luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

OSS side of Global Plugin Reload (#9340) 

* OSS side of Global Plugin Reload

* changelog++
This commit is contained in:
Scott Miller 2020-06-29 16:23:28 -05:00 committed by GitHub
parent d42ee4f7ef
commit a83fe0fc6d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 648 additions and 258 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@ -22,8 +22,8 @@ IMPROVEMENTS:
* core: Added Password Policies for user-configurable password generation [[GH-8637](https://github.com/hashicorp/vault/pull/8637)] * core: Added Password Policies for user-configurable password generation [[GH-8637](https://github.com/hashicorp/vault/pull/8637)]
* core: New telemetry metrics covering token counts, token creation, KV secret counts, lease creation. [[GH-9239](https://github.com/hashicorp/vault/pull/9239)] [[GH-9250](https://github.com/hashicorp/vault/pull/9250)] [[GH-9244](https://github.com/hashicorp/vault/pull/9244)] [[GH-9052](https://github.com/hashicorp/vault/pull/9052)] * core: New telemetry metrics covering token counts, token creation, KV secret counts, lease creation. [[GH-9239](https://github.com/hashicorp/vault/pull/9239)] [[GH-9250](https://github.com/hashicorp/vault/pull/9250)] [[GH-9244](https://github.com/hashicorp/vault/pull/9244)] [[GH-9052](https://github.com/hashicorp/vault/pull/9052)]
* cli: Support reading TLS parameters from file for the `vault operator raft join` command. [[GH-9060](https://github.com/hashicorp/vault/pull/9060)] * cli: Support reading TLS parameters from file for the `vault operator raft join` command. [[GH-9060](https://github.com/hashicorp/vault/pull/9060)]
* plugin: Add SDK method, `Sys.ReloadPlugin`, and CLI command, `vault plugin reload`, * plugin: Add SDK method, `Sys.ReloadPlugin`, and CLI command, `vault plugin reload`, for reloading plugins. [[GH-8777](https://github.com/hashicorp/vault/pull/8777)]
for reloading plugins. [[GH-8777](https://github.com/hashicorp/vault/pull/8777)] * plugin (enterprise): Add a scope field to plugin reload, which when global, reloads the plugin anywhere in a cluster. [[GH-9340](https://github.com/hashicorp/vault/pull/9340)]
* sdk/framework: Support accepting TypeFloat parameters over the API [[GH-8923](https://github.com/hashicorp/vault/pull/8923)] * sdk/framework: Support accepting TypeFloat parameters over the API [[GH-8923](https://github.com/hashicorp/vault/pull/8923)]
* secrets/aws: Add iam_groups parameter to role create/update [[GH-8811](https://github.com/hashicorp/vault/pull/8811)] * secrets/aws: Add iam_groups parameter to role create/update [[GH-8811](https://github.com/hashicorp/vault/pull/8811)]
* secrets/database: Add static role rotation for MongoDB Atlas database plugin [[GH-11](https://github.com/hashicorp/vault-plugin-database-mongodbatlas/pull/11)] * secrets/database: Add static role rotation for MongoDB Atlas database plugin [[GH-11](https://github.com/hashicorp/vault-plugin-database-mongodbatlas/pull/11)]

67
api/sys_plugins.go
View File

@ -5,6 +5,7 @@ import (
"errors" "errors"
"fmt" "fmt"
"net/http" "net/http"
"time"
"github.com/hashicorp/vault/sdk/helper/consts" "github.com/hashicorp/vault/sdk/helper/consts"
"github.com/mitchellh/mapstructure" "github.com/mitchellh/mapstructure"
@ -232,15 +233,19 @@ type ReloadPluginInput struct {
// Mounts is the array of string mount paths of the plugin backends to reload // Mounts is the array of string mount paths of the plugin backends to reload
Mounts []string `json:"mounts"` Mounts []string `json:"mounts"`
// Scope is the scope of the plugin reload
Scope string `json:"scope"`
} }
// ReloadPlugin reloads mounted plugin backends // ReloadPlugin reloads mounted plugin backends, possibly returning
func (c *Sys) ReloadPlugin(i *ReloadPluginInput) error { // reloadId for a cluster scoped reload
func (c *Sys) ReloadPlugin(i *ReloadPluginInput) (string, error) {
path := "/v1/sys/plugins/reload/backend" path := "/v1/sys/plugins/reload/backend"
req := c.c.NewRequest(http.MethodPut, path) req := c.c.NewRequest(http.MethodPut, path)
if err := req.SetJSONBody(i); err != nil { if err := req.SetJSONBody(i); err != nil {
return err return "", err
} }
ctx, cancelFunc := context.WithCancel(context.Background()) ctx, cancelFunc := context.WithCancel(context.Background())
@ -248,10 +253,62 @@ func (c *Sys) ReloadPlugin(i *ReloadPluginInput) error {
resp, err := c.c.RawRequestWithContext(ctx, req) resp, err := c.c.RawRequestWithContext(ctx, req)
if err != nil { if err != nil {
return err return "", err
} }
defer resp.Body.Close() defer resp.Body.Close()
return err
if i.Scope == "cluster" {
// Get the reload id
secret, parseErr := ParseSecret(resp.Body)
if parseErr != nil {
return "", err
}
return secret.Data["reload_id"].(string), nil
}
return "", err
}
type PluginReloadStatus struct {
Timestamp time.Time `json:"timestamp"`
Success bool `json:"success"`
Message string `json:"message"`
}
type PluginReloadStatusResponse struct {
ReloadID string
Results map[string]interface{}
}
// ReloadPluginStatusInput is used as input to the ReloadStatusPlugin function.
type ReloadPluginStatusInput struct {
// ReloadID is the ID of the reload operation
ReloadID string `json:"reload_id"`
}
// ReloadPluginStatus retrieves the status of a reload operation
func (c *Sys) ReloadPluginStatus(reloadID string) (map[string]interface{}, error) {
path := "/v1/sys/plugins/reload/backend/status"
req := c.c.NewRequest(http.MethodGet, path)
req.Params.Add("reload_id", reloadID)
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, req)
if err != nil {
return nil, err
}
defer resp.Body.Close()
if resp != nil {
secret, parseErr := ParseSecret(resp.Body)
if parseErr != nil {
return nil, err
}
return secret.Data, nil
}
return nil, nil
} }
// catalogPathByType is a helper to construct the proper API path by plugin type // catalogPathByType is a helper to construct the proper API path by plugin type

5
command/commands.go
View File

@ -447,6 +447,11 @@ func initCommands(ui, serverCmdUi cli.Ui, runOpts *RunOptions) {
BaseCommand: getBaseCommand(), BaseCommand: getBaseCommand(),
}, nil }, nil
}, },
"plugin reload-status": func() (cli.Command, error) {
return &PluginReloadStatusCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"policy": func() (cli.Command, error) { "policy": func() (cli.Command, error) {
return &PolicyCommand{ return &PolicyCommand{
BaseCommand: getBaseCommand(), BaseCommand: getBaseCommand(),

28
command/plugin_reload.go
View File

@ -16,6 +16,7 @@ type PluginReloadCommand struct {
*BaseCommand *BaseCommand
plugin string plugin string
mounts []string mounts []string
scope string
} }
func (c *PluginReloadCommand) Synopsis() string { func (c *PluginReloadCommand) Synopsis() string {
@ -58,6 +59,13 @@ func (c *PluginReloadCommand) Flags() *FlagSets {
Usage: "Array or comma-separated string mount paths of the plugin backends to reload.", Usage: "Array or comma-separated string mount paths of the plugin backends to reload.",
}) })
f.StringVar(&StringVar{
Name: "scope",
Target: &c.scope,
Completion: complete.PredictAnything,
Usage: `The scope of the reload, omitted for local, "cluster", for cluster-wide`,
})
return set return set
} }
@ -84,6 +92,8 @@ func (c *PluginReloadCommand) Run(args []string) int {
case c.plugin != "" && len(c.mounts) > 0: case c.plugin != "" && len(c.mounts) > 0:
c.UI.Error(fmt.Sprintf("Too many arguments (expected 1, got %d)", len(args))) c.UI.Error(fmt.Sprintf("Too many arguments (expected 1, got %d)", len(args)))
return 1 return 1
case c.scope != "" && c.scope != "cluster":
c.UI.Error(fmt.Sprintf("Invalid reload scope: %s", c.scope))
} }
client, err := c.Client() client, err := c.Client()
@ -92,18 +102,28 @@ func (c *PluginReloadCommand) Run(args []string) int {
return 2 return 2
} }
if err := client.Sys().ReloadPlugin(&api.ReloadPluginInput{ rid, err := client.Sys().ReloadPlugin(&api.ReloadPluginInput{
Plugin: c.plugin, Plugin: c.plugin,
Mounts: c.mounts, Mounts: c.mounts,
}); err != nil { Scope: c.scope,
})
if err != nil {
c.UI.Error(fmt.Sprintf("Error reloading plugin/mounts: %s", err)) c.UI.Error(fmt.Sprintf("Error reloading plugin/mounts: %s", err))
return 2 return 2
} }
if len(c.mounts) > 0 { if len(c.mounts) > 0 {
c.UI.Output(fmt.Sprintf("Success! Reloaded mounts: %s", c.mounts)) if rid != "" {
c.UI.Output(fmt.Sprintf("Success! Reloading mounts: %s, reload_id: %s", c.mounts, rid))
} else {
c.UI.Output(fmt.Sprintf("Success! Reloaded mounts: %s", c.mounts))
}
} else { } else {
c.UI.Output(fmt.Sprintf("Success! Reloaded plugin: %s", c.plugin)) if rid != "" {
c.UI.Output(fmt.Sprintf("Success! Reloading plugin: %s, reload_id: %s", c.plugin, rid))
} else {
c.UI.Output(fmt.Sprintf("Success! Reloaded plugin: %s", c.mounts))
}
} }
return 0 return 0

68
go.mod
View File

@ -12,10 +12,11 @@ require (
cloud.google.com/go/storage v1.6.0 cloud.google.com/go/storage v1.6.0
github.com/Azure/azure-sdk-for-go v36.2.0+incompatible github.com/Azure/azure-sdk-for-go v36.2.0+incompatible
github.com/Azure/go-autorest/autorest v0.10.1 github.com/Azure/go-autorest/autorest v0.10.1
github.com/Microsoft/hcsshim v0.8.9 // indirect github.com/DataDog/zstd v1.4.4 // indirect
github.com/NYTimes/gziphandler v1.1.1 github.com/NYTimes/gziphandler v1.1.1
github.com/SAP/go-hdb v0.14.1 github.com/SAP/go-hdb v0.14.1
github.com/Sectorbob/mlab-ns2 v0.0.0-20171030222938-d3aa0c295a8a github.com/Sectorbob/mlab-ns2 v0.0.0-20171030222938-d3aa0c295a8a
github.com/StackExchange/wmi v0.0.0-20180116203802-5d049714c4a6 // indirect
github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20190620160927-9418d7b0cd0f github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20190620160927-9418d7b0cd0f
github.com/aliyun/aliyun-oss-go-sdk v0.0.0-20190307165228-86c17b95fcd5 github.com/aliyun/aliyun-oss-go-sdk v0.0.0-20190307165228-86c17b95fcd5
github.com/apple/foundationdb/bindings/go v0.0.0-20190411004307-cd5c9d91fad2 github.com/apple/foundationdb/bindings/go v0.0.0-20190411004307-cd5c9d91fad2
@ -24,11 +25,16 @@ require (
github.com/armon/go-radix v1.0.0 github.com/armon/go-radix v1.0.0
github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf
github.com/aws/aws-sdk-go v1.30.27 github.com/aws/aws-sdk-go v1.30.27
github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932 // indirect
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 // indirect
github.com/chrismalek/oktasdk-go v0.0.0-20181212195951-3430665dfaa0 github.com/chrismalek/oktasdk-go v0.0.0-20181212195951-3430665dfaa0
github.com/client9/misspell v0.3.4 github.com/client9/misspell v0.3.4
github.com/cockroachdb/cockroach-go v0.0.0-20181001143604-e0a95dfd547c github.com/cockroachdb/cockroach-go v0.0.0-20181001143604-e0a95dfd547c
github.com/coreos/go-semver v0.2.0 github.com/coreos/go-semver v0.2.0
github.com/denisenkom/go-mssqldb v0.0.0-20200428022330-06a60b6afbbc github.com/denisenkom/go-mssqldb v0.0.0-20200428022330-06a60b6afbbc
github.com/dgrijalva/jwt-go v3.2.0+incompatible
github.com/dnaeon/go-vcr v1.0.1 // indirect
github.com/dsnet/compress v0.0.1 // indirect
github.com/duosecurity/duo_api_golang v0.0.0-20190308151101-6c680f768e74 github.com/duosecurity/duo_api_golang v0.0.0-20190308151101-6c680f768e74
github.com/elazarl/go-bindata-assetfs v1.0.1-0.20200509193318-234c15e7648f github.com/elazarl/go-bindata-assetfs v1.0.1-0.20200509193318-234c15e7648f
github.com/fatih/color v1.9.0 github.com/fatih/color v1.9.0
@ -37,10 +43,13 @@ require (
github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32 github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32
github.com/go-errors/errors v1.0.1 github.com/go-errors/errors v1.0.1
github.com/go-ldap/ldap/v3 v3.1.10 github.com/go-ldap/ldap/v3 v3.1.10
github.com/go-ole/go-ole v1.2.1 // indirect
github.com/go-sql-driver/mysql v1.5.0 github.com/go-sql-driver/mysql v1.5.0
github.com/go-test/deep v1.0.2 github.com/go-test/deep v1.0.2
github.com/gocql/gocql v0.0.0-20190402132108-0e1d5de854df github.com/gocql/gocql v0.0.0-20190402132108-0e1d5de854df
github.com/gogo/protobuf v1.3.1 // indirect
github.com/golang/protobuf v1.4.2 github.com/golang/protobuf v1.4.2
github.com/golang/snappy v0.0.1
github.com/google/go-github v17.0.0+incompatible github.com/google/go-github v17.0.0+incompatible
github.com/google/go-metrics-stackdriver v0.2.0 github.com/google/go-metrics-stackdriver v0.2.0
github.com/hashicorp/consul-template v0.25.0 github.com/hashicorp/consul-template v0.25.0
@ -49,13 +58,18 @@ require (
github.com/hashicorp/go-bindata v3.0.8-0.20180209072458-bf7910af8997+incompatible github.com/hashicorp/go-bindata v3.0.8-0.20180209072458-bf7910af8997+incompatible
github.com/hashicorp/go-cleanhttp v0.5.1 github.com/hashicorp/go-cleanhttp v0.5.1
github.com/hashicorp/go-gcp-common v0.6.0 github.com/hashicorp/go-gcp-common v0.6.0
github.com/hashicorp/go-hclog v0.14.1 github.com/hashicorp/go-hclog v0.13.0
github.com/hashicorp/go-immutable-radix v1.1.0
github.com/hashicorp/go-kmip v0.0.0-20200521195242-bc3798d6b119
github.com/hashicorp/go-kms-wrapping v0.5.10 github.com/hashicorp/go-kms-wrapping v0.5.10
github.com/hashicorp/go-kms-wrapping-enterprise v0.5.1
github.com/hashicorp/go-kms-wrapping/entropy v0.1.0
github.com/hashicorp/go-licensing v1.1.1
github.com/hashicorp/go-memdb v1.0.2 github.com/hashicorp/go-memdb v1.0.2
github.com/hashicorp/go-msgpack v0.5.5 github.com/hashicorp/go-msgpack v0.5.5
github.com/hashicorp/go-multierror v1.1.0 github.com/hashicorp/go-multierror v1.0.0
github.com/hashicorp/go-raftchunking v0.6.3-0.20191002164813-7e9e8525653a github.com/hashicorp/go-raftchunking v0.6.3-0.20191002164813-7e9e8525653a
github.com/hashicorp/go-retryablehttp v0.6.6 github.com/hashicorp/go-retryablehttp v0.6.3
github.com/hashicorp/go-rootcerts v1.0.2 github.com/hashicorp/go-rootcerts v1.0.2
github.com/hashicorp/go-sockaddr v1.0.2 github.com/hashicorp/go-sockaddr v1.0.2
github.com/hashicorp/go-syslog v1.0.0 github.com/hashicorp/go-syslog v1.0.0
@ -65,27 +79,31 @@ require (
github.com/hashicorp/nomad/api v0.0.0-20191220223628-edc62acd919d github.com/hashicorp/nomad/api v0.0.0-20191220223628-edc62acd919d
github.com/hashicorp/raft v1.1.3-0.20200501224250-c95aa91e604e github.com/hashicorp/raft v1.1.3-0.20200501224250-c95aa91e604e
github.com/hashicorp/raft-snapshot v1.0.2-0.20190827162939-8117efcc5aab github.com/hashicorp/raft-snapshot v1.0.2-0.20190827162939-8117efcc5aab
github.com/hashicorp/sentinel v0.14.4
github.com/hashicorp/sentinel-sdk v0.3.7
github.com/hashicorp/vault-plugin-auth-alicloud v0.5.5 github.com/hashicorp/vault-plugin-auth-alicloud v0.5.5
github.com/hashicorp/vault-plugin-auth-azure v0.5.6-0.20200422235613-1b5c70f9ef68 github.com/hashicorp/vault-plugin-auth-azure v0.5.5
github.com/hashicorp/vault-plugin-auth-centrify v0.5.5 github.com/hashicorp/vault-plugin-auth-centrify v0.5.5
github.com/hashicorp/vault-plugin-auth-cf v0.5.4 github.com/hashicorp/vault-plugin-auth-cf v0.5.4
github.com/hashicorp/vault-plugin-auth-gcp v0.6.2-0.20200428223335-82bd3a3ad5b3 github.com/hashicorp/vault-plugin-auth-gcp v0.6.1
github.com/hashicorp/vault-plugin-auth-jwt v0.7.0 github.com/hashicorp/vault-plugin-auth-jwt v0.6.2
github.com/hashicorp/vault-plugin-auth-kerberos v0.1.6 github.com/hashicorp/vault-plugin-auth-kerberos v0.1.5
github.com/hashicorp/vault-plugin-auth-kubernetes v0.6.2 github.com/hashicorp/vault-plugin-auth-kubernetes v0.6.1
github.com/hashicorp/vault-plugin-auth-oci v0.5.5 github.com/hashicorp/vault-plugin-auth-oci v0.5.5
github.com/hashicorp/vault-plugin-database-elasticsearch v0.5.4 github.com/hashicorp/vault-plugin-database-elasticsearch v0.5.4
github.com/hashicorp/vault-plugin-database-mongodbatlas v0.1.2-0.20200520204052-f840e9d4895c github.com/hashicorp/vault-plugin-database-mongodbatlas v0.1.0-beta1.0.20200521152755-9cf156a44f9c
github.com/hashicorp/vault-plugin-secrets-ad v0.6.6 github.com/hashicorp/vault-plugin-secrets-ad v0.6.6
github.com/hashicorp/vault-plugin-secrets-alicloud v0.5.5 github.com/hashicorp/vault-plugin-secrets-alicloud v0.5.5
github.com/hashicorp/vault-plugin-secrets-azure v0.6.1 github.com/hashicorp/vault-plugin-secrets-azure v0.5.6
github.com/hashicorp/vault-plugin-secrets-gcp v0.6.3-0.20200615210754-6c617f9285c3 github.com/hashicorp/vault-plugin-secrets-gcp v0.6.3-0.20200615210754-6c617f9285c3
github.com/hashicorp/vault-plugin-secrets-gcpkms v0.5.5 github.com/hashicorp/vault-plugin-secrets-gcpkms v0.5.5
github.com/hashicorp/vault-plugin-secrets-kmip v0.1.3
github.com/hashicorp/vault-plugin-secrets-kv v0.5.5 github.com/hashicorp/vault-plugin-secrets-kv v0.5.5
github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.1.2 github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.1.2
github.com/hashicorp/vault-plugin-secrets-openldap v0.1.4-0.20200618161832-cae59ebde561 github.com/hashicorp/vault-plugin-secrets-openldap v0.1.3
github.com/hashicorp/vault/api v1.0.5-0.20200519221902-385fac77e20f github.com/hashicorp/vault-plugin-secrets-transform v0.1.3
github.com/hashicorp/vault/sdk v0.1.14-0.20200527182800-ad90e0b39d2f github.com/hashicorp/vault/api v1.0.5-0.20200619171258-e54ddc909815
github.com/hashicorp/vault/sdk v0.1.14-0.20200615191832-d4b3c4b29c62
github.com/influxdata/influxdb v0.0.0-20190411212539-d24b7ba8c4c4 github.com/influxdata/influxdb v0.0.0-20190411212539-d24b7ba8c4c4
github.com/jcmturner/gokrb5/v8 v8.0.0 github.com/jcmturner/gokrb5/v8 v8.0.0
github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f
@ -93,8 +111,8 @@ require (
github.com/joyent/triton-go v1.7.1-0.20200416154420-6801d15b779f github.com/joyent/triton-go v1.7.1-0.20200416154420-6801d15b779f
github.com/keybase/go-crypto v0.0.0-20190403132359-d65b6b94177f github.com/keybase/go-crypto v0.0.0-20190403132359-d65b6b94177f
github.com/kr/pretty v0.2.0 github.com/kr/pretty v0.2.0
github.com/kr/text v0.2.0 github.com/kr/text v0.1.0
github.com/lib/pq v1.2.0 github.com/lib/pq v1.3.0
github.com/mattn/go-colorable v0.1.6 github.com/mattn/go-colorable v0.1.6
github.com/mholt/archiver v3.1.1+incompatible github.com/mholt/archiver v3.1.1+incompatible
github.com/michaelklishin/rabbit-hole v0.0.0-20191008194146-93d9988f0cd5 github.com/michaelklishin/rabbit-hole v0.0.0-20191008194146-93d9988f0cd5
@ -103,11 +121,12 @@ require (
github.com/mitchellh/go-homedir v1.1.0 github.com/mitchellh/go-homedir v1.1.0
github.com/mitchellh/go-testing-interface v1.0.0 github.com/mitchellh/go-testing-interface v1.0.0
github.com/mitchellh/gox v1.0.1 github.com/mitchellh/gox v1.0.1
github.com/mitchellh/mapstructure v1.3.2 github.com/mitchellh/mapstructure v1.2.2
github.com/mitchellh/reflectwalk v1.0.1 github.com/mitchellh/reflectwalk v1.0.1
github.com/mongodb/go-client-mongodb-atlas v0.1.2 github.com/mongodb/go-client-mongodb-atlas v0.1.2
github.com/natefinch/atomic v0.0.0-20150920032501-a62ce929ffcc github.com/natefinch/atomic v0.0.0-20150920032501-a62ce929ffcc
github.com/ncw/swift v1.0.47 github.com/ncw/swift v1.0.47
github.com/nwaples/rardecode v1.0.0 // indirect
github.com/oklog/run v1.0.0 github.com/oklog/run v1.0.0
github.com/okta/okta-sdk-golang v1.0.1 github.com/okta/okta-sdk-golang v1.0.1
github.com/oracle/oci-go-sdk v12.5.0+incompatible github.com/oracle/oci-go-sdk v12.5.0+incompatible
@ -119,27 +138,30 @@ require (
github.com/pquerna/otp v1.2.1-0.20191009055518-468c2dd2b58d github.com/pquerna/otp v1.2.1-0.20191009055518-468c2dd2b58d
github.com/prometheus/client_golang v1.4.0 github.com/prometheus/client_golang v1.4.0
github.com/prometheus/common v0.9.1 github.com/prometheus/common v0.9.1
github.com/rboyer/safeio v0.2.1
github.com/ryanuber/columnize v2.1.0+incompatible github.com/ryanuber/columnize v2.1.0+incompatible
github.com/ryanuber/go-glob v1.0.0 github.com/ryanuber/go-glob v1.0.0
github.com/samuel/go-zookeeper v0.0.0-20180130194729-c4fab1ac1bec github.com/samuel/go-zookeeper v0.0.0-20180130194729-c4fab1ac1bec
github.com/sasha-s/go-deadlock v0.2.0 github.com/sasha-s/go-deadlock v0.2.0
github.com/shirou/gopsutil v2.19.9+incompatible github.com/shirou/gopsutil v2.19.9+incompatible
github.com/shirou/w32 v0.0.0-20160930032740-bb4de0191aa4 // indirect
github.com/stretchr/testify v1.5.1 github.com/stretchr/testify v1.5.1
github.com/tidwall/pretty v1.0.0 // indirect
github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c // indirect
github.com/xdg/stringprep v1.0.0 // indirect
github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
go.etcd.io/bbolt v1.3.4 go.etcd.io/bbolt v1.3.4
go.etcd.io/etcd v0.5.0-alpha.5.0.20200425165423-262c93980547 go.etcd.io/etcd v0.5.0-alpha.5.0.20200425165423-262c93980547
go.mongodb.org/mongo-driver v1.2.1 go.mongodb.org/mongo-driver v1.2.1
go.uber.org/atomic v1.6.0 go.uber.org/atomic v1.6.0
golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37
golang.org/x/net v0.0.0-20200602114024-627f9648deb9 golang.org/x/net v0.0.0-20200519113804-d87ec0cfa476
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1 golang.org/x/tools v0.0.0-20200513201620-d5fe73897c97
golang.org/x/tools v0.0.0-20200416214402-fc959738d646
google.golang.org/api v0.24.0 google.golang.org/api v0.24.0
google.golang.org/grpc v1.29.1 google.golang.org/grpc v1.29.1
google.golang.org/protobuf v1.24.0 google.golang.org/protobuf v1.24.0
gopkg.in/mgo.v2 v2.0.0-20180705113604-9856a29383ce gopkg.in/mgo.v2 v2.0.0-20180705113604-9856a29383ce
gopkg.in/ory-am/dockertest.v3 v3.3.4 gopkg.in/ory-am/dockertest.v3 v3.3.4
gopkg.in/square/go-jose.v2 v2.5.1 gopkg.in/square/go-jose.v2 v2.4.1
layeh.com/radius v0.0.0-20190322222518-890bc1058917 layeh.com/radius v0.0.0-20190322222518-890bc1058917
) )

65
vault/logical_system.go
View File

@ -29,6 +29,7 @@ import (
"github.com/hashicorp/vault/helper/monitor" "github.com/hashicorp/vault/helper/monitor"
"github.com/hashicorp/vault/helper/namespace" "github.com/hashicorp/vault/helper/namespace"
"github.com/hashicorp/vault/helper/random" "github.com/hashicorp/vault/helper/random"
"github.com/hashicorp/vault/physical/raft"
"github.com/hashicorp/vault/sdk/framework" "github.com/hashicorp/vault/sdk/framework"
"github.com/hashicorp/vault/sdk/helper/consts" "github.com/hashicorp/vault/sdk/helper/consts"
"github.com/hashicorp/vault/sdk/helper/jsonutil" "github.com/hashicorp/vault/sdk/helper/jsonutil"
@ -40,6 +41,7 @@ import (
) )
const maxBytes = 128 * 1024 const maxBytes = 128 * 1024
const clusterScope = "cluster"
func systemBackendMemDBSchema() *memdb.DBSchema { func systemBackendMemDBSchema() *memdb.DBSchema {
systemSchema := &memdb.DBSchema{ systemSchema := &memdb.DBSchema{
@ -112,9 +114,11 @@ func NewSystemBackend(core *Core, logger log.Logger) *SystemBackend {
"replication/performance/status", "replication/performance/status",
"replication/dr/status", "replication/dr/status",
"replication/dr/secondary/promote", "replication/dr/secondary/promote",
"replication/dr/secondary/disable",
"replication/dr/secondary/update-primary", "replication/dr/secondary/update-primary",
"replication/dr/secondary/operation-token/delete", "replication/dr/secondary/operation-token/delete",
"replication/dr/secondary/license", "replication/dr/secondary/license",
"replication/dr/secondary/recover",
"replication/dr/secondary/reindex", "replication/dr/secondary/reindex",
"storage/raft/bootstrap/challenge", "storage/raft/bootstrap/challenge",
"storage/raft/bootstrap/answer", "storage/raft/bootstrap/answer",
@ -160,13 +164,12 @@ func NewSystemBackend(core *Core, logger log.Logger) *SystemBackend {
b.Backend.Paths = append(b.Backend.Paths, b.metricsPath()) b.Backend.Paths = append(b.Backend.Paths, b.metricsPath())
b.Backend.Paths = append(b.Backend.Paths, b.monitorPath()) b.Backend.Paths = append(b.Backend.Paths, b.monitorPath())
b.Backend.Paths = append(b.Backend.Paths, b.hostInfoPath()) b.Backend.Paths = append(b.Backend.Paths, b.hostInfoPath())
b.Backend.Paths = append(b.Backend.Paths, b.quotasPaths()...)
if core.rawEnabled { if core.rawEnabled {
b.Backend.Paths = append(b.Backend.Paths, b.rawPaths()...) b.Backend.Paths = append(b.Backend.Paths, b.rawPaths()...)
} }
if backend := core.getRaftBackend(); backend != nil { if _, ok := core.underlyingPhysical.(*raft.RaftBackend); ok {
b.Backend.Paths = append(b.Backend.Paths, b.raftStoragePaths()...) b.Backend.Paths = append(b.Backend.Paths, b.raftStoragePaths()...)
} }
@ -434,6 +437,7 @@ func (b *SystemBackend) handlePluginCatalogDelete(ctx context.Context, req *logi
func (b *SystemBackend) handlePluginReloadUpdate(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) { func (b *SystemBackend) handlePluginReloadUpdate(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
pluginName := d.Get("plugin").(string) pluginName := d.Get("plugin").(string)
pluginMounts := d.Get("mounts").([]string) pluginMounts := d.Get("mounts").([]string)
scope := d.Get("scope").(string)
if pluginName != "" && len(pluginMounts) > 0 { if pluginName != "" && len(pluginMounts) > 0 {
return logical.ErrorResponse("plugin and mounts cannot be set at the same time"), nil return logical.ErrorResponse("plugin and mounts cannot be set at the same time"), nil
@ -443,18 +447,30 @@ func (b *SystemBackend) handlePluginReloadUpdate(ctx context.Context, req *logic
} }
if pluginName != "" { if pluginName != "" {
err := b.Core.reloadMatchingPlugin(ctx, pluginName) err := b.Core.reloadMatchingPlugin(ctx, pluginName, time.Now())
if err != nil { if err != nil {
return nil, err return nil, err
} }
} else if len(pluginMounts) > 0 { } else if len(pluginMounts) > 0 {
err := b.Core.reloadMatchingPluginMounts(ctx, pluginMounts) err := b.Core.reloadMatchingPluginMounts(ctx, pluginMounts, time.Now())
if err != nil { if err != nil {
return nil, err return nil, err
} }
} else {
return nil, nil
} }
return nil, nil r := logical.Response{
Data: map[string]interface{}{
"reload_id": req.ID,
},
}
if scope == clusterScope {
go handleClusterPluginReload(b, req.ID, pluginName, pluginMounts)
return logical.RespondWithStatusCode(&r, req, http.StatusAccepted)
}
return &r, nil
} }
// handleAuditedHeaderUpdate creates or overwrites a header entry // handleAuditedHeaderUpdate creates or overwrites a header entry
@ -670,6 +686,7 @@ func mountInfo(entry *MountEntry) map[string]interface{} {
"external_entropy_access": entry.ExternalEntropyAccess, "external_entropy_access": entry.ExternalEntropyAccess,
"options": entry.Options, "options": entry.Options,
"uuid": entry.UUID, "uuid": entry.UUID,
"started_time": entry.StartedTime,
} }
entryConfig := map[string]interface{}{ entryConfig := map[string]interface{}{
"default_lease_ttl": int64(entry.Config.DefaultLeaseTTL.Seconds()), "default_lease_ttl": int64(entry.Config.DefaultLeaseTTL.Seconds()),
@ -752,7 +769,7 @@ func (b *SystemBackend) handleMount(ctx context.Context, req *logical.Request, d
// Get all the options // Get all the options
path := data.Get("path").(string) path := data.Get("path").(string)
path = sanitizePath(path) path = sanitizeMountPath(path)
logicalType := data.Get("type").(string) logicalType := data.Get("type").(string)
description := data.Get("description").(string) description := data.Get("description").(string)
@ -935,7 +952,7 @@ func handleErrorNoReadOnlyForward(
// handleUnmount is used to unmount a path // handleUnmount is used to unmount a path
func (b *SystemBackend) handleUnmount(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { func (b *SystemBackend) handleUnmount(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
path := data.Get("path").(string) path := data.Get("path").(string)
path = sanitizePath(path) path = sanitizeMountPath(path)
ns, err := namespace.FromContext(ctx) ns, err := namespace.FromContext(ctx)
if err != nil { if err != nil {
@ -1030,12 +1047,6 @@ func (b *SystemBackend) handleRemount(ctx context.Context, req *logical.Request,
return handleError(err) return handleError(err)
} }
// Update quotas with the new path
if err := b.Core.quotaManager.HandleRemount(ctx, ns.Path, sanitizePath(fromPath), sanitizePath(toPath)); err != nil {
b.Core.logger.Error("failed to update quotas after remount", "ns_path", ns.Path, "from_path", fromPath, "to_path", toPath, "error", err)
return handleError(err)
}
return nil, nil return nil, nil
} }
@ -1067,7 +1078,7 @@ func (b *SystemBackend) handleMountTuneRead(ctx context.Context, req *logical.Re
// handleTuneReadCommon returns the config settings of a path // handleTuneReadCommon returns the config settings of a path
func (b *SystemBackend) handleTuneReadCommon(ctx context.Context, path string) (*logical.Response, error) { func (b *SystemBackend) handleTuneReadCommon(ctx context.Context, path string) (*logical.Response, error) {
path = sanitizePath(path) path = sanitizeMountPath(path)
sysView := b.Core.router.MatchingSystemView(ctx, path) sysView := b.Core.router.MatchingSystemView(ctx, path)
if sysView == nil { if sysView == nil {
@ -1153,7 +1164,7 @@ func (b *SystemBackend) handleMountTuneWrite(ctx context.Context, req *logical.R
func (b *SystemBackend) handleTuneWriteCommon(ctx context.Context, path string, data *framework.FieldData) (*logical.Response, error) { func (b *SystemBackend) handleTuneWriteCommon(ctx context.Context, path string, data *framework.FieldData) (*logical.Response, error) {
repState := b.Core.ReplicationState() repState := b.Core.ReplicationState()
path = sanitizePath(path) path = sanitizeMountPath(path)
// Prevent protected paths from being changed // Prevent protected paths from being changed
for _, p := range untunableMounts { for _, p := range untunableMounts {
@ -1723,7 +1734,7 @@ func (b *SystemBackend) handleEnableAuth(ctx context.Context, req *logical.Reque
// Get all the options // Get all the options
path := data.Get("path").(string) path := data.Get("path").(string)
path = sanitizePath(path) path = sanitizeMountPath(path)
logicalType := data.Get("type").(string) logicalType := data.Get("type").(string)
description := data.Get("description").(string) description := data.Get("description").(string)
pluginName := data.Get("plugin_name").(string) pluginName := data.Get("plugin_name").(string)
@ -1864,7 +1875,7 @@ func (b *SystemBackend) handleEnableAuth(ctx context.Context, req *logical.Reque
// handleDisableAuth is used to disable a credential backend // handleDisableAuth is used to disable a credential backend
func (b *SystemBackend) handleDisableAuth(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { func (b *SystemBackend) handleDisableAuth(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
path := data.Get("path").(string) path := data.Get("path").(string)
path = sanitizePath(path) path = sanitizeMountPath(path)
ns, err := namespace.FromContext(ctx) ns, err := namespace.FromContext(ctx)
if err != nil { if err != nil {
@ -2279,7 +2290,7 @@ func (b *SystemBackend) handleAuditHash(ctx context.Context, req *logical.Reques
return logical.ErrorResponse("the \"input\" parameter is empty"), nil return logical.ErrorResponse("the \"input\" parameter is empty"), nil
} }
path = sanitizePath(path) path = sanitizeMountPath(path)
hash, err := b.Core.auditBroker.GetHash(ctx, path, input) hash, err := b.Core.auditBroker.GetHash(ctx, path, input)
if err != nil { if err != nil {
@ -3222,7 +3233,8 @@ func (b *SystemBackend) pathInternalUIMountsRead(ctx context.Context, req *logic
b.Core.mountsLock.RLock() b.Core.mountsLock.RLock()
for _, entry := range b.Core.mounts.Entries { for _, entry := range b.Core.mounts.Entries {
filtered, err := b.Core.checkReplicatedFiltering(ctx, entry, "") ctxWithNamespace := namespace.ContextWithNamespace(ctx, entry.Namespace())
filtered, err := b.Core.checkReplicatedFiltering(ctxWithNamespace, entry, "")
if err != nil { if err != nil {
b.Core.mountsLock.RUnlock() b.Core.mountsLock.RUnlock()
return nil, err return nil, err
@ -3248,7 +3260,8 @@ func (b *SystemBackend) pathInternalUIMountsRead(ctx context.Context, req *logic
b.Core.authLock.RLock() b.Core.authLock.RLock()
for _, entry := range b.Core.auth.Entries { for _, entry := range b.Core.auth.Entries {
filtered, err := b.Core.checkReplicatedFiltering(ctx, entry, credentialRoutePrefix) ctxWithNamespace := namespace.ContextWithNamespace(ctx, entry.Namespace())
filtered, err := b.Core.checkReplicatedFiltering(ctxWithNamespace, entry, credentialRoutePrefix)
if err != nil { if err != nil {
b.Core.authLock.RUnlock() b.Core.authLock.RUnlock()
return nil, err return nil, err
@ -3280,7 +3293,7 @@ func (b *SystemBackend) pathInternalUIMountRead(ctx context.Context, req *logica
if path == "" { if path == "" {
return logical.ErrorResponse("path not set"), logical.ErrInvalidRequest return logical.ErrorResponse("path not set"), logical.ErrInvalidRequest
} }
path = sanitizePath(path) path = sanitizeMountPath(path)
errResp := logical.ErrorResponse(fmt.Sprintf("preflight capability check returned 403, please ensure client's policies grant access to path %q", path)) errResp := logical.ErrorResponse(fmt.Sprintf("preflight capability check returned 403, please ensure client's policies grant access to path %q", path))
@ -3598,7 +3611,7 @@ func (b *SystemBackend) pathInternalOpenAPI(ctx context.Context, req *logical.Re
return resp, nil return resp, nil
} }
func sanitizePath(path string) string { func sanitizeMountPath(path string) string {
if !strings.HasSuffix(path, "/") { if !strings.HasSuffix(path, "/") {
path += "/" path += "/"
} }
@ -4267,6 +4280,14 @@ This path responds to the following HTTP methods.
`The mount paths of the plugin backends to reload.`, `The mount paths of the plugin backends to reload.`,
"", "",
}, },
"plugin-backend-reload-scope": {
`The scope of the reload`,
`Either absent or the empty string for local reload, or "cluster" for a cluster wide reload`,
},
"plugin-reload-backend-status": {
`Retrieve the status of a cluster-wide plugin reload`,
"",
},
"hash": { "hash": {
"Generate a hash sum for input data", "Generate a hash sum for input data",
"Generates a hash sum of the given algorithm against the given input data.", "Generates a hash sum of the given algorithm against the given input data.",

6
vault/logical_system_helpers.go
View File

@ -84,6 +84,12 @@ var (
}, },
} }
} }
handleClusterPluginReload = func(*SystemBackend, string, string, []string) error {
return nil
}
handleSetupPluginReload = func(*SystemBackend) error {
return nil
}
checkRaw = func(b *SystemBackend, path string) error { return nil } checkRaw = func(b *SystemBackend, path string) error { return nil }
) )

15
vault/logical_system_integ_test.go
View File

@ -2,6 +2,9 @@ package vault_test
import ( import (
"fmt" "fmt"
"github.com/hashicorp/vault/helper/testhelpers"
"github.com/hashicorp/vault/helper/testhelpers/teststorage"
"github.com/hashicorp/vault/sdk/helper/logging"
"io/ioutil" "io/ioutil"
"os" "os"
"path/filepath" "path/filepath"
@ -441,6 +444,18 @@ func TestSystemBackend_Plugin_reload(t *testing.T) {
t.Run("mounts", func(t *testing.T) { testSystemBackend_PluginReload(t, data) }) t.Run("mounts", func(t *testing.T) { testSystemBackend_PluginReload(t, data) })
} }
func TestSystemBackend_Plugin_reload(t *testing.T) {
data := map[string]interface{}{
"plugin": "mock-plugin",
}
t.Run("plugin", func(t *testing.T) { testSystemBackend_PluginReload(t, data) })
data = map[string]interface{}{
"mounts": "mock-0/,mock-1/",
}
t.Run("mounts", func(t *testing.T) { testSystemBackend_PluginReload(t, data) })
}
// Helper func to test different reload methods on plugin reload endpoint // Helper func to test different reload methods on plugin reload endpoint
func testSystemBackend_PluginReload(t *testing.T, reqData map[string]interface{}) { func testSystemBackend_PluginReload(t *testing.T, reqData map[string]interface{}) {
cluster := testSystemBackendMock(t, 1, 2, logical.TypeLogical) cluster := testSystemBackendMock(t, 1, 2, logical.TypeLogical)

7
vault/logical_system_paths.go
View File

@ -708,13 +708,17 @@ func (b *SystemBackend) pluginsReloadPath() *framework.Path {
Type: framework.TypeCommaStringSlice, Type: framework.TypeCommaStringSlice,
Description: strings.TrimSpace(sysHelp["plugin-backend-reload-mounts"][0]), Description: strings.TrimSpace(sysHelp["plugin-backend-reload-mounts"][0]),
}, },
"scope": &framework.FieldSchema{
Type: framework.TypeString,
Description: strings.TrimSpace(sysHelp["plugin-backend-reload-scope"][0]),
},
}, },
Operations: map[logical.Operation]framework.OperationHandler{ Operations: map[logical.Operation]framework.OperationHandler{
logical.UpdateOperation: &framework.PathOperation{ logical.UpdateOperation: &framework.PathOperation{
Callback: b.handlePluginReloadUpdate, Callback: b.handlePluginReloadUpdate,
Summary: "Reload mounted plugin backends.", Summary: "Reload mounted plugin backends.",
Description: "Either the plugin name (`plugin`) or the desired plugin backend mounts (`mounts`) must be provided, but not both. In the case that the plugin name is provided, all mounted paths that use that plugin backend will be reloaded.", Description: "Either the plugin name (`plugin`) or the desired plugin backend mounts (`mounts`) must be provided, but not both. In the case that the plugin name is provided, all mounted paths that use that plugin backend will be reloaded. If (`scope`) is provided and is (`cluster`), the plugin(s) are reloaded cluster wide.",
}, },
}, },
@ -722,7 +726,6 @@ func (b *SystemBackend) pluginsReloadPath() *framework.Path {
HelpDescription: strings.TrimSpace(sysHelp["plugin-reload"][1]), HelpDescription: strings.TrimSpace(sysHelp["plugin-reload"][1]),
} }
} }
func (b *SystemBackend) toolsPaths() []*framework.Path { func (b *SystemBackend) toolsPaths() []*framework.Path {
return []*framework.Path{ return []*framework.Path{
{ {

30
vault/logical_system_raft.go
View File

@ -7,15 +7,14 @@ import (
"errors" "errors"
"strings" "strings"
"github.com/hashicorp/vault/sdk/framework"
"github.com/hashicorp/vault/sdk/logical"
"github.com/hashicorp/vault/sdk/physical"
proto "github.com/golang/protobuf/proto" proto "github.com/golang/protobuf/proto"
wrapping "github.com/hashicorp/go-kms-wrapping" wrapping "github.com/hashicorp/go-kms-wrapping"
uuid "github.com/hashicorp/go-uuid" uuid "github.com/hashicorp/go-uuid"
"github.com/hashicorp/vault/helper/namespace" "github.com/hashicorp/vault/helper/namespace"
"github.com/hashicorp/vault/physical/raft" "github.com/hashicorp/vault/physical/raft"
"github.com/hashicorp/vault/sdk/framework"
"github.com/hashicorp/vault/sdk/logical"
"github.com/hashicorp/vault/sdk/physical"
) )
// raftStoragePaths returns paths for use when raft is the storage mechanism. // raftStoragePaths returns paths for use when raft is the storage mechanism.
@ -133,12 +132,13 @@ func (b *SystemBackend) raftStoragePaths() []*framework.Path {
func (b *SystemBackend) handleRaftConfigurationGet() framework.OperationFunc { func (b *SystemBackend) handleRaftConfigurationGet() framework.OperationFunc {
return func(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) { return func(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
raftBackend := b.Core.getRaftBackend()
if raftBackend == nil { raftStorage, ok := b.Core.underlyingPhysical.(*raft.RaftBackend)
if !ok {
return logical.ErrorResponse("raft storage is not in use"), logical.ErrInvalidRequest return logical.ErrorResponse("raft storage is not in use"), logical.ErrInvalidRequest
} }
config, err := raftBackend.GetConfiguration(ctx) config, err := raftStorage.GetConfiguration(ctx)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -158,12 +158,12 @@ func (b *SystemBackend) handleRaftRemovePeerUpdate() framework.OperationFunc {
return logical.ErrorResponse("no server id provided"), logical.ErrInvalidRequest return logical.ErrorResponse("no server id provided"), logical.ErrInvalidRequest
} }
raftBackend := b.Core.getRaftBackend() raftStorage, ok := b.Core.underlyingPhysical.(*raft.RaftBackend)
if raftBackend == nil { if !ok {
return logical.ErrorResponse("raft storage is not in use"), logical.ErrInvalidRequest return logical.ErrorResponse("raft storage is not in use"), logical.ErrInvalidRequest
} }
if err := raftBackend.RemovePeer(ctx, serverID); err != nil { if err := raftStorage.RemovePeer(ctx, serverID); err != nil {
return nil, err return nil, err
} }
if b.Core.raftFollowerStates != nil { if b.Core.raftFollowerStates != nil {
@ -221,8 +221,8 @@ func (b *SystemBackend) handleRaftBootstrapChallengeWrite() framework.OperationF
func (b *SystemBackend) handleRaftBootstrapAnswerWrite() framework.OperationFunc { func (b *SystemBackend) handleRaftBootstrapAnswerWrite() framework.OperationFunc {
return func(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) { return func(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
raftBackend := b.Core.getRaftBackend() raftStorage, ok := b.Core.underlyingPhysical.(*raft.RaftBackend)
if raftBackend == nil { if !ok {
return logical.ErrorResponse("raft storage is not in use"), logical.ErrInvalidRequest return logical.ErrorResponse("raft storage is not in use"), logical.ErrInvalidRequest
} }
@ -271,9 +271,9 @@ func (b *SystemBackend) handleRaftBootstrapAnswerWrite() framework.OperationFunc
switch nonVoter { switch nonVoter {
case true: case true:
err = raftBackend.AddNonVotingPeer(ctx, serverID, clusterAddr) err = raftStorage.AddNonVotingPeer(ctx, serverID, clusterAddr)
default: default:
err = raftBackend.AddPeer(ctx, serverID, clusterAddr) err = raftStorage.AddPeer(ctx, serverID, clusterAddr)
} }
if err != nil { if err != nil {
return nil, err return nil, err
@ -283,7 +283,7 @@ func (b *SystemBackend) handleRaftBootstrapAnswerWrite() framework.OperationFunc
b.Core.raftFollowerStates.update(serverID, 0) b.Core.raftFollowerStates.update(serverID, 0)
} }
peers, err := raftBackend.Peers(ctx) peers, err := raftStorage.Peers(ctx)
if err != nil { if err != nil {
return nil, err return nil, err
} }

2
vault/logical_system_test.go
View File

@ -2654,7 +2654,7 @@ func TestSystemBackend_PathWildcardPreflight(t *testing.T) {
// Add another mount // Add another mount
me := &MountEntry{ me := &MountEntry{
Table: mountTableType, Table: mountTableType,
Path: sanitizePath("kv-v1"), Path: sanitizeMountPath("kv-v1"),
Type: "kv", Type: "kv",
Options: map[string]string{"version": "1"}, Options: map[string]string{"version": "1"},
} }

15
vault/plugin_reload.go
View File

@ -4,6 +4,7 @@ import (
"context" "context"
"fmt" "fmt"
"strings" "strings"
"time"
"github.com/hashicorp/vault/helper/namespace" "github.com/hashicorp/vault/helper/namespace"
@ -15,7 +16,7 @@ import (
// reloadPluginMounts reloads provided mounts, regardless of // reloadPluginMounts reloads provided mounts, regardless of
// plugin name, as long as the backend type is plugin. // plugin name, as long as the backend type is plugin.
func (c *Core) reloadMatchingPluginMounts(ctx context.Context, mounts []string) error { func (c *Core) reloadMatchingPluginMounts(ctx context.Context, mounts []string, reloadTime time.Time) error {
c.mountsLock.RLock() c.mountsLock.RLock()
defer c.mountsLock.RUnlock() defer c.mountsLock.RUnlock()
c.authLock.RLock() c.authLock.RLock()
@ -34,6 +35,10 @@ func (c *Core) reloadMatchingPluginMounts(ctx context.Context, mounts []string)
continue continue
} }
if entry.StartedTime.After(reloadTime) {
continue
}
var isAuth bool var isAuth bool
fullPath := c.router.MatchingMount(ctx, mount) fullPath := c.router.MatchingMount(ctx, mount)
if strings.HasPrefix(fullPath, credentialRoutePrefix) { if strings.HasPrefix(fullPath, credentialRoutePrefix) {
@ -58,7 +63,7 @@ func (c *Core) reloadMatchingPluginMounts(ctx context.Context, mounts []string)
// reloadPlugin reloads all mounted backends that are of // reloadPlugin reloads all mounted backends that are of
// plugin pluginName (name of the plugin as registered in // plugin pluginName (name of the plugin as registered in
// the plugin catalog). // the plugin catalog).
func (c *Core) reloadMatchingPlugin(ctx context.Context, pluginName string) error { func (c *Core) reloadMatchingPlugin(ctx context.Context, pluginName string, reloadTime time.Time) error {
c.mountsLock.RLock() c.mountsLock.RLock()
defer c.mountsLock.RUnlock() defer c.mountsLock.RUnlock()
c.authLock.RLock() c.authLock.RLock()
@ -75,7 +80,7 @@ func (c *Core) reloadMatchingPlugin(ctx context.Context, pluginName string) erro
if ns.ID != entry.Namespace().ID { if ns.ID != entry.Namespace().ID {
continue continue
} }
if entry.Type == pluginName || (entry.Type == "plugin" && entry.Config.PluginName == pluginName) { if entry.Type == pluginName || (entry.Type == "plugin" && entry.Config.PluginName == pluginName) && reloadTime.After(entry.StartedTime) {
err := c.reloadBackendCommon(ctx, entry, false) err := c.reloadBackendCommon(ctx, entry, false)
if err != nil { if err != nil {
return err return err
@ -195,3 +200,7 @@ func (c *Core) reloadBackendCommon(ctx context.Context, entry *MountEntry, isAut
return nil return nil
} }
func (c *Core) setupPluginReload() error {
return handleSetupPluginReload(c.systemBackend)
}

17
vault/request_forwarding_rpc.go
View File

@ -8,6 +8,7 @@ import (
"time" "time"
"github.com/hashicorp/vault/helper/forwarding" "github.com/hashicorp/vault/helper/forwarding"
"github.com/hashicorp/vault/physical/raft"
"github.com/hashicorp/vault/sdk/helper/consts" "github.com/hashicorp/vault/sdk/helper/consts"
"github.com/hashicorp/vault/vault/replication" "github.com/hashicorp/vault/vault/replication"
) )
@ -81,11 +82,9 @@ func (s *forwardedRequestRPCServer) Echo(ctx context.Context, in *EchoRequest) (
ReplicationState: uint32(s.core.ReplicationState()), ReplicationState: uint32(s.core.ReplicationState()),
} }
if raftBackend := s.core.getRaftBackend(); raftBackend != nil { if raftStorage, ok := s.core.underlyingPhysical.(*raft.RaftBackend); ok {
if !s.core.isRaftHAOnly() { reply.RaftAppliedIndex = raftStorage.AppliedIndex()
reply.RaftAppliedIndex = raftBackend.AppliedIndex() reply.RaftNodeID = raftStorage.NodeID()
reply.RaftNodeID = raftBackend.NodeID()
}
} }
return reply, nil return reply, nil
@ -112,11 +111,9 @@ func (c *forwardingClient) startHeartbeat() {
ClusterAddr: clusterAddr, ClusterAddr: clusterAddr,
} }
if raftBackend := c.core.getRaftBackend(); raftBackend != nil { if raftStorage, ok := c.core.underlyingPhysical.(*raft.RaftBackend); ok {
if !c.core.isRaftHAOnly() { req.RaftAppliedIndex = raftStorage.AppliedIndex()
req.RaftAppliedIndex = raftBackend.AppliedIndex() req.RaftNodeID = raftStorage.NodeID()
req.RaftNodeID = raftBackend.NodeID()
}
} }
ctx, cancel := context.WithTimeout(c.echoContext, 2*time.Second) ctx, cancel := context.WithTimeout(c.echoContext, 2*time.Second)

314
vault/request_forwarding_service.pb.go
View File

@ -1,7 +1,7 @@
// Code generated by protoc-gen-go. DO NOT EDIT. // Code generated by protoc-gen-go. DO NOT EDIT.
// versions: // versions:
// protoc-gen-go v1.22.0 // protoc-gen-go v1.24.0
// protoc v3.11.4 // protoc v3.6.1
// source: vault/request_forwarding_service.proto // source: vault/request_forwarding_service.proto
package vault package vault
@ -41,9 +41,10 @@ type EchoRequest struct {
ClusterAddr string `protobuf:"bytes,2,opt,name=cluster_addr,json=clusterAddr,proto3" json:"cluster_addr,omitempty"` ClusterAddr string `protobuf:"bytes,2,opt,name=cluster_addr,json=clusterAddr,proto3" json:"cluster_addr,omitempty"`
// ClusterAddrs is used to send up a list of cluster addresses to a dr // ClusterAddrs is used to send up a list of cluster addresses to a dr
// primary from a dr secondary // primary from a dr secondary
ClusterAddrs []string `protobuf:"bytes,3,rep,name=cluster_addrs,json=clusterAddrs,proto3" json:"cluster_addrs,omitempty"` ClusterAddrs []string `protobuf:"bytes,3,rep,name=cluster_addrs,json=clusterAddrs,proto3" json:"cluster_addrs,omitempty"`
RaftAppliedIndex uint64 `protobuf:"varint,4,opt,name=raft_applied_index,json=raftAppliedIndex,proto3" json:"raft_applied_index,omitempty"` RaftAppliedIndex uint64 `protobuf:"varint,4,opt,name=raft_applied_index,json=raftAppliedIndex,proto3" json:"raft_applied_index,omitempty"`
RaftNodeID string `protobuf:"bytes,5,opt,name=raft_node_id,json=raftNodeId,proto3" json:"raft_node_id,omitempty"` RaftNodeID string `protobuf:"bytes,5,opt,name=raft_node_id,json=raftNodeId,proto3" json:"raft_node_id,omitempty"`
NodeInfo *NodeInformation `protobuf:"bytes,6,opt,name=node_info,json=nodeInfo,proto3" json:"node_info,omitempty"`
} }
func (x *EchoRequest) Reset() { func (x *EchoRequest) Reset() {
@ -113,16 +114,24 @@ func (x *EchoRequest) GetRaftNodeID() string {
return "" return ""
} }
func (x *EchoRequest) GetNodeInfo() *NodeInformation {
if x != nil {
return x.NodeInfo
}
return nil
}
type EchoReply struct { type EchoReply struct {
state protoimpl.MessageState state protoimpl.MessageState
sizeCache protoimpl.SizeCache sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields unknownFields protoimpl.UnknownFields
Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"`
ClusterAddrs []string `protobuf:"bytes,2,rep,name=cluster_addrs,json=clusterAddrs,proto3" json:"cluster_addrs,omitempty"` ClusterAddrs []string `protobuf:"bytes,2,rep,name=cluster_addrs,json=clusterAddrs,proto3" json:"cluster_addrs,omitempty"`
ReplicationState uint32 `protobuf:"varint,3,opt,name=replication_state,json=replicationState,proto3" json:"replication_state,omitempty"` ReplicationState uint32 `protobuf:"varint,3,opt,name=replication_state,json=replicationState,proto3" json:"replication_state,omitempty"`
RaftAppliedIndex uint64 `protobuf:"varint,4,opt,name=raft_applied_index,json=raftAppliedIndex,proto3" json:"raft_applied_index,omitempty"` RaftAppliedIndex uint64 `protobuf:"varint,4,opt,name=raft_applied_index,json=raftAppliedIndex,proto3" json:"raft_applied_index,omitempty"`
RaftNodeID string `protobuf:"bytes,5,opt,name=raft_node_id,json=raftNodeId,proto3" json:"raft_node_id,omitempty"` RaftNodeID string `protobuf:"bytes,5,opt,name=raft_node_id,json=raftNodeId,proto3" json:"raft_node_id,omitempty"`
NodeInfo *NodeInformation `protobuf:"bytes,6,opt,name=node_info,json=nodeInfo,proto3" json:"node_info,omitempty"`
} }
func (x *EchoReply) Reset() { func (x *EchoReply) Reset() {
@ -192,6 +201,92 @@ func (x *EchoReply) GetRaftNodeID() string {
return "" return ""
} }
func (x *EchoReply) GetNodeInfo() *NodeInformation {
if x != nil {
return x.NodeInfo
}
return nil
}
type NodeInformation struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
ClusterAddr string `protobuf:"bytes,1,opt,name=cluster_addr,json=clusterAddr,proto3" json:"cluster_addr,omitempty"`
ApiAddr string `protobuf:"bytes,2,opt,name=api_addr,json=apiAddr,proto3" json:"api_addr,omitempty"`
Mode string `protobuf:"bytes,3,opt,name=mode,proto3" json:"mode,omitempty"`
NodeID string `protobuf:"bytes,4,opt,name=node_id,json=nodeId,proto3" json:"node_id,omitempty"`
ReplicationState uint32 `protobuf:"varint,5,opt,name=replication_state,json=replicationState,proto3" json:"replication_state,omitempty"`
}
func (x *NodeInformation) Reset() {
*x = NodeInformation{}
if protoimpl.UnsafeEnabled {
mi := &file_vault_request_forwarding_service_proto_msgTypes[2]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *NodeInformation) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*NodeInformation) ProtoMessage() {}
func (x *NodeInformation) ProtoReflect() protoreflect.Message {
mi := &file_vault_request_forwarding_service_proto_msgTypes[2]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use NodeInformation.ProtoReflect.Descriptor instead.
func (*NodeInformation) Descriptor() ([]byte, []int) {
return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{2}
}
func (x *NodeInformation) GetClusterAddr() string {
if x != nil {
return x.ClusterAddr
}
return ""
}
func (x *NodeInformation) GetApiAddr() string {
if x != nil {
return x.ApiAddr
}
return ""
}
func (x *NodeInformation) GetMode() string {
if x != nil {
return x.Mode
}
return ""
}
func (x *NodeInformation) GetNodeID() string {
if x != nil {
return x.NodeID
}
return ""
}
func (x *NodeInformation) GetReplicationState() uint32 {
if x != nil {
return x.ReplicationState
}
return 0
}
type ClientKey struct { type ClientKey struct {
state protoimpl.MessageState state protoimpl.MessageState
sizeCache protoimpl.SizeCache sizeCache protoimpl.SizeCache
@ -206,7 +301,7 @@ type ClientKey struct {
func (x *ClientKey) Reset() { func (x *ClientKey) Reset() {
*x = ClientKey{} *x = ClientKey{}
if protoimpl.UnsafeEnabled { if protoimpl.UnsafeEnabled {
mi := &file_vault_request_forwarding_service_proto_msgTypes[2] mi := &file_vault_request_forwarding_service_proto_msgTypes[3]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi) ms.StoreMessageInfo(mi)
} }
@ -219,7 +314,7 @@ func (x *ClientKey) String() string {
func (*ClientKey) ProtoMessage() {} func (*ClientKey) ProtoMessage() {}
func (x *ClientKey) ProtoReflect() protoreflect.Message { func (x *ClientKey) ProtoReflect() protoreflect.Message {
mi := &file_vault_request_forwarding_service_proto_msgTypes[2] mi := &file_vault_request_forwarding_service_proto_msgTypes[3]
if protoimpl.UnsafeEnabled && x != nil { if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil { if ms.LoadMessageInfo() == nil {
@ -232,7 +327,7 @@ func (x *ClientKey) ProtoReflect() protoreflect.Message {
// Deprecated: Use ClientKey.ProtoReflect.Descriptor instead. // Deprecated: Use ClientKey.ProtoReflect.Descriptor instead.
func (*ClientKey) Descriptor() ([]byte, []int) { func (*ClientKey) Descriptor() ([]byte, []int) {
return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{2} return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{3}
} }
func (x *ClientKey) GetType() string { func (x *ClientKey) GetType() string {
@ -272,7 +367,7 @@ type PerfStandbyElectionInput struct {
func (x *PerfStandbyElectionInput) Reset() { func (x *PerfStandbyElectionInput) Reset() {
*x = PerfStandbyElectionInput{} *x = PerfStandbyElectionInput{}
if protoimpl.UnsafeEnabled { if protoimpl.UnsafeEnabled {
mi := &file_vault_request_forwarding_service_proto_msgTypes[3] mi := &file_vault_request_forwarding_service_proto_msgTypes[4]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi) ms.StoreMessageInfo(mi)
} }
@ -285,7 +380,7 @@ func (x *PerfStandbyElectionInput) String() string {
func (*PerfStandbyElectionInput) ProtoMessage() {} func (*PerfStandbyElectionInput) ProtoMessage() {}
func (x *PerfStandbyElectionInput) ProtoReflect() protoreflect.Message { func (x *PerfStandbyElectionInput) ProtoReflect() protoreflect.Message {
mi := &file_vault_request_forwarding_service_proto_msgTypes[3] mi := &file_vault_request_forwarding_service_proto_msgTypes[4]
if protoimpl.UnsafeEnabled && x != nil { if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil { if ms.LoadMessageInfo() == nil {
@ -298,7 +393,7 @@ func (x *PerfStandbyElectionInput) ProtoReflect() protoreflect.Message {
// Deprecated: Use PerfStandbyElectionInput.ProtoReflect.Descriptor instead. // Deprecated: Use PerfStandbyElectionInput.ProtoReflect.Descriptor instead.
func (*PerfStandbyElectionInput) Descriptor() ([]byte, []int) { func (*PerfStandbyElectionInput) Descriptor() ([]byte, []int) {
return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{3} return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{4}
} }
type PerfStandbyElectionResponse struct { type PerfStandbyElectionResponse struct {
@ -317,7 +412,7 @@ type PerfStandbyElectionResponse struct {
func (x *PerfStandbyElectionResponse) Reset() { func (x *PerfStandbyElectionResponse) Reset() {
*x = PerfStandbyElectionResponse{} *x = PerfStandbyElectionResponse{}
if protoimpl.UnsafeEnabled { if protoimpl.UnsafeEnabled {
mi := &file_vault_request_forwarding_service_proto_msgTypes[4] mi := &file_vault_request_forwarding_service_proto_msgTypes[5]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi) ms.StoreMessageInfo(mi)
} }
@ -330,7 +425,7 @@ func (x *PerfStandbyElectionResponse) String() string {
func (*PerfStandbyElectionResponse) ProtoMessage() {} func (*PerfStandbyElectionResponse) ProtoMessage() {}
func (x *PerfStandbyElectionResponse) ProtoReflect() protoreflect.Message { func (x *PerfStandbyElectionResponse) ProtoReflect() protoreflect.Message {
mi := &file_vault_request_forwarding_service_proto_msgTypes[4] mi := &file_vault_request_forwarding_service_proto_msgTypes[5]
if protoimpl.UnsafeEnabled && x != nil { if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil { if ms.LoadMessageInfo() == nil {
@ -343,7 +438,7 @@ func (x *PerfStandbyElectionResponse) ProtoReflect() protoreflect.Message {
// Deprecated: Use PerfStandbyElectionResponse.ProtoReflect.Descriptor instead. // Deprecated: Use PerfStandbyElectionResponse.ProtoReflect.Descriptor instead.
func (*PerfStandbyElectionResponse) Descriptor() ([]byte, []int) { func (*PerfStandbyElectionResponse) Descriptor() ([]byte, []int) {
return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{4} return file_vault_request_forwarding_service_proto_rawDescGZIP(), []int{5}
} }
func (x *PerfStandbyElectionResponse) GetID() string { func (x *PerfStandbyElectionResponse) GetID() string {
@ -395,7 +490,7 @@ var file_vault_request_forwarding_service_proto_rawDesc = []byte{
0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69,
0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x05, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x1a, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x05, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x1a,
0x1d, 0x68, 0x65, 0x6c, 0x70, 0x65, 0x72, 0x2f, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x1d, 0x68, 0x65, 0x6c, 0x70, 0x65, 0x72, 0x2f, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69,
0x6e, 0x67, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xbf, 0x6e, 0x67, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xf4,
0x01, 0x0a, 0x0b, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x18, 0x01, 0x0a, 0x0b, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x18,
0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73,
@ -408,58 +503,76 @@ var file_vault_request_forwarding_service_proto_rawDesc = []byte{
0x66, 0x74, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x65, 0x64, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x20, 0x66, 0x74, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x65, 0x64, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x20,
0x0a, 0x0c, 0x72, 0x61, 0x66, 0x74, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x0a, 0x0c, 0x72, 0x61, 0x66, 0x74, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x05,
0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x61, 0x66, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x64, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x61, 0x66, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x64,
0x22, 0xc7, 0x01, 0x0a, 0x09, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x18, 0x12, 0x33, 0x0a, 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x06, 0x20,
0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x4e, 0x6f, 0x64, 0x65,
0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x63, 0x6c, 0x75, 0x73, 0x49, 0x6e, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x08, 0x6e, 0x6f, 0x64,
0x74, 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x22, 0xfc, 0x01, 0x0a, 0x09, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65,
0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x73, 0x12, 0x2b, 0x0a, 0x70, 0x6c, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01,
0x11, 0x72, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x74, 0x61, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x23, 0x0a,
0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x10, 0x72, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x0d, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x73, 0x18, 0x02,
0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x2c, 0x0a, 0x12, 0x72, 0x61, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x41, 0x64, 0x64,
0x66, 0x74, 0x5f, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x65, 0x64, 0x5f, 0x69, 0x6e, 0x64, 0x65, 0x78, 0x72, 0x73, 0x12, 0x2b, 0x0a, 0x11, 0x72, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x10, 0x72, 0x61, 0x66, 0x74, 0x41, 0x70, 0x70, 0x6c, 0x6e, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x10, 0x72,
0x69, 0x65, 0x64, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x20, 0x0a, 0x0c, 0x72, 0x61, 0x66, 0x74, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12,
0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x2c, 0x0a, 0x12, 0x72, 0x61, 0x66, 0x74, 0x5f, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x65, 0x64, 0x5f,
0x72, 0x61, 0x66, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x64, 0x22, 0x49, 0x0a, 0x09, 0x43, 0x6c, 0x69, 0x6e, 0x64, 0x65, 0x78, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x10, 0x72, 0x61, 0x66,
0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x74, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x65, 0x64, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x20, 0x0a,
0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x0c, 0x0a, 0x01, 0x78, 0x0c, 0x72, 0x61, 0x66, 0x74, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x20,
0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x01, 0x78, 0x12, 0x0c, 0x0a, 0x01, 0x79, 0x18, 0x03, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x61, 0x66, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x64, 0x12,
0x20, 0x01, 0x28, 0x0c, 0x52, 0x01, 0x79, 0x12, 0x0c, 0x0a, 0x01, 0x64, 0x18, 0x04, 0x20, 0x01, 0x33, 0x0a, 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x06, 0x20, 0x01,
0x28, 0x0c, 0x52, 0x01, 0x64, 0x22, 0x1a, 0x0a, 0x18, 0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x49,
0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x70, 0x75, 0x6e, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x08, 0x6e, 0x6f, 0x64, 0x65,
0x74, 0x22, 0xe9, 0x01, 0x0a, 0x1b, 0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x49, 0x6e, 0x66, 0x6f, 0x22, 0xa9, 0x01, 0x0a, 0x0f, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66,
0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73,
0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b,
0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x12, 0x19, 0x0a, 0x08, 0x61,
0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x49, 0x64, 0x70, 0x69, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x61,
0x12, 0x30, 0x0a, 0x14, 0x70, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x70, 0x69, 0x41, 0x64, 0x64, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x03,
0x74, 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x12, 0x17, 0x0a, 0x07, 0x6e, 0x6f,
0x70, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x41, 0x64, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6e, 0x6f, 0x64,
0x64, 0x72, 0x12, 0x17, 0x0a, 0x07, 0x63, 0x61, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x18, 0x04, 0x20, 0x65, 0x49, 0x64, 0x12, 0x2b, 0x0a, 0x11, 0x72, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69,
0x01, 0x28, 0x0c, 0x52, 0x06, 0x63, 0x61, 0x43, 0x65, 0x72, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x10,
0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c, 0x72, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65,
0x52, 0x0a, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x12, 0x2f, 0x0a, 0x0a, 0x22, 0x49, 0x0a, 0x09, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x12, 0x12, 0x0a,
0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70,
0x32, 0x10, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65, 0x12, 0x0c, 0x0a, 0x01, 0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x01, 0x78, 0x12,
0x65, 0x79, 0x52, 0x09, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x32, 0xf0, 0x01, 0x0c, 0x0a, 0x01, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x01, 0x79, 0x12, 0x0c, 0x0a,
0x0a, 0x11, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x01, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x01, 0x64, 0x22, 0x1a, 0x0a, 0x18, 0x50,
0x69, 0x6e, 0x67, 0x12, 0x3d, 0x0a, 0x0e, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x52, 0x65, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69,
0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x13, 0x2e, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x22, 0xe9, 0x01, 0x0a, 0x1b, 0x50, 0x65, 0x72, 0x66,
0x6e, 0x67, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x66, 0x6f, 0x72, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52,
0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20,
0x22, 0x00, 0x12, 0x2e, 0x0a, 0x04, 0x45, 0x63, 0x68, 0x6f, 0x12, 0x12, 0x2e, 0x76, 0x61, 0x75, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x63, 0x6c, 0x75, 0x73, 0x74,
0x6c, 0x74, 0x2e, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x10, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x63, 0x6c, 0x75,
0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x73, 0x74, 0x65, 0x72, 0x49, 0x64, 0x12, 0x30, 0x0a, 0x14, 0x70, 0x72, 0x69, 0x6d, 0x61, 0x72,
0x22, 0x00, 0x12, 0x6c, 0x0a, 0x21, 0x50, 0x65, 0x72, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x6e, 0x63, 0x79, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0x03,
0x65, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x70, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x43, 0x6c, 0x75,
0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1f, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x73, 0x74, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x12, 0x17, 0x0a, 0x07, 0x63, 0x61, 0x5f, 0x63,
0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x65, 0x72, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x63, 0x61, 0x43, 0x65, 0x72,
0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x1a, 0x22, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74,
0x2e, 0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0a, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65,
0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x30, 0x01, 0x72, 0x74, 0x12, 0x2f, 0x0a, 0x0a, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6b, 0x65, 0x79,
0x42, 0x22, 0x5a, 0x20, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x43,
0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2f, 0x76, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x52, 0x09, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
0x61, 0x75, 0x6c, 0x74, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, 0x4b, 0x65, 0x79, 0x32, 0xf0, 0x01, 0x0a, 0x11, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x46,
0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x12, 0x3d, 0x0a, 0x0e, 0x46, 0x6f, 0x72,
0x77, 0x61, 0x72, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x13, 0x2e, 0x66, 0x6f,
0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
0x1a, 0x14, 0x2e, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x2e, 0x52, 0x65,
0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x2e, 0x0a, 0x04, 0x45, 0x63, 0x68, 0x6f,
0x12, 0x12, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x45, 0x63, 0x68, 0x6f, 0x52, 0x65, 0x71,
0x75, 0x65, 0x73, 0x74, 0x1a, 0x10, 0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x45, 0x63, 0x68,
0x6f, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x6c, 0x0a, 0x21, 0x50, 0x65, 0x72, 0x66,
0x6f, 0x72, 0x6d, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62, 0x79, 0x45, 0x6c,
0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1f, 0x2e,
0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x62,
0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x1a, 0x22,
0x2e, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x50, 0x65, 0x72, 0x66, 0x53, 0x74, 0x61, 0x6e, 0x64,
0x62, 0x79, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
0x73, 0x65, 0x22, 0x00, 0x30, 0x01, 0x42, 0x22, 0x5a, 0x20, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62,
0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x76,
0x61, 0x75, 0x6c, 0x74, 0x2f, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x33,
} }
var ( var (
@ -474,29 +587,32 @@ func file_vault_request_forwarding_service_proto_rawDescGZIP() []byte {
return file_vault_request_forwarding_service_proto_rawDescData return file_vault_request_forwarding_service_proto_rawDescData
} }
var file_vault_request_forwarding_service_proto_msgTypes = make([]protoimpl.MessageInfo, 5) var file_vault_request_forwarding_service_proto_msgTypes = make([]protoimpl.MessageInfo, 6)
var file_vault_request_forwarding_service_proto_goTypes = []interface{}{ var file_vault_request_forwarding_service_proto_goTypes = []interface{}{
(*EchoRequest)(nil), // 0: vault.EchoRequest (*EchoRequest)(nil), // 0: vault.EchoRequest
(*EchoReply)(nil), // 1: vault.EchoReply (*EchoReply)(nil), // 1: vault.EchoReply
(*ClientKey)(nil), // 2: vault.ClientKey (*NodeInformation)(nil), // 2: vault.NodeInformation
(*PerfStandbyElectionInput)(nil), // 3: vault.PerfStandbyElectionInput (*ClientKey)(nil), // 3: vault.ClientKey
(*PerfStandbyElectionResponse)(nil), // 4: vault.PerfStandbyElectionResponse (*PerfStandbyElectionInput)(nil), // 4: vault.PerfStandbyElectionInput
(*forwarding.Request)(nil), // 5: forwarding.Request (*PerfStandbyElectionResponse)(nil), // 5: vault.PerfStandbyElectionResponse
(*forwarding.Response)(nil), // 6: forwarding.Response (*forwarding.Request)(nil), // 6: forwarding.Request
(*forwarding.Response)(nil), // 7: forwarding.Response
} }
var file_vault_request_forwarding_service_proto_depIDxs = []int32{ var file_vault_request_forwarding_service_proto_depIDxs = []int32{
2, // 0: vault.PerfStandbyElectionResponse.client_key:type_name -> vault.ClientKey 2, // 0: vault.EchoRequest.node_info:type_name -> vault.NodeInformation
5, // 1: vault.RequestForwarding.ForwardRequest:input_type -> forwarding.Request 2, // 1: vault.EchoReply.node_info:type_name -> vault.NodeInformation
0, // 2: vault.RequestForwarding.Echo:input_type -> vault.EchoRequest 3, // 2: vault.PerfStandbyElectionResponse.client_key:type_name -> vault.ClientKey
3, // 3: vault.RequestForwarding.PerformanceStandbyElectionRequest:input_type -> vault.PerfStandbyElectionInput 6, // 3: vault.RequestForwarding.ForwardRequest:input_type -> forwarding.Request
6, // 4: vault.RequestForwarding.ForwardRequest:output_type -> forwarding.Response 0, // 4: vault.RequestForwarding.Echo:input_type -> vault.EchoRequest
1, // 5: vault.RequestForwarding.Echo:output_type -> vault.EchoReply 4, // 5: vault.RequestForwarding.PerformanceStandbyElectionRequest:input_type -> vault.PerfStandbyElectionInput
4, // 6: vault.RequestForwarding.PerformanceStandbyElectionRequest:output_type -> vault.PerfStandbyElectionResponse 7, // 6: vault.RequestForwarding.ForwardRequest:output_type -> forwarding.Response
4, // [4:7] is the sub-list for method output_type 1, // 7: vault.RequestForwarding.Echo:output_type -> vault.EchoReply
1, // [1:4] is the sub-list for method input_type 5, // 8: vault.RequestForwarding.PerformanceStandbyElectionRequest:output_type -> vault.PerfStandbyElectionResponse
1, // [1:1] is the sub-list for extension type_name 6, // [6:9] is the sub-list for method output_type
1, // [1:1] is the sub-list for extension extendee 3, // [3:6] is the sub-list for method input_type
0, // [0:1] is the sub-list for field type_name 3, // [3:3] is the sub-list for extension type_name
3, // [3:3] is the sub-list for extension extendee
0, // [0:3] is the sub-list for field type_name
} }
func init() { file_vault_request_forwarding_service_proto_init() } func init() { file_vault_request_forwarding_service_proto_init() }
@ -530,7 +646,7 @@ func file_vault_request_forwarding_service_proto_init() {
} }
} }
file_vault_request_forwarding_service_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { file_vault_request_forwarding_service_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*ClientKey); i { switch v := v.(*NodeInformation); i {
case 0: case 0:
return &v.state return &v.state
case 1: case 1:
@ -542,7 +658,7 @@ func file_vault_request_forwarding_service_proto_init() {
} }
} }
file_vault_request_forwarding_service_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { file_vault_request_forwarding_service_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*PerfStandbyElectionInput); i { switch v := v.(*ClientKey); i {
case 0: case 0:
return &v.state return &v.state
case 1: case 1:
@ -554,6 +670,18 @@ func file_vault_request_forwarding_service_proto_init() {
} }
} }
file_vault_request_forwarding_service_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { file_vault_request_forwarding_service_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*PerfStandbyElectionInput); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_vault_request_forwarding_service_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*PerfStandbyElectionResponse); i { switch v := v.(*PerfStandbyElectionResponse); i {
case 0: case 0:
return &v.state return &v.state
@ -572,7 +700,7 @@ func file_vault_request_forwarding_service_proto_init() {
GoPackagePath: reflect.TypeOf(x{}).PkgPath(), GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_vault_request_forwarding_service_proto_rawDesc, RawDescriptor: file_vault_request_forwarding_service_proto_rawDesc,
NumEnums: 0, NumEnums: 0,
NumMessages: 5, NumMessages: 6,
NumExtensions: 0, NumExtensions: 0,
NumServices: 1, NumServices: 1,
}, },

68
vendor/github.com/hashicorp/vault/api/sys_plugins.go generated vendored
View File

@ -5,6 +5,7 @@ import (
"errors" "errors"
"fmt" "fmt"
"net/http" "net/http"
"time"
"github.com/hashicorp/vault/sdk/helper/consts" "github.com/hashicorp/vault/sdk/helper/consts"
"github.com/mitchellh/mapstructure" "github.com/mitchellh/mapstructure"
@ -232,15 +233,19 @@ type ReloadPluginInput struct {
// Mounts is the array of string mount paths of the plugin backends to reload // Mounts is the array of string mount paths of the plugin backends to reload
Mounts []string `json:"mounts"` Mounts []string `json:"mounts"`
// Scope is the scope of the plugin reload
Scope string `json:"scope"`
} }
// ReloadPlugin reloads mounted plugin backends // ReloadPlugin reloads mounted plugin backends, possibly returning
func (c *Sys) ReloadPlugin(i *ReloadPluginInput) error { // reloadId for a cluster scoped reload
func (c *Sys) ReloadPlugin(i *ReloadPluginInput) (string, error) {
path := "/v1/sys/plugins/reload/backend" path := "/v1/sys/plugins/reload/backend"
req := c.c.NewRequest(http.MethodPut, path) req := c.c.NewRequest(http.MethodPut, path)
if err := req.SetJSONBody(i); err != nil { if err := req.SetJSONBody(i); err != nil {
return err return "", err
} }
ctx, cancelFunc := context.WithCancel(context.Background()) ctx, cancelFunc := context.WithCancel(context.Background())
@ -248,10 +253,63 @@ func (c *Sys) ReloadPlugin(i *ReloadPluginInput) error {
resp, err := c.c.RawRequestWithContext(ctx, req) resp, err := c.c.RawRequestWithContext(ctx, req)
if err != nil { if err != nil {
return err return "", err
} }
defer resp.Body.Close() defer resp.Body.Close()
return err
if i.Scope == "cluster" {
// Get the reload id
secret, parseErr := ParseSecret(resp.Body)
if parseErr != nil {
return "", err
}
return secret.Data["reload_id"].(string), nil
}
return "", err
}
type PluginReloadStatus struct {
Timestamp time.Time `json:"timestamp"`
Success bool `json:"success"`
Message string `json:"message"`
}
type PluginReloadStatusResponse struct {
ReloadID string
Results map[string]interface{}
}
// ReloadPluginStatusInput is used as input to the ReloadStatusPlugin function.
type ReloadPluginStatusInput struct {
// ReloadID is the ID of the reload operation
ReloadID string `json:"reload_id"`
}
// ReloadPluginStatus retrieves the status of a reload operation
func (c *Sys) ReloadPluginStatus(reloadID string) (map[string]interface{}, error) {
path := "/v1/sys/plugins/reload/backend/status"
req := c.c.NewRequest(http.MethodGet, path)
req.Params.Add("reload_id", reloadID)
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, req)
if err != nil {
return nil, err
}
defer resp.Body.Close()
if resp != nil {
secret, parseErr := ParseSecret(resp.Body)
if parseErr != nil {
return nil, err
}
return secret.Data, nil
}
return nil, nil
} }
// catalogPathByType is a helper to construct the proper API path by plugin type // catalogPathByType is a helper to construct the proper API path by plugin type

195
vendor/modules.txt vendored
View File

@ -60,11 +60,9 @@ github.com/DataDog/zstd
github.com/Jeffail/gabs github.com/Jeffail/gabs
# github.com/Masterminds/semver v1.4.2 # github.com/Masterminds/semver v1.4.2
github.com/Masterminds/semver github.com/Masterminds/semver
# github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5 # github.com/Microsoft/go-winio v0.4.14
github.com/Microsoft/go-winio github.com/Microsoft/go-winio
github.com/Microsoft/go-winio/pkg/guid github.com/Microsoft/go-winio/pkg/guid
# github.com/Microsoft/hcsshim v0.8.9
github.com/Microsoft/hcsshim/osversion
# github.com/NYTimes/gziphandler v1.1.1 # github.com/NYTimes/gziphandler v1.1.1
github.com/NYTimes/gziphandler github.com/NYTimes/gziphandler
# github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 # github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5
@ -200,22 +198,19 @@ github.com/client9/misspell
github.com/client9/misspell/cmd/misspell github.com/client9/misspell/cmd/misspell
# github.com/cloudfoundry-community/go-cfclient v0.0.0-20190201205600-f136f9222381 # github.com/cloudfoundry-community/go-cfclient v0.0.0-20190201205600-f136f9222381
github.com/cloudfoundry-community/go-cfclient github.com/cloudfoundry-community/go-cfclient
# github.com/cockroachdb/apd v1.1.0
github.com/cockroachdb/apd
# github.com/cockroachdb/cockroach-go v0.0.0-20181001143604-e0a95dfd547c # github.com/cockroachdb/cockroach-go v0.0.0-20181001143604-e0a95dfd547c
github.com/cockroachdb/cockroach-go/crdb github.com/cockroachdb/cockroach-go/crdb
# github.com/containerd/containerd v1.3.4 # github.com/containerd/continuity v0.0.0-20191214063359-1097c8bae83b
github.com/containerd/containerd/errdefs
# github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc
github.com/containerd/continuity/fs
github.com/containerd/continuity/pathdriver github.com/containerd/continuity/pathdriver
github.com/containerd/continuity/syscallx
github.com/containerd/continuity/sysx
# github.com/coreos/go-oidc v2.1.0+incompatible # github.com/coreos/go-oidc v2.1.0+incompatible
github.com/coreos/go-oidc github.com/coreos/go-oidc
# github.com/coreos/go-semver v0.2.0 # github.com/coreos/go-semver v0.2.0
github.com/coreos/go-semver/semver github.com/coreos/go-semver/semver
# github.com/coreos/go-systemd/v22 v22.0.0 # github.com/coreos/go-systemd/v22 v22.0.0
github.com/coreos/go-systemd/v22/journal github.com/coreos/go-systemd/v22/journal
# github.com/davecgh/go-spew v1.1.1 # github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
github.com/davecgh/go-spew/spew github.com/davecgh/go-spew/spew
# github.com/denisenkom/go-mssqldb v0.0.0-20200428022330-06a60b6afbbc # github.com/denisenkom/go-mssqldb v0.0.0-20200428022330-06a60b6afbbc
github.com/denisenkom/go-mssqldb github.com/denisenkom/go-mssqldb
@ -226,41 +221,8 @@ github.com/denisenkom/go-mssqldb/internal/querytext
github.com/dgrijalva/jwt-go github.com/dgrijalva/jwt-go
# github.com/dimchansky/utfbom v1.1.0 # github.com/dimchansky/utfbom v1.1.0
github.com/dimchansky/utfbom github.com/dimchansky/utfbom
# github.com/docker/distribution v2.7.1+incompatible
github.com/docker/distribution/digestset
github.com/docker/distribution/reference
github.com/docker/distribution/registry/api/errcode
# github.com/docker/docker v1.4.2-0.20200319182547-c7ad2b866182
github.com/docker/docker/api
github.com/docker/docker/api/types
github.com/docker/docker/api/types/blkiodev
github.com/docker/docker/api/types/container
github.com/docker/docker/api/types/events
github.com/docker/docker/api/types/filters
github.com/docker/docker/api/types/image
github.com/docker/docker/api/types/mount
github.com/docker/docker/api/types/network
github.com/docker/docker/api/types/registry
github.com/docker/docker/api/types/strslice
github.com/docker/docker/api/types/swarm
github.com/docker/docker/api/types/swarm/runtime
github.com/docker/docker/api/types/time
github.com/docker/docker/api/types/versions
github.com/docker/docker/api/types/volume
github.com/docker/docker/client
github.com/docker/docker/errdefs
github.com/docker/docker/pkg/archive
github.com/docker/docker/pkg/fileutils
github.com/docker/docker/pkg/idtools
github.com/docker/docker/pkg/ioutils
github.com/docker/docker/pkg/longpath
github.com/docker/docker/pkg/mount
github.com/docker/docker/pkg/pools
github.com/docker/docker/pkg/system
# github.com/docker/go-connections v0.4.0 # github.com/docker/go-connections v0.4.0
github.com/docker/go-connections/nat github.com/docker/go-connections/nat
github.com/docker/go-connections/sockets
github.com/docker/go-connections/tlsconfig
# github.com/docker/go-units v0.4.0 # github.com/docker/go-units v0.4.0
github.com/docker/go-units github.com/docker/go-units
# github.com/dsnet/compress v0.0.1 # github.com/dsnet/compress v0.0.1
@ -376,12 +338,37 @@ github.com/hashicorp/errwrap
github.com/hashicorp/go-bindata github.com/hashicorp/go-bindata
# github.com/hashicorp/go-cleanhttp v0.5.1 # github.com/hashicorp/go-cleanhttp v0.5.1
github.com/hashicorp/go-cleanhttp github.com/hashicorp/go-cleanhttp
# github.com/hashicorp/go-fpe v0.0.0-20200302182253-52932d2c7705
github.com/hashicorp/go-fpe/ff3-1
# github.com/hashicorp/go-gcp-common v0.6.0 # github.com/hashicorp/go-gcp-common v0.6.0
github.com/hashicorp/go-gcp-common/gcputil github.com/hashicorp/go-gcp-common/gcputil
# github.com/hashicorp/go-hclog v0.14.1 # github.com/hashicorp/go-hclog v0.13.0
github.com/hashicorp/go-hclog github.com/hashicorp/go-hclog
# github.com/hashicorp/go-immutable-radix v1.1.0 # github.com/hashicorp/go-immutable-radix v1.1.0
github.com/hashicorp/go-immutable-radix github.com/hashicorp/go-immutable-radix
# github.com/hashicorp/go-kmip v0.0.0-20200521195242-bc3798d6b119
github.com/hashicorp/go-kmip/audit
github.com/hashicorp/go-kmip/client
github.com/hashicorp/go-kmip/conns
github.com/hashicorp/go-kmip/encoding/json
github.com/hashicorp/go-kmip/encoding/ttlv
github.com/hashicorp/go-kmip/env
github.com/hashicorp/go-kmip/handler
github.com/hashicorp/go-kmip/kmip
github.com/hashicorp/go-kmip/kmip/types/attr
github.com/hashicorp/go-kmip/kmip/types/bo
github.com/hashicorp/go-kmip/kmip/types/data
github.com/hashicorp/go-kmip/kmip/types/enum
github.com/hashicorp/go-kmip/kmip/types/errs
github.com/hashicorp/go-kmip/kmip/types/field
github.com/hashicorp/go-kmip/kmip/types/mask
github.com/hashicorp/go-kmip/kmip/types/message
github.com/hashicorp/go-kmip/kmip/types/mo
github.com/hashicorp/go-kmip/kmip/types/payload
github.com/hashicorp/go-kmip/kmip/types/tag
github.com/hashicorp/go-kmip/server
github.com/hashicorp/go-kmip/storage
github.com/hashicorp/go-kmip/util
# github.com/hashicorp/go-kms-wrapping v0.5.10 # github.com/hashicorp/go-kms-wrapping v0.5.10
github.com/hashicorp/go-kms-wrapping github.com/hashicorp/go-kms-wrapping
github.com/hashicorp/go-kms-wrapping/internal/xor github.com/hashicorp/go-kms-wrapping/internal/xor
@ -392,13 +379,20 @@ github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault
github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms
github.com/hashicorp/go-kms-wrapping/wrappers/ocikms github.com/hashicorp/go-kms-wrapping/wrappers/ocikms
github.com/hashicorp/go-kms-wrapping/wrappers/transit github.com/hashicorp/go-kms-wrapping/wrappers/transit
# github.com/hashicorp/go-kms-wrapping-enterprise v0.5.1
github.com/hashicorp/go-kms-wrapping-enterprise/internal/permitpool
github.com/hashicorp/go-kms-wrapping-enterprise/wrappers/awskms
github.com/hashicorp/go-kms-wrapping-enterprise/wrappers/pkcs11
github.com/hashicorp/go-kms-wrapping-enterprise/wrappers/transit
# github.com/hashicorp/go-kms-wrapping/entropy v0.1.0 # github.com/hashicorp/go-kms-wrapping/entropy v0.1.0
github.com/hashicorp/go-kms-wrapping/entropy github.com/hashicorp/go-kms-wrapping/entropy
# github.com/hashicorp/go-licensing v1.1.1
github.com/hashicorp/go-licensing
# github.com/hashicorp/go-memdb v1.0.2 # github.com/hashicorp/go-memdb v1.0.2
github.com/hashicorp/go-memdb github.com/hashicorp/go-memdb
# github.com/hashicorp/go-msgpack v0.5.5 # github.com/hashicorp/go-msgpack v0.5.5
github.com/hashicorp/go-msgpack/codec github.com/hashicorp/go-msgpack/codec
# github.com/hashicorp/go-multierror v1.1.0 # github.com/hashicorp/go-multierror v1.0.0
github.com/hashicorp/go-multierror github.com/hashicorp/go-multierror
# github.com/hashicorp/go-plugin v1.0.1 # github.com/hashicorp/go-plugin v1.0.1
github.com/hashicorp/go-plugin github.com/hashicorp/go-plugin
@ -406,7 +400,7 @@ github.com/hashicorp/go-plugin/internal/plugin
# github.com/hashicorp/go-raftchunking v0.6.3-0.20191002164813-7e9e8525653a # github.com/hashicorp/go-raftchunking v0.6.3-0.20191002164813-7e9e8525653a
github.com/hashicorp/go-raftchunking github.com/hashicorp/go-raftchunking
github.com/hashicorp/go-raftchunking/types github.com/hashicorp/go-raftchunking/types
# github.com/hashicorp/go-retryablehttp v0.6.6 # github.com/hashicorp/go-retryablehttp v0.6.3
github.com/hashicorp/go-retryablehttp github.com/hashicorp/go-retryablehttp
# github.com/hashicorp/go-rootcerts v1.0.2 # github.com/hashicorp/go-rootcerts v1.0.2
github.com/hashicorp/go-rootcerts github.com/hashicorp/go-rootcerts
@ -442,6 +436,41 @@ github.com/hashicorp/nomad/api/contexts
github.com/hashicorp/raft github.com/hashicorp/raft
# github.com/hashicorp/raft-snapshot v1.0.2-0.20190827162939-8117efcc5aab # github.com/hashicorp/raft-snapshot v1.0.2-0.20190827162939-8117efcc5aab
github.com/hashicorp/raft-snapshot github.com/hashicorp/raft-snapshot
# github.com/hashicorp/sentinel v0.14.4
github.com/hashicorp/sentinel/cmd/format
github.com/hashicorp/sentinel/imports/decimal
github.com/hashicorp/sentinel/imports/http
github.com/hashicorp/sentinel/imports/json
github.com/hashicorp/sentinel/imports/runtime
github.com/hashicorp/sentinel/imports/sockaddr
github.com/hashicorp/sentinel/imports/static
github.com/hashicorp/sentinel/imports/static/teststructs
github.com/hashicorp/sentinel/imports/stdlib
github.com/hashicorp/sentinel/imports/strings
github.com/hashicorp/sentinel/imports/time
github.com/hashicorp/sentinel/imports/types
github.com/hashicorp/sentinel/imports/units
github.com/hashicorp/sentinel/lang/ast
github.com/hashicorp/sentinel/lang/object
github.com/hashicorp/sentinel/lang/parser
github.com/hashicorp/sentinel/lang/printer
github.com/hashicorp/sentinel/lang/scanner
github.com/hashicorp/sentinel/lang/semantic
github.com/hashicorp/sentinel/lang/token
github.com/hashicorp/sentinel/runtime/encoding
github.com/hashicorp/sentinel/runtime/eval
github.com/hashicorp/sentinel/runtime/importer
github.com/hashicorp/sentinel/runtime/parameterizer
github.com/hashicorp/sentinel/runtime/parameterizer/scoped
github.com/hashicorp/sentinel/runtime/trace
github.com/hashicorp/sentinel/sentinel
github.com/hashicorp/sentinel/version
# github.com/hashicorp/sentinel-sdk v0.3.7
github.com/hashicorp/sentinel-sdk
github.com/hashicorp/sentinel-sdk/encoding
github.com/hashicorp/sentinel-sdk/framework
github.com/hashicorp/sentinel-sdk/proto/go
github.com/hashicorp/sentinel-sdk/rpc
# github.com/hashicorp/serf v0.8.3 # github.com/hashicorp/serf v0.8.3
github.com/hashicorp/serf/coordinate github.com/hashicorp/serf/coordinate
# github.com/hashicorp/vault-plugin-auth-alicloud v0.5.5 # github.com/hashicorp/vault-plugin-auth-alicloud v0.5.5
@ -461,11 +490,11 @@ github.com/hashicorp/vault-plugin-auth-cf/util
# github.com/hashicorp/vault-plugin-auth-gcp v0.6.1 # github.com/hashicorp/vault-plugin-auth-gcp v0.6.1
github.com/hashicorp/vault-plugin-auth-gcp/plugin github.com/hashicorp/vault-plugin-auth-gcp/plugin
github.com/hashicorp/vault-plugin-auth-gcp/plugin/cache github.com/hashicorp/vault-plugin-auth-gcp/plugin/cache
# github.com/hashicorp/vault-plugin-auth-jwt v0.7.0 # github.com/hashicorp/vault-plugin-auth-jwt v0.6.2
github.com/hashicorp/vault-plugin-auth-jwt github.com/hashicorp/vault-plugin-auth-jwt
# github.com/hashicorp/vault-plugin-auth-kerberos v0.1.6 # github.com/hashicorp/vault-plugin-auth-kerberos v0.1.5
github.com/hashicorp/vault-plugin-auth-kerberos github.com/hashicorp/vault-plugin-auth-kerberos
# github.com/hashicorp/vault-plugin-auth-kubernetes v0.6.2 # github.com/hashicorp/vault-plugin-auth-kubernetes v0.6.1
github.com/hashicorp/vault-plugin-auth-kubernetes github.com/hashicorp/vault-plugin-auth-kubernetes
# github.com/hashicorp/vault-plugin-auth-oci v0.5.5 # github.com/hashicorp/vault-plugin-auth-oci v0.5.5
github.com/hashicorp/vault-plugin-auth-oci github.com/hashicorp/vault-plugin-auth-oci
@ -480,7 +509,7 @@ github.com/hashicorp/vault-plugin-secrets-ad/plugin/util
# github.com/hashicorp/vault-plugin-secrets-alicloud v0.5.5 # github.com/hashicorp/vault-plugin-secrets-alicloud v0.5.5
github.com/hashicorp/vault-plugin-secrets-alicloud github.com/hashicorp/vault-plugin-secrets-alicloud
github.com/hashicorp/vault-plugin-secrets-alicloud/clients github.com/hashicorp/vault-plugin-secrets-alicloud/clients
# github.com/hashicorp/vault-plugin-secrets-azure v0.6.1 # github.com/hashicorp/vault-plugin-secrets-azure v0.5.6
github.com/hashicorp/vault-plugin-secrets-azure github.com/hashicorp/vault-plugin-secrets-azure
# github.com/hashicorp/vault-plugin-secrets-gcp v0.6.3-0.20200615210754-6c617f9285c3 # github.com/hashicorp/vault-plugin-secrets-gcp v0.6.3-0.20200615210754-6c617f9285c3
github.com/hashicorp/vault-plugin-secrets-gcp/plugin github.com/hashicorp/vault-plugin-secrets-gcp/plugin
@ -488,16 +517,20 @@ github.com/hashicorp/vault-plugin-secrets-gcp/plugin/iamutil
github.com/hashicorp/vault-plugin-secrets-gcp/plugin/util github.com/hashicorp/vault-plugin-secrets-gcp/plugin/util
# github.com/hashicorp/vault-plugin-secrets-gcpkms v0.5.5 # github.com/hashicorp/vault-plugin-secrets-gcpkms v0.5.5
github.com/hashicorp/vault-plugin-secrets-gcpkms github.com/hashicorp/vault-plugin-secrets-gcpkms
# github.com/hashicorp/vault-plugin-secrets-kmip v0.1.3
github.com/hashicorp/vault-plugin-secrets-kmip/plugin
# github.com/hashicorp/vault-plugin-secrets-kv v0.5.5 # github.com/hashicorp/vault-plugin-secrets-kv v0.5.5
github.com/hashicorp/vault-plugin-secrets-kv github.com/hashicorp/vault-plugin-secrets-kv
# github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.1.2 # github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.1.2
github.com/hashicorp/vault-plugin-secrets-mongodbatlas github.com/hashicorp/vault-plugin-secrets-mongodbatlas
# github.com/hashicorp/vault-plugin-secrets-openldap v0.1.4-0.20200618161832-cae59ebde561 # github.com/hashicorp/vault-plugin-secrets-openldap v0.1.3
github.com/hashicorp/vault-plugin-secrets-openldap github.com/hashicorp/vault-plugin-secrets-openldap
github.com/hashicorp/vault-plugin-secrets-openldap/client github.com/hashicorp/vault-plugin-secrets-openldap/client
# github.com/hashicorp/vault/api v1.0.5-0.20200519221902-385fac77e20f => ./api # github.com/hashicorp/vault-plugin-secrets-transform v0.1.3
github.com/hashicorp/vault-plugin-secrets-transform
# github.com/hashicorp/vault/api v1.0.5-0.20200619171258-e54ddc909815 => ./api
github.com/hashicorp/vault/api github.com/hashicorp/vault/api
# github.com/hashicorp/vault/sdk v0.1.14-0.20200527182800-ad90e0b39d2f => ./sdk # github.com/hashicorp/vault/sdk v0.1.14-0.20200615191832-d4b3c4b29c62 => ./sdk
github.com/hashicorp/vault/sdk/database/dbplugin github.com/hashicorp/vault/sdk/database/dbplugin
github.com/hashicorp/vault/sdk/database/helper/connutil github.com/hashicorp/vault/sdk/database/helper/connutil
github.com/hashicorp/vault/sdk/database/helper/credsutil github.com/hashicorp/vault/sdk/database/helper/credsutil
@ -543,8 +576,6 @@ github.com/hashicorp/vault/sdk/plugin
github.com/hashicorp/vault/sdk/plugin/mock github.com/hashicorp/vault/sdk/plugin/mock
github.com/hashicorp/vault/sdk/plugin/pb github.com/hashicorp/vault/sdk/plugin/pb
github.com/hashicorp/vault/sdk/queue github.com/hashicorp/vault/sdk/queue
github.com/hashicorp/vault/sdk/testing/stepwise
github.com/hashicorp/vault/sdk/testing/stepwise/environments/docker
github.com/hashicorp/vault/sdk/version github.com/hashicorp/vault/sdk/version
# github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d # github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d
github.com/hashicorp/yamux github.com/hashicorp/yamux
@ -612,6 +643,8 @@ github.com/jefferai/isbadcipher
github.com/jefferai/jsonx github.com/jefferai/jsonx
# github.com/jmespath/go-jmespath v0.3.0 # github.com/jmespath/go-jmespath v0.3.0
github.com/jmespath/go-jmespath github.com/jmespath/go-jmespath
# github.com/jonboulle/clockwork v0.1.0
github.com/jonboulle/clockwork
# github.com/joyent/triton-go v1.7.1-0.20200416154420-6801d15b779f # github.com/joyent/triton-go v1.7.1-0.20200416154420-6801d15b779f
github.com/joyent/triton-go github.com/joyent/triton-go
github.com/joyent/triton-go/authentication github.com/joyent/triton-go/authentication
@ -644,9 +677,9 @@ github.com/keybase/go-crypto/rsa
github.com/konsorten/go-windows-terminal-sequences github.com/konsorten/go-windows-terminal-sequences
# github.com/kr/pretty v0.2.0 # github.com/kr/pretty v0.2.0
github.com/kr/pretty github.com/kr/pretty
# github.com/kr/text v0.2.0 # github.com/kr/text v0.1.0
github.com/kr/text github.com/kr/text
# github.com/lib/pq v1.2.0 # github.com/lib/pq v1.3.0
github.com/lib/pq github.com/lib/pq
github.com/lib/pq/oid github.com/lib/pq/oid
github.com/lib/pq/scram github.com/lib/pq/scram
@ -662,8 +695,12 @@ github.com/matttproud/golang_protobuf_extensions/pbutil
github.com/mholt/archiver github.com/mholt/archiver
# github.com/michaelklishin/rabbit-hole v0.0.0-20191008194146-93d9988f0cd5 # github.com/michaelklishin/rabbit-hole v0.0.0-20191008194146-93d9988f0cd5
github.com/michaelklishin/rabbit-hole github.com/michaelklishin/rabbit-hole
# github.com/miekg/pkcs11 v1.0.3
github.com/miekg/pkcs11
# github.com/mitchellh/cli v1.0.0 # github.com/mitchellh/cli v1.0.0
github.com/mitchellh/cli github.com/mitchellh/cli
# github.com/mitchellh/colorstring v0.0.0-20150917214807-8631ce90f286
github.com/mitchellh/colorstring
# github.com/mitchellh/copystructure v1.0.0 # github.com/mitchellh/copystructure v1.0.0
github.com/mitchellh/copystructure github.com/mitchellh/copystructure
# github.com/mitchellh/go-homedir v1.1.0 # github.com/mitchellh/go-homedir v1.1.0
@ -676,9 +713,9 @@ github.com/mitchellh/gox
github.com/mitchellh/hashstructure github.com/mitchellh/hashstructure
# github.com/mitchellh/iochan v1.0.0 # github.com/mitchellh/iochan v1.0.0
github.com/mitchellh/iochan github.com/mitchellh/iochan
# github.com/mitchellh/mapstructure v1.3.2 # github.com/mitchellh/mapstructure v1.2.2
github.com/mitchellh/mapstructure github.com/mitchellh/mapstructure
# github.com/mitchellh/pointerstructure v1.0.0 # github.com/mitchellh/pointerstructure v0.0.0-20190430161007-f252a8fd71c8
github.com/mitchellh/pointerstructure github.com/mitchellh/pointerstructure
# github.com/mitchellh/reflectwalk v1.0.1 # github.com/mitchellh/reflectwalk v1.0.1
github.com/mitchellh/reflectwalk github.com/mitchellh/reflectwalk
@ -708,7 +745,6 @@ github.com/opencontainers/go-digest
github.com/opencontainers/image-spec/specs-go github.com/opencontainers/image-spec/specs-go
github.com/opencontainers/image-spec/specs-go/v1 github.com/opencontainers/image-spec/specs-go/v1
# github.com/opencontainers/runc v0.1.1 # github.com/opencontainers/runc v0.1.1
github.com/opencontainers/runc/libcontainer/system
github.com/opencontainers/runc/libcontainer/user github.com/opencontainers/runc/libcontainer/user
# github.com/oracle/oci-go-sdk v12.5.0+incompatible # github.com/oracle/oci-go-sdk v12.5.0+incompatible
github.com/oracle/oci-go-sdk/common github.com/oracle/oci-go-sdk/common
@ -745,12 +781,12 @@ github.com/ory/dockertest/docker/types/versions
github.com/patrickmn/go-cache github.com/patrickmn/go-cache
# github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5 # github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5
github.com/petermattis/goid github.com/petermattis/goid
# github.com/pierrec/lz4 v2.5.2+incompatible # github.com/pierrec/lz4 v2.2.6+incompatible
github.com/pierrec/lz4 github.com/pierrec/lz4
github.com/pierrec/lz4/internal/xxh32 github.com/pierrec/lz4/internal/xxh32
# github.com/pkg/errors v0.9.1 # github.com/pkg/errors v0.9.1
github.com/pkg/errors github.com/pkg/errors
# github.com/pmezard/go-difflib v1.0.0 # github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2
github.com/pmezard/go-difflib/difflib github.com/pmezard/go-difflib/difflib
# github.com/posener/complete v1.2.1 # github.com/posener/complete v1.2.1
github.com/posener/complete github.com/posener/complete
@ -778,8 +814,6 @@ github.com/prometheus/common/model
github.com/prometheus/procfs github.com/prometheus/procfs
github.com/prometheus/procfs/internal/fs github.com/prometheus/procfs/internal/fs
github.com/prometheus/procfs/internal/util github.com/prometheus/procfs/internal/util
# github.com/rboyer/safeio v0.2.1
github.com/rboyer/safeio
# github.com/ryanuber/columnize v2.1.0+incompatible # github.com/ryanuber/columnize v2.1.0+incompatible
github.com/ryanuber/columnize github.com/ryanuber/columnize
# github.com/ryanuber/go-glob v1.0.0 # github.com/ryanuber/go-glob v1.0.0
@ -802,8 +836,13 @@ github.com/shirou/gopsutil/process
github.com/shirou/w32 github.com/shirou/w32
# github.com/sirupsen/logrus v1.4.2 # github.com/sirupsen/logrus v1.4.2
github.com/sirupsen/logrus github.com/sirupsen/logrus
# github.com/spf13/pflag v1.0.3
github.com/spf13/pflag
# github.com/stretchr/objx v0.2.0
github.com/stretchr/objx
# github.com/stretchr/testify v1.5.1 # github.com/stretchr/testify v1.5.1
github.com/stretchr/testify/assert github.com/stretchr/testify/assert
github.com/stretchr/testify/mock
github.com/stretchr/testify/require github.com/stretchr/testify/require
# github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926 # github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926
github.com/tv42/httpunix github.com/tv42/httpunix
@ -812,6 +851,9 @@ github.com/ulikunitz/xz
github.com/ulikunitz/xz/internal/hash github.com/ulikunitz/xz/internal/hash
github.com/ulikunitz/xz/internal/xlog github.com/ulikunitz/xz/internal/xlog
github.com/ulikunitz/xz/lzma github.com/ulikunitz/xz/lzma
# github.com/vektra/mockery v0.0.0-20181123154057-e78b021dcbb5
github.com/vektra/mockery/cmd/mockery
github.com/vektra/mockery/mockery
# github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c # github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c
github.com/xdg/scram github.com/xdg/scram
# github.com/xdg/stringprep v1.0.0 # github.com/xdg/stringprep v1.0.0
@ -909,7 +951,7 @@ go.uber.org/zap/internal/bufferpool
go.uber.org/zap/internal/color go.uber.org/zap/internal/color
go.uber.org/zap/internal/exit go.uber.org/zap/internal/exit
go.uber.org/zap/zapcore go.uber.org/zap/zapcore
# golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 # golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37
golang.org/x/crypto/bcrypt golang.org/x/crypto/bcrypt
golang.org/x/crypto/blake2b golang.org/x/crypto/blake2b
golang.org/x/crypto/blowfish golang.org/x/crypto/blowfish
@ -927,6 +969,7 @@ golang.org/x/crypto/pbkdf2
golang.org/x/crypto/pkcs12 golang.org/x/crypto/pkcs12
golang.org/x/crypto/pkcs12/internal/rc2 golang.org/x/crypto/pkcs12/internal/rc2
golang.org/x/crypto/poly1305 golang.org/x/crypto/poly1305
golang.org/x/crypto/sha3
golang.org/x/crypto/ssh golang.org/x/crypto/ssh
golang.org/x/crypto/ssh/agent golang.org/x/crypto/ssh/agent
golang.org/x/crypto/ssh/internal/bcrypt_pbkdf golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
@ -937,7 +980,7 @@ golang.org/x/lint/golint
# golang.org/x/mod v0.2.0 # golang.org/x/mod v0.2.0
golang.org/x/mod/module golang.org/x/mod/module
golang.org/x/mod/semver golang.org/x/mod/semver
# golang.org/x/net v0.0.0-20200602114024-627f9648deb9 # golang.org/x/net v0.0.0-20200519113804-d87ec0cfa476
golang.org/x/net/context golang.org/x/net/context
golang.org/x/net/context/ctxhttp golang.org/x/net/context/ctxhttp
golang.org/x/net/http/httpguts golang.org/x/net/http/httpguts
@ -945,9 +988,7 @@ golang.org/x/net/http/httpproxy
golang.org/x/net/http2 golang.org/x/net/http2
golang.org/x/net/http2/hpack golang.org/x/net/http2/hpack
golang.org/x/net/idna golang.org/x/net/idna
golang.org/x/net/internal/socks
golang.org/x/net/internal/timeseries golang.org/x/net/internal/timeseries
golang.org/x/net/proxy
golang.org/x/net/trace golang.org/x/net/trace
# golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d # golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
golang.org/x/oauth2 golang.org/x/oauth2
@ -959,7 +1000,7 @@ golang.org/x/oauth2/jwt
# golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a # golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a
golang.org/x/sync/errgroup golang.org/x/sync/errgroup
golang.org/x/sync/semaphore golang.org/x/sync/semaphore
# golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980 # golang.org/x/sys v0.0.0-20200519105757-fe76b779f299
golang.org/x/sys/cpu golang.org/x/sys/cpu
golang.org/x/sys/internal/unsafeheader golang.org/x/sys/internal/unsafeheader
golang.org/x/sys/unix golang.org/x/sys/unix
@ -975,9 +1016,9 @@ golang.org/x/text/secure/bidirule
golang.org/x/text/transform golang.org/x/text/transform
golang.org/x/text/unicode/bidi golang.org/x/text/unicode/bidi
golang.org/x/text/unicode/norm golang.org/x/text/unicode/norm
# golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1 # golang.org/x/time v0.0.0-20191024005414-555d28b269f0
golang.org/x/time/rate golang.org/x/time/rate
# golang.org/x/tools v0.0.0-20200416214402-fc959738d646 # golang.org/x/tools v0.0.0-20200513201620-d5fe73897c97
golang.org/x/tools/cmd/goimports golang.org/x/tools/cmd/goimports
golang.org/x/tools/go/analysis golang.org/x/tools/go/analysis
golang.org/x/tools/go/analysis/passes/inspect golang.org/x/tools/go/analysis/passes/inspect
@ -992,13 +1033,17 @@ golang.org/x/tools/go/loader
golang.org/x/tools/go/packages golang.org/x/tools/go/packages
golang.org/x/tools/go/types/objectpath golang.org/x/tools/go/types/objectpath
golang.org/x/tools/go/types/typeutil golang.org/x/tools/go/types/typeutil
golang.org/x/tools/imports
golang.org/x/tools/internal/analysisinternal golang.org/x/tools/internal/analysisinternal
golang.org/x/tools/internal/event
golang.org/x/tools/internal/event/core
golang.org/x/tools/internal/event/keys
golang.org/x/tools/internal/event/label
golang.org/x/tools/internal/fastwalk golang.org/x/tools/internal/fastwalk
golang.org/x/tools/internal/gocommand golang.org/x/tools/internal/gocommand
golang.org/x/tools/internal/gopathwalk golang.org/x/tools/internal/gopathwalk
golang.org/x/tools/internal/imports golang.org/x/tools/internal/imports
golang.org/x/tools/internal/packagesinternal golang.org/x/tools/internal/packagesinternal
golang.org/x/tools/internal/telemetry/event
# golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 # golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543
golang.org/x/xerrors golang.org/x/xerrors
golang.org/x/xerrors/internal golang.org/x/xerrors/internal
@ -1160,13 +1205,17 @@ gopkg.in/mgo.v2/internal/sasl
gopkg.in/mgo.v2/internal/scram gopkg.in/mgo.v2/internal/scram
# gopkg.in/ory-am/dockertest.v3 v3.3.4 # gopkg.in/ory-am/dockertest.v3 v3.3.4
gopkg.in/ory-am/dockertest.v3 gopkg.in/ory-am/dockertest.v3
# gopkg.in/square/go-jose.v2 v2.5.1 # gopkg.in/square/go-jose.v2 v2.4.1
gopkg.in/square/go-jose.v2 gopkg.in/square/go-jose.v2
gopkg.in/square/go-jose.v2/cipher gopkg.in/square/go-jose.v2/cipher
gopkg.in/square/go-jose.v2/json gopkg.in/square/go-jose.v2/json
gopkg.in/square/go-jose.v2/jwt gopkg.in/square/go-jose.v2/jwt
# gopkg.in/yaml.v2 v2.2.8 # gopkg.in/yaml.v2 v2.2.8
gopkg.in/yaml.v2 gopkg.in/yaml.v2
# gotest.tools/gotestsum v0.3.5
gotest.tools/gotestsum
gotest.tools/gotestsum/internal/junitxml
gotest.tools/gotestsum/testjson
# honnef.co/go/tools v0.0.1-2020.1.3 # honnef.co/go/tools v0.0.1-2020.1.3
honnef.co/go/tools/arg honnef.co/go/tools/arg
honnef.co/go/tools/cmd/staticcheck honnef.co/go/tools/cmd/staticcheck