backport of commit 9ace8751ff0df06058043b92343ceab2121c2bbd (#21727)

Co-authored-by: divyaac <divya.chandrasekaran@hashicorp.com>
2023-07-10 15:52:42 -04:00 · 2023-07-10 15:52:42 -04:00 · 48247cdec6
parent be5249a6dd
commit 48247cdec6
6 changed files with 41 additions and 0 deletions
--- a/changelog/21681.txt
+++ b/changelog/21681.txt
@ -0,0 +1,3 @@
+```release-note:improvement
+sys/metrics (enterprise): Adds a gauge metric that tracks whether enterprise builtin secret plugins are enabled.
+```
--- a/helper/builtinplugins/registry_util.go
+++ b/helper/builtinplugins/registry_util.go
@ -0,0 +1,10 @@
+//go:build !enterprise
+
+package builtinplugins
+
+import "github.com/hashicorp/vault/sdk/helper/consts"
+
+// IsBuiltinEntPlugin checks whether the plugin is an enterprise only builtin plugin
+func (r *registry) IsBuiltinEntPlugin(name string, pluginType consts.PluginType) bool {
+	return false
+}
--- a/helper/testhelpers/corehelpers/corehelpers.go
+++ b/helper/testhelpers/corehelpers/corehelpers.go
@ -26,6 +26,8 @@ import (
 	"github.com/mitchellh/go-testing-interface"
 )

+var externalPlugins = []string{"transform", "kmip", "keymgmt"}
+
 // RetryUntil runs f until it returns a nil result or the timeout is reached.
 // If a nil result hasn't been obtained by timeout, calls t.Fatal.
 func RetryUntil(t testing.T, timeout time.Duration, f func() error) {
@ -180,10 +182,23 @@ func (m *mockBuiltinRegistry) Keys(pluginType consts.PluginType) []string {
 			"pending-removal-test-plugin",
 			"approle",
 		}
+
+	case consts.PluginTypeSecrets:
+		return append(externalPlugins, "kv")
 	}
+
 	return []string{}
 }

+func (r *mockBuiltinRegistry) IsBuiltinEntPlugin(name string, pluginType consts.PluginType) bool {
+	for _, i := range externalPlugins {
+		if i == name {
+			return true
+		}
+	}
+	return false
+}
+
 func (m *mockBuiltinRegistry) Contains(name string, pluginType consts.PluginType) bool {
 	for _, key := range m.Keys(pluginType) {
 		if key == name {
--- a/vault/core.go
+++ b/vault/core.go
@ -3181,6 +3181,7 @@ type BuiltinRegistry interface {
 	Get(name string, pluginType consts.PluginType) (func() (interface{}, error), bool)
 	Keys(pluginType consts.PluginType) []string
 	DeprecationStatus(name string, pluginType consts.PluginType) (consts.DeprecationStatus, bool)
+	IsBuiltinEntPlugin(name string, pluginType consts.PluginType) bool
 }

 func (c *Core) AuditLogger() AuditLogger {
--- a/vault/mount.go
+++ b/vault/mount.go
@ -728,6 +728,10 @@ func (c *Core) mountInternal(ctx context.Context, entry *MountEntry, updateStora
 	if err := c.router.Mount(backend, entry.Path, entry, view); err != nil {
 		return err
 	}
+	if err = c.entBuiltinPluginMetrics(ctx, entry, 1); err != nil {
+		c.logger.Error("failed to emit enabled ent builtin plugin metrics", "error", err)
+		return err
+	}

 	// Re-evaluate filtered paths
 	if err := runFilteredPathsEvaluation(ctx, c, false); err != nil {
@ -915,6 +919,10 @@ func (c *Core) unmountInternal(ctx context.Context, path string, updateStorage b
 	if err := c.router.Unmount(ctx, path); err != nil {
 		return err
 	}
+	if err = c.entBuiltinPluginMetrics(ctx, entry, -1); err != nil {
+		c.logger.Error("failed to emit disabled ent builtin plugin metrics", "error", err)
+		return err
+	}

 	removePathCheckers(c, entry, viewPath)

--- a/vault/mount_util.go
+++ b/vault/mount_util.go
@ -72,3 +72,7 @@ func (c *Core) mountEntrySysView(entry *MountEntry) extendedSystemView {
 	}
 	return c.NewAcmeBillingSystemView(esi)
 }
+
+func (c *Core) entBuiltinPluginMetrics(ctx context.Context, entry *MountEntry, val float32) error {
+	return nil
+}