Changed Vault secret engine types to constants

ilmarkerm · ilmarkerm · commit 9bcd300a0eed · 2025-10-21T17:41:35.000+02:00
diff --git a/collector/config.go b/collector/config.go
@@ -161,14 +161,14 @@ func (c ConnectConfig) GetQueryTimeout() int {
 }
 
 func (h HashiCorpVault) GetUsernameAttr() string {
-	if h.UsernameAttr == "" || h.MountType == "database" {
+	if h.UsernameAttr == "" || h.MountType == hashivault.MountTypeDatabase {
 		return "username"
 	}
 	return h.UsernameAttr
 }
 
 func (h HashiCorpVault) GetPasswordAttr() string {
-	if h.PasswordAttr == "" || h.MountType == "database" {
+	if h.PasswordAttr == "" || h.MountType == hashivault.MountTypeDatabase {
 		return "password"
 	}
 	return h.PasswordAttr
diff --git a/hashivault/hashivault.go b/hashivault/hashivault.go
@@ -17,6 +17,13 @@ import (
 	vault "github.com/hashicorp/vault/api"
 )
 
+const (
+	MountTypeKVv1 = "kvv1"
+	MountTypeKVv2 = "kvv2"
+	MountTypeDatabase = "database"
+	MountTypeLogical = "logical"
+)
+
 var UnsupportedMountType = errors.New("Unsupported HashiCorp Vault mount type")
 var RequiredKeyMissing = errors.New("Required key missing from HashiCorp Vault secret")
 
@@ -77,11 +84,11 @@ func (c HashicorpVaultClient) getVaultSecret(mountType string, mount string, pat
 	result := map[string]string{}
 	var err error
 	var secretData map[string]interface{}
-	if mountType == "kvv2" || mountType == "kvv1" {
+	if mountType == MountTypeKVv1 || mountType == MountTypeKVv2 {
 		// Handle simple key-value secrets
 		var secret *vault.KVSecret
 		c.logger.Info("Making call to HashiCorp Vault", "mountType", mountType, "mountName", mount, "secretPath", path, "expectedKeys", requiredKeys)
-		if mountType == "kvv2" {
+		if mountType == MountTypeKVv2 {
 			secret, err = c.client.KVv2(mount).Get(context.TODO(), path)
 		} else {
 			secret, err = c.client.KVv1(mount).Get(context.TODO(), path)
@@ -91,11 +98,11 @@ func (c HashicorpVaultClient) getVaultSecret(mountType string, mount string, pat
 			return result, err
 		}
 		secretData = secret.Data
-	} else if mountType == "database" || mountType == "logical" {
+	} else if mountType == MountTypeDatabase || mountType == MountTypeLogical {
 		// Handle other types of secrets, for example database roles, just using the Logical() backend
 		var secret *vault.Secret
 		var secretPath string
-		if mountType == "database" {
+		if mountType == MountTypeDatabase {
 			secretPath = fmt.Sprintf("%s/creds/%s", mount, path)
 		} else {
 			secretPath = fmt.Sprintf("%s/%s", mount, path)

Original file line number	Diff line number	Diff line change
`@@ -161,14 +161,14 @@ func (c ConnectConfig) GetQueryTimeout() int {`
`161`	`161`	`}`
`162`	`162`
`163`	`163`	`func (h HashiCorpVault) GetUsernameAttr() string {`
`164`		`- if h.UsernameAttr == "" \|\| h.MountType == "database" {`
	`164`	`+ if h.UsernameAttr == "" \|\| h.MountType == hashivault.MountTypeDatabase {`
`165`	`165`	`return "username"`
`166`	`166`	`}`
`167`	`167`	`return h.UsernameAttr`
`168`	`168`	`}`
`169`	`169`
`170`	`170`	`func (h HashiCorpVault) GetPasswordAttr() string {`
`171`		`- if h.PasswordAttr == "" \|\| h.MountType == "database" {`
	`171`	`+ if h.PasswordAttr == "" \|\| h.MountType == hashivault.MountTypeDatabase {`
`172`	`172`	`return "password"`
`173`	`173`	`}`
`174`	`174`	`return h.PasswordAttr`