Vault forked from v1.14.8
https://developer.hashicorp.com/vault/docs/v1.14.x
c349e97168
/cc @armon - This is a reasonably major refactor that I think cleans up a lot of the logic with secrets in responses. The reason for the refactor is that while implementing Renew/Revoke in logical/framework I found the existing API to be really awkward to work with. Primarily, we needed a way to send down internal data for Vault core to store since not all the data you need to revoke a key is always sent down to the user (for example the user than AWS key belongs to). At first, I was doing this manually in logical/framework with req.Storage, but this is going to be such a common event that I think its something core should assist with. Additionally, I think the added context for secrets will be useful in the future when we have a Vault API for returning orphaned out keys: we can also return the internal data that might help an operator. So this leads me to this refactor. I've removed most of the fields in `logical.Response` and replaced it with a single `*Secret` pointer. If this is non-nil, then the response represents a secret. The Secret struct encapsulates all the lease info and such. It also has some fields on it that are only populated at _request_ time for Revoke/Renew operations. There is precedent for this sort of behavior in the Go stdlib where http.Request/http.Response have fields that differ based on client/server. I copied this style. All core unit tests pass. The APIs fail for obvious reasons but I'll fix that up in the next commit. |
||
---|---|---|
api | ||
command | ||
credential | ||
helper | ||
http | ||
logical | ||
physical | ||
scripts | ||
shamir | ||
vault | ||
website | ||
.gitattributes | ||
.gitignore | ||
commands.go | ||
LICENSE | ||
main.go | ||
main_test.go | ||
Makefile | ||
README.md | ||
version.go |
vault
Bits go in, bits go out. Can't explain that.