From 14ac4fc0454ff38aedc158427db47f62efdb6592 Mon Sep 17 00:00:00 2001 From: Anton Averchenkov <84287187+averche@users.noreply.github.com> Date: Thu, 13 Apr 2023 11:32:57 -0400 Subject: [PATCH] openapi: Add display attributes for /sys (p2) (#19707) --- vault/logical_raw.go | 25 +++++++++++++++ vault/logical_system_activity.go | 39 ++++++++++++++++++++-- vault/logical_system_helpers.go | 6 ++++ vault/logical_system_pprof.go | 55 ++++++++++++++++++++++++++++++++ vault/logical_system_quotas.go | 31 ++++++++++++++++++ vault/login_mfa.go | 6 ++++ 6 files changed, 159 insertions(+), 3 deletions(-) diff --git a/vault/logical_raw.go b/vault/logical_raw.go index 624b6fc03..ba4822d95 100644 --- a/vault/logical_raw.go +++ b/vault/logical_raw.go @@ -319,6 +319,11 @@ func rawPaths(prefix string, r *RawBackend) []*framework.Path { Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: r.handleRawRead, + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "raw", + OperationVerb: "read", + OperationSuffix: "|path", + }, Responses: map[int][]framework.Response{ http.StatusOK: {{ Description: "OK", @@ -334,6 +339,11 @@ func rawPaths(prefix string, r *RawBackend) []*framework.Path { }, logical.UpdateOperation: &framework.PathOperation{ Callback: r.handleRawWrite, + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "raw", + OperationVerb: "write", + OperationSuffix: "|path", + }, Responses: map[int][]framework.Response{ http.StatusOK: {{ Description: "OK", @@ -343,6 +353,11 @@ func rawPaths(prefix string, r *RawBackend) []*framework.Path { }, logical.CreateOperation: &framework.PathOperation{ Callback: r.handleRawWrite, + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "raw", + OperationVerb: "write", + OperationSuffix: "|path", + }, Responses: map[int][]framework.Response{ http.StatusNoContent: {{ Description: "OK", @@ -352,6 +367,11 @@ func rawPaths(prefix string, r *RawBackend) []*framework.Path { }, logical.DeleteOperation: &framework.PathOperation{ Callback: r.handleRawDelete, + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "raw", + OperationVerb: "delete", + OperationSuffix: "|path", + }, Responses: map[int][]framework.Response{ http.StatusNoContent: {{ Description: "OK", @@ -361,6 +381,11 @@ func rawPaths(prefix string, r *RawBackend) []*framework.Path { }, logical.ListOperation: &framework.PathOperation{ Callback: r.handleRawList, + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "raw", + OperationVerb: "list", + OperationSuffix: "|path", + }, Responses: map[int][]framework.Response{ http.StatusOK: {{ Description: "OK", diff --git a/vault/logical_system_activity.go b/vault/logical_system_activity.go index 458e68e76..5b97ceece 100644 --- a/vault/logical_system_activity.go +++ b/vault/logical_system_activity.go @@ -21,6 +21,13 @@ import ( func (b *SystemBackend) activityQueryPath() *framework.Path { return &framework.Path{ Pattern: "internal/counters/activity$", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "internal-client-activity", + OperationVerb: "report", + OperationSuffix: "counts", + }, + Fields: map[string]*framework.FieldSchema{ "start_time": { Type: framework.TypeTime, @@ -51,7 +58,14 @@ func (b *SystemBackend) activityQueryPath() *framework.Path { // monthlyActivityCountPath is available in every namespace func (b *SystemBackend) monthlyActivityCountPath() *framework.Path { return &framework.Path{ - Pattern: "internal/counters/activity/monthly$", + Pattern: "internal/counters/activity/monthly$", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "internal-client-activity", + OperationVerb: "report", + OperationSuffix: "counts-this-month", + }, + HelpSynopsis: strings.TrimSpace(sysHelp["activity-monthly"][0]), HelpDescription: strings.TrimSpace(sysHelp["activity-monthly"][1]), Operations: map[logical.Operation]framework.OperationHandler{ @@ -77,6 +91,11 @@ func (b *SystemBackend) rootActivityPaths() []*framework.Path { b.monthlyActivityCountPath(), { Pattern: "internal/counters/config$", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "internal-client-activity", + }, + Fields: map[string]*framework.FieldSchema{ "default_report_months": { Type: framework.TypeInt, @@ -99,16 +118,29 @@ func (b *SystemBackend) rootActivityPaths() []*framework.Path { Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handleActivityConfigRead, - Summary: "Read the client count tracking configuration.", + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "read", + OperationSuffix: "configuration", + }, + Summary: "Read the client count tracking configuration.", }, logical.UpdateOperation: &framework.PathOperation{ Callback: b.handleActivityConfigUpdate, - Summary: "Enable or disable collection of client count, set retention period, or set default reporting period.", + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "configure", + }, + Summary: "Enable or disable collection of client count, set retention period, or set default reporting period.", }, }, }, { Pattern: "internal/counters/activity/export$", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "internal-client-activity", + OperationVerb: "export", + }, + Fields: map[string]*framework.FieldSchema{ "start_time": { Type: framework.TypeTime, @@ -124,6 +156,7 @@ func (b *SystemBackend) rootActivityPaths() []*framework.Path { Default: "json", }, }, + HelpSynopsis: strings.TrimSpace(sysHelp["activity-export"][0]), HelpDescription: strings.TrimSpace(sysHelp["activity-export"][1]), diff --git a/vault/logical_system_helpers.go b/vault/logical_system_helpers.go index 0bfc5370d..6d3270e2d 100644 --- a/vault/logical_system_helpers.go +++ b/vault/logical_system_helpers.go @@ -64,6 +64,12 @@ var ( return []*framework.Path{ { Pattern: "replication/status", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "replication", + OperationVerb: "status", + }, + Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { resp := &logical.Response{ diff --git a/vault/logical_system_pprof.go b/vault/logical_system_pprof.go index 3b5f67a3e..9b5a5a8fa 100644 --- a/vault/logical_system_pprof.go +++ b/vault/logical_system_pprof.go @@ -20,6 +20,11 @@ func (b *SystemBackend) pprofPaths() []*framework.Path { { Pattern: "pprof/$", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "pprof", + OperationVerb: "index", + }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handlePprofIndex, @@ -38,6 +43,11 @@ render pages.`, { Pattern: "pprof/cmdline", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "pprof", + OperationVerb: "command-line", + }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handlePprofCmdline, @@ -54,6 +64,11 @@ render pages.`, { Pattern: "pprof/goroutine", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "pprof", + OperationVerb: "goroutines", + }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handlePprofGoroutine, @@ -70,6 +85,11 @@ render pages.`, { Pattern: "pprof/heap", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "pprof", + OperationVerb: "memory-allocations-live", + }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handlePprofHeap, @@ -86,6 +106,11 @@ render pages.`, { Pattern: "pprof/allocs", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "pprof", + OperationVerb: "memory-allocations", + }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handlePprofAllocs, @@ -102,6 +127,11 @@ render pages.`, { Pattern: "pprof/threadcreate", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "pprof", + OperationVerb: "thread-creations", + }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handlePprofThreadcreate, @@ -119,6 +149,11 @@ render pages.`, { Pattern: "pprof/block", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "pprof", + OperationVerb: "blocking", + }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handlePprofBlock, @@ -135,6 +170,11 @@ render pages.`, { Pattern: "pprof/mutex", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "pprof", + OperationVerb: "mutexes", + }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handlePprofMutex, @@ -151,6 +191,11 @@ render pages.`, { Pattern: "pprof/profile", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "pprof", + OperationVerb: "cpu-profile", + }, + Fields: map[string]*framework.FieldSchema{ "seconds": { Type: framework.TypeInt, @@ -174,6 +219,11 @@ render pages.`, { Pattern: "pprof/symbol", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "pprof", + OperationVerb: "symbols", + }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handlePprofSymbol, @@ -191,6 +241,11 @@ render pages.`, { Pattern: "pprof/trace", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "pprof", + OperationVerb: "execution-trace", + }, + Fields: map[string]*framework.FieldSchema{ "seconds": { Type: framework.TypeInt, diff --git a/vault/logical_system_quotas.go b/vault/logical_system_quotas.go index af0dfe008..1a9dbbf60 100644 --- a/vault/logical_system_quotas.go +++ b/vault/logical_system_quotas.go @@ -21,6 +21,11 @@ func (b *SystemBackend) quotasPaths() []*framework.Path { return []*framework.Path{ { Pattern: "quotas/config$", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "rate-limit-quotas", + }, + Fields: map[string]*framework.FieldSchema{ "rate_limit_exempt_paths": { Type: framework.TypeStringSlice, @@ -38,6 +43,9 @@ func (b *SystemBackend) quotasPaths() []*framework.Path { Operations: map[logical.Operation]framework.OperationHandler{ logical.UpdateOperation: &framework.PathOperation{ Callback: b.handleQuotasConfigUpdate(), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "configure", + }, Responses: map[int][]framework.Response{ http.StatusNoContent: {{ Description: "OK", @@ -46,6 +54,9 @@ func (b *SystemBackend) quotasPaths() []*framework.Path { }, logical.ReadOperation: &framework.PathOperation{ Callback: b.handleQuotasConfigRead(), + DisplayAttrs: &framework.DisplayAttributes{ + OperationSuffix: "configuration", + }, Responses: map[int][]framework.Response{ http.StatusOK: {{ Description: "OK", @@ -72,6 +83,12 @@ func (b *SystemBackend) quotasPaths() []*framework.Path { }, { Pattern: "quotas/rate-limit/?$", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "rate-limit-quotas", + OperationVerb: "list", + }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.ListOperation: &framework.PathOperation{ Callback: b.handleRateLimitQuotasList(), @@ -93,6 +110,11 @@ func (b *SystemBackend) quotasPaths() []*framework.Path { }, { Pattern: "quotas/rate-limit/" + framework.GenericNameRegex("name"), + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "rate-limit-quotas", + }, + Fields: map[string]*framework.FieldSchema{ "type": { Type: framework.TypeString, @@ -131,6 +153,9 @@ from any further requests until after the 'block_interval' has elapsed.`, Operations: map[logical.Operation]framework.OperationHandler{ logical.UpdateOperation: &framework.PathOperation{ Callback: b.handleRateLimitQuotasUpdate(), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "write", + }, Responses: map[int][]framework.Response{ http.StatusNoContent: {{ Description: http.StatusText(http.StatusNoContent), @@ -139,6 +164,9 @@ from any further requests until after the 'block_interval' has elapsed.`, }, logical.ReadOperation: &framework.PathOperation{ Callback: b.handleRateLimitQuotasRead(), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "read", + }, Responses: map[int][]framework.Response{ http.StatusOK: {{ Description: "OK", @@ -177,6 +205,9 @@ from any further requests until after the 'block_interval' has elapsed.`, }, logical.DeleteOperation: &framework.PathOperation{ Callback: b.handleRateLimitQuotasDelete(), + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "delete", + }, Responses: map[int][]framework.Response{ http.StatusNoContent: {{ Description: "OK", diff --git a/vault/login_mfa.go b/vault/login_mfa.go index 2f2ee23af..9a2109831 100644 --- a/vault/login_mfa.go +++ b/vault/login_mfa.go @@ -72,6 +72,12 @@ func (b *SystemBackend) loginMFAPaths() []*framework.Path { return []*framework.Path{ { Pattern: "mfa/validate", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: "mfa", + OperationVerb: "validate", + }, + Fields: map[string]*framework.FieldSchema{ "mfa_request_id": { Type: framework.TypeString,