mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-29 17:50:23 +00:00
util: pass map[string]interface{} to initialize KMS
This makes it possible to pass a more complex configuration to the initialize functions for KMS's. The upcoming VaultTokensKMS can use overrides for configiration options on a per tenant basis. Without this change, it would not be possible to consume the JSON configuration file. See-also: #1743 Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
parent
43fa1cddb7
commit
d28a5a5f23
@ -115,18 +115,10 @@ func GetKMS(kmsID string, secrets map[string]string) (EncryptionKMS, error) {
|
|||||||
return nil, fmt.Errorf("failed to parse kms configuration: %s", err)
|
return nil, fmt.Errorf("failed to parse kms configuration: %s", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
kmsConfigData, ok := config[kmsID].(map[string]interface{})
|
kmsConfig, ok := config[kmsID].(map[string]interface{})
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, fmt.Errorf("missing encryption KMS configuration with %s", kmsID)
|
return nil, fmt.Errorf("missing encryption KMS configuration with %s", kmsID)
|
||||||
}
|
}
|
||||||
kmsConfig := make(map[string]string)
|
|
||||||
for key, value := range kmsConfigData {
|
|
||||||
kmsConfig[key], ok = value.(string)
|
|
||||||
if !ok {
|
|
||||||
return nil, fmt.Errorf("broken KMS config: '%s' for '%s' is not a string",
|
|
||||||
value, key)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
kmsType, ok := kmsConfig[kmsTypeKey]
|
kmsType, ok := kmsConfig[kmsTypeKey]
|
||||||
if !ok {
|
if !ok {
|
||||||
|
@ -107,7 +107,7 @@ func setConfigString(option *string, config map[string]interface{}, key string)
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (vc *vaultConnection) initConnection(kmsID string, config, secrets map[string]string) error {
|
func (vc *vaultConnection) initConnection(kmsID string, config map[string]interface{}, secrets map[string]string) error {
|
||||||
vaultConfig := make(map[string]interface{})
|
vaultConfig := make(map[string]interface{})
|
||||||
keyContext := make(map[string]string)
|
keyContext := make(map[string]string)
|
||||||
|
|
||||||
@ -165,7 +165,7 @@ func (vc *vaultConnection) initConnection(kmsID string, config, secrets map[stri
|
|||||||
}
|
}
|
||||||
|
|
||||||
// InitVaultKMS returns an interface to HashiCorp Vault KMS.
|
// InitVaultKMS returns an interface to HashiCorp Vault KMS.
|
||||||
func InitVaultKMS(kmsID string, config, secrets map[string]string) (EncryptionKMS, error) {
|
func InitVaultKMS(kmsID string, config map[string]interface{}, secrets map[string]string) (EncryptionKMS, error) {
|
||||||
kms := &VaultKMS{}
|
kms := &VaultKMS{}
|
||||||
err := kms.initConnection(kmsID, config, secrets)
|
err := kms.initConnection(kmsID, config, secrets)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
Loading…
Reference in New Issue
Block a user