c *Sys) ListPolicies() ([]string, error) {
|
||||
return c.ListPoliciesWithContext(context.Background())
|
||||
}
|
||||
|
||||
func (c *Sys) ListPoliciesWithContext(ctx context.Context) ([]string, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest("LIST", "/v1/sys/policies/acl")
|
||||
// Set this for broader compatibility, but we use LIST above to be able to
|
||||
// handle the wrapping lookup function
|
||||
r.Method = "GET"
|
||||
r.Method = http.MethodGet
|
||||
r.Params.Set("list", "true")
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -41,11 +47,16 @@ func (c *Sys) ListPolicies() ([]string, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) GetPolicy(name string) (string, error) {
|
||||
r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/policies/acl/%s", name))
|
||||
return c.GetPolicyWithContext(context.Background(), name)
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) GetPolicyWithContext(ctx context.Context, name string) (string, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, fmt.Sprintf("/v1/sys/policies/acl/%s", name))
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if resp != nil {
|
||||
defer resp.Body.Close()
|
||||
if resp.StatusCode == 404 {
|
||||
@ -72,18 +83,23 @@ func (c *Sys) GetPolicy(name string) (string, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) PutPolicy(name, rules string) error {
|
||||
return c.PutPolicyWithContext(context.Background(), name, rules)
|
||||
}
|
||||
|
||||
func (c *Sys) PutPolicyWithContext(ctx context.Context, name, rules string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
body := map[string]string{
|
||||
"policy": rules,
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/sys/policies/acl/%s", name))
|
||||
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/sys/policies/acl/%s", name))
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -93,11 +109,16 @@ func (c *Sys) PutPolicy(name, rules string) error {
|
||||
}
|
||||
|
||||
func (c *Sys) DeletePolicy(name string) error {
|
||||
r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/policies/acl/%s", name))
|
||||
return c.DeletePolicyWithContext(context.Background(), name)
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) DeletePolicyWithContext(ctx context.Context, name string) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, fmt.Sprintf("/v1/sys/policies/acl/%s", name))
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
|
164
vendor/github.com/hashicorp/vault/api/sys_raft.go
generated
vendored
164
vendor/github.com/hashicorp/vault/api/sys_raft.go
generated
vendored
@ -6,7 +6,6 @@ import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
@ -14,7 +13,6 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/hashicorp/go-secure-stdlib/parseutil"
|
||||
"github.com/hashicorp/vault/sdk/helper/consts"
|
||||
"github.com/mitchellh/mapstructure"
|
||||
)
|
||||
|
||||
@ -110,18 +108,24 @@ type AutopilotServer struct {
|
||||
Meta map[string]string `mapstructure:"meta"`
|
||||
}
|
||||
|
||||
// RaftJoin adds the node from which this call is invoked from to the raft
|
||||
// cluster represented by the leader address in the parameter.
|
||||
// RaftJoin wraps RaftJoinWithContext using context.Background.
|
||||
func (c *Sys) RaftJoin(opts *RaftJoinRequest) (*RaftJoinResponse, error) {
|
||||
r := c.c.NewRequest("POST", "/v1/sys/storage/raft/join")
|
||||
return c.RaftJoinWithContext(context.Background(), opts)
|
||||
}
|
||||
|
||||
// RaftJoinWithContext adds the node from which this call is invoked from to the raft
|
||||
// cluster represented by the leader address in the parameter.
|
||||
func (c *Sys) RaftJoinWithContext(ctx context.Context, opts *RaftJoinRequest) (*RaftJoinResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, "/v1/sys/storage/raft/join")
|
||||
|
||||
if err := r.SetJSONBody(opts); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -132,87 +136,22 @@ func (c *Sys) RaftJoin(opts *RaftJoinRequest) (*RaftJoinResponse, error) {
|
||||
return &result, err
|
||||
}
|
||||
|
||||
// RaftSnapshot invokes the API that takes the snapshot of the raft cluster and
|
||||
// writes it to the supplied io.Writer.
|
||||
// RaftSnapshot wraps RaftSnapshotWithContext using context.Background.
|
||||
func (c *Sys) RaftSnapshot(snapWriter io.Writer) error {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/storage/raft/snapshot")
|
||||
return c.RaftSnapshotWithContext(context.Background(), snapWriter)
|
||||
}
|
||||
|
||||
// RaftSnapshotWithContext invokes the API that takes the snapshot of the raft cluster and
|
||||
// writes it to the supplied io.Writer.
|
||||
func (c *Sys) RaftSnapshotWithContext(ctx context.Context, snapWriter io.Writer) error {
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/storage/raft/snapshot")
|
||||
r.URL.RawQuery = r.Params.Encode()
|
||||
|
||||
req, err := http.NewRequest(http.MethodGet, r.URL.RequestURI(), nil)
|
||||
resp, err := c.c.httpRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
req.URL.User = r.URL.User
|
||||
req.URL.Scheme = r.URL.Scheme
|
||||
req.URL.Host = r.URL.Host
|
||||
req.Host = r.URL.Host
|
||||
|
||||
if r.Headers != nil {
|
||||
for header, vals := range r.Headers {
|
||||
for _, val := range vals {
|
||||
req.Header.Add(header, val)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if len(r.ClientToken) != 0 {
|
||||
req.Header.Set(consts.AuthHeaderName, r.ClientToken)
|
||||
}
|
||||
|
||||
if len(r.WrapTTL) != 0 {
|
||||
req.Header.Set("X-Vault-Wrap-TTL", r.WrapTTL)
|
||||
}
|
||||
|
||||
if len(r.MFAHeaderVals) != 0 {
|
||||
for _, mfaHeaderVal := range r.MFAHeaderVals {
|
||||
req.Header.Add("X-Vault-MFA", mfaHeaderVal)
|
||||
}
|
||||
}
|
||||
|
||||
if r.PolicyOverride {
|
||||
req.Header.Set("X-Vault-Policy-Override", "true")
|
||||
}
|
||||
|
||||
// Avoiding the use of RawRequestWithContext which reads the response body
|
||||
// to determine if the body contains error message.
|
||||
var result *Response
|
||||
resp, err := c.c.config.HttpClient.Do(req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if resp == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
// Check for a redirect, only allowing for a single redirect
|
||||
if resp.StatusCode == 301 || resp.StatusCode == 302 || resp.StatusCode == 307 {
|
||||
// Parse the updated location
|
||||
respLoc, err := resp.Location()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Ensure a protocol downgrade doesn't happen
|
||||
if req.URL.Scheme == "https" && respLoc.Scheme != "https" {
|
||||
return fmt.Errorf("redirect would cause protocol downgrade")
|
||||
}
|
||||
|
||||
// Update the request
|
||||
req.URL = respLoc
|
||||
|
||||
// Retry the request
|
||||
resp, err = c.c.config.HttpClient.Do(req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
result = &Response{Response: resp}
|
||||
if err := result.Error(); err != nil {
|
||||
return err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
// Make sure that the last file in the archive, SHA256SUMS.sealed, is present
|
||||
// and non-empty. This is to catch cases where the snapshot failed midstream,
|
||||
@ -271,20 +210,23 @@ func (c *Sys) RaftSnapshot(snapWriter io.Writer) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// RaftSnapshotRestore reads the snapshot from the io.Reader and installs that
|
||||
// snapshot, returning the cluster to the state defined by it.
|
||||
// RaftSnapshotRestore wraps RaftSnapshotRestoreWithContext using context.Background.
|
||||
func (c *Sys) RaftSnapshotRestore(snapReader io.Reader, force bool) error {
|
||||
return c.RaftSnapshotRestoreWithContext(context.Background(), snapReader, force)
|
||||
}
|
||||
|
||||
// RaftSnapshotRestoreWithContext reads the snapshot from the io.Reader and installs that
|
||||
// snapshot, returning the cluster to the state defined by it.
|
||||
func (c *Sys) RaftSnapshotRestoreWithContext(ctx context.Context, snapReader io.Reader, force bool) error {
|
||||
path := "/v1/sys/storage/raft/snapshot"
|
||||
if force {
|
||||
path = "/v1/sys/storage/raft/snapshot-force"
|
||||
}
|
||||
r := c.c.NewRequest("POST", path)
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, path)
|
||||
r.Body = snapReader
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.httpRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -293,13 +235,19 @@ func (c *Sys) RaftSnapshotRestore(snapReader io.Reader, force bool) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// RaftAutopilotState returns the state of the raft cluster as seen by autopilot.
|
||||
// RaftAutopilotState wraps RaftAutopilotStateWithContext using context.Background.
|
||||
func (c *Sys) RaftAutopilotState() (*AutopilotState, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/storage/raft/autopilot/state")
|
||||
return c.RaftAutopilotStateWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
// RaftAutopilotStateWithContext returns the state of the raft cluster as seen by autopilot.
|
||||
func (c *Sys) RaftAutopilotStateWithContext(ctx context.Context) (*AutopilotState, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/storage/raft/autopilot/state")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if resp != nil {
|
||||
defer resp.Body.Close()
|
||||
if resp.StatusCode == 404 {
|
||||
@ -327,13 +275,19 @@ func (c *Sys) RaftAutopilotState() (*AutopilotState, error) {
|
||||
return &result, err
|
||||
}
|
||||
|
||||
// RaftAutopilotConfiguration fetches the autopilot config.
|
||||
// RaftAutopilotConfiguration wraps RaftAutopilotConfigurationWithContext using context.Background.
|
||||
func (c *Sys) RaftAutopilotConfiguration() (*AutopilotConfig, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/storage/raft/autopilot/configuration")
|
||||
return c.RaftAutopilotConfigurationWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
// RaftAutopilotConfigurationWithContext fetches the autopilot config.
|
||||
func (c *Sys) RaftAutopilotConfigurationWithContext(ctx context.Context) (*AutopilotConfig, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/storage/raft/autopilot/configuration")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if resp != nil {
|
||||
defer resp.Body.Close()
|
||||
if resp.StatusCode == 404 {
|
||||
@ -369,17 +323,23 @@ func (c *Sys) RaftAutopilotConfiguration() (*AutopilotConfig, error) {
|
||||
return &result, err
|
||||
}
|
||||
|
||||
// PutRaftAutopilotConfiguration allows modifying the raft autopilot configuration
|
||||
// PutRaftAutopilotConfiguration wraps PutRaftAutopilotConfigurationWithContext using context.Background.
|
||||
func (c *Sys) PutRaftAutopilotConfiguration(opts *AutopilotConfig) error {
|
||||
r := c.c.NewRequest("POST", "/v1/sys/storage/raft/autopilot/configuration")
|
||||
return c.PutRaftAutopilotConfigurationWithContext(context.Background(), opts)
|
||||
}
|
||||
|
||||
// PutRaftAutopilotConfigurationWithContext allows modifying the raft autopilot configuration
|
||||
func (c *Sys) PutRaftAutopilotConfigurationWithContext(ctx context.Context, opts *AutopilotConfig) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, "/v1/sys/storage/raft/autopilot/configuration")
|
||||
|
||||
if err := r.SetJSONBody(opts); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
211
vendor/github.com/hashicorp/vault/api/sys_rekey.go
generated
vendored
211
vendor/github.com/hashicorp/vault/api/sys_rekey.go
generated
vendored
@ -3,16 +3,22 @@ package api
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"net/http"
|
||||
|
||||
"github.com/mitchellh/mapstructure"
|
||||
)
|
||||
|
||||
func (c *Sys) RekeyStatus() (*RekeyStatusResponse, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/rekey/init")
|
||||
return c.RekeyStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyStatusWithContext(ctx context.Context) (*RekeyStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey/init")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -24,11 +30,16 @@ func (c *Sys) RekeyStatus() (*RekeyStatusResponse, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRecoveryKeyStatus() (*RekeyStatusResponse, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/rekey-recovery-key/init")
|
||||
return c.RekeyRecoveryKeyStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyRecoveryKeyStatusWithContext(ctx context.Context) (*RekeyStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey-recovery-key/init")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -40,11 +51,16 @@ func (c *Sys) RekeyRecoveryKeyStatus() (*RekeyStatusResponse, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyVerificationStatus() (*RekeyVerificationStatusResponse, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/rekey/verify")
|
||||
return c.RekeyVerificationStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyVerificationStatusWithContext(ctx context.Context) (*RekeyVerificationStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey/verify")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -56,11 +72,16 @@ func (c *Sys) RekeyVerificationStatus() (*RekeyVerificationStatusResponse, error
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRecoveryKeyVerificationStatus() (*RekeyVerificationStatusResponse, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/rekey-recovery-key/verify")
|
||||
return c.RekeyRecoveryKeyVerificationStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyRecoveryKeyVerificationStatusWithContext(ctx context.Context) (*RekeyVerificationStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey-recovery-key/verify")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -72,14 +93,19 @@ func (c *Sys) RekeyRecoveryKeyVerificationStatus() (*RekeyVerificationStatusResp
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyInit(config *RekeyInitRequest) (*RekeyStatusResponse, error) {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/rekey/init")
|
||||
return c.RekeyInitWithContext(context.Background(), config)
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyInitWithContext(ctx context.Context, config *RekeyInitRequest) (*RekeyStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey/init")
|
||||
if err := r.SetJSONBody(config); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -91,14 +117,19 @@ func (c *Sys) RekeyInit(config *RekeyInitRequest) (*RekeyStatusResponse, error)
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRecoveryKeyInit(config *RekeyInitRequest) (*RekeyStatusResponse, error) {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/rekey-recovery-key/init")
|
||||
return c.RekeyRecoveryKeyInitWithContext(context.Background(), config)
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRecoveryKeyInitWithContext(ctx context.Context, config *RekeyInitRequest) (*RekeyStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey-recovery-key/init")
|
||||
if err := r.SetJSONBody(config); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -110,11 +141,16 @@ func (c *Sys) RekeyRecoveryKeyInit(config *RekeyInitRequest) (*RekeyStatusRespon
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyCancel() error {
|
||||
r := c.c.NewRequest("DELETE", "/v1/sys/rekey/init")
|
||||
return c.RekeyCancelWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyCancelWithContext(ctx context.Context) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey/init")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -122,11 +158,16 @@ func (c *Sys) RekeyCancel() error {
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRecoveryKeyCancel() error {
|
||||
r := c.c.NewRequest("DELETE", "/v1/sys/rekey-recovery-key/init")
|
||||
return c.RekeyRecoveryKeyCancelWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyRecoveryKeyCancelWithContext(ctx context.Context) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey-recovery-key/init")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -134,11 +175,16 @@ func (c *Sys) RekeyRecoveryKeyCancel() error {
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyVerificationCancel() error {
|
||||
r := c.c.NewRequest("DELETE", "/v1/sys/rekey/verify")
|
||||
return c.RekeyVerificationCancelWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyVerificationCancelWithContext(ctx context.Context) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey/verify")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -146,11 +192,16 @@ func (c *Sys) RekeyVerificationCancel() error {
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRecoveryKeyVerificationCancel() error {
|
||||
r := c.c.NewRequest("DELETE", "/v1/sys/rekey-recovery-key/verify")
|
||||
return c.RekeyRecoveryKeyVerificationCancelWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyRecoveryKeyVerificationCancelWithContext(ctx context.Context) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey-recovery-key/verify")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -158,19 +209,24 @@ func (c *Sys) RekeyRecoveryKeyVerificationCancel() error {
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyUpdate(shard, nonce string) (*RekeyUpdateResponse, error) {
|
||||
return c.RekeyUpdateWithContext(context.Background(), shard, nonce)
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyUpdateResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
body := map[string]interface{}{
|
||||
"key": shard,
|
||||
"nonce": nonce,
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/rekey/update")
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey/update")
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -182,19 +238,24 @@ func (c *Sys) RekeyUpdate(shard, nonce string) (*RekeyUpdateResponse, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRecoveryKeyUpdate(shard, nonce string) (*RekeyUpdateResponse, error) {
|
||||
return c.RekeyRecoveryKeyUpdateWithContext(context.Background(), shard, nonce)
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRecoveryKeyUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyUpdateResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
body := map[string]interface{}{
|
||||
"key": shard,
|
||||
"nonce": nonce,
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/rekey-recovery-key/update")
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey-recovery-key/update")
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -206,11 +267,16 @@ func (c *Sys) RekeyRecoveryKeyUpdate(shard, nonce string) (*RekeyUpdateResponse,
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRetrieveBackup() (*RekeyRetrieveResponse, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/rekey/backup")
|
||||
return c.RekeyRetrieveBackupWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyRetrieveBackupWithContext(ctx context.Context) (*RekeyRetrieveResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey/backup")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -234,11 +300,16 @@ func (c *Sys) RekeyRetrieveBackup() (*RekeyRetrieveResponse, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRetrieveRecoveryBackup() (*RekeyRetrieveResponse, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/rekey/recovery-key-backup")
|
||||
return c.RekeyRetrieveRecoveryBackupWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyRetrieveRecoveryBackupWithContext(ctx context.Context) (*RekeyRetrieveResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey/recovery-key-backup")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -262,11 +333,16 @@ func (c *Sys) RekeyRetrieveRecoveryBackup() (*RekeyRetrieveResponse, error) {
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyDeleteBackup() error {
|
||||
r := c.c.NewRequest("DELETE", "/v1/sys/rekey/backup")
|
||||
return c.RekeyDeleteBackupWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyDeleteBackupWithContext(ctx context.Context) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey/backup")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -275,11 +351,16 @@ func (c *Sys) RekeyDeleteBackup() error {
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyDeleteRecoveryBackup() error {
|
||||
r := c.c.NewRequest("DELETE", "/v1/sys/rekey/recovery-key-backup")
|
||||
return c.RekeyDeleteRecoveryBackupWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RekeyDeleteRecoveryBackupWithContext(ctx context.Context) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey/recovery-key-backup")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -288,19 +369,24 @@ func (c *Sys) RekeyDeleteRecoveryBackup() error {
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUpdateResponse, error) {
|
||||
return c.RekeyVerificationUpdateWithContext(context.Background(), shard, nonce)
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyVerificationUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyVerificationUpdateResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
body := map[string]interface{}{
|
||||
"key": shard,
|
||||
"nonce": nonce,
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/rekey/verify")
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey/verify")
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -312,19 +398,24 @@ func (c *Sys) RekeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUp
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRecoveryKeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUpdateResponse, error) {
|
||||
return c.RekeyRecoveryKeyVerificationUpdateWithContext(context.Background(), shard, nonce)
|
||||
}
|
||||
|
||||
func (c *Sys) RekeyRecoveryKeyVerificationUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyVerificationUpdateResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
|
||||
body := map[string]interface{}{
|
||||
"key": shard,
|
||||
"nonce": nonce,
|
||||
}
|
||||
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/rekey-recovery-key/verify")
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey-recovery-key/verify")
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
23
vendor/github.com/hashicorp/vault/api/sys_rotate.go
generated
vendored
23
vendor/github.com/hashicorp/vault/api/sys_rotate.go
generated
vendored
@ -4,15 +4,21 @@ import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"net/http"
|
||||
"time"
|
||||
)
|
||||
|
||||
func (c *Sys) Rotate() error {
|
||||
r := c.c.NewRequest("POST", "/v1/sys/rotate")
|
||||
return c.RotateWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) RotateWithContext(ctx context.Context) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodPost, "/v1/sys/rotate")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
}
|
||||
@ -20,11 +26,16 @@ func (c *Sys) Rotate() error {
|
||||
}
|
||||
|
||||
func (c *Sys) KeyStatus() (*KeyStatus, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/key-status")
|
||||
return c.KeyStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) KeyStatusWithContext(ctx context.Context) (*KeyStatus, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/key-status")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
64
vendor/github.com/hashicorp/vault/api/sys_seal.go
generated
vendored
64
vendor/github.com/hashicorp/vault/api/sys_seal.go
generated
vendored
@ -1,59 +1,87 @@
|
||||
package api
|
||||
|
||||
import "context"
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func (c *Sys) SealStatus() (*SealStatusResponse, error) {
|
||||
r := c.c.NewRequest("GET", "/v1/sys/seal-status")
|
||||
return sealStatusRequest(c, r)
|
||||
return c.SealStatusWithContext(context.Background())
|
||||
}
|
||||
|
||||
func (c *Sys) SealStatusWithContext(ctx context.Context) (*SealStatusResponse, error) {
|
||||
r := c.c.NewRequest(http.MethodGet, "/v1/sys/seal-status")
|
||||
return sealStatusRequestWithContext(ctx, c, r)
|
||||
}
|
||||
|
||||
func (c *Sys) Seal() error {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/seal")
|
||||
return c.SealWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) SealWithContext(ctx context.Context) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/seal")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return err
|
||||
defer resp.Body.Close()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *Sys) ResetUnsealProcess() (*SealStatusResponse, error) {
|
||||
return c.ResetUnsealProcessWithContext(context.Background())
|
||||
}
|
||||
|
||||
func (c *Sys) ResetUnsealProcessWithContext(ctx context.Context) (*SealStatusResponse, error) {
|
||||
body := map[string]interface{}{"reset": true}
|
||||
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/unseal")
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/unseal")
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return sealStatusRequest(c, r)
|
||||
return sealStatusRequestWithContext(ctx, c, r)
|
||||
}
|
||||
|
||||
func (c *Sys) Unseal(shard string) (*SealStatusResponse, error) {
|
||||
return c.UnsealWithContext(context.Background(), shard)
|
||||
}
|
||||
|
||||
func (c *Sys) UnsealWithContext(ctx context.Context, shard string) (*SealStatusResponse, error) {
|
||||
body := map[string]interface{}{"key": shard}
|
||||
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/unseal")
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/unseal")
|
||||
if err := r.SetJSONBody(body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return sealStatusRequest(c, r)
|
||||
return sealStatusRequestWithContext(ctx, c, r)
|
||||
}
|
||||
|
||||
func (c *Sys) UnsealWithOptions(opts *UnsealOpts) (*SealStatusResponse, error) {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/unseal")
|
||||
return c.UnsealWithOptionsWithContext(context.Background(), opts)
|
||||
}
|
||||
|
||||
func (c *Sys) UnsealWithOptionsWithContext(ctx context.Context, opts *UnsealOpts) (*SealStatusResponse, error) {
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/unseal")
|
||||
|
||||
if err := r.SetJSONBody(opts); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return sealStatusRequest(c, r)
|
||||
return sealStatusRequestWithContext(ctx, c, r)
|
||||
}
|
||||
|
||||
func sealStatusRequest(c *Sys, r *Request) (*SealStatusResponse, error) {
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func sealStatusRequestWithContext(ctx context.Context, c *Sys, r *Request) (*SealStatusResponse, error) {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
16
vendor/github.com/hashicorp/vault/api/sys_stepdown.go
generated
vendored
16
vendor/github.com/hashicorp/vault/api/sys_stepdown.go
generated
vendored
@ -1,13 +1,21 @@
|
||||
package api
|
||||
|
||||
import "context"
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func (c *Sys) StepDown() error {
|
||||
r := c.c.NewRequest("PUT", "/v1/sys/step-down")
|
||||
return c.StepDownWithContext(context.Background())
|
||||
}
|
||||
|
||||
ctx, cancelFunc := context.WithCancel(context.Background())
|
||||
func (c *Sys) StepDownWithContext(ctx context.Context) error {
|
||||
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
||||
defer cancelFunc()
|
||||
resp, err := c.c.RawRequestWithContext(ctx, r)
|
||||
|
||||
r := c.c.NewRequest(http.MethodPut, "/v1/sys/step-down")
|
||||
|
||||
resp, err := c.c.rawRequestWithContext(ctx, r)
|
||||
if resp != nil && resp.Body != nil {
|
||||
resp.Body.Close()
|
||||
}
|
||||
|
2
vendor/modules.txt
vendored
2
vendor/modules.txt
vendored
@ -289,7 +289,7 @@ github.com/hashicorp/hcl/json/token
|
||||
## explicit; go 1.13
|
||||
github.com/hashicorp/vault/command/agent/auth
|
||||
github.com/hashicorp/vault/command/agent/auth/kubernetes
|
||||
# github.com/hashicorp/vault/api v1.4.1
|
||||
# github.com/hashicorp/vault/api v1.5.0
|
||||
## explicit; go 1.13
|
||||
github.com/hashicorp/vault/api
|
||||
# github.com/hashicorp/vault/sdk v0.4.1
|
||||
|
Loading…
Reference in New Issue
Block a user