mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-22 22:30:23 +00:00
util: support vaultBackendPath and vaultTLSServerName options
Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
parent
8f91c672d4
commit
648f9ccf31
@ -106,6 +106,11 @@ func setConfigString(option *string, config map[string]interface{}, key string)
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// initConnection sets VAULT_* environment variables in the vc.vaultConfig map,
|
||||||
|
// these settings will be used when connecting to the Vault service with
|
||||||
|
// vc.connectVault().
|
||||||
|
//
|
||||||
|
// nolint:gocyclo // iterating through many config options, not complex at all.
|
||||||
func (vc *vaultConnection) initConnection(kmsID string, config map[string]interface{}, secrets map[string]string) error {
|
func (vc *vaultConnection) initConnection(kmsID string, config map[string]interface{}, secrets map[string]string) error {
|
||||||
vaultConfig := make(map[string]interface{})
|
vaultConfig := make(map[string]interface{})
|
||||||
keyContext := make(map[string]string)
|
keyContext := make(map[string]string)
|
||||||
@ -126,6 +131,26 @@ func (vc *vaultConnection) initConnection(kmsID string, config map[string]interf
|
|||||||
}
|
}
|
||||||
// default: !firstInit
|
// default: !firstInit
|
||||||
|
|
||||||
|
vaultBackendPath := "" // optional
|
||||||
|
err = setConfigString(&vaultBackendPath, config, "vaultBackendPath")
|
||||||
|
if errors.Is(err, errConfigOptionInvalid) {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
// set the option if the value was not invalid
|
||||||
|
if !errors.Is(err, errConfigOptionMissing) {
|
||||||
|
vaultConfig[vault.VaultBackendPathKey] = vaultBackendPath
|
||||||
|
}
|
||||||
|
|
||||||
|
vaultTLSServerName := "" // optional
|
||||||
|
err = setConfigString(&vaultTLSServerName, config, "vaultTLSServerName")
|
||||||
|
if errors.Is(err, errConfigOptionInvalid) {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
// set the option if the value was not invalid
|
||||||
|
if !errors.Is(err, errConfigOptionMissing) {
|
||||||
|
vaultConfig[api.EnvVaultTLSServerName] = vaultTLSServerName
|
||||||
|
}
|
||||||
|
|
||||||
vaultNamespace := vaultDefaultNamespace // optional
|
vaultNamespace := vaultDefaultNamespace // optional
|
||||||
err = setConfigString(&vaultNamespace, config, "vaultNamespace")
|
err = setConfigString(&vaultNamespace, config, "vaultNamespace")
|
||||||
if errors.Is(err, errConfigOptionInvalid) {
|
if errors.Is(err, errConfigOptionInvalid) {
|
||||||
|
Loading…
Reference in New Issue
Block a user