util: support vaultBackendPath and vaultTLSServerName options

Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
Niels de Vos 2020-12-08 11:21:32 +01:00 committed by mergify[bot]
parent 8f91c672d4
commit 648f9ccf31

View File

@ -106,6 +106,11 @@ func setConfigString(option *string, config map[string]interface{}, key string)
return nil return nil
} }
// initConnection sets VAULT_* environment variables in the vc.vaultConfig map,
// these settings will be used when connecting to the Vault service with
// vc.connectVault().
//
// nolint:gocyclo // iterating through many config options, not complex at all.
func (vc *vaultConnection) initConnection(kmsID string, config map[string]interface{}, secrets map[string]string) error { func (vc *vaultConnection) initConnection(kmsID string, config map[string]interface{}, secrets map[string]string) error {
vaultConfig := make(map[string]interface{}) vaultConfig := make(map[string]interface{})
keyContext := make(map[string]string) keyContext := make(map[string]string)
@ -126,6 +131,26 @@ func (vc *vaultConnection) initConnection(kmsID string, config map[string]interf
} }
// default: !firstInit // default: !firstInit
vaultBackendPath := "" // optional
err = setConfigString(&vaultBackendPath, config, "vaultBackendPath")
if errors.Is(err, errConfigOptionInvalid) {
return err
}
// set the option if the value was not invalid
if !errors.Is(err, errConfigOptionMissing) {
vaultConfig[vault.VaultBackendPathKey] = vaultBackendPath
}
vaultTLSServerName := "" // optional
err = setConfigString(&vaultTLSServerName, config, "vaultTLSServerName")
if errors.Is(err, errConfigOptionInvalid) {
return err
}
// set the option if the value was not invalid
if !errors.Is(err, errConfigOptionMissing) {
vaultConfig[api.EnvVaultTLSServerName] = vaultTLSServerName
}
vaultNamespace := vaultDefaultNamespace // optional vaultNamespace := vaultDefaultNamespace // optional
err = setConfigString(&vaultNamespace, config, "vaultNamespace") err = setConfigString(&vaultNamespace, config, "vaultNamespace")
if errors.Is(err, errConfigOptionInvalid) { if errors.Is(err, errConfigOptionInvalid) {