vault: Allow passing in credential backends

This commit is contained in:
Armon Dadgar 2015-03-18 15:21:41 -07:00
parent b879c5aaf8
commit 21b9bdaf37
3 changed files with 26 additions and 16 deletions

View File

@ -95,7 +95,7 @@ func Test(t TestT, c TestCase) {
// Create an in-memory Vault core
core, err := vault.NewCore(&vault.CoreConfig{
Physical: physical.NewInmem(),
Backends: map[string]logical.Factory{
LogicalBackends: map[string]logical.Factory{
"test": func(map[string]string) (logical.Backend, error) {
return c.Backend, nil
},

View File

@ -9,6 +9,7 @@ import (
"os"
"sync"
"github.com/hashicorp/vault/credential"
"github.com/hashicorp/vault/logical"
"github.com/hashicorp/vault/physical"
"github.com/hashicorp/vault/shamir"
@ -100,8 +101,11 @@ type Core struct {
// router is responsible for managing the mount points for logical backends.
router *Router
// backends is the mapping of backends to use for this core
backends map[string]logical.Factory
// logicalBackends is the mapping of backends to use for this core
logicalBackends map[string]logical.Factory
// credentialBackends is the mapping of backends to use for this core
credentialBackends map[string]credential.Factory
// stateLock protects mutable state
stateLock sync.RWMutex
@ -136,9 +140,10 @@ type Core struct {
// CoreConfig is used to parameterize a core
type CoreConfig struct {
Backends map[string]logical.Factory
Physical physical.Backend
Logger *log.Logger
LogicalBackends map[string]logical.Factory
CredentialBackends map[string]credential.Factory
Physical physical.Backend
Logger *log.Logger
}
// NewCore isk used to construct a new core
@ -164,16 +169,21 @@ func NewCore(conf *CoreConfig) (*Core, error) {
}
// Setup the backends
backends := make(map[string]logical.Factory)
for k, f := range conf.Backends {
backends[k] = f
logicalBackends := make(map[string]logical.Factory)
for k, f := range conf.LogicalBackends {
logicalBackends[k] = f
}
backends["generic"] = PassthroughBackendFactory
backends["system"] = func(map[string]string) (logical.Backend, error) {
logicalBackends["generic"] = PassthroughBackendFactory
logicalBackends["system"] = func(map[string]string) (logical.Backend, error) {
return NewSystemBackend(c), nil
}
c.logicalBackends = logicalBackends
c.backends = backends
credentialBackends := make(map[string]credential.Factory)
for k, f := range conf.CredentialBackends {
credentialBackends[k] = f
}
c.credentialBackends = credentialBackends
return c, nil
}

View File

@ -96,7 +96,7 @@ func (c *Core) mount(me *MountEntry) error {
}
// Lookup the new backend
backend, err := c.newBackend(me.Type, nil)
backend, err := c.newLogicalBackend(me.Type, nil)
if err != nil {
return err
}
@ -293,7 +293,7 @@ func (c *Core) setupMounts() error {
barrierPrefix = systemBarrierPrefix
}
backend, err = c.newBackend(entry.Type, nil)
backend, err = c.newLogicalBackend(entry.Type, nil)
if err != nil {
c.logger.Printf(
"[ERR] core: failed to create mount entry %#v: %v",
@ -327,8 +327,8 @@ func (c *Core) unloadMounts() error {
return nil
}
func (c *Core) newBackend(t string, conf map[string]string) (logical.Backend, error) {
f, ok := c.backends[t]
func (c *Core) newLogicalBackend(t string, conf map[string]string) (logical.Backend, error) {
f, ok := c.logicalBackends[t]
if !ok {
return nil, fmt.Errorf("unknown backend type: %s", t)
}