Remove grace periods

2016-01-31 19:33:16 -05:00 · 2016-01-31 19:33:16 -05:00 · 627082b838
parent e2bc72ccdd
commit 627082b838
5 changed files with 19 additions and 82 deletions
--- a/builtin/logical/cassandra/path_roles.go
+++ b/builtin/logical/cassandra/path_roles.go
@ -54,12 +54,6 @@ template values are '{{username}}' and
 				Default:     "4h",
 				Description: "The lease length; defaults to 4 hours",
 			},
-
-			"lease_grace_period": &framework.FieldSchema{
-				Type:        framework.TypeString,
-				Default:     "1h",
-				Description: `DEPRECATED: this has no effect`,
-			},
 		},

 		Callbacks: map[logical.Operation]framework.OperationFunc{
@ -130,16 +124,8 @@ func (b *backend) pathRoleCreate(
 			"Error parsing lease value of %s: %s", leaseRaw, err)), nil
 	}

-	leaseGracePeriodRaw := data.Get("lease_grace_period").(string)
-	leaseGracePeriod, err := time.ParseDuration(leaseGracePeriodRaw)
-	if err != nil {
-		return logical.ErrorResponse(fmt.Sprintf(
-			"Error parsing lease_grace value of %s: %s", leaseGracePeriodRaw, err)), nil
-	}
-
 	entry := &roleEntry{
 		Lease:       lease,
-		LeaseGracePeriod: leaseGracePeriod,
 		CreationCQL: creationCQL,
 		RollbackCQL: rollbackCQL,
 	}
@ -159,7 +145,6 @@ func (b *backend) pathRoleCreate(
 type roleEntry struct {
 	CreationCQL string        `json:"creation_cql" structs:"creation_cql"`
 	Lease       time.Duration `json:"lease" structs:"lease"`
-	LeaseGracePeriod time.Duration `json:"lease_grace_period" structs:"lease_grace_period"`
 	RollbackCQL string        `json:"rollback_cql" structs:"rollback_cql"`
 }

--- a/logical/framework/secret.go
+++ b/logical/framework/secret.go
@ -19,13 +19,13 @@ type Secret struct {
 	// the structure of this secret.
 	Fields map[string]*FieldSchema

-	// DefaultDuration and DefaultGracePeriod are the default values for
-	// the duration of the lease for this secret and its grace period. These
-	// can be manually overwritten with the result of Response().
+	// DefaultDuration is the default value for the duration of the lease for
+	// this secret. This can be manually overwritten with the result of
+	// Response().
 	//
-	// If these aren't set, Vault core will set a default lease period.
+	// If these aren't set, Vault core will set a default lease period which
+	// may come from a mount tuning.
 	DefaultDuration time.Duration
-	DefaultGracePeriod time.Duration

 	// Renew is the callback called to renew this secret. If Renew is
 	// not specified then renewable is set to false in the secret.
@ -52,7 +52,6 @@ func (s *Secret) Response(
 		Secret: &logical.Secret{
 			LeaseOptions: logical.LeaseOptions{
 				TTL:       s.DefaultDuration,
-				GracePeriod: s.DefaultGracePeriod,
 				Renewable: s.Renewable(),
 			},
 			InternalData: internalData,
--- a/logical/lease.go
+++ b/logical/lease.go
@ -6,9 +6,8 @@ import "time"
 // settings between a Secret and Auth
 type LeaseOptions struct {
 	// Lease is the duration that this secret is valid for. Vault
-	// will automatically revoke it after the duration + grace period.
+	// will automatically revoke it after the duration.
 	TTL time.Duration `json:"lease"`
-	GracePeriod time.Duration `json:"lease_grace_period"`

 	// Renewable, if true, means that this secret can be renewed.
 	Renewable bool `json:"renewable"`
@ -30,17 +29,13 @@ func (l *LeaseOptions) LeaseEnabled() bool {
 	return l.TTL > 0
 }

-// LeaseTotal is the total lease time including the grace period
+// LeaseTotal is the lease duration with a guard against a negative TTL
 func (l *LeaseOptions) LeaseTotal() time.Duration {
 	if l.TTL <= 0 {
 		return 0
 	}

-	if l.GracePeriod < 0 {
 	return l.TTL
-	}
-
-	return l.TTL + l.GracePeriod
 }

 // ExpirationTime computes the time until expiration including the grace period
--- a/logical/lease_test.go
+++ b/logical/lease_test.go
@ -19,11 +19,9 @@ func TestLeaseOptionsLeaseTotal(t *testing.T) {
 func TestLeaseOptionsLeaseTotal_grace(t *testing.T) {
 	var l LeaseOptions
 	l.TTL = 1 * time.Hour
-	l.GracePeriod = 30 * time.Minute

 	actual := l.LeaseTotal()
-	expected := l.TTL + l.GracePeriod
-	if actual != expected {
+	if actual != l.TTL {
 		t.Fatalf("bad: %s", actual)
 	}
 }
@ -31,7 +29,6 @@ func TestLeaseOptionsLeaseTotal_grace(t *testing.T) {
 func TestLeaseOptionsLeaseTotal_negLease(t *testing.T) {
 	var l LeaseOptions
 	l.TTL = -1 * 1 * time.Hour
-	l.GracePeriod = 30 * time.Minute

 	actual := l.LeaseTotal()
 	expected := time.Duration(0)
@ -40,18 +37,6 @@ func TestLeaseOptionsLeaseTotal_negLease(t *testing.T) {
 	}
 }

-func TestLeaseOptionsLeaseTotal_negGrace(t *testing.T) {
-	var l LeaseOptions
-	l.TTL = 1 * time.Hour
-	l.GracePeriod = -1 * 30 * time.Minute
-
-	actual := l.LeaseTotal()
-	expected := l.TTL
-	if actual != expected {
-		t.Fatalf("bad: %s", actual)
-	}
-}
-
 func TestLeaseOptionsExpirationTime(t *testing.T) {
 	var l LeaseOptions
 	l.TTL = 1 * time.Hour
@ -63,30 +48,6 @@ func TestLeaseOptionsExpirationTime(t *testing.T) {
 	}
 }

-func TestLeaseOptionsExpirationTime_grace(t *testing.T) {
-	var l LeaseOptions
-	l.TTL = 1 * time.Hour
-	l.GracePeriod = 30 * time.Minute
-
-	limit := time.Now().UTC().Add(time.Hour + 30*time.Minute)
-	actual := l.ExpirationTime()
-	if actual.Before(limit) {
-		t.Fatalf("bad: %s", actual)
-	}
-}
-
-func TestLeaseOptionsExpirationTime_graceNegative(t *testing.T) {
-	var l LeaseOptions
-	l.TTL = 1 * time.Hour
-	l.GracePeriod = -1 * 30 * time.Minute
-
-	limit := time.Now().UTC().Add(time.Hour)
-	actual := l.ExpirationTime()
-	if actual.Before(limit) {
-		t.Fatalf("bad: %s", actual)
-	}
-}
-
 func TestLeaseOptionsExpirationTime_noLease(t *testing.T) {
 	var l LeaseOptions
 	if !l.ExpirationTime().IsZero() {
--- a/logical/secret.go
+++ b/logical/secret.go
@ -21,9 +21,6 @@ func (s *Secret) Validate() error {
 	if s.TTL < 0 {
 		return fmt.Errorf("ttl duration must not be less than zero")
 	}
-	if s.GracePeriod < 0 {
-		return fmt.Errorf("grace period must not be less than zero")
-	}

 	return nil
 }