status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

set vault namespaces on vault client prior to logging in with the vault auth method

This commit is contained in:
John Murret 2022-04-14 12:18:06 -06:00
parent 881e17fae1
commit a1117261df
1 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
agent/connect/ca/provider_vault.go
View File

@ -103,6 +103,14 @@ func (v *VaultProvider) Configure(cfg ProviderConfig) error {
return err
}
// We don't want to set the namespace if it's empty to prevent potential
// unknown behavior (what does Vault do with an empty namespace). The Vault
// client also makes sure the inputs are not empty strings so let's do the
// same.
if config.Namespace != "" {
client.SetNamespace(config.Namespace)
}
if config.AuthMethod != nil {
loginResp, err := vaultLogin(client, config.AuthMethod)
if err != nil {
@ -112,13 +120,6 @@ func (v *VaultProvider) Configure(cfg ProviderConfig) error {
}
client.SetToken(config.Token)
// We don't want to set the namespace if it's empty to prevent potential
// unknown behavior (what does Vault do with an empty namespace). The Vault
// client also makes sure the inputs are not empty strings so let's do the
// same.
if config.Namespace != "" {
client.SetNamespace(config.Namespace)
}
v.config = config
v.client = client
v.isPrimary = cfg.IsPrimary