diff --git a/CHANGELOG.md b/CHANGELOG.md index 74e075aa1..5ddd6f107 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,8 +22,8 @@ IMPROVEMENTS: * core: Added Password Policies for user-configurable password generation [[GH-8637](https://github.com/hashicorp/vault/pull/8637)] * core: New telemetry metrics covering token counts, token creation, KV secret counts, lease creation. [[GH-9239](https://github.com/hashicorp/vault/pull/9239)] [[GH-9250](https://github.com/hashicorp/vault/pull/9250)] [[GH-9244](https://github.com/hashicorp/vault/pull/9244)] [[GH-9052](https://github.com/hashicorp/vault/pull/9052)] * cli: Support reading TLS parameters from file for the `vault operator raft join` command. [[GH-9060](https://github.com/hashicorp/vault/pull/9060)] -* plugin: Add SDK method, `Sys.ReloadPlugin`, and CLI command, `vault plugin reload`, - for reloading plugins. [[GH-8777](https://github.com/hashicorp/vault/pull/8777)] +* plugin: Add SDK method, `Sys.ReloadPlugin`, and CLI command, `vault plugin reload`, for reloading plugins. [[GH-8777](https://github.com/hashicorp/vault/pull/8777)] +* plugin (enterprise): Add a scope field to plugin reload, which when global, reloads the plugin anywhere in a cluster. [[GH-9340](https://github.com/hashicorp/vault/pull/9340)] * sdk/framework: Support accepting TypeFloat parameters over the API [[GH-8923](https://github.com/hashicorp/vault/pull/8923)] * secrets/aws: Add iam_groups parameter to role create/update [[GH-8811](https://github.com/hashicorp/vault/pull/8811)] * secrets/database: Add static role rotation for MongoDB Atlas database plugin [[GH-11](https://github.com/hashicorp/vault-plugin-database-mongodbatlas/pull/11)] diff --git a/api/sys_plugins.go b/api/sys_plugins.go index 01127e01b..e62c16336 100644 --- a/api/sys_plugins.go +++ b/api/sys_plugins.go @@ -5,6 +5,7 @@ import ( "errors" "fmt" "net/http" + "time" "github.com/hashicorp/vault/sdk/helper/consts" "github.com/mitchellh/mapstructure" @@ -232,15 +233,19 @@ type ReloadPluginInput struct { // Mounts is the array of string mount paths of the plugin backends to reload Mounts []string `json:"mounts"` + + // Scope is the scope of the plugin reload + Scope string `json:"scope"` } -// ReloadPlugin reloads mounted plugin backends -func (c *Sys) ReloadPlugin(i *ReloadPluginInput) error { +// ReloadPlugin reloads mounted plugin backends, possibly returning +// reloadId for a cluster scoped reload +func (c *Sys) ReloadPlugin(i *ReloadPluginInput) (string, error) { path := "/v1/sys/plugins/reload/backend" req := c.c.NewRequest(http.MethodPut, path) if err := req.SetJSONBody(i); err != nil { - return err + return "", err } ctx, cancelFunc := context.WithCancel(context.Background()) @@ -248,10 +253,62 @@ func (c *Sys) ReloadPlugin(i *ReloadPluginInput) error { resp, err := c.c.RawRequestWithContext(ctx, req) if err != nil { - return err + return "", err } defer resp.Body.Close() - return err + + if i.Scope == "cluster" { + // Get the reload id + secret, parseErr := ParseSecret(resp.Body) + if parseErr != nil { + return "", err + } + return secret.Data["reload_id"].(string), nil + } + return "", err +} + +type PluginReloadStatus struct { + Timestamp time.Time `json:"timestamp"` + Success bool `json:"success"` + Message string `json:"message"` +} + +type PluginReloadStatusResponse struct { + ReloadID string + Results map[string]interface{} +} + +// ReloadPluginStatusInput is used as input to the ReloadStatusPlugin function. +type ReloadPluginStatusInput struct { + // ReloadID is the ID of the reload operation + ReloadID string `json:"reload_id"` +} + +// ReloadPluginStatus retrieves the status of a reload operation +func (c *Sys) ReloadPluginStatus(reloadID string) (map[string]interface{}, error) { + path := "/v1/sys/plugins/reload/backend/status" + req := c.c.NewRequest(http.MethodGet, path) + req.Params.Add("reload_id", reloadID) + + ctx, cancelFunc := context.WithCancel(context.Background()) + defer cancelFunc() + + resp, err := c.c.RawRequestWithContext(ctx, req) + if err != nil { + return nil, err + } + defer resp.Body.Close() + if resp != nil { + secret, parseErr := ParseSecret(resp.Body) + if parseErr != nil { + return nil, err + } + + return secret.Data, nil + } + return nil, nil + } // catalogPathByType is a helper to construct the proper API path by plugin type diff --git a/command/commands.go b/command/commands.go index a679303fa..581d615ef 100644 --- a/command/commands.go +++ b/command/commands.go @@ -447,6 +447,11 @@ func initCommands(ui, serverCmdUi cli.Ui, runOpts *RunOptions) { BaseCommand: getBaseCommand(), }, nil }, + "plugin reload-status": func() (cli.Command, error) { + return &PluginReloadStatusCommand{ + BaseCommand: getBaseCommand(), + }, nil + }, "policy": func() (cli.Command, error) { return &PolicyCommand{ BaseCommand: getBaseCommand(), diff --git a/command/plugin_reload.go b/command/plugin_reload.go index d02553872..a288b61e7 100644 --- a/command/plugin_reload.go +++ b/command/plugin_reload.go @@ -16,6 +16,7 @@ type PluginReloadCommand struct { *BaseCommand plugin string mounts []string + scope string } func (c *PluginReloadCommand) Synopsis() string { @@ -58,6 +59,13 @@ func (c *PluginReloadCommand) Flags() *FlagSets { Usage: "Array or comma-separated string mount paths of the plugin backends to reload.", }) + f.StringVar(&StringVar{ + Name: "scope", + Target: &c.scope, + Completion: complete.PredictAnything, + Usage: `The scope of the reload, omitted for local, "cluster", for cluster-wide`, + }) + return set } @@ -84,6 +92,8 @@ func (c *PluginReloadCommand) Run(args []string) int { case c.plugin != "" && len(c.mounts) > 0: c.UI.Error(fmt.Sprintf("Too many arguments (expected 1, got %d)", len(args))) return 1 + case c.scope != "" && c.scope != "cluster": + c.UI.Error(fmt.Sprintf("Invalid reload scope: %s", c.scope)) } client, err := c.Client() @@ -92,18 +102,28 @@ func (c *PluginReloadCommand) Run(args []string) int { return 2 } - if err := client.Sys().ReloadPlugin(&api.ReloadPluginInput{ + rid, err := client.Sys().ReloadPlugin(&api.ReloadPluginInput{ Plugin: c.plugin, Mounts: c.mounts, - }); err != nil { + Scope: c.scope, + }) + if err != nil { c.UI.Error(fmt.Sprintf("Error reloading plugin/mounts: %s", err)) return 2 } if len(c.mounts) > 0 { - c.UI.Output(fmt.Sprintf("Success! Reloaded mounts: %s", c.mounts)) + if rid != "" { + c.UI.Output(fmt.Sprintf("Success! Reloading mounts: %s, reload_id: %s", c.mounts, rid)) + } else { + c.UI.Output(fmt.Sprintf("Success! Reloaded mounts: %s", c.mounts)) + } } else { - c.UI.Output(fmt.Sprintf("Success! Reloaded plugin: %s", c.plugin)) + if rid != "" { + c.UI.Output(fmt.Sprintf("Success! Reloading plugin: %s, reload_id: %s", c.plugin, rid)) + } else { + c.UI.Output(fmt.Sprintf("Success! Reloaded plugin: %s", c.mounts)) + } } return 0 diff --git a/go.mod b/go.mod index 134e89706..83f4d8734 100644 --- a/go.mod +++ b/go.mod @@ -12,10 +12,11 @@ require ( cloud.google.com/go/storage v1.6.0 github.com/Azure/azure-sdk-for-go v36.2.0+incompatible github.com/Azure/go-autorest/autorest v0.10.1 - github.com/Microsoft/hcsshim v0.8.9 // indirect + github.com/DataDog/zstd v1.4.4 // indirect github.com/NYTimes/gziphandler v1.1.1 github.com/SAP/go-hdb v0.14.1 github.com/Sectorbob/mlab-ns2 v0.0.0-20171030222938-d3aa0c295a8a + github.com/StackExchange/wmi v0.0.0-20180116203802-5d049714c4a6 // indirect github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20190620160927-9418d7b0cd0f github.com/aliyun/aliyun-oss-go-sdk v0.0.0-20190307165228-86c17b95fcd5 github.com/apple/foundationdb/bindings/go v0.0.0-20190411004307-cd5c9d91fad2 @@ -24,11 +25,16 @@ require ( github.com/armon/go-radix v1.0.0 github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf github.com/aws/aws-sdk-go v1.30.27 + github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932 // indirect + github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 // indirect github.com/chrismalek/oktasdk-go v0.0.0-20181212195951-3430665dfaa0 github.com/client9/misspell v0.3.4 github.com/cockroachdb/cockroach-go v0.0.0-20181001143604-e0a95dfd547c github.com/coreos/go-semver v0.2.0 github.com/denisenkom/go-mssqldb v0.0.0-20200428022330-06a60b6afbbc + github.com/dgrijalva/jwt-go v3.2.0+incompatible + github.com/dnaeon/go-vcr v1.0.1 // indirect + github.com/dsnet/compress v0.0.1 // indirect github.com/duosecurity/duo_api_golang v0.0.0-20190308151101-6c680f768e74 github.com/elazarl/go-bindata-assetfs v1.0.1-0.20200509193318-234c15e7648f github.com/fatih/color v1.9.0 @@ -37,10 +43,13 @@ require ( github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32 github.com/go-errors/errors v1.0.1 github.com/go-ldap/ldap/v3 v3.1.10 + github.com/go-ole/go-ole v1.2.1 // indirect github.com/go-sql-driver/mysql v1.5.0 github.com/go-test/deep v1.0.2 github.com/gocql/gocql v0.0.0-20190402132108-0e1d5de854df + github.com/gogo/protobuf v1.3.1 // indirect github.com/golang/protobuf v1.4.2 + github.com/golang/snappy v0.0.1 github.com/google/go-github v17.0.0+incompatible github.com/google/go-metrics-stackdriver v0.2.0 github.com/hashicorp/consul-template v0.25.0 @@ -49,13 +58,18 @@ require ( github.com/hashicorp/go-bindata v3.0.8-0.20180209072458-bf7910af8997+incompatible github.com/hashicorp/go-cleanhttp v0.5.1 github.com/hashicorp/go-gcp-common v0.6.0 - github.com/hashicorp/go-hclog v0.14.1 + github.com/hashicorp/go-hclog v0.13.0 + github.com/hashicorp/go-immutable-radix v1.1.0 + github.com/hashicorp/go-kmip v0.0.0-20200521195242-bc3798d6b119 github.com/hashicorp/go-kms-wrapping v0.5.10 + github.com/hashicorp/go-kms-wrapping-enterprise v0.5.1 + github.com/hashicorp/go-kms-wrapping/entropy v0.1.0 + github.com/hashicorp/go-licensing v1.1.1 github.com/hashicorp/go-memdb v1.0.2 github.com/hashicorp/go-msgpack v0.5.5 - github.com/hashicorp/go-multierror v1.1.0 + github.com/hashicorp/go-multierror v1.0.0 github.com/hashicorp/go-raftchunking v0.6.3-0.20191002164813-7e9e8525653a - github.com/hashicorp/go-retryablehttp v0.6.6 + github.com/hashicorp/go-retryablehttp v0.6.3 github.com/hashicorp/go-rootcerts v1.0.2 github.com/hashicorp/go-sockaddr v1.0.2 github.com/hashicorp/go-syslog v1.0.0 @@ -65,27 +79,31 @@ require ( github.com/hashicorp/nomad/api v0.0.0-20191220223628-edc62acd919d github.com/hashicorp/raft v1.1.3-0.20200501224250-c95aa91e604e github.com/hashicorp/raft-snapshot v1.0.2-0.20190827162939-8117efcc5aab + github.com/hashicorp/sentinel v0.14.4 + github.com/hashicorp/sentinel-sdk v0.3.7 github.com/hashicorp/vault-plugin-auth-alicloud v0.5.5 - github.com/hashicorp/vault-plugin-auth-azure v0.5.6-0.20200422235613-1b5c70f9ef68 + github.com/hashicorp/vault-plugin-auth-azure v0.5.5 github.com/hashicorp/vault-plugin-auth-centrify v0.5.5 github.com/hashicorp/vault-plugin-auth-cf v0.5.4 - github.com/hashicorp/vault-plugin-auth-gcp v0.6.2-0.20200428223335-82bd3a3ad5b3 - github.com/hashicorp/vault-plugin-auth-jwt v0.7.0 - github.com/hashicorp/vault-plugin-auth-kerberos v0.1.6 - github.com/hashicorp/vault-plugin-auth-kubernetes v0.6.2 + github.com/hashicorp/vault-plugin-auth-gcp v0.6.1 + github.com/hashicorp/vault-plugin-auth-jwt v0.6.2 + github.com/hashicorp/vault-plugin-auth-kerberos v0.1.5 + github.com/hashicorp/vault-plugin-auth-kubernetes v0.6.1 github.com/hashicorp/vault-plugin-auth-oci v0.5.5 github.com/hashicorp/vault-plugin-database-elasticsearch v0.5.4 - github.com/hashicorp/vault-plugin-database-mongodbatlas v0.1.2-0.20200520204052-f840e9d4895c + github.com/hashicorp/vault-plugin-database-mongodbatlas v0.1.0-beta1.0.20200521152755-9cf156a44f9c github.com/hashicorp/vault-plugin-secrets-ad v0.6.6 github.com/hashicorp/vault-plugin-secrets-alicloud v0.5.5 - github.com/hashicorp/vault-plugin-secrets-azure v0.6.1 + github.com/hashicorp/vault-plugin-secrets-azure v0.5.6 github.com/hashicorp/vault-plugin-secrets-gcp v0.6.3-0.20200615210754-6c617f9285c3 github.com/hashicorp/vault-plugin-secrets-gcpkms v0.5.5 + github.com/hashicorp/vault-plugin-secrets-kmip v0.1.3 github.com/hashicorp/vault-plugin-secrets-kv v0.5.5 github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.1.2 - github.com/hashicorp/vault-plugin-secrets-openldap v0.1.4-0.20200618161832-cae59ebde561 - github.com/hashicorp/vault/api v1.0.5-0.20200519221902-385fac77e20f - github.com/hashicorp/vault/sdk v0.1.14-0.20200527182800-ad90e0b39d2f + github.com/hashicorp/vault-plugin-secrets-openldap v0.1.3 + github.com/hashicorp/vault-plugin-secrets-transform v0.1.3 + github.com/hashicorp/vault/api v1.0.5-0.20200619171258-e54ddc909815 + github.com/hashicorp/vault/sdk v0.1.14-0.20200615191832-d4b3c4b29c62 github.com/influxdata/influxdb v0.0.0-20190411212539-d24b7ba8c4c4 github.com/jcmturner/gokrb5/v8 v8.0.0 github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f @@ -93,8 +111,8 @@ require ( github.com/joyent/triton-go v1.7.1-0.20200416154420-6801d15b779f github.com/keybase/go-crypto v0.0.0-20190403132359-d65b6b94177f github.com/kr/pretty v0.2.0 - github.com/kr/text v0.2.0 - github.com/lib/pq v1.2.0 + github.com/kr/text v0.1.0 + github.com/lib/pq v1.3.0 github.com/mattn/go-colorable v0.1.6 github.com/mholt/archiver v3.1.1+incompatible github.com/michaelklishin/rabbit-hole v0.0.0-20191008194146-93d9988f0cd5 @@ -103,11 +121,12 @@ require ( github.com/mitchellh/go-homedir v1.1.0 github.com/mitchellh/go-testing-interface v1.0.0 github.com/mitchellh/gox v1.0.1 - github.com/mitchellh/mapstructure v1.3.2 + github.com/mitchellh/mapstructure v1.2.2 github.com/mitchellh/reflectwalk v1.0.1 github.com/mongodb/go-client-mongodb-atlas v0.1.2 github.com/natefinch/atomic v0.0.0-20150920032501-a62ce929ffcc github.com/ncw/swift v1.0.47 + github.com/nwaples/rardecode v1.0.0 // indirect github.com/oklog/run v1.0.0 github.com/okta/okta-sdk-golang v1.0.1 github.com/oracle/oci-go-sdk v12.5.0+incompatible @@ -119,27 +138,30 @@ require ( github.com/pquerna/otp v1.2.1-0.20191009055518-468c2dd2b58d github.com/prometheus/client_golang v1.4.0 github.com/prometheus/common v0.9.1 - github.com/rboyer/safeio v0.2.1 github.com/ryanuber/columnize v2.1.0+incompatible github.com/ryanuber/go-glob v1.0.0 github.com/samuel/go-zookeeper v0.0.0-20180130194729-c4fab1ac1bec github.com/sasha-s/go-deadlock v0.2.0 github.com/shirou/gopsutil v2.19.9+incompatible + github.com/shirou/w32 v0.0.0-20160930032740-bb4de0191aa4 // indirect github.com/stretchr/testify v1.5.1 + github.com/tidwall/pretty v1.0.0 // indirect + github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c // indirect + github.com/xdg/stringprep v1.0.0 // indirect + github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect go.etcd.io/bbolt v1.3.4 go.etcd.io/etcd v0.5.0-alpha.5.0.20200425165423-262c93980547 go.mongodb.org/mongo-driver v1.2.1 go.uber.org/atomic v1.6.0 - golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 - golang.org/x/net v0.0.0-20200602114024-627f9648deb9 + golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 + golang.org/x/net v0.0.0-20200519113804-d87ec0cfa476 golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d - golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1 - golang.org/x/tools v0.0.0-20200416214402-fc959738d646 + golang.org/x/tools v0.0.0-20200513201620-d5fe73897c97 google.golang.org/api v0.24.0 google.golang.org/grpc v1.29.1 google.golang.org/protobuf v1.24.0 gopkg.in/mgo.v2 v2.0.0-20180705113604-9856a29383ce gopkg.in/ory-am/dockertest.v3 v3.3.4 - gopkg.in/square/go-jose.v2 v2.5.1 + gopkg.in/square/go-jose.v2 v2.4.1 layeh.com/radius v0.0.0-20190322222518-890bc1058917 ) diff --git a/vault/logical_system.go b/vault/logical_system.go index b49006185..59660c14f 100644 --- a/vault/logical_system.go +++ b/vault/logical_system.go @@ -29,6 +29,7 @@ import ( "github.com/hashicorp/vault/helper/monitor" "github.com/hashicorp/vault/helper/namespace" "github.com/hashicorp/vault/helper/random" + "github.com/hashicorp/vault/physical/raft" "github.com/hashicorp/vault/sdk/framework" "github.com/hashicorp/vault/sdk/helper/consts" "github.com/hashicorp/vault/sdk/helper/jsonutil" @@ -40,6 +41,7 @@ import ( ) const maxBytes = 128 * 1024 +const clusterScope = "cluster" func systemBackendMemDBSchema() *memdb.DBSchema { systemSchema := &memdb.DBSchema{ @@ -112,9 +114,11 @@ func NewSystemBackend(core *Core, logger log.Logger) *SystemBackend { "replication/performance/status", "replication/dr/status", "replication/dr/secondary/promote", + "replication/dr/secondary/disable", "replication/dr/secondary/update-primary", "replication/dr/secondary/operation-token/delete", "replication/dr/secondary/license", + "replication/dr/secondary/recover", "replication/dr/secondary/reindex", "storage/raft/bootstrap/challenge", "storage/raft/bootstrap/answer", @@ -160,13 +164,12 @@ func NewSystemBackend(core *Core, logger log.Logger) *SystemBackend { b.Backend.Paths = append(b.Backend.Paths, b.metricsPath()) b.Backend.Paths = append(b.Backend.Paths, b.monitorPath()) b.Backend.Paths = append(b.Backend.Paths, b.hostInfoPath()) - b.Backend.Paths = append(b.Backend.Paths, b.quotasPaths()...) if core.rawEnabled { b.Backend.Paths = append(b.Backend.Paths, b.rawPaths()...) } - if backend := core.getRaftBackend(); backend != nil { + if _, ok := core.underlyingPhysical.(*raft.RaftBackend); ok { b.Backend.Paths = append(b.Backend.Paths, b.raftStoragePaths()...) } @@ -434,6 +437,7 @@ func (b *SystemBackend) handlePluginCatalogDelete(ctx context.Context, req *logi func (b *SystemBackend) handlePluginReloadUpdate(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) { pluginName := d.Get("plugin").(string) pluginMounts := d.Get("mounts").([]string) + scope := d.Get("scope").(string) if pluginName != "" && len(pluginMounts) > 0 { return logical.ErrorResponse("plugin and mounts cannot be set at the same time"), nil @@ -443,18 +447,30 @@ func (b *SystemBackend) handlePluginReloadUpdate(ctx context.Context, req *logic } if pluginName != "" { - err := b.Core.reloadMatchingPlugin(ctx, pluginName) + err := b.Core.reloadMatchingPlugin(ctx, pluginName, time.Now()) if err != nil { return nil, err } } else if len(pluginMounts) > 0 { - err := b.Core.reloadMatchingPluginMounts(ctx, pluginMounts) + err := b.Core.reloadMatchingPluginMounts(ctx, pluginMounts, time.Now()) if err != nil { return nil, err } + } else { + return nil, nil } - return nil, nil + r := logical.Response{ + Data: map[string]interface{}{ + "reload_id": req.ID, + }, + } + + if scope == clusterScope { + go handleClusterPluginReload(b, req.ID, pluginName, pluginMounts) + return logical.RespondWithStatusCode(&r, req, http.StatusAccepted) + } + return &r, nil } // handleAuditedHeaderUpdate creates or overwrites a header entry @@ -670,6 +686,7 @@ func mountInfo(entry *MountEntry) map[string]interface{} { "external_entropy_access": entry.ExternalEntropyAccess, "options": entry.Options, "uuid": entry.UUID, + "started_time": entry.StartedTime, } entryConfig := map[string]interface{}{ "default_lease_ttl": int64(entry.Config.DefaultLeaseTTL.Seconds()), @@ -752,7 +769,7 @@ func (b *SystemBackend) handleMount(ctx context.Context, req *logical.Request, d // Get all the options path := data.Get("path").(string) - path = sanitizePath(path) + path = sanitizeMountPath(path) logicalType := data.Get("type").(string) description := data.Get("description").(string) @@ -935,7 +952,7 @@ func handleErrorNoReadOnlyForward( // handleUnmount is used to unmount a path func (b *SystemBackend) handleUnmount(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { path := data.Get("path").(string) - path = sanitizePath(path) + path = sanitizeMountPath(path) ns, err := namespace.FromContext(ctx) if err != nil { @@ -1030,12 +1047,6 @@ func (b *SystemBackend) handleRemount(ctx context.Context, req *logical.Request, return handleError(err) } - // Update quotas with the new path - if err := b.Core.quotaManager.HandleRemount(ctx, ns.Path, sanitizePath(fromPath), sanitizePath(toPath)); err != nil { - b.Core.logger.Error("failed to update quotas after remount", "ns_path", ns.Path, "from_path", fromPath, "to_path", toPath, "error", err) - return handleError(err) - } - return nil, nil } @@ -1067,7 +1078,7 @@ func (b *SystemBackend) handleMountTuneRead(ctx context.Context, req *logical.Re // handleTuneReadCommon returns the config settings of a path func (b *SystemBackend) handleTuneReadCommon(ctx context.Context, path string) (*logical.Response, error) { - path = sanitizePath(path) + path = sanitizeMountPath(path) sysView := b.Core.router.MatchingSystemView(ctx, path) if sysView == nil { @@ -1153,7 +1164,7 @@ func (b *SystemBackend) handleMountTuneWrite(ctx context.Context, req *logical.R func (b *SystemBackend) handleTuneWriteCommon(ctx context.Context, path string, data *framework.FieldData) (*logical.Response, error) { repState := b.Core.ReplicationState() - path = sanitizePath(path) + path = sanitizeMountPath(path) // Prevent protected paths from being changed for _, p := range untunableMounts { @@ -1723,7 +1734,7 @@ func (b *SystemBackend) handleEnableAuth(ctx context.Context, req *logical.Reque // Get all the options path := data.Get("path").(string) - path = sanitizePath(path) + path = sanitizeMountPath(path) logicalType := data.Get("type").(string) description := data.Get("description").(string) pluginName := data.Get("plugin_name").(string) @@ -1864,7 +1875,7 @@ func (b *SystemBackend) handleEnableAuth(ctx context.Context, req *logical.Reque // handleDisableAuth is used to disable a credential backend func (b *SystemBackend) handleDisableAuth(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { path := data.Get("path").(string) - path = sanitizePath(path) + path = sanitizeMountPath(path) ns, err := namespace.FromContext(ctx) if err != nil { @@ -2279,7 +2290,7 @@ func (b *SystemBackend) handleAuditHash(ctx context.Context, req *logical.Reques return logical.ErrorResponse("the \"input\" parameter is empty"), nil } - path = sanitizePath(path) + path = sanitizeMountPath(path) hash, err := b.Core.auditBroker.GetHash(ctx, path, input) if err != nil { @@ -3222,7 +3233,8 @@ func (b *SystemBackend) pathInternalUIMountsRead(ctx context.Context, req *logic b.Core.mountsLock.RLock() for _, entry := range b.Core.mounts.Entries { - filtered, err := b.Core.checkReplicatedFiltering(ctx, entry, "") + ctxWithNamespace := namespace.ContextWithNamespace(ctx, entry.Namespace()) + filtered, err := b.Core.checkReplicatedFiltering(ctxWithNamespace, entry, "") if err != nil { b.Core.mountsLock.RUnlock() return nil, err @@ -3248,7 +3260,8 @@ func (b *SystemBackend) pathInternalUIMountsRead(ctx context.Context, req *logic b.Core.authLock.RLock() for _, entry := range b.Core.auth.Entries { - filtered, err := b.Core.checkReplicatedFiltering(ctx, entry, credentialRoutePrefix) + ctxWithNamespace := namespace.ContextWithNamespace(ctx, entry.Namespace()) + filtered, err := b.Core.checkReplicatedFiltering(ctxWithNamespace, entry, credentialRoutePrefix) if err != nil { b.Core.authLock.RUnlock() return nil, err @@ -3280,7 +3293,7 @@ func (b *SystemBackend) pathInternalUIMountRead(ctx context.Context, req *logica if path == "" { return logical.ErrorResponse("path not set"), logical.ErrInvalidRequest } - path = sanitizePath(path) + path = sanitizeMountPath(path) errResp := logical.ErrorResponse(fmt.Sprintf("preflight capability check returned 403, please ensure client's policies grant access to path %q", path)) @@ -3598,7 +3611,7 @@ func (b *SystemBackend) pathInternalOpenAPI(ctx context.Context, req *logical.Re return resp, nil } -func sanitizePath(path string) string { +func sanitizeMountPath(path string) string { if !strings.HasSuffix(path, "/") { path += "/" } @@ -4267,6 +4280,14 @@ This path responds to the following HTTP methods. `The mount paths of the plugin backends to reload.`, "", }, + "plugin-backend-reload-scope": { + `The scope of the reload`, + `Either absent or the empty string for local reload, or "cluster" for a cluster wide reload`, + }, + "plugin-reload-backend-status": { + `Retrieve the status of a cluster-wide plugin reload`, + "", + }, "hash": { "Generate a hash sum for input data", "Generates a hash sum of the given algorithm against the given input data.", diff --git a/vault/logical_system_helpers.go b/vault/logical_system_helpers.go index 14cee1f0d..456720544 100644 --- a/vault/logical_system_helpers.go +++ b/vault/logical_system_helpers.go @@ -84,6 +84,12 @@ var ( }, } } + handleClusterPluginReload = func(*SystemBackend, string, string, []string) error { + return nil + } + handleSetupPluginReload = func(*SystemBackend) error { + return nil + } checkRaw = func(b *SystemBackend, path string) error { return nil } ) diff --git a/vault/logical_system_integ_test.go b/vault/logical_system_integ_test.go index fef2a44eb..68c8701b0 100644 --- a/vault/logical_system_integ_test.go +++ b/vault/logical_system_integ_test.go @@ -2,6 +2,9 @@ package vault_test import ( "fmt" + "github.com/hashicorp/vault/helper/testhelpers" + "github.com/hashicorp/vault/helper/testhelpers/teststorage" + "github.com/hashicorp/vault/sdk/helper/logging" "io/ioutil" "os" "path/filepath" @@ -441,6 +444,18 @@ func TestSystemBackend_Plugin_reload(t *testing.T) { t.Run("mounts", func(t *testing.T) { testSystemBackend_PluginReload(t, data) }) } +func TestSystemBackend_Plugin_reload(t *testing.T) { + data := map[string]interface{}{ + "plugin": "mock-plugin", + } + t.Run("plugin", func(t *testing.T) { testSystemBackend_PluginReload(t, data) }) + + data = map[string]interface{}{ + "mounts": "mock-0/,mock-1/", + } + t.Run("mounts", func(t *testing.T) { testSystemBackend_PluginReload(t, data) }) +} + // Helper func to test different reload methods on plugin reload endpoint func testSystemBackend_PluginReload(t *testing.T, reqData map[string]interface{}) { cluster := testSystemBackendMock(t, 1, 2, logical.TypeLogical) diff --git a/vault/logical_system_paths.go b/vault/logical_system_paths.go index eb36e4f37..da109dc02 100644 --- a/vault/logical_system_paths.go +++ b/vault/logical_system_paths.go @@ -708,13 +708,17 @@ func (b *SystemBackend) pluginsReloadPath() *framework.Path { Type: framework.TypeCommaStringSlice, Description: strings.TrimSpace(sysHelp["plugin-backend-reload-mounts"][0]), }, + "scope": &framework.FieldSchema{ + Type: framework.TypeString, + Description: strings.TrimSpace(sysHelp["plugin-backend-reload-scope"][0]), + }, }, Operations: map[logical.Operation]framework.OperationHandler{ logical.UpdateOperation: &framework.PathOperation{ Callback: b.handlePluginReloadUpdate, Summary: "Reload mounted plugin backends.", - Description: "Either the plugin name (`plugin`) or the desired plugin backend mounts (`mounts`) must be provided, but not both. In the case that the plugin name is provided, all mounted paths that use that plugin backend will be reloaded.", + Description: "Either the plugin name (`plugin`) or the desired plugin backend mounts (`mounts`) must be provided, but not both. In the case that the plugin name is provided, all mounted paths that use that plugin backend will be reloaded. If (`scope`) is provided and is (`cluster`), the plugin(s) are reloaded cluster wide.", }, }, @@ -722,7 +726,6 @@ func (b *SystemBackend) pluginsReloadPath() *framework.Path { HelpDescription: strings.TrimSpace(sysHelp["plugin-reload"][1]), } } - func (b *SystemBackend) toolsPaths() []*framework.Path { return []*framework.Path{ { diff --git a/vault/logical_system_raft.go b/vault/logical_system_raft.go index cd04d0efa..ea4ae023b 100644 --- a/vault/logical_system_raft.go +++ b/vault/logical_system_raft.go @@ -7,15 +7,14 @@ import ( "errors" "strings" - "github.com/hashicorp/vault/sdk/framework" - "github.com/hashicorp/vault/sdk/logical" - "github.com/hashicorp/vault/sdk/physical" - proto "github.com/golang/protobuf/proto" wrapping "github.com/hashicorp/go-kms-wrapping" uuid "github.com/hashicorp/go-uuid" "github.com/hashicorp/vault/helper/namespace" "github.com/hashicorp/vault/physical/raft" + "github.com/hashicorp/vault/sdk/framework" + "github.com/hashicorp/vault/sdk/logical" + "github.com/hashicorp/vault/sdk/physical" ) // raftStoragePaths returns paths for use when raft is the storage mechanism. @@ -133,12 +132,13 @@ func (b *SystemBackend) raftStoragePaths() []*framework.Path { func (b *SystemBackend) handleRaftConfigurationGet() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) { - raftBackend := b.Core.getRaftBackend() - if raftBackend == nil { + + raftStorage, ok := b.Core.underlyingPhysical.(*raft.RaftBackend) + if !ok { return logical.ErrorResponse("raft storage is not in use"), logical.ErrInvalidRequest } - config, err := raftBackend.GetConfiguration(ctx) + config, err := raftStorage.GetConfiguration(ctx) if err != nil { return nil, err } @@ -158,12 +158,12 @@ func (b *SystemBackend) handleRaftRemovePeerUpdate() framework.OperationFunc { return logical.ErrorResponse("no server id provided"), logical.ErrInvalidRequest } - raftBackend := b.Core.getRaftBackend() - if raftBackend == nil { + raftStorage, ok := b.Core.underlyingPhysical.(*raft.RaftBackend) + if !ok { return logical.ErrorResponse("raft storage is not in use"), logical.ErrInvalidRequest } - if err := raftBackend.RemovePeer(ctx, serverID); err != nil { + if err := raftStorage.RemovePeer(ctx, serverID); err != nil { return nil, err } if b.Core.raftFollowerStates != nil { @@ -221,8 +221,8 @@ func (b *SystemBackend) handleRaftBootstrapChallengeWrite() framework.OperationF func (b *SystemBackend) handleRaftBootstrapAnswerWrite() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) { - raftBackend := b.Core.getRaftBackend() - if raftBackend == nil { + raftStorage, ok := b.Core.underlyingPhysical.(*raft.RaftBackend) + if !ok { return logical.ErrorResponse("raft storage is not in use"), logical.ErrInvalidRequest } @@ -271,9 +271,9 @@ func (b *SystemBackend) handleRaftBootstrapAnswerWrite() framework.OperationFunc switch nonVoter { case true: - err = raftBackend.AddNonVotingPeer(ctx, serverID, clusterAddr) + err = raftStorage.AddNonVotingPeer(ctx, serverID, clusterAddr) default: - err = raftBackend.AddPeer(ctx, serverID, clusterAddr) + err = raftStorage.AddPeer(ctx, serverID, clusterAddr) } if err != nil { return nil, err @@ -283,7 +283,7 @@ func (b *SystemBackend) handleRaftBootstrapAnswerWrite() framework.OperationFunc b.Core.raftFollowerStates.update(serverID, 0) } - peers, err := raftBackend.Peers(ctx) + peers, err := raftStorage.Peers(ctx) if err != nil { return nil, err } diff --git a/vault/logical_system_test.go b/vault/logical_system_test.go index 296719e13..14a725a2f 100644 --- a/vault/logical_system_test.go +++ b/vault/logical_system_test.go @@ -2654,7 +2654,7 @@ func TestSystemBackend_PathWildcardPreflight(t *testing.T) { // Add another mount me := &MountEntry{ Table: mountTableType, - Path: sanitizePath("kv-v1"), + Path: sanitizeMountPath("kv-v1"), Type: "kv", Options: map[string]string{"version": "1"}, } diff --git a/vault/plugin_reload.go b/vault/plugin_reload.go index 3b38c1a44..0ff9370f8 100644 --- a/vault/plugin_reload.go +++ b/vault/plugin_reload.go @@ -4,6 +4,7 @@ import ( "context" "fmt" "strings" + "time" "github.com/hashicorp/vault/helper/namespace" @@ -15,7 +16,7 @@ import ( // reloadPluginMounts reloads provided mounts, regardless of // plugin name, as long as the backend type is plugin. -func (c *Core) reloadMatchingPluginMounts(ctx context.Context, mounts []string) error { +func (c *Core) reloadMatchingPluginMounts(ctx context.Context, mounts []string, reloadTime time.Time) error { c.mountsLock.RLock() defer c.mountsLock.RUnlock() c.authLock.RLock() @@ -34,6 +35,10 @@ func (c *Core) reloadMatchingPluginMounts(ctx context.Context, mounts []string) continue } + if entry.StartedTime.After(reloadTime) { + continue + } + var isAuth bool fullPath := c.router.MatchingMount(ctx, mount) if strings.HasPrefix(fullPath, credentialRoutePrefix) { @@ -58,7 +63,7 @@ func (c *Core) reloadMatchingPluginMounts(ctx context.Context, mounts []string) // reloadPlugin reloads all mounted backends that are of // plugin pluginName (name of the plugin as registered in // the plugin catalog). -func (c *Core) reloadMatchingPlugin(ctx context.Context, pluginName string) error { +func (c *Core) reloadMatchingPlugin(ctx context.Context, pluginName string, reloadTime time.Time) error { c.mountsLock.RLock() defer c.mountsLock.RUnlock() c.authLock.RLock() @@ -75,7 +80,7 @@ func (c *Core) reloadMatchingPlugin(ctx context.Context, pluginName string) erro if ns.ID != entry.Namespace().ID { continue } - if entry.Type == pluginName || (entry.Type == "plugin" && entry.Config.PluginName == pluginName) { + if entry.Type == pluginName || (entry.Type == "plugin" && entry.Config.PluginName == pluginName) && reloadTime.After(entry.StartedTime) { err := c.reloadBackendCommon(ctx, entry, false) if err != nil { return err @@ -195,3 +200,7 @@ func (c *Core) reloadBackendCommon(ctx context.Context, entry *MountEntry, isAut return nil } + +func (c *Core) setupPluginReload() error { + return handleSetupPluginReload(c.systemBackend) +} diff --git a/vault/request_forwarding_rpc.go b/vault/request_forwarding_rpc.go index fc6b65ffb..4fa8cfde6 100644 --- a/vault/request_forwarding_rpc.go +++ b/vault/request_forwarding_rpc.go @@ -8,6 +8,7 @@ import ( "time" "github.com/hashicorp/vault/helper/forwarding" + "github.com/hashicorp/vault/physical/raft" "github.com/hashicorp/vault/sdk/helper/consts" "github.com/hashicorp/vault/vault/replication" ) @@ -81,11 +82,9 @@ func (s *forwardedRequestRPCServer) Echo(ctx context.Context, in *EchoRequest) ( ReplicationState: uint32(s.core.ReplicationState()), } - if raftBackend := s.core.getRaftBackend(); raftBackend != nil { - if !s.core.isRaftHAOnly() { - reply.RaftAppliedIndex = raftBackend.AppliedIndex() - reply.RaftNodeID = raftBackend.NodeID() - } + if raftStorage, ok := s.core.underlyingPhysical.(*raft.RaftBackend); ok { + reply.RaftAppliedIndex = raftStorage.AppliedIndex() + reply.RaftNodeID = raftStorage.NodeID() } return reply, nil @@ -112,11 +111,9 @@ func (c *forwardingClient) startHeartbeat() { ClusterAddr: clusterAddr, } - if raftBackend := c.core.getRaftBackend(); raftBackend != nil { - if !c.core.isRaftHAOnly() { - req.RaftAppliedIndex = raftBackend.AppliedIndex() - req.RaftNodeID = raftBackend.NodeID() - } + if raftStorage, ok := c.core.underlyingPhysical.(*raft.RaftBackend); ok { + req.RaftAppliedIndex = raftStorage.AppliedIndex() + req.RaftNodeID = raftStorage.NodeID() } ctx, cancel := context.WithTimeout(c.echoContext, 2*time.Second) diff --git a/vault/request_forwarding_service.pb.go b/vault/request_forwarding_service.pb.go index b8db7ed07..bb381f59a 100644 --- a/vault/request_forwarding_service.pb.go +++ b/vault/request_forwarding_service.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.22.0 -// protoc v3.11.4 +// protoc-gen-go v1.24.0 +// protoc v3.6.1 // source: vault/request_forwarding_service.proto package vault @@ -41,9 +41,10 @@ type EchoRequest struct { ClusterAddr string `protobuf:"bytes,2,opt,name=cluster_addr,json=clusterAddr,proto3" json:"cluster_addr,omitempty"` // ClusterAddrs is used to send up a list of cluster addresses to a dr // primary from a dr secondary - ClusterAddrs []string `protobuf:"bytes,3,rep,name=cluster_addrs,json=clusterAddrs,proto3" json:"cluster_addrs,omitempty"` - RaftAppliedIndex uint64 `protobuf:"varint,4,opt,name=raft_applied_index,json=raftAppliedIndex,proto3" json:"raft_applied_index,omitempty"` - RaftNodeID string `protobuf:"bytes,5,opt,name=raft_node_id,json=raftNodeId,proto3" json:"raft_node_id,omitempty"` + ClusterAddrs []string `protobuf:"bytes,3,rep,name=cluster_addrs,json=clusterAddrs,proto3" json:"cluster_addrs,omitempty"` + RaftAppliedIndex uint64 `protobuf:"varint,4,opt,name=raft_applied_index,json=raftAppliedIndex,proto3" json:"raft_applied_index,omitempty"` + RaftNodeID string `protobuf:"bytes,5,opt,name=raft_node_id,json=raftNodeId,proto3" json:"raft_node_id,omitempty"` + NodeInfo *NodeInformation `protobuf:"bytes,6,opt,name=node_info,json=nodeInfo,proto3" json:"node_info,omitempty"` } func (x *EchoRequest) Reset() { @@ -113,16 +114,24 @@ func (x *EchoRequest) GetRaftNodeID() string { return "" } +func (x *EchoRequest) GetNodeInfo() *NodeInformation { + if x != nil { + return x.NodeInfo + } + return nil +} + type EchoReply struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` - ClusterAddrs []string `protobuf:"bytes,2,rep,name=cluster_addrs,json=clusterAddrs,proto3" json:"cluster_addrs,omitempty"` - ReplicationState uint32 `protobuf:"varint,3,opt,name=replication_state,json=replicationState,proto3" json:"replication_state,omitempty"` - RaftAppliedIndex uint64 `protobuf:"varint,4,opt,name=raft_applied_index,json=raftAppliedIndex,proto3" json:"raft_applied_index,omitempty"` - RaftNodeID string `protobuf:"bytes,5,opt,name=raft_node_id,json=raftNodeId,proto3" json:"raft_node_id,omitempty"` + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` + ClusterAddrs []string `protobuf:"bytes,2,rep,name=cluster_addrs,json=clusterAddrs,proto3" json:"cluster_addrs,omitempty"` + ReplicationState uint32 `protobuf:"varint,3,opt,name=replication_state,json=replicationState,proto3" json:"replication_state,omitempty"` + RaftAppliedIndex uint64 `protobuf:"varint,4,opt,name=raft_applied_index,json=raftAppliedIndex,proto3" json:"raft_applied_index,omitempty"` + RaftNodeID string `protobuf:"bytes,5,opt,name=raft_node_id,json=raftNodeId,proto3" json:"raft_node_id,omitempty"` + NodeInfo *NodeInformation `protobuf:"bytes,6,opt,name=node_info,json=nodeInfo,proto3" json:"node_info,omitempty"` } func (x *EchoReply) Reset() { @@ -192,6 +201,92 @@ func (x *EchoReply) GetRaftNodeID() string { return "" } +func (x *EchoReply) GetNodeInfo() *NodeInformation { + if x != nil { + return x.NodeInfo + } + return nil +} + +type NodeInformation struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ClusterAddr string `protobuf:"bytes,1,opt,name=cluster_addr,json=clusterAddr,proto3" json:"cluster_addr,omitempty"` + ApiAddr string `protobuf:"bytes,2,opt,name=api_addr,json=apiAddr,proto3" json:"api_addr,omitempty"` + Mode string `protobuf:"bytes,3,opt,name=mode,proto3" json:"mode,omitempty"` + NodeID string `protobuf:"bytes,4,opt,name=node_id,json=nodeId,proto3" json:"node_id,omitempty"` + ReplicationState uint32 `protobuf:"varint,5,opt,name=replication_state,json=replicationState,proto3" json:"replication_state,omitempty"` +} + +func (x *NodeInformation) Reset() { + *x = NodeInformation{} + if protoimpl.UnsafeEnabled { + mi := &file_vault_request_forwarding_service_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NodeInformation) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NodeInformation) ProtoMessage() {} + +func (x *NodeInformation) ProtoReflect() protoreflect.Message { + mi := &file_vault_request_forwarding_service_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NodeInformation.ProtoReflect.Descriptor instead. +func (*NodeInformation) Descriptor() ([]byte, []int) { + return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{2} +} + +func (x *NodeInformation) GetClusterAddr() string { + if x != nil { + return x.ClusterAddr + } + return "" +} + +func (x *NodeInformation) GetApiAddr() string { + if x != nil { + return x.ApiAddr + } + return "" +} + +func (x *NodeInformation) GetMode() string { + if x != nil { + return x.Mode + } + return "" +} + +func (x *NodeInformation) GetNodeID() string { + if x != nil { + return x.NodeID + } + return "" +} + +func (x *NodeInformation) GetReplicationState() uint32 { + if x != nil { + return x.ReplicationState + } + return 0 +} + type ClientKey struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -206,7 +301,7 @@ type ClientKey struct { func (x *ClientKey) Reset() { *x = ClientKey{} if protoimpl.UnsafeEnabled { - mi := &file_vault_request_forwarding_service_proto_msgTypes[2] + mi := &file_vault_request_forwarding_service_proto_msgTypes[3] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -219,7 +314,7 @@ func (x *ClientKey) String() string { func (*ClientKey) ProtoMessage() {} func (x *ClientKey) ProtoReflect() protoreflect.Message { - mi := &file_vault_request_forwarding_service_proto_msgTypes[2] + mi := &file_vault_request_forwarding_service_proto_msgTypes[3] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -232,7 +327,7 @@ func (x *ClientKey) ProtoReflect() protoreflect.Message { // Deprecated: Use ClientKey.ProtoReflect.Descriptor instead. func (*ClientKey) Descriptor() ([]byte, []int) { - return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{2} + return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{3} } func (x *ClientKey) GetType() string { @@ -272,7 +367,7 @@ type PerfStandbyElectionInput struct { func (x *PerfStandbyElectionInput) Reset() { *x = PerfStandbyElectionInput{} if protoimpl.UnsafeEnabled { - mi := &file_vault_request_forwarding_service_proto_msgTypes[3] + mi := &file_vault_request_forwarding_service_proto_msgTypes[4] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -285,7 +380,7 @@ func (x *PerfStandbyElectionInput) String() string { func (*PerfStandbyElectionInput) ProtoMessage() {} func (x *PerfStandbyElectionInput) ProtoReflect() protoreflect.Message { - mi := &file_vault_request_forwarding_service_proto_msgTypes[3] + mi := &file_vault_request_forwarding_service_proto_msgTypes[4] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -298,7 +393,7 @@ func (x *PerfStandbyElectionInput) ProtoReflect() protoreflect.Message { // Deprecated: Use PerfStandbyElectionInput.ProtoReflect.Descriptor instead. func (*PerfStandbyElectionInput) Descriptor() ([]byte, []int) { - return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{3} + return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{4} } type PerfStandbyElectionResponse struct { @@ -317,7 +412,7 @@ type PerfStandbyElectionResponse struct { func (x *PerfStandbyElectionResponse) Reset() { *x = PerfStandbyElectionResponse{} if protoimpl.UnsafeEnabled { - mi := &file_vault_request_forwarding_service_proto_msgTypes[4] + mi := &file_vault_request_forwarding_service_proto_msgTypes[5] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -330,7 +425,7 @@ func (x *PerfStandbyElectionResponse) String() string { func (*PerfStandbyElectionResponse) ProtoMessage() {} func (x *PerfStandbyElectionResponse) ProtoReflect() protoreflect.Message { - mi := &file_vault_request_forwarding_service_proto_msgTypes[4] + mi := &file_vault_request_forwarding_service_proto_msgTypes[5] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -343,7 +438,7 @@ func (x *PerfStandbyElectionResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use PerfStandbyElectionResponse.ProtoReflect.Descriptor instead. func (*PerfStandbyElectionResponse) Descriptor() ([]byte, []int) { - return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{4} + return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{5} } func (x *PerfStandbyElectionResponse) GetID() string { @@ -395,7 +490,7 @@ var file_vault_request_forwarding_service_proto_rawDesc = []byte{ 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x05, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x1a, 0x1d, 0x68, 0x65, 0x6c, 0x70, 0x65, 0x72, 0x2f, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, - 0x6e, 0x67, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xbf, + 0x6e, 0x67, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xf4, 0x01, 0x0a, 0x0b, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73, @@ -408,58 +503,76 @@ var file_vault_request_forwarding_service_proto_rawDesc = []byte{ 0x66, 0x74, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x65, 0x64, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x20, 0x0a, 0x0c, 0x72, 0x61, 0x66, 0x74, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x61, 0x66, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x64, - 0x22, 0xc7, 0x01, 0x0a, 0x09, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x18, - 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x63, 0x6c, 0x75, 0x73, - 0x74, 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, - 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x73, 0x12, 0x2b, 0x0a, - 0x11, 0x72, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x74, 0x61, - 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x10, 0x72, 0x65, 0x70, 0x6c, 0x69, 0x63, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x2c, 0x0a, 0x12, 0x72, 0x61, - 0x66, 0x74, 0x5f, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x65, 0x64, 0x5f, 0x69, 0x6e, 0x64, 0x65, 0x78, - 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x10, 0x72, 0x61, 0x66, 0x74, 0x41, 0x70, 0x70, 0x6c, - 0x69, 0x65, 0x64, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x20, 0x0a, 0x0c, 0x72, 0x61, 0x66, 0x74, - 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, - 0x72, 0x61, 0x66, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x64, 0x22, 0x49, 0x0a, 0x09, 0x43, 0x6c, - 0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x0c, 0x0a, 0x01, 0x78, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x01, 0x78, 0x12, 0x0c, 0x0a, 0x01, 0x79, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x0c, 0x52, 0x01, 0x79, 0x12, 0x0c, 0x0a, 0x01, 0x64, 0x18, 0x04, 0x20, 0x01, - 0x28, 0x0c, 0x52, 0x01, 0x64, 0x22, 0x1a, 0x0a, 0x18, 0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, - 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x70, 0x75, - 0x74, 0x22, 0xe9, 0x01, 0x0a, 0x1b, 0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, - 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, - 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, - 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x49, 0x64, - 0x12, 0x30, 0x0a, 0x14, 0x70, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x5f, 0x63, 0x6c, 0x75, 0x73, - 0x74, 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, - 0x70, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x41, 0x64, - 0x64, 0x72, 0x12, 0x17, 0x0a, 0x07, 0x63, 0x61, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x18, 0x04, 0x20, - 0x01, 0x28, 0x0c, 0x52, 0x06, 0x63, 0x61, 0x43, 0x65, 0x72, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x63, - 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c, - 0x52, 0x0a, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x12, 0x2f, 0x0a, 0x0a, - 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x10, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4b, - 0x65, 0x79, 0x52, 0x09, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x32, 0xf0, 0x01, - 0x0a, 0x11, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, - 0x69, 0x6e, 0x67, 0x12, 0x3d, 0x0a, 0x0e, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x52, 0x65, - 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x13, 0x2e, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, - 0x6e, 0x67, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x66, 0x6f, 0x72, - 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, - 0x22, 0x00, 0x12, 0x2e, 0x0a, 0x04, 0x45, 0x63, 0x68, 0x6f, 0x12, 0x12, 0x2e, 0x76, 0x61, 0x75, - 0x6c, 0x74, 0x2e, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x10, - 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, 0x70, 0x6c, 0x79, - 0x22, 0x00, 0x12, 0x6c, 0x0a, 0x21, 0x50, 0x65, 0x72, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x6e, 0x63, - 0x65, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, - 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1f, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, - 0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, - 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x1a, 0x22, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, - 0x2e, 0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, - 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x30, 0x01, - 0x42, 0x22, 0x5a, 0x20, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, - 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2f, 0x76, - 0x61, 0x75, 0x6c, 0x74, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x12, 0x33, 0x0a, 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x4e, 0x6f, 0x64, 0x65, + 0x49, 0x6e, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x08, 0x6e, 0x6f, 0x64, + 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x22, 0xfc, 0x01, 0x0a, 0x09, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, + 0x70, 0x6c, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x23, 0x0a, + 0x0d, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x73, 0x18, 0x02, + 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x41, 0x64, 0x64, + 0x72, 0x73, 0x12, 0x2b, 0x0a, 0x11, 0x72, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x10, 0x72, + 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, + 0x2c, 0x0a, 0x12, 0x72, 0x61, 0x66, 0x74, 0x5f, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x65, 0x64, 0x5f, + 0x69, 0x6e, 0x64, 0x65, 0x78, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x10, 0x72, 0x61, 0x66, + 0x74, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x65, 0x64, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x20, 0x0a, + 0x0c, 0x72, 0x61, 0x66, 0x74, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x61, 0x66, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x64, 0x12, + 0x33, 0x0a, 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x06, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x49, + 0x6e, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x08, 0x6e, 0x6f, 0x64, 0x65, + 0x49, 0x6e, 0x66, 0x6f, 0x22, 0xa9, 0x01, 0x0a, 0x0f, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, + 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73, + 0x74, 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, + 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x12, 0x19, 0x0a, 0x08, 0x61, + 0x70, 0x69, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x61, + 0x70, 0x69, 0x41, 0x64, 0x64, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x12, 0x17, 0x0a, 0x07, 0x6e, 0x6f, + 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6e, 0x6f, 0x64, + 0x65, 0x49, 0x64, 0x12, 0x2b, 0x0a, 0x11, 0x72, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x10, + 0x72, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, + 0x22, 0x49, 0x0a, 0x09, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x12, 0x12, 0x0a, + 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, + 0x65, 0x12, 0x0c, 0x0a, 0x01, 0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x01, 0x78, 0x12, + 0x0c, 0x0a, 0x01, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x01, 0x79, 0x12, 0x0c, 0x0a, + 0x01, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x01, 0x64, 0x22, 0x1a, 0x0a, 0x18, 0x50, + 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, + 0x6f, 0x6e, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x22, 0xe9, 0x01, 0x0a, 0x1b, 0x50, 0x65, 0x72, 0x66, + 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x63, 0x6c, 0x75, 0x73, 0x74, + 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x63, 0x6c, 0x75, + 0x73, 0x74, 0x65, 0x72, 0x49, 0x64, 0x12, 0x30, 0x0a, 0x14, 0x70, 0x72, 0x69, 0x6d, 0x61, 0x72, + 0x79, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x70, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x43, 0x6c, 0x75, + 0x73, 0x74, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x12, 0x17, 0x0a, 0x07, 0x63, 0x61, 0x5f, 0x63, + 0x65, 0x72, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x63, 0x61, 0x43, 0x65, 0x72, + 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, + 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0a, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, + 0x72, 0x74, 0x12, 0x2f, 0x0a, 0x0a, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6b, 0x65, 0x79, + 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x43, + 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x52, 0x09, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, + 0x4b, 0x65, 0x79, 0x32, 0xf0, 0x01, 0x0a, 0x11, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x46, + 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x12, 0x3d, 0x0a, 0x0e, 0x46, 0x6f, 0x72, + 0x77, 0x61, 0x72, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x13, 0x2e, 0x66, 0x6f, + 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x14, 0x2e, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x2e, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x2e, 0x0a, 0x04, 0x45, 0x63, 0x68, 0x6f, + 0x12, 0x12, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x10, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x45, 0x63, 0x68, + 0x6f, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x6c, 0x0a, 0x21, 0x50, 0x65, 0x72, 0x66, + 0x6f, 0x72, 0x6d, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, + 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1f, 0x2e, + 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, + 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x1a, 0x22, + 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64, + 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0x00, 0x30, 0x01, 0x42, 0x22, 0x5a, 0x20, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, + 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x76, + 0x61, 0x75, 0x6c, 0x74, 0x2f, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x33, } var ( @@ -474,29 +587,32 @@ func file_vault_request_forwarding_service_proto_rawDescGZIP() []byte { return file_vault_request_forwarding_service_proto_rawDescData } -var file_vault_request_forwarding_service_proto_msgTypes = make([]protoimpl.MessageInfo, 5) +var file_vault_request_forwarding_service_proto_msgTypes = make([]protoimpl.MessageInfo, 6) var file_vault_request_forwarding_service_proto_goTypes = []interface{}{ (*EchoRequest)(nil), // 0: vault.EchoRequest (*EchoReply)(nil), // 1: vault.EchoReply - (*ClientKey)(nil), // 2: vault.ClientKey - (*PerfStandbyElectionInput)(nil), // 3: vault.PerfStandbyElectionInput - (*PerfStandbyElectionResponse)(nil), // 4: vault.PerfStandbyElectionResponse - (*forwarding.Request)(nil), // 5: forwarding.Request - (*forwarding.Response)(nil), // 6: forwarding.Response + (*NodeInformation)(nil), // 2: vault.NodeInformation + (*ClientKey)(nil), // 3: vault.ClientKey + (*PerfStandbyElectionInput)(nil), // 4: vault.PerfStandbyElectionInput + (*PerfStandbyElectionResponse)(nil), // 5: vault.PerfStandbyElectionResponse + (*forwarding.Request)(nil), // 6: forwarding.Request + (*forwarding.Response)(nil), // 7: forwarding.Response } var file_vault_request_forwarding_service_proto_depIDxs = []int32{ - 2, // 0: vault.PerfStandbyElectionResponse.client_key:type_name -> vault.ClientKey - 5, // 1: vault.RequestForwarding.ForwardRequest:input_type -> forwarding.Request - 0, // 2: vault.RequestForwarding.Echo:input_type -> vault.EchoRequest - 3, // 3: vault.RequestForwarding.PerformanceStandbyElectionRequest:input_type -> vault.PerfStandbyElectionInput - 6, // 4: vault.RequestForwarding.ForwardRequest:output_type -> forwarding.Response - 1, // 5: vault.RequestForwarding.Echo:output_type -> vault.EchoReply - 4, // 6: vault.RequestForwarding.PerformanceStandbyElectionRequest:output_type -> vault.PerfStandbyElectionResponse - 4, // [4:7] is the sub-list for method output_type - 1, // [1:4] is the sub-list for method input_type - 1, // [1:1] is the sub-list for extension type_name - 1, // [1:1] is the sub-list for extension extendee - 0, // [0:1] is the sub-list for field type_name + 2, // 0: vault.EchoRequest.node_info:type_name -> vault.NodeInformation + 2, // 1: vault.EchoReply.node_info:type_name -> vault.NodeInformation + 3, // 2: vault.PerfStandbyElectionResponse.client_key:type_name -> vault.ClientKey + 6, // 3: vault.RequestForwarding.ForwardRequest:input_type -> forwarding.Request + 0, // 4: vault.RequestForwarding.Echo:input_type -> vault.EchoRequest + 4, // 5: vault.RequestForwarding.PerformanceStandbyElectionRequest:input_type -> vault.PerfStandbyElectionInput + 7, // 6: vault.RequestForwarding.ForwardRequest:output_type -> forwarding.Response + 1, // 7: vault.RequestForwarding.Echo:output_type -> vault.EchoReply + 5, // 8: vault.RequestForwarding.PerformanceStandbyElectionRequest:output_type -> vault.PerfStandbyElectionResponse + 6, // [6:9] is the sub-list for method output_type + 3, // [3:6] is the sub-list for method input_type + 3, // [3:3] is the sub-list for extension type_name + 3, // [3:3] is the sub-list for extension extendee + 0, // [0:3] is the sub-list for field type_name } func init() { file_vault_request_forwarding_service_proto_init() } @@ -530,7 +646,7 @@ func file_vault_request_forwarding_service_proto_init() { } } file_vault_request_forwarding_service_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ClientKey); i { + switch v := v.(*NodeInformation); i { case 0: return &v.state case 1: @@ -542,7 +658,7 @@ func file_vault_request_forwarding_service_proto_init() { } } file_vault_request_forwarding_service_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*PerfStandbyElectionInput); i { + switch v := v.(*ClientKey); i { case 0: return &v.state case 1: @@ -554,6 +670,18 @@ func file_vault_request_forwarding_service_proto_init() { } } file_vault_request_forwarding_service_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PerfStandbyElectionInput); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_vault_request_forwarding_service_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*PerfStandbyElectionResponse); i { case 0: return &v.state @@ -572,7 +700,7 @@ func file_vault_request_forwarding_service_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_vault_request_forwarding_service_proto_rawDesc, NumEnums: 0, - NumMessages: 5, + NumMessages: 6, NumExtensions: 0, NumServices: 1, }, diff --git a/vendor/github.com/hashicorp/vault/api/sys_plugins.go b/vendor/github.com/hashicorp/vault/api/sys_plugins.go index 01127e01b..d18c3e1d8 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_plugins.go +++ b/vendor/github.com/hashicorp/vault/api/sys_plugins.go @@ -5,6 +5,7 @@ import ( "errors" "fmt" "net/http" + "time" "github.com/hashicorp/vault/sdk/helper/consts" "github.com/mitchellh/mapstructure" @@ -232,15 +233,19 @@ type ReloadPluginInput struct { // Mounts is the array of string mount paths of the plugin backends to reload Mounts []string `json:"mounts"` + + // Scope is the scope of the plugin reload + Scope string `json:"scope"` } -// ReloadPlugin reloads mounted plugin backends -func (c *Sys) ReloadPlugin(i *ReloadPluginInput) error { +// ReloadPlugin reloads mounted plugin backends, possibly returning +// reloadId for a cluster scoped reload +func (c *Sys) ReloadPlugin(i *ReloadPluginInput) (string, error) { path := "/v1/sys/plugins/reload/backend" req := c.c.NewRequest(http.MethodPut, path) if err := req.SetJSONBody(i); err != nil { - return err + return "", err } ctx, cancelFunc := context.WithCancel(context.Background()) @@ -248,10 +253,63 @@ func (c *Sys) ReloadPlugin(i *ReloadPluginInput) error { resp, err := c.c.RawRequestWithContext(ctx, req) if err != nil { - return err + return "", err } defer resp.Body.Close() - return err + + if i.Scope == "cluster" { + // Get the reload id + secret, parseErr := ParseSecret(resp.Body) + if parseErr != nil { + return "", err + } + return secret.Data["reload_id"].(string), nil + } + return "", err +} + +type PluginReloadStatus struct { + Timestamp time.Time `json:"timestamp"` + Success bool `json:"success"` + Message string `json:"message"` +} + +type PluginReloadStatusResponse struct { + ReloadID string + Results map[string]interface{} +} + +// ReloadPluginStatusInput is used as input to the ReloadStatusPlugin function. +type ReloadPluginStatusInput struct { + // ReloadID is the ID of the reload operation + ReloadID string `json:"reload_id"` +} + +// ReloadPluginStatus retrieves the status of a reload operation +func (c *Sys) ReloadPluginStatus(reloadID string) (map[string]interface{}, error) { + path := "/v1/sys/plugins/reload/backend/status" + req := c.c.NewRequest(http.MethodGet, path) + req.Params.Add("reload_id", reloadID) + + ctx, cancelFunc := context.WithCancel(context.Background()) + defer cancelFunc() + + resp, err := c.c.RawRequestWithContext(ctx, req) + if err != nil { + return nil, err + } + defer resp.Body.Close() + if resp != nil { + secret, parseErr := ParseSecret(resp.Body) + if parseErr != nil { + return nil, err + } + + + return secret.Data, nil + } + return nil, nil + } // catalogPathByType is a helper to construct the proper API path by plugin type diff --git a/vendor/modules.txt b/vendor/modules.txt index fe4ac1487..139d4be26 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -60,11 +60,9 @@ github.com/DataDog/zstd github.com/Jeffail/gabs # github.com/Masterminds/semver v1.4.2 github.com/Masterminds/semver -# github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5 +# github.com/Microsoft/go-winio v0.4.14 github.com/Microsoft/go-winio github.com/Microsoft/go-winio/pkg/guid -# github.com/Microsoft/hcsshim v0.8.9 -github.com/Microsoft/hcsshim/osversion # github.com/NYTimes/gziphandler v1.1.1 github.com/NYTimes/gziphandler # github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 @@ -200,22 +198,19 @@ github.com/client9/misspell github.com/client9/misspell/cmd/misspell # github.com/cloudfoundry-community/go-cfclient v0.0.0-20190201205600-f136f9222381 github.com/cloudfoundry-community/go-cfclient +# github.com/cockroachdb/apd v1.1.0 +github.com/cockroachdb/apd # github.com/cockroachdb/cockroach-go v0.0.0-20181001143604-e0a95dfd547c github.com/cockroachdb/cockroach-go/crdb -# github.com/containerd/containerd v1.3.4 -github.com/containerd/containerd/errdefs -# github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc -github.com/containerd/continuity/fs +# github.com/containerd/continuity v0.0.0-20191214063359-1097c8bae83b github.com/containerd/continuity/pathdriver -github.com/containerd/continuity/syscallx -github.com/containerd/continuity/sysx # github.com/coreos/go-oidc v2.1.0+incompatible github.com/coreos/go-oidc # github.com/coreos/go-semver v0.2.0 github.com/coreos/go-semver/semver # github.com/coreos/go-systemd/v22 v22.0.0 github.com/coreos/go-systemd/v22/journal -# github.com/davecgh/go-spew v1.1.1 +# github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc github.com/davecgh/go-spew/spew # github.com/denisenkom/go-mssqldb v0.0.0-20200428022330-06a60b6afbbc github.com/denisenkom/go-mssqldb @@ -226,41 +221,8 @@ github.com/denisenkom/go-mssqldb/internal/querytext github.com/dgrijalva/jwt-go # github.com/dimchansky/utfbom v1.1.0 github.com/dimchansky/utfbom -# github.com/docker/distribution v2.7.1+incompatible -github.com/docker/distribution/digestset -github.com/docker/distribution/reference -github.com/docker/distribution/registry/api/errcode -# github.com/docker/docker v1.4.2-0.20200319182547-c7ad2b866182 -github.com/docker/docker/api -github.com/docker/docker/api/types -github.com/docker/docker/api/types/blkiodev -github.com/docker/docker/api/types/container -github.com/docker/docker/api/types/events -github.com/docker/docker/api/types/filters -github.com/docker/docker/api/types/image -github.com/docker/docker/api/types/mount -github.com/docker/docker/api/types/network -github.com/docker/docker/api/types/registry -github.com/docker/docker/api/types/strslice -github.com/docker/docker/api/types/swarm -github.com/docker/docker/api/types/swarm/runtime -github.com/docker/docker/api/types/time -github.com/docker/docker/api/types/versions -github.com/docker/docker/api/types/volume -github.com/docker/docker/client -github.com/docker/docker/errdefs -github.com/docker/docker/pkg/archive -github.com/docker/docker/pkg/fileutils -github.com/docker/docker/pkg/idtools -github.com/docker/docker/pkg/ioutils -github.com/docker/docker/pkg/longpath -github.com/docker/docker/pkg/mount -github.com/docker/docker/pkg/pools -github.com/docker/docker/pkg/system # github.com/docker/go-connections v0.4.0 github.com/docker/go-connections/nat -github.com/docker/go-connections/sockets -github.com/docker/go-connections/tlsconfig # github.com/docker/go-units v0.4.0 github.com/docker/go-units # github.com/dsnet/compress v0.0.1 @@ -376,12 +338,37 @@ github.com/hashicorp/errwrap github.com/hashicorp/go-bindata # github.com/hashicorp/go-cleanhttp v0.5.1 github.com/hashicorp/go-cleanhttp +# github.com/hashicorp/go-fpe v0.0.0-20200302182253-52932d2c7705 +github.com/hashicorp/go-fpe/ff3-1 # github.com/hashicorp/go-gcp-common v0.6.0 github.com/hashicorp/go-gcp-common/gcputil -# github.com/hashicorp/go-hclog v0.14.1 +# github.com/hashicorp/go-hclog v0.13.0 github.com/hashicorp/go-hclog # github.com/hashicorp/go-immutable-radix v1.1.0 github.com/hashicorp/go-immutable-radix +# github.com/hashicorp/go-kmip v0.0.0-20200521195242-bc3798d6b119 +github.com/hashicorp/go-kmip/audit +github.com/hashicorp/go-kmip/client +github.com/hashicorp/go-kmip/conns +github.com/hashicorp/go-kmip/encoding/json +github.com/hashicorp/go-kmip/encoding/ttlv +github.com/hashicorp/go-kmip/env +github.com/hashicorp/go-kmip/handler +github.com/hashicorp/go-kmip/kmip +github.com/hashicorp/go-kmip/kmip/types/attr +github.com/hashicorp/go-kmip/kmip/types/bo +github.com/hashicorp/go-kmip/kmip/types/data +github.com/hashicorp/go-kmip/kmip/types/enum +github.com/hashicorp/go-kmip/kmip/types/errs +github.com/hashicorp/go-kmip/kmip/types/field +github.com/hashicorp/go-kmip/kmip/types/mask +github.com/hashicorp/go-kmip/kmip/types/message +github.com/hashicorp/go-kmip/kmip/types/mo +github.com/hashicorp/go-kmip/kmip/types/payload +github.com/hashicorp/go-kmip/kmip/types/tag +github.com/hashicorp/go-kmip/server +github.com/hashicorp/go-kmip/storage +github.com/hashicorp/go-kmip/util # github.com/hashicorp/go-kms-wrapping v0.5.10 github.com/hashicorp/go-kms-wrapping github.com/hashicorp/go-kms-wrapping/internal/xor @@ -392,13 +379,20 @@ github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms github.com/hashicorp/go-kms-wrapping/wrappers/ocikms github.com/hashicorp/go-kms-wrapping/wrappers/transit +# github.com/hashicorp/go-kms-wrapping-enterprise v0.5.1 +github.com/hashicorp/go-kms-wrapping-enterprise/internal/permitpool +github.com/hashicorp/go-kms-wrapping-enterprise/wrappers/awskms +github.com/hashicorp/go-kms-wrapping-enterprise/wrappers/pkcs11 +github.com/hashicorp/go-kms-wrapping-enterprise/wrappers/transit # github.com/hashicorp/go-kms-wrapping/entropy v0.1.0 github.com/hashicorp/go-kms-wrapping/entropy +# github.com/hashicorp/go-licensing v1.1.1 +github.com/hashicorp/go-licensing # github.com/hashicorp/go-memdb v1.0.2 github.com/hashicorp/go-memdb # github.com/hashicorp/go-msgpack v0.5.5 github.com/hashicorp/go-msgpack/codec -# github.com/hashicorp/go-multierror v1.1.0 +# github.com/hashicorp/go-multierror v1.0.0 github.com/hashicorp/go-multierror # github.com/hashicorp/go-plugin v1.0.1 github.com/hashicorp/go-plugin @@ -406,7 +400,7 @@ github.com/hashicorp/go-plugin/internal/plugin # github.com/hashicorp/go-raftchunking v0.6.3-0.20191002164813-7e9e8525653a github.com/hashicorp/go-raftchunking github.com/hashicorp/go-raftchunking/types -# github.com/hashicorp/go-retryablehttp v0.6.6 +# github.com/hashicorp/go-retryablehttp v0.6.3 github.com/hashicorp/go-retryablehttp # github.com/hashicorp/go-rootcerts v1.0.2 github.com/hashicorp/go-rootcerts @@ -442,6 +436,41 @@ github.com/hashicorp/nomad/api/contexts github.com/hashicorp/raft # github.com/hashicorp/raft-snapshot v1.0.2-0.20190827162939-8117efcc5aab github.com/hashicorp/raft-snapshot +# github.com/hashicorp/sentinel v0.14.4 +github.com/hashicorp/sentinel/cmd/format +github.com/hashicorp/sentinel/imports/decimal +github.com/hashicorp/sentinel/imports/http +github.com/hashicorp/sentinel/imports/json +github.com/hashicorp/sentinel/imports/runtime +github.com/hashicorp/sentinel/imports/sockaddr +github.com/hashicorp/sentinel/imports/static +github.com/hashicorp/sentinel/imports/static/teststructs +github.com/hashicorp/sentinel/imports/stdlib +github.com/hashicorp/sentinel/imports/strings +github.com/hashicorp/sentinel/imports/time +github.com/hashicorp/sentinel/imports/types +github.com/hashicorp/sentinel/imports/units +github.com/hashicorp/sentinel/lang/ast +github.com/hashicorp/sentinel/lang/object +github.com/hashicorp/sentinel/lang/parser +github.com/hashicorp/sentinel/lang/printer +github.com/hashicorp/sentinel/lang/scanner +github.com/hashicorp/sentinel/lang/semantic +github.com/hashicorp/sentinel/lang/token +github.com/hashicorp/sentinel/runtime/encoding +github.com/hashicorp/sentinel/runtime/eval +github.com/hashicorp/sentinel/runtime/importer +github.com/hashicorp/sentinel/runtime/parameterizer +github.com/hashicorp/sentinel/runtime/parameterizer/scoped +github.com/hashicorp/sentinel/runtime/trace +github.com/hashicorp/sentinel/sentinel +github.com/hashicorp/sentinel/version +# github.com/hashicorp/sentinel-sdk v0.3.7 +github.com/hashicorp/sentinel-sdk +github.com/hashicorp/sentinel-sdk/encoding +github.com/hashicorp/sentinel-sdk/framework +github.com/hashicorp/sentinel-sdk/proto/go +github.com/hashicorp/sentinel-sdk/rpc # github.com/hashicorp/serf v0.8.3 github.com/hashicorp/serf/coordinate # github.com/hashicorp/vault-plugin-auth-alicloud v0.5.5 @@ -461,11 +490,11 @@ github.com/hashicorp/vault-plugin-auth-cf/util # github.com/hashicorp/vault-plugin-auth-gcp v0.6.1 github.com/hashicorp/vault-plugin-auth-gcp/plugin github.com/hashicorp/vault-plugin-auth-gcp/plugin/cache -# github.com/hashicorp/vault-plugin-auth-jwt v0.7.0 +# github.com/hashicorp/vault-plugin-auth-jwt v0.6.2 github.com/hashicorp/vault-plugin-auth-jwt -# github.com/hashicorp/vault-plugin-auth-kerberos v0.1.6 +# github.com/hashicorp/vault-plugin-auth-kerberos v0.1.5 github.com/hashicorp/vault-plugin-auth-kerberos -# github.com/hashicorp/vault-plugin-auth-kubernetes v0.6.2 +# github.com/hashicorp/vault-plugin-auth-kubernetes v0.6.1 github.com/hashicorp/vault-plugin-auth-kubernetes # github.com/hashicorp/vault-plugin-auth-oci v0.5.5 github.com/hashicorp/vault-plugin-auth-oci @@ -480,7 +509,7 @@ github.com/hashicorp/vault-plugin-secrets-ad/plugin/util # github.com/hashicorp/vault-plugin-secrets-alicloud v0.5.5 github.com/hashicorp/vault-plugin-secrets-alicloud github.com/hashicorp/vault-plugin-secrets-alicloud/clients -# github.com/hashicorp/vault-plugin-secrets-azure v0.6.1 +# github.com/hashicorp/vault-plugin-secrets-azure v0.5.6 github.com/hashicorp/vault-plugin-secrets-azure # github.com/hashicorp/vault-plugin-secrets-gcp v0.6.3-0.20200615210754-6c617f9285c3 github.com/hashicorp/vault-plugin-secrets-gcp/plugin @@ -488,16 +517,20 @@ github.com/hashicorp/vault-plugin-secrets-gcp/plugin/iamutil github.com/hashicorp/vault-plugin-secrets-gcp/plugin/util # github.com/hashicorp/vault-plugin-secrets-gcpkms v0.5.5 github.com/hashicorp/vault-plugin-secrets-gcpkms +# github.com/hashicorp/vault-plugin-secrets-kmip v0.1.3 +github.com/hashicorp/vault-plugin-secrets-kmip/plugin # github.com/hashicorp/vault-plugin-secrets-kv v0.5.5 github.com/hashicorp/vault-plugin-secrets-kv # github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.1.2 github.com/hashicorp/vault-plugin-secrets-mongodbatlas -# github.com/hashicorp/vault-plugin-secrets-openldap v0.1.4-0.20200618161832-cae59ebde561 +# github.com/hashicorp/vault-plugin-secrets-openldap v0.1.3 github.com/hashicorp/vault-plugin-secrets-openldap github.com/hashicorp/vault-plugin-secrets-openldap/client -# github.com/hashicorp/vault/api v1.0.5-0.20200519221902-385fac77e20f => ./api +# github.com/hashicorp/vault-plugin-secrets-transform v0.1.3 +github.com/hashicorp/vault-plugin-secrets-transform +# github.com/hashicorp/vault/api v1.0.5-0.20200619171258-e54ddc909815 => ./api github.com/hashicorp/vault/api -# github.com/hashicorp/vault/sdk v0.1.14-0.20200527182800-ad90e0b39d2f => ./sdk +# github.com/hashicorp/vault/sdk v0.1.14-0.20200615191832-d4b3c4b29c62 => ./sdk github.com/hashicorp/vault/sdk/database/dbplugin github.com/hashicorp/vault/sdk/database/helper/connutil github.com/hashicorp/vault/sdk/database/helper/credsutil @@ -543,8 +576,6 @@ github.com/hashicorp/vault/sdk/plugin github.com/hashicorp/vault/sdk/plugin/mock github.com/hashicorp/vault/sdk/plugin/pb github.com/hashicorp/vault/sdk/queue -github.com/hashicorp/vault/sdk/testing/stepwise -github.com/hashicorp/vault/sdk/testing/stepwise/environments/docker github.com/hashicorp/vault/sdk/version # github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d github.com/hashicorp/yamux @@ -612,6 +643,8 @@ github.com/jefferai/isbadcipher github.com/jefferai/jsonx # github.com/jmespath/go-jmespath v0.3.0 github.com/jmespath/go-jmespath +# github.com/jonboulle/clockwork v0.1.0 +github.com/jonboulle/clockwork # github.com/joyent/triton-go v1.7.1-0.20200416154420-6801d15b779f github.com/joyent/triton-go github.com/joyent/triton-go/authentication @@ -644,9 +677,9 @@ github.com/keybase/go-crypto/rsa github.com/konsorten/go-windows-terminal-sequences # github.com/kr/pretty v0.2.0 github.com/kr/pretty -# github.com/kr/text v0.2.0 +# github.com/kr/text v0.1.0 github.com/kr/text -# github.com/lib/pq v1.2.0 +# github.com/lib/pq v1.3.0 github.com/lib/pq github.com/lib/pq/oid github.com/lib/pq/scram @@ -662,8 +695,12 @@ github.com/matttproud/golang_protobuf_extensions/pbutil github.com/mholt/archiver # github.com/michaelklishin/rabbit-hole v0.0.0-20191008194146-93d9988f0cd5 github.com/michaelklishin/rabbit-hole +# github.com/miekg/pkcs11 v1.0.3 +github.com/miekg/pkcs11 # github.com/mitchellh/cli v1.0.0 github.com/mitchellh/cli +# github.com/mitchellh/colorstring v0.0.0-20150917214807-8631ce90f286 +github.com/mitchellh/colorstring # github.com/mitchellh/copystructure v1.0.0 github.com/mitchellh/copystructure # github.com/mitchellh/go-homedir v1.1.0 @@ -676,9 +713,9 @@ github.com/mitchellh/gox github.com/mitchellh/hashstructure # github.com/mitchellh/iochan v1.0.0 github.com/mitchellh/iochan -# github.com/mitchellh/mapstructure v1.3.2 +# github.com/mitchellh/mapstructure v1.2.2 github.com/mitchellh/mapstructure -# github.com/mitchellh/pointerstructure v1.0.0 +# github.com/mitchellh/pointerstructure v0.0.0-20190430161007-f252a8fd71c8 github.com/mitchellh/pointerstructure # github.com/mitchellh/reflectwalk v1.0.1 github.com/mitchellh/reflectwalk @@ -708,7 +745,6 @@ github.com/opencontainers/go-digest github.com/opencontainers/image-spec/specs-go github.com/opencontainers/image-spec/specs-go/v1 # github.com/opencontainers/runc v0.1.1 -github.com/opencontainers/runc/libcontainer/system github.com/opencontainers/runc/libcontainer/user # github.com/oracle/oci-go-sdk v12.5.0+incompatible github.com/oracle/oci-go-sdk/common @@ -745,12 +781,12 @@ github.com/ory/dockertest/docker/types/versions github.com/patrickmn/go-cache # github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5 github.com/petermattis/goid -# github.com/pierrec/lz4 v2.5.2+incompatible +# github.com/pierrec/lz4 v2.2.6+incompatible github.com/pierrec/lz4 github.com/pierrec/lz4/internal/xxh32 # github.com/pkg/errors v0.9.1 github.com/pkg/errors -# github.com/pmezard/go-difflib v1.0.0 +# github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 github.com/pmezard/go-difflib/difflib # github.com/posener/complete v1.2.1 github.com/posener/complete @@ -778,8 +814,6 @@ github.com/prometheus/common/model github.com/prometheus/procfs github.com/prometheus/procfs/internal/fs github.com/prometheus/procfs/internal/util -# github.com/rboyer/safeio v0.2.1 -github.com/rboyer/safeio # github.com/ryanuber/columnize v2.1.0+incompatible github.com/ryanuber/columnize # github.com/ryanuber/go-glob v1.0.0 @@ -802,8 +836,13 @@ github.com/shirou/gopsutil/process github.com/shirou/w32 # github.com/sirupsen/logrus v1.4.2 github.com/sirupsen/logrus +# github.com/spf13/pflag v1.0.3 +github.com/spf13/pflag +# github.com/stretchr/objx v0.2.0 +github.com/stretchr/objx # github.com/stretchr/testify v1.5.1 github.com/stretchr/testify/assert +github.com/stretchr/testify/mock github.com/stretchr/testify/require # github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926 github.com/tv42/httpunix @@ -812,6 +851,9 @@ github.com/ulikunitz/xz github.com/ulikunitz/xz/internal/hash github.com/ulikunitz/xz/internal/xlog github.com/ulikunitz/xz/lzma +# github.com/vektra/mockery v0.0.0-20181123154057-e78b021dcbb5 +github.com/vektra/mockery/cmd/mockery +github.com/vektra/mockery/mockery # github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c github.com/xdg/scram # github.com/xdg/stringprep v1.0.0 @@ -909,7 +951,7 @@ go.uber.org/zap/internal/bufferpool go.uber.org/zap/internal/color go.uber.org/zap/internal/exit go.uber.org/zap/zapcore -# golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 +# golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 golang.org/x/crypto/bcrypt golang.org/x/crypto/blake2b golang.org/x/crypto/blowfish @@ -927,6 +969,7 @@ golang.org/x/crypto/pbkdf2 golang.org/x/crypto/pkcs12 golang.org/x/crypto/pkcs12/internal/rc2 golang.org/x/crypto/poly1305 +golang.org/x/crypto/sha3 golang.org/x/crypto/ssh golang.org/x/crypto/ssh/agent golang.org/x/crypto/ssh/internal/bcrypt_pbkdf @@ -937,7 +980,7 @@ golang.org/x/lint/golint # golang.org/x/mod v0.2.0 golang.org/x/mod/module golang.org/x/mod/semver -# golang.org/x/net v0.0.0-20200602114024-627f9648deb9 +# golang.org/x/net v0.0.0-20200519113804-d87ec0cfa476 golang.org/x/net/context golang.org/x/net/context/ctxhttp golang.org/x/net/http/httpguts @@ -945,9 +988,7 @@ golang.org/x/net/http/httpproxy golang.org/x/net/http2 golang.org/x/net/http2/hpack golang.org/x/net/idna -golang.org/x/net/internal/socks golang.org/x/net/internal/timeseries -golang.org/x/net/proxy golang.org/x/net/trace # golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d golang.org/x/oauth2 @@ -959,7 +1000,7 @@ golang.org/x/oauth2/jwt # golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a golang.org/x/sync/errgroup golang.org/x/sync/semaphore -# golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980 +# golang.org/x/sys v0.0.0-20200519105757-fe76b779f299 golang.org/x/sys/cpu golang.org/x/sys/internal/unsafeheader golang.org/x/sys/unix @@ -975,9 +1016,9 @@ golang.org/x/text/secure/bidirule golang.org/x/text/transform golang.org/x/text/unicode/bidi golang.org/x/text/unicode/norm -# golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1 +# golang.org/x/time v0.0.0-20191024005414-555d28b269f0 golang.org/x/time/rate -# golang.org/x/tools v0.0.0-20200416214402-fc959738d646 +# golang.org/x/tools v0.0.0-20200513201620-d5fe73897c97 golang.org/x/tools/cmd/goimports golang.org/x/tools/go/analysis golang.org/x/tools/go/analysis/passes/inspect @@ -992,13 +1033,17 @@ golang.org/x/tools/go/loader golang.org/x/tools/go/packages golang.org/x/tools/go/types/objectpath golang.org/x/tools/go/types/typeutil +golang.org/x/tools/imports golang.org/x/tools/internal/analysisinternal +golang.org/x/tools/internal/event +golang.org/x/tools/internal/event/core +golang.org/x/tools/internal/event/keys +golang.org/x/tools/internal/event/label golang.org/x/tools/internal/fastwalk golang.org/x/tools/internal/gocommand golang.org/x/tools/internal/gopathwalk golang.org/x/tools/internal/imports golang.org/x/tools/internal/packagesinternal -golang.org/x/tools/internal/telemetry/event # golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 golang.org/x/xerrors golang.org/x/xerrors/internal @@ -1160,13 +1205,17 @@ gopkg.in/mgo.v2/internal/sasl gopkg.in/mgo.v2/internal/scram # gopkg.in/ory-am/dockertest.v3 v3.3.4 gopkg.in/ory-am/dockertest.v3 -# gopkg.in/square/go-jose.v2 v2.5.1 +# gopkg.in/square/go-jose.v2 v2.4.1 gopkg.in/square/go-jose.v2 gopkg.in/square/go-jose.v2/cipher gopkg.in/square/go-jose.v2/json gopkg.in/square/go-jose.v2/jwt # gopkg.in/yaml.v2 v2.2.8 gopkg.in/yaml.v2 +# gotest.tools/gotestsum v0.3.5 +gotest.tools/gotestsum +gotest.tools/gotestsum/internal/junitxml +gotest.tools/gotestsum/testjson # honnef.co/go/tools v0.0.1-2020.1.3 honnef.co/go/tools/arg honnef.co/go/tools/cmd/staticcheck