diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/Gopkg.lock b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/Gopkg.lock index 5fa45aac5..1547e0ca0 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/Gopkg.lock +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/Gopkg.lock @@ -2,117 +2,150 @@ [[projects]] + digest = "1:a69ab3f1445ffd4815add4bd31ba05b65b3b9fec1ade5057d5d717f30e6efd6d" name = "github.com/SermoDigital/jose" packages = [ ".", "crypto", "jws", - "jwt" + "jwt", ] + pruneopts = "UT" revision = "f6df55f235c24f236d11dbcf665249a59ac2021f" version = "1.1" [[projects]] branch = "master" + digest = "1:6bf6d532e503d9526d46e69aff04d11632c8c1e28b847dbd226babc1689aa723" name = "github.com/armon/go-radix" packages = ["."] + pruneopts = "UT" revision = "7fddfc383310abc091d79a27f116d30cf0424032" [[projects]] + digest = "1:17fe264ee908afc795734e8c4e63db2accabaf57326dbf21763a7d6b86096260" name = "github.com/golang/protobuf" packages = [ "proto", "ptypes", "ptypes/any", "ptypes/duration", - "ptypes/timestamp" + "ptypes/timestamp", ] + pruneopts = "UT" revision = "b4deda0973fb4c70b50d226b1af49f3da59f5265" version = "v1.1.0" [[projects]] branch = "master" + digest = "1:4a0c6bb4805508a6287675fac876be2ac1182539ca8a32468d8128882e9d5009" name = "github.com/golang/snappy" packages = ["."] + pruneopts = "UT" revision = "2e65f85255dbc3072edf28d6b5b8efc472979f5a" [[projects]] branch = "master" + digest = "1:d1971637b21871ec2033a44ca87c99c5608a7340cb34ec75fab8d2ab503276c9" name = "github.com/hashicorp/errwrap" packages = ["."] + pruneopts = "UT" revision = "d6c0cd88035724dd42e0f335ae30161c20575ecc" [[projects]] branch = "master" + digest = "1:77cb3be9b21ba7f1a4701e870c84ea8b66e7d74c7c8951c58155fdadae9414ec" name = "github.com/hashicorp/go-cleanhttp" packages = ["."] + pruneopts = "UT" revision = "d5fe4b57a186c716b0e00b8c301cbd9b4182694d" [[projects]] branch = "master" + digest = "1:e8d99882caa8c74d68f340ddb9bba3f7e433117ce57c3e52501edfa7e195d2c7" name = "github.com/hashicorp/go-hclog" packages = ["."] + pruneopts = "UT" revision = "ff2cf002a8dd750586d91dddd4470c341f981fe1" [[projects]] branch = "master" + digest = "1:2394f5a25132b3868eff44599cc28d44bdd0330806e34c495d754dd052df612b" name = "github.com/hashicorp/go-immutable-radix" packages = ["."] + pruneopts = "UT" revision = "7f3cd4390caab3250a57f30efdb2a65dd7649ecf" [[projects]] branch = "master" + digest = "1:46fb6a9f1b9667f32ac93e08b1da118b2c666991424ea12e848b05d4fe5155ef" name = "github.com/hashicorp/go-multierror" packages = ["."] + pruneopts = "UT" revision = "3d5d8f294aa03d8e98859feac328afbdf1ae0703" [[projects]] branch = "master" + digest = "1:20f78c1cf1b6fe6c55ba1407350d6fc7dc77d1591f8106ba693c28014a1a1b37" name = "github.com/hashicorp/go-plugin" packages = ["."] + pruneopts = "UT" revision = "a4620f9913d19f03a6bf19b2f304daaaf83ea130" [[projects]] branch = "master" + digest = "1:183f00c472fb9b2446659618eebf4899872fa267b92f926539411abdc8b941df" name = "github.com/hashicorp/go-retryablehttp" packages = ["."] + pruneopts = "UT" revision = "e651d75abec6fbd4f2c09508f72ae7af8a8b7171" [[projects]] branch = "master" + digest = "1:45aad874d3c7d5e8610427c81870fb54970b981692930ec2a319ce4cb89d7a00" name = "github.com/hashicorp/go-rootcerts" packages = ["."] + pruneopts = "UT" revision = "6bb64b370b90e7ef1fa532be9e591a81c3493e00" [[projects]] branch = "master" + digest = "1:14f2005c31ddf99c4a0f36fc440f8d1ac43224194c7c4a904b3c8f4ba5654d0b" name = "github.com/hashicorp/go-sockaddr" packages = ["."] + pruneopts = "UT" revision = "6d291a969b86c4b633730bfc6b8b9d64c3aafed9" [[projects]] branch = "master" + digest = "1:354978aad16c56c27f57e5b152224806d87902e4935da3b03e18263d82ae77aa" name = "github.com/hashicorp/go-uuid" packages = ["."] + pruneopts = "UT" revision = "27454136f0364f2d44b1276c552d69105cf8c498" [[projects]] branch = "master" + digest = "1:32c0e96a63bd093eccf37db757fb314be5996f34de93969321c2cbef893a7bd6" name = "github.com/hashicorp/go-version" packages = ["."] + pruneopts = "UT" revision = "270f2f71b1ee587f3b609f00f422b76a6b28f348" [[projects]] branch = "master" + digest = "1:cf296baa185baae04a9a7004efee8511d08e2f5f51d4cbe5375da89722d681db" name = "github.com/hashicorp/golang-lru" packages = [ ".", - "simplelru" + "simplelru", ] + pruneopts = "UT" revision = "0fb14efe8c47ae851c0034ed7a448854d3d34cf3" [[projects]] branch = "master" + digest = "1:12247a2e99a060cc692f6680e5272c8adf0b8f572e6bce0d7095e624c958a240" name = "github.com/hashicorp/hcl" packages = [ ".", @@ -123,12 +156,14 @@ "hcl/token", "json/parser", "json/scanner", - "json/token" + "json/token", ] + pruneopts = "UT" revision = "ef8a98b0bbce4a65b5aa4c368430a80ddc533168" [[projects]] branch = "master" + digest = "1:404934732c38cae3ff1be32409b9e435dcc6d790dab5a4fefdb6b5d9daa9ff63" name = "github.com/hashicorp/vault" packages = [ "api", @@ -141,6 +176,7 @@ "helper/jsonutil", "helper/kdf", "helper/keysutil", + "helper/license", "helper/locksutil", "helper/logging", "helper/mlock", @@ -156,48 +192,73 @@ "logical/plugin/pb", "physical", "physical/inmem", - "version" + "version", ] - revision = "27ba04d734b87a22d50d10571c1b4da574cb9056" + pruneopts = "UT" + revision = "35328c50e74da4eaeb3db806d5e7964c751b011f" [[projects]] branch = "master" + digest = "1:89658943622e6bc5e76b4da027ee9583fa0b321db0c797bd554edab96c1ca2b1" name = "github.com/hashicorp/yamux" packages = ["."] + pruneopts = "UT" revision = "3520598351bb3500a49ae9563f5539666ae0a27c" [[projects]] branch = "master" + digest = "1:c7354463195544b1ab3c1f1fadb41430947f5d28dfbf2cdbd38268c5717a5a03" name = "github.com/mitchellh/go-homedir" packages = ["."] + pruneopts = "UT" revision = "58046073cbffe2f25d425fe1331102f55cf719de" [[projects]] branch = "master" + digest = "1:cae1afe858922bd10e9573b87130f730a6e4183a00eba79920d6656629468bfa" name = "github.com/mitchellh/go-testing-interface" packages = ["."] + pruneopts = "UT" revision = "a61a99592b77c9ba629d254a693acffaeb4b7e28" [[projects]] branch = "master" + digest = "1:5ab79470a1d0fb19b041a624415612f8236b3c06070161a910562f2b2d064355" name = "github.com/mitchellh/mapstructure" packages = ["."] + pruneopts = "UT" revision = "f15292f7a699fcc1a38a80977f80a046874ba8ac" [[projects]] + digest = "1:9ec6cf1df5ad1d55cf41a43b6b1e7e118a91bade4f68ff4303379343e40c0e25" name = "github.com/oklog/run" packages = ["."] + pruneopts = "UT" revision = "4dadeb3030eda0273a12382bb2348ffc7c9d1a39" version = "v1.0.0" [[projects]] + digest = "1:e39a5ee8fcbec487f8fc68863ef95f2b025e0739b0e4aa55558a2b4cf8f0ecf0" + name = "github.com/pierrec/lz4" + packages = [ + ".", + "internal/xxh32", + ] + pruneopts = "UT" + revision = "635575b42742856941dbc767b44905bb9ba083f6" + version = "v2.0.7" + +[[projects]] + digest = "1:0e792eea6c96ec55ff302ef33886acbaa5006e900fefe82689e88d96439dcd84" name = "github.com/ryanuber/go-glob" packages = ["."] + pruneopts = "UT" revision = "572520ed46dbddaed19ea3d9541bdd0494163693" version = "v0.1" [[projects]] branch = "master" + digest = "1:943384d730fded533ad79c10beda11b7e99e70b527b88bb32b4b5efba74146c4" name = "golang.org/x/crypto" packages = [ "chacha20poly1305", @@ -206,12 +267,14 @@ "hkdf", "internal/chacha20", "internal/subtle", - "poly1305" + "poly1305", ] + pruneopts = "UT" revision = "de0752318171da717af4ce24d0a2e8626afaeb11" [[projects]] branch = "master" + digest = "1:b5c3834d33445efdc5a8dcb154bed9e4c211edadbf02f6f5cc20c5e9be26a499" name = "golang.org/x/net" packages = [ "context", @@ -220,20 +283,24 @@ "http2/hpack", "idna", "internal/timeseries", - "trace" + "trace", ] + pruneopts = "UT" revision = "aaf60122140d3fcf75376d319f0554393160eb50" [[projects]] branch = "master" + digest = "1:a989b95f72fce8876213e8e20492525b4cf69a9e7fee7f1d9897983ee0d547e9" name = "golang.org/x/sys" packages = [ "cpu", - "unix" + "unix", ] + pruneopts = "UT" revision = "1c9583448a9c3aa0f9a6a5241bf73c0bd8aafded" [[projects]] + digest = "1:a2ab62866c75542dd18d2b069fec854577a20211d7c0ea6ae746072a1dccdd18" name = "golang.org/x/text" packages = [ "collate", @@ -249,24 +316,30 @@ "unicode/bidi", "unicode/cldr", "unicode/norm", - "unicode/rangetable" + "unicode/rangetable", ] + pruneopts = "UT" revision = "f21a4dfb5e38f5895301dc265a8def02365cc3d0" version = "v0.3.0" [[projects]] branch = "master" + digest = "1:c9e7a4b4d47c0ed205d257648b0e5b0440880cb728506e318f8ac7cd36270bc4" name = "golang.org/x/time" packages = ["rate"] + pruneopts = "UT" revision = "fbb02b2291d28baffd63558aa44b4b56f178d650" [[projects]] branch = "master" + digest = "1:077c1c599507b3b3e9156d17d36e1e61928ee9b53a5b420f10f28ebd4a0b275c" name = "google.golang.org/genproto" packages = ["googleapis/rpc/status"] + pruneopts = "UT" revision = "d0a8f471bba2dbb160885b0000d814ee5d559bad" [[projects]] + digest = "1:047efbc3c9a51f3002b0002f92543857d372654a676fb6b01931982cd80467dd" name = "google.golang.org/grpc" packages = [ ".", @@ -296,14 +369,33 @@ "resolver/passthrough", "stats", "status", - "tap" + "tap", ] + pruneopts = "UT" revision = "32fb0ac620c32ba40a4626ddf94d90d12cce3455" version = "v1.14.0" [solve-meta] analyzer-name = "dep" analyzer-version = 1 - inputs-digest = "740d4e4fd63b71fd35439d84478f05f41a67e634c1d5548418f68fc5c99050e0" + input-imports = [ + "github.com/golang/protobuf/proto", + "github.com/golang/protobuf/ptypes", + "github.com/golang/protobuf/ptypes/timestamp", + "github.com/hashicorp/go-hclog", + "github.com/hashicorp/vault/helper/consts", + "github.com/hashicorp/vault/helper/jsonutil", + "github.com/hashicorp/vault/helper/keysutil", + "github.com/hashicorp/vault/helper/locksutil", + "github.com/hashicorp/vault/helper/logging", + "github.com/hashicorp/vault/helper/parseutil", + "github.com/hashicorp/vault/helper/pluginutil", + "github.com/hashicorp/vault/helper/salt", + "github.com/hashicorp/vault/helper/wrapping", + "github.com/hashicorp/vault/logical", + "github.com/hashicorp/vault/logical/framework", + "github.com/hashicorp/vault/logical/plugin", + "github.com/mitchellh/mapstructure", + ] solver-name = "gps-cdcl" solver-version = 1 diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/backend.go b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/backend.go index e251add70..a74df7a74 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/backend.go +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/backend.go @@ -194,12 +194,12 @@ func pathInvalid(b *versionedKVBackend) []*framework.Path { return []*framework.Path{ &framework.Path{ Pattern: ".*", - Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.UpdateOperation: handler, - logical.CreateOperation: handler, - logical.ReadOperation: handler, - logical.DeleteOperation: handler, - logical.ListOperation: handler, + Operations: map[logical.Operation]framework.OperationHandler{ + logical.UpdateOperation: &framework.PathOperation{Callback: handler, Unpublished: true}, + logical.CreateOperation: &framework.PathOperation{Callback: handler, Unpublished: true}, + logical.ReadOperation: &framework.PathOperation{Callback: handler, Unpublished: true}, + logical.DeleteOperation: &framework.PathOperation{Callback: handler, Unpublished: true}, + logical.ListOperation: &framework.PathOperation{Callback: handler, Unpublished: true}, }, HelpDescription: pathInvalidHelp, diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/passthrough.go b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/passthrough.go index 036e351e7..27b54c5a6 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/passthrough.go +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/passthrough.go @@ -52,7 +52,14 @@ func LeaseSwitchedPassthroughBackend(ctx context.Context, conf *logical.BackendC Paths: []*framework.Path{ &framework.Path{ - Pattern: ".*", + Pattern: framework.MatchAllRegex("path"), + + Fields: map[string]*framework.FieldSchema{ + "path": { + Type: framework.TypeString, + Description: "Location of the secret.", + }, + }, Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.handleRead(), @@ -101,7 +108,9 @@ type PassthroughBackend struct { func (b *PassthroughBackend) handleExistenceCheck() framework.ExistenceFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (bool, error) { - out, err := req.Storage.Get(ctx, req.Path) + key := data.Get("path").(string) + + out, err := req.Storage.Get(ctx, key) if err != nil { return false, fmt.Errorf("existence check failed: %v", err) } @@ -112,8 +121,10 @@ func (b *PassthroughBackend) handleExistenceCheck() framework.ExistenceFunc { func (b *PassthroughBackend) handleRead() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { + key := data.Get("path").(string) + // Read the path - out, err := req.Storage.Get(ctx, req.Path) + out, err := req.Storage.Get(ctx, key) if err != nil { return nil, fmt.Errorf("read failed: %v", err) } @@ -180,6 +191,8 @@ func (b *PassthroughBackend) GeneratesLeases() bool { func (b *PassthroughBackend) handleWrite() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { + key := data.Get("path").(string) + // Check that some fields are given if len(req.Data) == 0 { return logical.ErrorResponse("missing data fields"), nil @@ -193,7 +206,7 @@ func (b *PassthroughBackend) handleWrite() framework.OperationFunc { // Write out a new key entry := &logical.StorageEntry{ - Key: req.Path, + Key: key, Value: buf, } if err := req.Storage.Put(ctx, entry); err != nil { @@ -206,8 +219,10 @@ func (b *PassthroughBackend) handleWrite() framework.OperationFunc { func (b *PassthroughBackend) handleDelete() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { + key := data.Get("path").(string) + // Delete the key at the request path - if err := req.Storage.Delete(ctx, req.Path); err != nil { + if err := req.Storage.Delete(ctx, key); err != nil { return nil, err } @@ -220,7 +235,7 @@ func (b *PassthroughBackend) handleList() framework.OperationFunc { // Right now we only handle directories, so ensure it ends with /; however, // some physical backends may not handle the "/" case properly, so only add // it if we're not listing the root - path := req.Path + path := data.Get("path").(string) if path != "" && !strings.HasSuffix(path, "/") { path = path + "/" } diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_config.go b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_config.go index 6c9aa9741..24440a828 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_config.go +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_config.go @@ -24,10 +24,18 @@ func pathConfig(b *versionedKVBackend) *framework.Path { Description: "If true, the backend will require the cas parameter to be set for each write", }, }, - Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.UpdateOperation: b.upgradeCheck(b.pathConfigWrite()), - logical.CreateOperation: b.upgradeCheck(b.pathConfigWrite()), - logical.ReadOperation: b.upgradeCheck(b.pathConfigRead()), + Operations: map[logical.Operation]framework.OperationHandler{ + logical.UpdateOperation: &framework.PathOperation{ + Callback: b.upgradeCheck(b.pathConfigWrite()), + Summary: "Configure backend level settings that are applied to every key in the key-value store.", + }, + logical.CreateOperation: &framework.PathOperation{ + Callback: b.upgradeCheck(b.pathConfigWrite()), + }, + logical.ReadOperation: &framework.PathOperation{ + Callback: b.upgradeCheck(b.pathConfigRead()), + Summary: "Read the backend level settings.", + }, }, HelpSynopsis: confHelpSyn, diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_data.go b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_data.go index 9a777e8c4..f40b99e2a 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_data.go +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_data.go @@ -6,7 +6,6 @@ import ( "errors" "fmt" "net/http" - "strings" "time" "github.com/golang/protobuf/proto" @@ -22,8 +21,12 @@ import ( // configuration. func pathData(b *versionedKVBackend) *framework.Path { return &framework.Path{ - Pattern: "data/.*", + Pattern: "data/" + framework.MatchAllRegex("path"), Fields: map[string]*framework.FieldSchema{ + "path": { + Type: framework.TypeString, + Description: "Location of the secret.", + }, "version": { Type: framework.TypeInt, Description: "If provided during a read, the value at the version number will be returned", @@ -58,7 +61,7 @@ version matches the version specified in the cas parameter.`, func (b *versionedKVBackend) dataExistenceCheck() framework.ExistenceFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (bool, error) { - key := strings.TrimPrefix(req.Path, "data/") + key := data.Get("path").(string) meta, err := b.getKeyMetadata(ctx, req.Storage, key) if err != nil { @@ -72,7 +75,7 @@ func (b *versionedKVBackend) dataExistenceCheck() framework.ExistenceFunc { // pathDataRead handles read commands to a kv entry func (b *versionedKVBackend) pathDataRead() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { - key := strings.TrimPrefix(req.Path, "data/") + key := data.Get("path").(string) lock := locksutil.LockForKey(b.locks, key) lock.RLock() @@ -161,7 +164,7 @@ func (b *versionedKVBackend) pathDataRead() framework.OperationFunc { // pathDataWrite handles create and update commands to a kv entry func (b *versionedKVBackend) pathDataWrite() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { - key := strings.TrimPrefix(req.Path, "data/") + key := data.Get("path").(string) config, err := b.config(ctx, req.Storage) if err != nil { @@ -313,7 +316,7 @@ func (b *versionedKVBackend) pathDataWrite() framework.OperationFunc { func (b *versionedKVBackend) pathDataDelete() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { - key := strings.TrimPrefix(req.Path, "data/") + key := data.Get("path").(string) lock := locksutil.LockForKey(b.locks, key) lock.Lock() diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_delete.go b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_delete.go index 6de3261f2..4ec1f014c 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_delete.go +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_delete.go @@ -2,7 +2,6 @@ package kv import ( "context" - "strings" "time" "github.com/golang/protobuf/ptypes" @@ -15,8 +14,12 @@ import ( func pathsDelete(b *versionedKVBackend) []*framework.Path { return []*framework.Path{ &framework.Path{ - Pattern: "delete/.*", + Pattern: "delete/" + framework.MatchAllRegex("path"), Fields: map[string]*framework.FieldSchema{ + "path": { + Type: framework.TypeString, + Description: "Location of the secret.", + }, "versions": { Type: framework.TypeCommaIntSlice, Description: "The versions to be archived. The versioned data will not be deleted, but it will no longer be returned in normal get requests.", @@ -31,8 +34,12 @@ func pathsDelete(b *versionedKVBackend) []*framework.Path { HelpDescription: deleteHelpDesc, }, &framework.Path{ - Pattern: "undelete/.*", + Pattern: "undelete/" + framework.MatchAllRegex("path"), Fields: map[string]*framework.FieldSchema{ + "path": { + Type: framework.TypeString, + Description: "Location of the secret.", + }, "versions": { Type: framework.TypeCommaIntSlice, Description: "The versions to unarchive. The versions will be restored and their data will be returned on normal get requests.", @@ -52,7 +59,7 @@ func pathsDelete(b *versionedKVBackend) []*framework.Path { // pathUndeleteWrite is used to undelete a set of versions func (b *versionedKVBackend) pathUndeleteWrite() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { - key := strings.TrimPrefix(req.Path, "undelete/") + key := data.Get("path").(string) versions := data.Get("versions").([]int) if len(versions) == 0 { @@ -92,7 +99,7 @@ func (b *versionedKVBackend) pathUndeleteWrite() framework.OperationFunc { // pathDeleteWrite is used to delete a set of versions. func (b *versionedKVBackend) pathDeleteWrite() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { - key := strings.TrimPrefix(req.Path, "delete/") + key := data.Get("path").(string) versions := data.Get("versions").([]int) if len(versions) == 0 { diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_destroy.go b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_destroy.go index 7994b6357..4a6add5a0 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_destroy.go +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_destroy.go @@ -2,7 +2,6 @@ package kv import ( "context" - "strings" "github.com/hashicorp/vault/helper/locksutil" "github.com/hashicorp/vault/logical" @@ -12,8 +11,12 @@ import ( // pathDestroy returns the path configuration for the destroy endpoint func pathDestroy(b *versionedKVBackend) *framework.Path { return &framework.Path{ - Pattern: "destroy/.*", + Pattern: "destroy/" + framework.MatchAllRegex("path"), Fields: map[string]*framework.FieldSchema{ + "path": { + Type: framework.TypeString, + Description: "Location of the secret.", + }, "versions": { Type: framework.TypeCommaIntSlice, Description: "The versions to destroy. Their data will be permanently deleted.", @@ -31,7 +34,7 @@ func pathDestroy(b *versionedKVBackend) *framework.Path { func (b *versionedKVBackend) pathDestroyWrite() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { - key := strings.TrimPrefix(req.Path, "destroy/") + key := data.Get("path").(string) versions := data.Get("versions").([]int) if len(versions) == 0 { diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_metadata.go b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_metadata.go index 6e2a88c97..c4637a211 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_metadata.go +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-kv/path_metadata.go @@ -3,7 +3,6 @@ package kv import ( "context" "fmt" - "strings" "github.com/golang/protobuf/ptypes" "github.com/hashicorp/vault/helper/locksutil" @@ -15,8 +14,12 @@ import ( // metadata endpoint func pathMetadata(b *versionedKVBackend) *framework.Path { return &framework.Path{ - Pattern: "metadata/.*", + Pattern: "metadata/" + framework.MatchAllRegex("path"), Fields: map[string]*framework.FieldSchema{ + "path": { + Type: framework.TypeString, + Description: "Location of the secret.", + }, "cas_required": { Type: framework.TypeBool, Description: ` @@ -47,7 +50,7 @@ version is used.`, func (b *versionedKVBackend) metadataExistenceCheck() framework.ExistenceFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (bool, error) { - key := strings.TrimPrefix(req.Path, "metadata/") + key := data.Get("path").(string) meta, err := b.getKeyMetadata(ctx, req.Storage, key) if err != nil { @@ -60,7 +63,7 @@ func (b *versionedKVBackend) metadataExistenceCheck() framework.ExistenceFunc { func (b *versionedKVBackend) pathMetadataList() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { - key := strings.TrimPrefix(req.Path, "metadata/") + key := data.Get("path").(string) // Get an encrypted key storage object wrapper, err := b.getKeyEncryptor(ctx, req.Storage) @@ -78,7 +81,7 @@ func (b *versionedKVBackend) pathMetadataList() framework.OperationFunc { func (b *versionedKVBackend) pathMetadataRead() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { - key := strings.TrimPrefix(req.Path, "metadata/") + key := data.Get("path").(string) meta, err := b.getKeyMetadata(ctx, req.Storage, key) if err != nil { @@ -113,7 +116,7 @@ func (b *versionedKVBackend) pathMetadataRead() framework.OperationFunc { func (b *versionedKVBackend) pathMetadataWrite() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { - key := strings.TrimPrefix(req.Path, "metadata/") + key := data.Get("path").(string) maxRaw, mOk := data.GetOk("max_versions") casRaw, cOk := data.GetOk("cas_required") @@ -166,7 +169,7 @@ func (b *versionedKVBackend) pathMetadataWrite() framework.OperationFunc { func (b *versionedKVBackend) pathMetadataDelete() framework.OperationFunc { return func(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { - key := strings.TrimPrefix(req.Path, "metadata/") + key := data.Get("path").(string) lock := locksutil.LockForKey(b.locks, key) lock.Lock() diff --git a/vendor/vendor.json b/vendor/vendor.json index ab749f6a7..860d2cf60 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -1503,10 +1503,10 @@ "revisionTime": "2018-10-19T21:34:31Z" }, { - "checksumSHA1": "FkppDRdkWTF4Ry+olqZT8L0Stb8=", + "checksumSHA1": "nDVAV6IKtddRMX1kDjKHPv0oZ9I=", "path": "github.com/hashicorp/vault-plugin-secrets-kv", - "revision": "5a464a61f7def5e5688e5c77b60d1a655d11a633", - "revisionTime": "2018-08-25T21:53:24Z" + "revision": "cf99b3647947259273d9d0ada72d507d46fae89c", + "revisionTime": "2018-11-06T01:44:13Z" }, { "checksumSHA1": "ldkAQ1CpiAaQ9sti0qIch+UyRsI=",