open-consul/agent/connect/ca
Mark Anderson aa29324a24
Avoid using sys/mounts to enable namespaces (#12655)
* Avoid doing list of /sys/mounts

From an internal ticket "Support standard "Vault namespace in the path" semantics for Connect Vault CA Provider"

Vault allows the namespace to be specified as a prefix in the path of
a PKI definition, but this doesn't currently work for
```IntermediatePKIPath``` specifications, because we attempt to list
all of the paths to check if ours is already defined. This doesn't
really work in a namespaced world.

This changes the IntermediatePKIPath code to follow the same pattern
as the root key, where we directly get the key rather than listing.

This code is difficult to write automated tests for because it relies
on features of Vault Enterprise, which isn't currently part of our
test framework, so it was tested manually.

Signed-off-by: Mark Anderson <manderson@hashicorp.com>

* add changelog

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-03-31 23:35:38 -07:00
..
common.go ca: cleanup validateSetIntermediate 2022-02-17 18:21:30 -05:00
mock_Provider.go ca: update MockProvider for new interface 2022-01-27 12:51:35 -05:00
provider.go Update TODOs to reference an issue with more details 2022-02-17 18:21:30 -05:00
provider_aws.go ca/provider: remove ActiveRoot from Provider 2022-01-27 13:07:37 -05:00
provider_aws_test.go ca/provider: remove ActiveRoot from Provider 2022-01-27 13:07:37 -05:00
provider_consul.go ca: cleanup validateSetIntermediate 2022-02-17 18:21:30 -05:00
provider_consul_config.go add root_cert_ttl option for consul connect, vault ca providers (#11428) 2021-11-02 11:02:10 -07:00
provider_consul_test.go ca/provider: remove ActiveRoot from Provider 2022-01-27 13:07:37 -05:00
provider_test.go Vendor in rpc mono repo for net/rpc fork, go-msgpack, msgpackrpc. (#12311) 2022-02-14 09:45:45 -08:00
provider_vault.go Avoid using sys/mounts to enable namespaces (#12655) 2022-03-31 23:35:38 -07:00
provider_vault_test.go Fix leaked Vault LifetimeRenewers (#12607) 2022-03-28 09:58:16 -05:00
testing.go ca: require that tests that use Vault are named correctly 2022-02-28 16:13:53 -05:00