From add88a565dbefde6a6d5a66b47f6dc93973f3411 Mon Sep 17 00:00:00 2001 From: Daniel Huckins Date: Fri, 6 Jan 2023 16:02:44 -0500 Subject: [PATCH 1/5] responses for rotate endpoints Signed-off-by: Daniel Huckins --- vault/logical_system_paths.go | 38 ++++++++++++++++++++++++++++++++--- 1 file changed, 35 insertions(+), 3 deletions(-) diff --git a/vault/logical_system_paths.go b/vault/logical_system_paths.go index 6422536765c8..b475ab11e916 100644 --- a/vault/logical_system_paths.go +++ b/vault/logical_system_paths.go @@ -1,6 +1,7 @@ package vault import ( + "net/http" "strings" "github.com/hashicorp/vault/sdk/framework" @@ -716,9 +717,33 @@ func (b *SystemBackend) sealPaths() []*framework.Path { Operations: map[logical.Operation]framework.OperationHandler{ logical.ReadOperation: &framework.PathOperation{ Callback: b.handleKeyRotationConfigRead, + Responses: map[int][]framework.Response{ + http.StatusOK: {{ + Description: "OK", + Fields: map[string]*framework.FieldSchema{ + "max_operations": { + Type: framework.TypeInt64, + Required: true, + }, + "enabled": { + Type: framework.TypeBool, + Required: true, + }, + "interval": { + Type: framework.TypeDurationSecond, + Required: true, + }, + }, + }}, + }, }, logical.UpdateOperation: &framework.PathOperation{ - Callback: b.handleKeyRotationConfigUpdate, + Callback: b.handleKeyRotationConfigUpdate, + Responses: map[int][]framework.Response{ + http.StatusNoContent: {{ + Description: "OK", + }}, + }, ForwardPerformanceSecondary: true, ForwardPerformanceStandby: true, }, @@ -731,8 +756,15 @@ func (b *SystemBackend) sealPaths() []*framework.Path { { Pattern: "rotate$", - Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.UpdateOperation: b.handleRotate, + Operations: map[logical.Operation]framework.OperationHandler{ + logical.UpdateOperation: &framework.PathOperation{ + Callback: b.handleRotate, + Responses: map[int][]framework.Response{ + http.StatusNoContent: {{ + Description: "OK", + }}, + }, + }, }, HelpSynopsis: strings.TrimSpace(sysHelp["rotate"][0]), From 4a2a911ce6e7cda64027148ce61ec45cacd65b54 Mon Sep 17 00:00:00 2001 From: Daniel Huckins Date: Fri, 6 Jan 2023 16:06:48 -0500 Subject: [PATCH 2/5] added changelog --- changelog/18624.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changelog/18624.txt diff --git a/changelog/18624.txt b/changelog/18624.txt new file mode 100644 index 000000000000..91209bb46d9e --- /dev/null +++ b/changelog/18624.txt @@ -0,0 +1,3 @@ +```release-note:improvement +openapi: add openapi response definitions to /sys/rotate endpoints +``` From 81ffba15408269dc1198b2d8dc520f836d36fa3c Mon Sep 17 00:00:00 2001 From: Daniel Huckins Date: Fri, 20 Jan 2023 12:38:09 -0500 Subject: [PATCH 3/5] add test for rotate config Signed-off-by: Daniel Huckins --- vault/logical_system_test.go | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/vault/logical_system_test.go b/vault/logical_system_test.go index d66f96287ff1..daa5e15cd224 100644 --- a/vault/logical_system_test.go +++ b/vault/logical_system_test.go @@ -2906,12 +2906,20 @@ func TestSystemBackend_keyStatus(t *testing.T) { func TestSystemBackend_rotateConfig(t *testing.T) { b := testSystemBackend(t) + paths := b.(*SystemBackend).sealPaths() req := logical.TestRequest(t, logical.ReadOperation, "rotate/config") resp, err := b.HandleRequest(namespace.RootContext(nil), req) if err != nil { t.Fatalf("err: %v", err) } + schema.ValidateResponse( + t, + schema.FindResponseSchema(t, paths, 1, req.Operation), + resp, + true, + ) + exp := map[string]interface{}{ "max_operations": absoluteOperationMaximum, "interval": 0, @@ -2930,11 +2938,23 @@ func TestSystemBackend_rotateConfig(t *testing.T) { if err != nil { t.Fatalf("err: %v", err) } + schema.ValidateResponse( + t, + schema.FindResponseSchema(t, paths, 1, req2.Operation), + resp, + true, + ) resp, err = b.HandleRequest(namespace.RootContext(nil), req) if err != nil { t.Fatalf("err: %v", err) } + schema.ValidateResponse( + t, + schema.FindResponseSchema(t, paths, 1, req.Operation), + resp, + true, + ) exp = map[string]interface{}{ "max_operations": int64(3221225472), From 9a6e55dcbeacd3b21f92f9826c0110b6eab9b930 Mon Sep 17 00:00:00 2001 From: Daniel Huckins Date: Tue, 31 Jan 2023 13:04:05 -0500 Subject: [PATCH 4/5] update to use newer function Signed-off-by: Daniel Huckins --- vault/logical_system_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vault/logical_system_test.go b/vault/logical_system_test.go index f87fe8436dbe..8f39fdf86e5a 100644 --- a/vault/logical_system_test.go +++ b/vault/logical_system_test.go @@ -2915,7 +2915,7 @@ func TestSystemBackend_rotateConfig(t *testing.T) { schema.ValidateResponse( t, - schema.FindResponseSchema(t, paths, 1, req.Operation), + schema.GetResponseSchema(t, b.(*SystemBackend).Route(req.Path), req.Operation), resp, true, ) From 9d92da569b143558f39c83ab9e7168c4a71139d2 Mon Sep 17 00:00:00 2001 From: Daniel Huckins Date: Tue, 7 Feb 2023 11:53:04 -0500 Subject: [PATCH 5/5] use new func Signed-off-by: Daniel Huckins --- vault/logical_system_test.go | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/vault/logical_system_test.go b/vault/logical_system_test.go index 8f39fdf86e5a..9203aa33e655 100644 --- a/vault/logical_system_test.go +++ b/vault/logical_system_test.go @@ -2906,7 +2906,6 @@ func TestSystemBackend_keyStatus(t *testing.T) { func TestSystemBackend_rotateConfig(t *testing.T) { b := testSystemBackend(t) - paths := b.(*SystemBackend).sealPaths() req := logical.TestRequest(t, logical.ReadOperation, "rotate/config") resp, err := b.HandleRequest(namespace.RootContext(nil), req) if err != nil { @@ -2940,7 +2939,7 @@ func TestSystemBackend_rotateConfig(t *testing.T) { } schema.ValidateResponse( t, - schema.FindResponseSchema(t, paths, 1, req2.Operation), + schema.GetResponseSchema(t, b.(*SystemBackend).Route(req2.Path), req2.Operation), resp, true, ) @@ -2951,8 +2950,7 @@ func TestSystemBackend_rotateConfig(t *testing.T) { } schema.ValidateResponse( t, - schema.FindResponseSchema(t, paths, 1, req.Operation), - resp, + schema.GetResponseSchema(t, b.(*SystemBackend).Route(req.Path), req.Operation), resp, true, )