rewrite and improve secret-id config
This commit is contained in:
parent
6989c7f146
commit
9ec154aab0
2 changed files with 29 additions and 4 deletions
|
@ -41,19 +41,20 @@ func NewApproleAuthMethod(mountPath string, options json.RawMessage) (*approle.A
|
|||
}
|
||||
|
||||
var sid approle.SecretID
|
||||
if opts.SecretID != "" {
|
||||
switch {
|
||||
case opts.SecretID != "" && opts.SecretIDFile == "" && opts.SecretIDEnv == "":
|
||||
sid = approle.SecretID{
|
||||
FromString: opts.SecretID,
|
||||
}
|
||||
} else if opts.SecretIDFile != "" {
|
||||
case opts.SecretIDFile != "" && opts.SecretID == "" && opts.SecretIDEnv == "":
|
||||
sid = approle.SecretID{
|
||||
FromFile: opts.SecretIDFile,
|
||||
}
|
||||
} else if opts.SecretIDEnv != "" {
|
||||
case opts.SecretIDEnv != "" && opts.SecretIDFile == "" && opts.SecretID == "":
|
||||
sid = approle.SecretID{
|
||||
FromEnv: opts.SecretIDEnv,
|
||||
}
|
||||
} else {
|
||||
default:
|
||||
return nil, errors.New("you must set one of secretID, secretIDFile or secretIDEnv")
|
||||
}
|
||||
|
||||
|
|
|
@ -158,6 +158,30 @@ func TestApprole_NewApproleAuthMethod(t *testing.T) {
|
|||
`{"RoleID": "0000-0000-0000-0000"}`,
|
||||
true,
|
||||
},
|
||||
{
|
||||
"fail multiple secret-id types id and env",
|
||||
"",
|
||||
`{"RoleID": "0000-0000-0000-0000", "SecretID": "0000-0000-0000-0000", "SecretIDEnv": "VAULT_APPROLE_SECRETID"}`,
|
||||
true,
|
||||
},
|
||||
{
|
||||
"fail multiple secret-id types id and file",
|
||||
"",
|
||||
`{"RoleID": "0000-0000-0000-0000", "SecretID": "0000-0000-0000-0000", "SecretIDFile": "./secret-id"}`,
|
||||
true,
|
||||
},
|
||||
{
|
||||
"fail multiple secret-id types env and file",
|
||||
"",
|
||||
`{"RoleID": "0000-0000-0000-0000", "SecretIDFile": "./secret-id", "SecretIDEnv": "VAULT_APPROLE_SECRETID"}`,
|
||||
true,
|
||||
},
|
||||
{
|
||||
"fail multiple secret-id types all",
|
||||
"",
|
||||
`{"RoleID": "0000-0000-0000-0000", "SecretID": "0000-0000-0000-0000", "SecretIDFile": "./secret-id", "SecretIDEnv": "VAULT_APPROLE_SECRETID"}`,
|
||||
true,
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
|
|
Loading…
Reference in a new issue