-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CreateOperation should only be implemented alongside ExistenceCheck #18492
Commits on Dec 20, 2022
-
CreateOperation should only be implemented alongside ExistenceCheck
Closes hashicorp#12329 Vault treats all POST or PUT HTTP requests equally - they default to being treated as UpdateOperations, but, if a backend implements an ExistenceCheck function, CreateOperations can be separated out when the existence check returns false. It follows, then, that if a CreateOperation handler is implemented without an ExistenceCheck function, this is unreachable code - a coding error. It's a fairly minor error in the grand scheme of things, but it causes the generated OpenAPI spec to include x-vault-createSupported for operations on which create can never actually be invoked - and promotes muddled understanding of the create/update feature. In this PR: 1) Implement a new test, which checks all builtin auth methods and secrets engines can be successfully initialized. (This is important to validate the next part.) 2) Expand upon the existing coding error checks built in to framework.Backend, adding a check for this misuse of CreateOperation. 3) Fix up instances of improper CreateOperation within the Vault repository - just two, transit and mock. Note: At this point, the newly added test will **fail**. There are improper uses of CreateOperation in all of the following: vault-plugin-auth-cf vault-plugin-auth-kerberos vault-plugin-auth-kubernetes vault-plugin-secrets-ad vault-plugin-secrets-gcpkms vault-plugin-secrets-kubernetes vault-plugin-secrets-kv vault-plugin-secrets-openldap vault-plugin-secrets-terraform each of which needs to be fixed and updated in go.mod here, before this new check can be added.
Configuration menu - View commit details
-
Copy full SHA for b35f12b - Browse repository at this point
Copy the full SHA b35f12bView commit details -
Configuration menu - View commit details
-
Copy full SHA for a15b5d7 - Browse repository at this point
Copy the full SHA a15b5d7View commit details
Commits on Dec 22, 2022
-
Add in testing of KV v2, which otherwise doesn't get tested
This is a surprisingly complicated special case
Configuration menu - View commit details
-
Copy full SHA for 157ab4b - Browse repository at this point
Copy the full SHA 157ab4bView commit details -
The database plugin needs special handling as well, and add in help i…
…nvocations of the builtin backends too
Configuration menu - View commit details
-
Copy full SHA for 8104ce8 - Browse repository at this point
Copy the full SHA 8104ce8View commit details
Commits on Dec 23, 2022
-
Configuration menu - View commit details
-
Copy full SHA for aaf7be3 - Browse repository at this point
Copy the full SHA aaf7be3View commit details
Commits on Dec 29, 2022
-
Configuration menu - View commit details
-
Copy full SHA for c7611bf - Browse repository at this point
Copy the full SHA c7611bfView commit details
Commits on Jan 19, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 2f73408 - Browse repository at this point
Copy the full SHA 2f73408View commit details -
Update 6 out of 9 plugins to needed new versions
Note, this IS an upgrade despite the apparent version numbers going down. (That's a consequence of slightly odd release management occurring in the plugin repositories.)
Configuration menu - View commit details
-
Copy full SHA for 73b1c5d - Browse repository at this point
Copy the full SHA 73b1c5dView commit details
Commits on Apr 27, 2023
-
Configuration menu - View commit details
-
Copy full SHA for f98ad02 - Browse repository at this point
Copy the full SHA f98ad02View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2b62f40 - Browse repository at this point
Copy the full SHA 2b62f40View commit details -
Perform necessary update of vault-plugin-secrets-kubernetes so that C…
…I checks on PR can run
Configuration menu - View commit details
-
Copy full SHA for dfa5250 - Browse repository at this point
Copy the full SHA dfa5250View commit details
Commits on May 26, 2023
-
Configuration menu - View commit details
-
Copy full SHA for df74b05 - Browse repository at this point
Copy the full SHA df74b05View commit details
Commits on Jun 29, 2023
-
Configuration menu - View commit details
-
Copy full SHA for b801719 - Browse repository at this point
Copy the full SHA b801719View commit details -
Fix another instance of incorrect CreateOperation, for a test-only en…
…dpoint By being hidden behind a Go build constraint, it had evaded notice until now.
Configuration menu - View commit details
-
Copy full SHA for ce12136 - Browse repository at this point
Copy the full SHA ce12136View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5d18f82 - Browse repository at this point
Copy the full SHA 5d18f82View commit details
Commits on Jul 15, 2023
-
Configuration menu - View commit details
-
Copy full SHA for c9c7fa5 - Browse repository at this point
Copy the full SHA c9c7fa5View commit details