mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-10 00:10:20 +00:00
util: pass map[string]interface{} to initialize KMS
This makes it possible to pass a more complex configuration to the initialize functions for KMS's. The upcoming VaultTokensKMS can use overrides for configiration options on a per tenant basis. Without this change, it would not be possible to consume the JSON configuration file. See-also: #1743 Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
parent
43fa1cddb7
commit
d28a5a5f23
@ -115,18 +115,10 @@ func GetKMS(kmsID string, secrets map[string]string) (EncryptionKMS, error) {
|
||||
return nil, fmt.Errorf("failed to parse kms configuration: %s", err)
|
||||
}
|
||||
|
||||
kmsConfigData, ok := config[kmsID].(map[string]interface{})
|
||||
kmsConfig, ok := config[kmsID].(map[string]interface{})
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("missing encryption KMS configuration with %s", kmsID)
|
||||
}
|
||||
kmsConfig := make(map[string]string)
|
||||
for key, value := range kmsConfigData {
|
||||
kmsConfig[key], ok = value.(string)
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("broken KMS config: '%s' for '%s' is not a string",
|
||||
value, key)
|
||||
}
|
||||
}
|
||||
|
||||
kmsType, ok := kmsConfig[kmsTypeKey]
|
||||
if !ok {
|
||||
|
@ -107,7 +107,7 @@ func setConfigString(option *string, config map[string]interface{}, key string)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (vc *vaultConnection) initConnection(kmsID string, config, secrets map[string]string) error {
|
||||
func (vc *vaultConnection) initConnection(kmsID string, config map[string]interface{}, secrets map[string]string) error {
|
||||
vaultConfig := make(map[string]interface{})
|
||||
keyContext := make(map[string]string)
|
||||
|
||||
@ -165,7 +165,7 @@ func (vc *vaultConnection) initConnection(kmsID string, config, secrets map[stri
|
||||
}
|
||||
|
||||
// InitVaultKMS returns an interface to HashiCorp Vault KMS.
|
||||
func InitVaultKMS(kmsID string, config, secrets map[string]string) (EncryptionKMS, error) {
|
||||
func InitVaultKMS(kmsID string, config map[string]interface{}, secrets map[string]string) (EncryptionKMS, error) {
|
||||
kms := &VaultKMS{}
|
||||
err := kms.initConnection(kmsID, config, secrets)
|
||||
if err != nil {
|
||||
|
Loading…
Reference in New Issue
Block a user