Simplify gen_openapi.sh script (#19245)
* Simplify gen_openapi.sh script * Update scripts/gen_openapi.sh Co-authored-by: Daniel Huckins <dhuckins@users.noreply.github.com> * use correct import --------- Co-authored-by: Daniel Huckins <dhuckins@users.noreply.github.com>
This commit is contained in:
Anton Averchenkov
GitHub
parent
404d7a57bb
commit
e5770359b5
5
go.mod
5
go.mod
|
|
@ -195,12 +195,13 @@ require (
|
|||
go.uber.org/atomic v1.9.0
|
||||
go.uber.org/goleak v1.1.12
|
||||
golang.org/x/crypto v0.5.0
|
||||
golang.org/x/exp v0.0.0-20230213192124-5e25df0256eb
|
||||
golang.org/x/net v0.5.0
|
||||
golang.org/x/oauth2 v0.4.0
|
||||
golang.org/x/sync v0.1.0
|
||||
golang.org/x/sys v0.4.0
|
||||
golang.org/x/term v0.4.0
|
||||
golang.org/x/tools v0.1.12
|
||||
golang.org/x/tools v0.2.0
|
||||
google.golang.org/api v0.109.0
|
||||
google.golang.org/grpc v1.51.0
|
||||
google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0
|
||||
|
|
@ -443,7 +444,7 @@ require (
|
|||
go.opencensus.io v0.24.0 // indirect
|
||||
go.uber.org/multierr v1.7.0 // indirect
|
||||
go.uber.org/zap v1.19.1 // indirect
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect
|
||||
golang.org/x/mod v0.6.0 // indirect
|
||||
golang.org/x/text v0.6.0 // indirect
|
||||
golang.org/x/time v0.0.0-20220411224347-583f2d630306 // indirect
|
||||
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
|
||||
|
|
|
|||
8
go.sum
8
go.sum
|
|
@ -1981,6 +1981,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
|
|||
golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
|
||||
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
|
||||
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
|
||||
golang.org/x/exp v0.0.0-20230213192124-5e25df0256eb h1:PaBZQdo+iSDyHT053FjUCgZQ/9uqVwPOcl7KSWhKn6w=
|
||||
golang.org/x/exp v0.0.0-20230213192124-5e25df0256eb/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc=
|
||||
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
|
||||
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||
|
|
@ -2005,8 +2007,9 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
|||
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||
golang.org/x/mod v0.6.0 h1:b9gGHsz9/HhJ3HF5DHQytPpuwocVTChQJK3AvoLRD5I=
|
||||
golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI=
|
||||
golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
|
|
@ -2330,8 +2333,9 @@ golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
|||
golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
||||
golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
||||
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
||||
golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU=
|
||||
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
||||
golang.org/x/tools v0.2.0 h1:G6AHpWxTMGY1KyEYoAQ5WTtIekUUvDNjan3ugu60JvE=
|
||||
golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA=
|
||||
golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
|
|
|
|||
|
|
@ -1,12 +1,18 @@
|
|||
package builtinplugins
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"fmt"
|
||||
"os"
|
||||
"reflect"
|
||||
"regexp"
|
||||
"testing"
|
||||
|
||||
credUserpass "github.com/hashicorp/vault/builtin/credential/userpass"
|
||||
dbMysql "github.com/hashicorp/vault/plugins/database/mysql"
|
||||
"github.com/hashicorp/vault/sdk/helper/consts"
|
||||
|
||||
"golang.org/x/exp/slices"
|
||||
)
|
||||
|
||||
// Test_RegistryGet exercises the (registry).Get functionality by comparing
|
||||
|
|
@ -218,3 +224,95 @@ func Test_RegistryStatus(t *testing.T) {
|
|||
})
|
||||
}
|
||||
}
|
||||
|
||||
// Test_RegistryMatchesGenOpenapi ensures that the plugins mounted in gen_openapi.sh match registry.go
|
||||
func Test_RegistryMatchesGenOpenapi(t *testing.T) {
|
||||
const scriptPath = "../../scripts/gen_openapi.sh"
|
||||
|
||||
// parseScript fetches the contents of gen_openapi.sh script & extract the relevant lines
|
||||
parseScript := func(path string) ([]string, []string, error) {
|
||||
f, err := os.Open(scriptPath)
|
||||
if err != nil {
|
||||
return nil, nil, fmt.Errorf("could not open gen_openapi.sh script: %w", err)
|
||||
}
|
||||
defer f.Close()
|
||||
|
||||
var (
|
||||
credentialBackends []string
|
||||
credentialBackendsRe = regexp.MustCompile(`^vault auth enable (?:"([a-zA-Z]+)"|([a-zA-Z]+))$`)
|
||||
|
||||
secretsBackends []string
|
||||
secretsBackendsRe = regexp.MustCompile(`^vault secrets enable (?:"([a-zA-Z]+)"|([a-zA-Z]+))$`)
|
||||
)
|
||||
|
||||
scanner := bufio.NewScanner(f)
|
||||
|
||||
for scanner.Scan() {
|
||||
line := scanner.Text()
|
||||
|
||||
if m := credentialBackendsRe.FindStringSubmatch(line); m != nil {
|
||||
credentialBackends = append(credentialBackends, m[1])
|
||||
}
|
||||
if m := secretsBackendsRe.FindStringSubmatch(line); m != nil {
|
||||
secretsBackends = append(secretsBackends, m[1])
|
||||
}
|
||||
}
|
||||
|
||||
if err := scanner.Err(); err != nil {
|
||||
return nil, nil, fmt.Errorf("error scanning gen_openapi.sh: %v", err)
|
||||
}
|
||||
|
||||
return credentialBackends, secretsBackends, nil
|
||||
}
|
||||
|
||||
// ensureInRegistry ensures that the given plugin is in registry and marked as "supported"
|
||||
ensureInRegistry := func(t *testing.T, name string, pluginType consts.PluginType) {
|
||||
t.Helper()
|
||||
|
||||
// "database" will not be present in registry, it is represented as
|
||||
// a list of database plugins instead
|
||||
if name == "database" && pluginType == consts.PluginTypeSecrets {
|
||||
return
|
||||
}
|
||||
|
||||
deprecationStatus, ok := Registry.DeprecationStatus(name, pluginType)
|
||||
if !ok {
|
||||
t.Fatalf("%q %s backend is missing from registry.go; please remove it from gen_openapi.sh", name, pluginType)
|
||||
}
|
||||
|
||||
if deprecationStatus == consts.Removed {
|
||||
t.Fatalf("%q %s backend is marked 'removed' in registry.go; please remove it from gen_openapi.sh", name, pluginType)
|
||||
}
|
||||
}
|
||||
|
||||
// ensureInScript ensures that the given plugin name in in gen_openapi.sh script
|
||||
ensureInScript := func(t *testing.T, scriptBackends []string, name string) {
|
||||
t.Helper()
|
||||
|
||||
if !slices.Contains(scriptBackends, name) {
|
||||
t.Fatalf("%q backend could not be found in gen_openapi.sh, please add it there", name)
|
||||
}
|
||||
}
|
||||
|
||||
// test starts here
|
||||
scriptCredentialBackends, scriptSecretsBackends, err := parseScript(scriptPath)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
for _, b := range scriptCredentialBackends {
|
||||
ensureInRegistry(t, b, consts.PluginTypeCredential)
|
||||
}
|
||||
|
||||
for _, b := range scriptSecretsBackends {
|
||||
ensureInRegistry(t, b, consts.PluginTypeSecrets)
|
||||
}
|
||||
|
||||
for _, b := range Registry.Keys(consts.PluginTypeCredential) {
|
||||
ensureInScript(t, scriptCredentialBackends, b)
|
||||
}
|
||||
|
||||
for _, b := range Registry.Keys(consts.PluginTypeSecrets) {
|
||||
ensureInScript(t, scriptSecretsBackends, b)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -37,89 +37,55 @@ export VAULT_ADDR=http://127.0.0.1:8200
|
|||
echo "Mounting all builtin plugins..."
|
||||
|
||||
# Enable auth plugins
|
||||
codeLinesStarted=false
|
||||
|
||||
while read -r line; do
|
||||
if [[ $line == *"credentialBackends:"* ]] ; then
|
||||
codeLinesStarted=true
|
||||
elif [[ $line == *"databasePlugins:"* ]] ; then
|
||||
break
|
||||
elif [ $codeLinesStarted = true ] && [[ $line == *"consts.Deprecated"* || $line == *"consts.PendingRemoval"* || $line == *"consts.Removed"* ]] ; then
|
||||
auth_plugin_previous=""
|
||||
elif [ $codeLinesStarted = true ] && [[ $line =~ ^\s*\"(.*)\"\:.*$ ]] ; then
|
||||
auth_plugin_current=${BASH_REMATCH[1]}
|
||||
|
||||
if [[ -n "${auth_plugin_previous}" ]] ; then
|
||||
echo "enabling auth plugin: ${auth_plugin_previous}"
|
||||
vault auth enable "${auth_plugin_previous}"
|
||||
fi
|
||||
|
||||
auth_plugin_previous="${auth_plugin_current}"
|
||||
fi
|
||||
done <../../vault/helper/builtinplugins/registry.go
|
||||
|
||||
if [[ -n "${auth_plugin_previous}" ]] ; then
|
||||
echo "enabling auth plugin: ${auth_plugin_previous}"
|
||||
vault auth enable "${auth_plugin_previous}"
|
||||
fi
|
||||
vault auth enable "alicloud"
|
||||
vault auth enable "approle"
|
||||
vault auth enable "aws"
|
||||
vault auth enable "azure"
|
||||
vault auth enable "centrify"
|
||||
vault auth enable "cert"
|
||||
vault auth enable "cf"
|
||||
vault auth enable "gcp"
|
||||
vault auth enable "github"
|
||||
vault auth enable "jwt"
|
||||
vault auth enable "kerberos"
|
||||
vault auth enable "kubernetes"
|
||||
vault auth enable "ldap"
|
||||
vault auth enable "oci"
|
||||
vault auth enable "oidc"
|
||||
vault auth enable "okta"
|
||||
vault auth enable "pcf"
|
||||
vault auth enable "radius"
|
||||
vault auth enable "userpass"
|
||||
|
||||
# Enable secrets plugins
|
||||
codeLinesStarted=false
|
||||
|
||||
while read -r line; do
|
||||
if [[ $line == *"logicalBackends:"* ]] ; then
|
||||
codeLinesStarted=true
|
||||
elif [[ $line == *"addExternalPlugins("* ]] ; then
|
||||
break
|
||||
elif [ $codeLinesStarted = true ] && [[ $line == *"consts.Deprecated"* || $line == *"consts.PendingRemoval"* || $line == *"consts.Removed"* ]] ; then
|
||||
secrets_plugin_previous=""
|
||||
elif [ $codeLinesStarted = true ] && [[ $line =~ ^\s*\"(.*)\"\:.*$ ]] ; then
|
||||
secrets_plugin_current=${BASH_REMATCH[1]}
|
||||
|
||||
if [[ -n "${secrets_plugin_previous}" ]] ; then
|
||||
echo "enabling secrets plugin: ${secrets_plugin_previous}"
|
||||
vault secrets enable "${secrets_plugin_previous}"
|
||||
fi
|
||||
|
||||
secrets_plugin_previous="${secrets_plugin_current}"
|
||||
fi
|
||||
done <../../vault/helper/builtinplugins/registry.go
|
||||
|
||||
if [[ -n "${secrets_plugin_previous}" ]] ; then
|
||||
echo "enabling secrets plugin: ${secrets_plugin_previous}"
|
||||
vault secrets enable "${secrets_plugin_previous}"
|
||||
fi
|
||||
vault secrets enable "ad"
|
||||
vault secrets enable "alicloud"
|
||||
vault secrets enable "aws"
|
||||
vault secrets enable "azure"
|
||||
vault secrets enable "consul"
|
||||
vault secrets enable "database"
|
||||
vault secrets enable "gcp"
|
||||
vault secrets enable "gcpkms"
|
||||
vault secrets enable "kubernetes"
|
||||
vault secrets enable "kv"
|
||||
vault secrets enable "ldap"
|
||||
vault secrets enable "mongodbatlas"
|
||||
vault secrets enable "nomad"
|
||||
vault secrets enable "openldap"
|
||||
vault secrets enable "pki"
|
||||
vault secrets enable "rabbitmq"
|
||||
vault secrets enable "ssh"
|
||||
vault secrets enable "terraform"
|
||||
vault secrets enable "totp"
|
||||
vault secrets enable "transit"
|
||||
|
||||
# Enable enterprise features
|
||||
entRegFile=../../vault/helper/builtinplugins/registry_util_ent.go
|
||||
if [ -f $entRegFile ] && [[ -n "${VAULT_LICENSE}" ]]; then
|
||||
if [[ -n "${VAULT_LICENSE:-}" ]]; then
|
||||
vault write sys/license text="${VAULT_LICENSE}"
|
||||
|
||||
codeLinesStarted=false
|
||||
|
||||
while read -r line; do
|
||||
if [[ $line == *"ExternalPluginsEnt:"* ]] ; then
|
||||
codeLinesStarted=true
|
||||
elif [[ $line == *"addExtPluginsEntImpl("* ]] ; then
|
||||
break
|
||||
elif [ $codeLinesStarted = true ] && [[ $line == *"consts.Deprecated"* || $line == *"consts.PendingRemoval"* || $line == *"consts.Removed"* ]] ; then
|
||||
secrets_plugin_previous=""
|
||||
elif [ $codeLinesStarted = true ] && [[ $line =~ ^\s*\"(.*)\"\:.*$ ]] ; then
|
||||
ent_plugin_current=${BASH_REMATCH[1]}
|
||||
|
||||
if [[ -n "${ent_plugin_previous}" ]] ; then
|
||||
echo "enabling enterprise plugin: ${ent_plugin_previous}"
|
||||
vault secrets enable "${ent_plugin_previous}"
|
||||
fi
|
||||
|
||||
ent_plugin_previous="${ent_plugin_current}"
|
||||
fi
|
||||
done <$entRegFile
|
||||
|
||||
if [[ -n "${ent_plugin_previous}" ]] ; then
|
||||
echo "enabling enterprise plugin: ${ent_plugin_previous}"
|
||||
vault secrets enable "${ent_plugin_previous}"
|
||||
fi
|
||||
vault secrets enable "keymgmt"
|
||||
vault secrets enable "kmip"
|
||||
vault secrets enable "transform"
|
||||
fi
|
||||
|
||||
# Output OpenAPI, optionally formatted
|
||||
|
|
|
|||
Loading…
Reference in New Issue