mirror of
https://github.com/hashicorp/vault.git
synced 2026-06-11 01:42:06 -04:00
* add agent registry to hidden backend list * consolidate excluded mounts to a single list --------- Co-authored-by: Dan Rivera <dan.rivera@hashicorp.com> Co-authored-by: claire bontempo <cbontempo@hashicorp.com>
This commit is contained in:
Vault Automation
GitHub
parent
91aa12ac19
commit
4148334d42
4 changed files with 13 additions and 11 deletions
|
|
@ -10,16 +10,12 @@ import { withModelValidations } from 'vault/decorators/model-validations';
|
|||
import { withExpandedAttributes } from 'vault/decorators/model-expanded-attributes';
|
||||
import { supportedSecretBackends } from 'vault/helpers/supported-secret-backends';
|
||||
import { WHITESPACE_WARNING } from 'vault/utils/forms/validators';
|
||||
import { ALL_ENGINES, isAddonEngine } from 'vault/utils/all-engines-metadata';
|
||||
import { ALL_ENGINES, INTERNAL_ENGINE_TYPES, isAddonEngine } from 'vault/utils/all-engines-metadata';
|
||||
import { getEffectiveEngineType } from 'vault/utils/external-plugin-helpers';
|
||||
import engineDisplayData from 'vault/helpers/engines-display-data';
|
||||
|
||||
const LINKED_BACKENDS = supportedSecretBackends();
|
||||
|
||||
// identity will be managed separately and the inclusion
|
||||
// of the system backend is an implementation detail
|
||||
const LIST_EXCLUDED_BACKENDS = ['system', 'identity'];
|
||||
|
||||
const validations = {
|
||||
path: [
|
||||
{ type: 'presence', message: "Path can't be blank." },
|
||||
|
|
@ -136,7 +132,7 @@ export default class SecretEngineModel extends Model {
|
|||
}
|
||||
|
||||
get shouldIncludeInList() {
|
||||
return !LIST_EXCLUDED_BACKENDS.includes(this.engineType);
|
||||
return !INTERNAL_ENGINE_TYPES.includes(this.engineType);
|
||||
}
|
||||
|
||||
get isSupportedBackend() {
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import {
|
|||
supportedSecretBackends,
|
||||
SupportedSecretBackendsEnum,
|
||||
} from 'vault/helpers/supported-secret-backends';
|
||||
import { isAddonEngine } from 'vault/utils/all-engines-metadata';
|
||||
import { INTERNAL_ENGINE_TYPES, isAddonEngine } from 'vault/utils/all-engines-metadata';
|
||||
import { getEffectiveEngineType } from 'vault/utils/external-plugin-helpers';
|
||||
import engineDisplayData from 'vault/helpers/engines-display-data';
|
||||
|
||||
|
|
@ -25,7 +25,7 @@ export type RecoverySupportedEngines = (typeof SUPPORTS_RECOVERY)[number];
|
|||
export default class SecretsEngineResource extends baseResourceFactory<Mount>() {
|
||||
id: string;
|
||||
|
||||
#LIST_EXCLUDED_BACKENDS = ['system', 'identity'];
|
||||
#LIST_EXCLUDED_BACKENDS = INTERNAL_ENGINE_TYPES;
|
||||
|
||||
constructor(data: Mount) {
|
||||
super(data);
|
||||
|
|
|
|||
|
|
@ -16,8 +16,8 @@
|
|||
* - Facilitate dynamic engine rendering and behavior based on metadata.
|
||||
*
|
||||
* Example usage:
|
||||
* // If an enterprise license is present, return all secret engines;
|
||||
* // otherwise, return only the secret engines supported in OSS.
|
||||
* If an enterprise license is present, return all secret engines;
|
||||
* otherwise, return only the secret engines supported in OSS.
|
||||
* return filterEnginesByMountCategory({ mountCategory: 'secret', isEnterprise: this.version.isEnterprise });
|
||||
*/
|
||||
|
||||
|
|
@ -64,6 +64,11 @@ export function isAddonEngine(type: string, version: number) {
|
|||
return !!engineRoute;
|
||||
}
|
||||
|
||||
// The "sys/mounts" and "sys/internal/ui/mounts" endpoints return a "secret/" key containing
|
||||
// all mounts enabled in Vault. Some types are internal Vault APIs, not user-mountable secrets engines,
|
||||
// and should be filtered in some scenarios, such as listing secrets engines.
|
||||
export const INTERNAL_ENGINE_TYPES = ['system', 'identity', 'agent_registry'];
|
||||
|
||||
export const ALL_ENGINES: EngineDisplayData[] = [
|
||||
{
|
||||
pluginCategory: 'cloud',
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ import { set, computed } from '@ember/object';
|
|||
import { service } from '@ember/service';
|
||||
import { readOnly } from '@ember/object/computed';
|
||||
import { task, timeout } from 'ember-concurrency';
|
||||
import { INTERNAL_ENGINE_TYPES } from 'vault/utils/all-engines-metadata';
|
||||
|
||||
export default Component.extend({
|
||||
'data-test-component': 'path-filter-config',
|
||||
|
|
@ -120,7 +121,7 @@ export default Component.extend({
|
|||
|
||||
// singleton mounts are not eligible for per-mount-filtering
|
||||
singletonMountTypes: computed(function () {
|
||||
return ['cubbyhole', 'system', 'token', 'identity', 'ns_system', 'ns_identity', 'ns_token'];
|
||||
return ['cubbyhole', 'token', 'ns_system', 'ns_identity', 'ns_token', ...INTERNAL_ENGINE_TYPES];
|
||||
}),
|
||||
|
||||
actions: {
|
||||
|
|
|
|||
Loading…
Reference in a new issue