Add non-hmac flags for cli secrets/auth tune commands (#4151)

* Add non-hmac params for cli secrets/auth tune * Fix value assignment mismatch
2018-03-19 09:56:57 -04:00 · 2018-03-19 09:56:57 -04:00 · edfe77ff85
parent 050a848cfb
commit edfe77ff85
4 changed files with 72 additions and 12 deletions
--- a/command/auth_enable.go
+++ b/command/auth_enable.go
@ -206,7 +206,7 @@ func (c *AuthEnableCommand) Run(args []string) int {
 		}
 		if fl.Name == flagNameAuditNonHMACResponseKeys {
-			authOpts.Config.AuditNonHMACRequestKeys = c.flagAuditNonHMACResponseKeys
+			authOpts.Config.AuditNonHMACResponseKeys = c.flagAuditNonHMACResponseKeys
 		}
 	})
--- a/command/auth_tune.go
+++ b/command/auth_tune.go
@ -1,6 +1,7 @@
 package command
 import (
 	"flag"
 	"fmt"
 	"strings"
 	"time"
@ -16,8 +17,10 @@ var _ cli.CommandAutocomplete = (*AuthTuneCommand)(nil)
 type AuthTuneCommand struct {
 	*BaseCommand
-	flagDefaultLeaseTTL time.Duration
+	flagDefaultLeaseTTL          time.Duration
-	flagMaxLeaseTTL     time.Duration
+	flagMaxLeaseTTL              time.Duration
 	flagAuditNonHMACRequestKeys  []string
 	flagAuditNonHMACResponseKeys []string
 }
 func (c *AuthTuneCommand) Synopsis() string {
@ -68,6 +71,20 @@ func (c *AuthTuneCommand) Flags() *FlagSets {
 			"or a previously configured value for the auth method.",
 	})
 	f.StringSliceVar(&StringSliceVar{
 		Name:   flagNameAuditNonHMACRequestKeys,
 		Target: &c.flagAuditNonHMACRequestKeys,
 		Usage: "Comma-separated string or list of keys that will not be HMAC'd by audit" +
 			"devices in the request data object.",
 	})
 	f.StringSliceVar(&StringSliceVar{
 		Name:   flagNameAuditNonHMACResponseKeys,
 		Target: &c.flagAuditNonHMACResponseKeys,
 		Usage: "Comma-separated string or list of keys that will not be HMAC'd by audit" +
 			"devices in the response data object.",
 	})
 	return set
 }
@ -103,14 +120,27 @@ func (c *AuthTuneCommand) Run(args []string) int {
 		return 2
 	}
 	mountConfigInput := api.MountConfigInput{
 		DefaultLeaseTTL: ttlToAPI(c.flagDefaultLeaseTTL),
 		MaxLeaseTTL:     ttlToAPI(c.flagMaxLeaseTTL),
 	}
 	// Set these values only if they are provided in the CLI
 	f.Visit(func(fl *flag.Flag) {
 		if fl.Name == flagNameAuditNonHMACRequestKeys {
 			mountConfigInput.AuditNonHMACRequestKeys = c.flagAuditNonHMACRequestKeys
 		}
 		if fl.Name == flagNameAuditNonHMACResponseKeys {
 			mountConfigInput.AuditNonHMACResponseKeys = c.flagAuditNonHMACResponseKeys
 		}
 	})
 	// Append /auth (since that's where auths live) and a trailing slash to
 	// indicate it's a path in output
 	mountPath := ensureTrailingSlash(sanitizePath(args[0]))
-	if err := client.Sys().TuneMount("/auth/"+mountPath, api.MountConfigInput{
+	if err := client.Sys().TuneMount("/auth/"+mountPath, mountConfigInput); err != nil {
 		DefaultLeaseTTL: ttlToAPI(c.flagDefaultLeaseTTL),
 		MaxLeaseTTL:     ttlToAPI(c.flagMaxLeaseTTL),
 	}); err != nil {
 		c.UI.Error(fmt.Sprintf("Error tuning auth method %s: %s", mountPath, err))
 		return 2
 	}
--- a/command/secrets_enable.go
+++ b/command/secrets_enable.go
@ -226,7 +226,7 @@ func (c *SecretsEnableCommand) Run(args []string) int {
 		}
 		if fl.Name == flagNameAuditNonHMACResponseKeys {
-			mountInput.Config.AuditNonHMACRequestKeys = c.flagAuditNonHMACResponseKeys
+			mountInput.Config.AuditNonHMACResponseKeys = c.flagAuditNonHMACResponseKeys
 		}
 	})
--- a/command/secrets_tune.go
+++ b/command/secrets_tune.go
@ -1,6 +1,7 @@
 package command
 import (
 	"flag"
 	"fmt"
 	"strings"
 	"time"
@ -16,8 +17,10 @@ var _ cli.CommandAutocomplete = (*SecretsTuneCommand)(nil)
 type SecretsTuneCommand struct {
 	*BaseCommand
-	flagDefaultLeaseTTL time.Duration
+	flagDefaultLeaseTTL          time.Duration
-	flagMaxLeaseTTL     time.Duration
+	flagMaxLeaseTTL              time.Duration
 	flagAuditNonHMACRequestKeys  []string
 	flagAuditNonHMACResponseKeys []string
 }
 func (c *SecretsTuneCommand) Synopsis() string {
@ -68,6 +71,20 @@ func (c *SecretsTuneCommand) Flags() *FlagSets {
 			"TTL, or a previously configured value for the secrets engine.",
 	})
 	f.StringSliceVar(&StringSliceVar{
 		Name:   flagNameAuditNonHMACRequestKeys,
 		Target: &c.flagAuditNonHMACRequestKeys,
 		Usage: "Comma-separated string or list of keys that will not be HMAC'd by audit" +
 			"devices in the request data object.",
 	})
 	f.StringSliceVar(&StringSliceVar{
 		Name:   flagNameAuditNonHMACResponseKeys,
 		Target: &c.flagAuditNonHMACResponseKeys,
 		Usage: "Comma-separated string or list of keys that will not be HMAC'd by audit" +
 			"devices in the response data object.",
 	})
 	return set
 }
@ -106,10 +123,23 @@ func (c *SecretsTuneCommand) Run(args []string) int {
 	// Append a trailing slash to indicate it's a path in output
 	mountPath := ensureTrailingSlash(sanitizePath(args[0]))
-	if err := client.Sys().TuneMount(mountPath, api.MountConfigInput{
+	mountConfigInput := api.MountConfigInput{
 		DefaultLeaseTTL: ttlToAPI(c.flagDefaultLeaseTTL),
 		MaxLeaseTTL:     ttlToAPI(c.flagMaxLeaseTTL),
-	}); err != nil {
+	}
 	// Set these values only if they are provided in the CLI
 	f.Visit(func(fl *flag.Flag) {
 		if fl.Name == flagNameAuditNonHMACRequestKeys {
 			mountConfigInput.AuditNonHMACRequestKeys = c.flagAuditNonHMACRequestKeys
 		}
 		if fl.Name == flagNameAuditNonHMACResponseKeys {
 			mountConfigInput.AuditNonHMACResponseKeys = c.flagAuditNonHMACResponseKeys
 		}
 	})
 	if err := client.Sys().TuneMount(mountPath, mountConfigInput); err != nil {
 		c.UI.Error(fmt.Sprintf("Error tuning secrets engine %s: %s", mountPath, err))
 		return 2
 	}