diff --git a/builtin/logical/ssh/backend.go b/builtin/logical/ssh/backend.go index 53105e70f..0606b3eae 100644 --- a/builtin/logical/ssh/backend.go +++ b/builtin/logical/ssh/backend.go @@ -13,6 +13,8 @@ import ( "github.com/hashicorp/vault/sdk/logical" ) +const operationPrefixSSH = "ssh" + type backend struct { *framework.Backend view logical.Storage diff --git a/builtin/logical/ssh/path_cleanup_dynamic_host_keys.go b/builtin/logical/ssh/path_cleanup_dynamic_host_keys.go index 08d6ee5f4..5ae2afc8e 100644 --- a/builtin/logical/ssh/path_cleanup_dynamic_host_keys.go +++ b/builtin/logical/ssh/path_cleanup_dynamic_host_keys.go @@ -16,6 +16,11 @@ const keysStoragePrefix = "keys/" func pathCleanupKeys(b *backend) *framework.Path { return &framework.Path{ Pattern: "tidy/dynamic-keys", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixSSH, + OperationVerb: "tidy", + OperationSuffix: "dynamic-host-keys", + }, Callbacks: map[logical.Operation]framework.OperationFunc{ logical.DeleteOperation: b.handleCleanupKeys, }, diff --git a/builtin/logical/ssh/path_config_ca.go b/builtin/logical/ssh/path_config_ca.go index 973d60f8d..3fa890c29 100644 --- a/builtin/logical/ssh/path_config_ca.go +++ b/builtin/logical/ssh/path_config_ca.go @@ -41,6 +41,11 @@ type keyStorageEntry struct { func pathConfigCA(b *backend) *framework.Path { return &framework.Path{ Pattern: "config/ca", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixSSH, + }, + Fields: map[string]*framework.FieldSchema{ "private_key": { Type: framework.TypeString, @@ -67,10 +72,26 @@ func pathConfigCA(b *backend) *framework.Path { }, }, - Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.UpdateOperation: b.pathConfigCAUpdate, - logical.DeleteOperation: b.pathConfigCADelete, - logical.ReadOperation: b.pathConfigCARead, + Operations: map[logical.Operation]framework.OperationHandler{ + logical.UpdateOperation: &framework.PathOperation{ + Callback: b.pathConfigCAUpdate, + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "configure", + OperationSuffix: "ca", + }, + }, + logical.DeleteOperation: &framework.PathOperation{ + Callback: b.pathConfigCADelete, + DisplayAttrs: &framework.DisplayAttributes{ + OperationSuffix: "ca-configuration", + }, + }, + logical.ReadOperation: &framework.PathOperation{ + Callback: b.pathConfigCARead, + DisplayAttrs: &framework.DisplayAttributes{ + OperationSuffix: "ca-configuration", + }, + }, }, HelpSynopsis: `Set the SSH private key used for signing certificates.`, diff --git a/builtin/logical/ssh/path_config_zeroaddress.go b/builtin/logical/ssh/path_config_zeroaddress.go index fda59fec4..773e9b36f 100644 --- a/builtin/logical/ssh/path_config_zeroaddress.go +++ b/builtin/logical/ssh/path_config_zeroaddress.go @@ -21,6 +21,11 @@ type zeroAddressRoles struct { func pathConfigZeroAddress(b *backend) *framework.Path { return &framework.Path{ Pattern: "config/zeroaddress", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixSSH, + }, + Fields: map[string]*framework.FieldSchema{ "roles": { Type: framework.TypeCommaStringSlice, @@ -29,10 +34,27 @@ func pathConfigZeroAddress(b *backend) *framework.Path { previously registered under these roles will be ignored.`, }, }, - Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.UpdateOperation: b.pathConfigZeroAddressWrite, - logical.ReadOperation: b.pathConfigZeroAddressRead, - logical.DeleteOperation: b.pathConfigZeroAddressDelete, + + Operations: map[logical.Operation]framework.OperationHandler{ + logical.UpdateOperation: &framework.PathOperation{ + Callback: b.pathConfigZeroAddressWrite, + DisplayAttrs: &framework.DisplayAttributes{ + OperationVerb: "configure", + OperationSuffix: "zero-address", + }, + }, + logical.ReadOperation: &framework.PathOperation{ + Callback: b.pathConfigZeroAddressRead, + DisplayAttrs: &framework.DisplayAttributes{ + OperationSuffix: "zero-address-configuration", + }, + }, + logical.DeleteOperation: &framework.PathOperation{ + Callback: b.pathConfigZeroAddressDelete, + DisplayAttrs: &framework.DisplayAttributes{ + OperationSuffix: "zero-address-configuration", + }, + }, }, HelpSynopsis: pathConfigZeroAddressSyn, HelpDescription: pathConfigZeroAddressDesc, diff --git a/builtin/logical/ssh/path_creds_create.go b/builtin/logical/ssh/path_creds_create.go index 2a0698145..b95c1f375 100644 --- a/builtin/logical/ssh/path_creds_create.go +++ b/builtin/logical/ssh/path_creds_create.go @@ -23,6 +23,13 @@ type sshOTP struct { func pathCredsCreate(b *backend) *framework.Path { return &framework.Path{ Pattern: "creds/" + framework.GenericNameWithAtRegex("role"), + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixSSH, + OperationVerb: "generate", + OperationSuffix: "credentials", + }, + Fields: map[string]*framework.FieldSchema{ "role": { Type: framework.TypeString, @@ -37,9 +44,11 @@ func pathCredsCreate(b *backend) *framework.Path { Description: "[Required] IP of the remote host", }, }, + Callbacks: map[logical.Operation]framework.OperationFunc{ logical.UpdateOperation: b.pathCredsCreateWrite, }, + HelpSynopsis: pathCredsCreateHelpSyn, HelpDescription: pathCredsCreateHelpDesc, } diff --git a/builtin/logical/ssh/path_fetch.go b/builtin/logical/ssh/path_fetch.go index 577635298..3a1fa5f29 100644 --- a/builtin/logical/ssh/path_fetch.go +++ b/builtin/logical/ssh/path_fetch.go @@ -14,6 +14,11 @@ func pathFetchPublicKey(b *backend) *framework.Path { return &framework.Path{ Pattern: `public_key`, + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixSSH, + OperationSuffix: "public-key", + }, + Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathFetchPublicKey, }, diff --git a/builtin/logical/ssh/path_issue.go b/builtin/logical/ssh/path_issue.go index b6cb6b7c3..b50e03ed7 100644 --- a/builtin/logical/ssh/path_issue.go +++ b/builtin/logical/ssh/path_issue.go @@ -22,6 +22,12 @@ func pathIssue(b *backend) *framework.Path { return &framework.Path{ Pattern: "issue/" + framework.GenericNameWithAtRegex("role"), + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixSSH, + OperationVerb: "issue", + OperationSuffix: "certificate", + }, + Operations: map[logical.Operation]framework.OperationHandler{ logical.UpdateOperation: &framework.PathOperation{ Callback: b.pathIssue, diff --git a/builtin/logical/ssh/path_lookup.go b/builtin/logical/ssh/path_lookup.go index 119daf807..8ea0b53ac 100644 --- a/builtin/logical/ssh/path_lookup.go +++ b/builtin/logical/ssh/path_lookup.go @@ -15,15 +15,24 @@ import ( func pathLookup(b *backend) *framework.Path { return &framework.Path{ Pattern: "lookup", + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixSSH, + OperationVerb: "list", + OperationSuffix: "roles-by-ip", + }, + Fields: map[string]*framework.FieldSchema{ "ip": { Type: framework.TypeString, Description: "[Required] IP address of remote host", }, }, + Callbacks: map[logical.Operation]framework.OperationFunc{ logical.UpdateOperation: b.pathLookupWrite, }, + HelpSynopsis: pathLookupSyn, HelpDescription: pathLookupDesc, } diff --git a/builtin/logical/ssh/path_roles.go b/builtin/logical/ssh/path_roles.go index 2a6f2ae95..b16c1d762 100644 --- a/builtin/logical/ssh/path_roles.go +++ b/builtin/logical/ssh/path_roles.go @@ -72,6 +72,11 @@ func pathListRoles(b *backend) *framework.Path { return &framework.Path{ Pattern: "roles/?$", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixSSH, + OperationSuffix: "roles", + }, + Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ListOperation: b.pathRoleList, }, @@ -84,6 +89,12 @@ func pathListRoles(b *backend) *framework.Path { func pathRoles(b *backend) *framework.Path { return &framework.Path{ Pattern: "roles/" + framework.GenericNameWithAtRegex("role"), + + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixSSH, + OperationSuffix: "role", + }, + Fields: map[string]*framework.FieldSchema{ "role": { Type: framework.TypeString, diff --git a/builtin/logical/ssh/path_sign.go b/builtin/logical/ssh/path_sign.go index 13a358797..36971ebf4 100644 --- a/builtin/logical/ssh/path_sign.go +++ b/builtin/logical/ssh/path_sign.go @@ -15,6 +15,12 @@ func pathSign(b *backend) *framework.Path { return &framework.Path{ Pattern: "sign/" + framework.GenericNameWithAtRegex("role"), + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixSSH, + OperationVerb: "sign", + OperationSuffix: "certificate", + }, + Callbacks: map[logical.Operation]framework.OperationFunc{ logical.UpdateOperation: b.pathSign, }, diff --git a/builtin/logical/ssh/path_verify.go b/builtin/logical/ssh/path_verify.go index 7efd5fec4..906272281 100644 --- a/builtin/logical/ssh/path_verify.go +++ b/builtin/logical/ssh/path_verify.go @@ -14,6 +14,11 @@ import ( func pathVerify(b *backend) *framework.Path { return &framework.Path{ Pattern: "verify", + DisplayAttrs: &framework.DisplayAttributes{ + OperationPrefix: operationPrefixSSH, + OperationVerb: "verify", + OperationSuffix: "otp", + }, Fields: map[string]*framework.FieldSchema{ "otp": { Type: framework.TypeString,