From fff15bc9f3a5493dad91c3d34099b8654637f063 Mon Sep 17 00:00:00 2001 From: Jeff Mitchell Date: Fri, 14 Aug 2020 10:12:31 -0400 Subject: [PATCH] Rename KMS purpose 'controller' to 'root' --- internal/cmd/base/servers.go | 4 ++-- internal/cmd/commands/config/fixtures/configDecrypt.hcl | 2 +- internal/cmd/commands/config/fixtures/configEncrypt.hcl | 2 +- internal/cmd/commands/controller/controller.go | 2 +- internal/cmd/commands/dev/dev.go | 2 +- internal/cmd/config/config.go | 2 +- internal/cmd/config/config_test.go | 6 +++--- internal/servers/controller/cors_test.go | 2 +- internal/servers/controller/testing.go | 2 +- 9 files changed, 12 insertions(+), 12 deletions(-) diff --git a/internal/cmd/base/servers.go b/internal/cmd/base/servers.go index b49324e45e..7b186147a2 100644 --- a/internal/cmd/base/servers.go +++ b/internal/cmd/base/servers.go @@ -327,7 +327,7 @@ func (b *Server) SetupKMSes(ui cli.Ui, config *configutil.SharedConfig, purposes switch purpose { case "": return errors.New("KMS block missing 'purpose'") - case "controller", "worker-auth", "config": + case "root", "worker-auth", "config": default: return fmt.Errorf("Unknown KMS purpose %q", kms.Purpose) } @@ -346,7 +346,7 @@ func (b *Server) SetupKMSes(ui cli.Ui, config *configutil.SharedConfig, purposes "After configuration nil KMS returned, KMS type was %s", kms.Type) } - if purpose == "controller" { + if purpose == "root" { b.ControllerKMS = wrapper } else { b.WorkerAuthKMS = wrapper diff --git a/internal/cmd/commands/config/fixtures/configDecrypt.hcl b/internal/cmd/commands/config/fixtures/configDecrypt.hcl index 9305a2f50f..db1e76f38d 100644 --- a/internal/cmd/commands/config/fixtures/configDecrypt.hcl +++ b/internal/cmd/commands/config/fixtures/configDecrypt.hcl @@ -5,7 +5,7 @@ kms "aead" { } kms "aead" { - purpose = "controller" + purpose = "root" aead_type = "aes-gcm" key ="{{decrypt(CkgsDUoQ7B5JhE1ye2yVAm3Ss_KNbLQgBhKtibtGSvpGOrwQ3zRTF_qoHPHX-xuqLyZ9zsb3cMo6OpphKOj7AeTn1_iiqZ_VaCsqAA)}}" } diff --git a/internal/cmd/commands/config/fixtures/configEncrypt.hcl b/internal/cmd/commands/config/fixtures/configEncrypt.hcl index 5b97b21e85..9f40b88db1 100644 --- a/internal/cmd/commands/config/fixtures/configEncrypt.hcl +++ b/internal/cmd/commands/config/fixtures/configEncrypt.hcl @@ -5,7 +5,7 @@ kms "aead" { } kms "aead" { - purpose = "controller" + purpose = "root" aead_type = "aes-gcm" key ="{{encrypt(eb78KqCwowELYnkOOko/XYz01q1ax3g76J1vCAvt5dQ=)}}" } diff --git a/internal/cmd/commands/controller/controller.go b/internal/cmd/commands/controller/controller.go index 8f57b9bd8d..777ff09145 100644 --- a/internal/cmd/commands/controller/controller.go +++ b/internal/cmd/commands/controller/controller.go @@ -198,7 +198,7 @@ func (c *Command) Run(args []string) int { return 1 } - if err := c.SetupKMSes(c.UI, c.Config.SharedConfig, []string{"controller", "worker-auth"}); err != nil { + if err := c.SetupKMSes(c.UI, c.Config.SharedConfig, []string{"root", "worker-auth"}); err != nil { c.UI.Error(err.Error()) return 1 } diff --git a/internal/cmd/commands/dev/dev.go b/internal/cmd/commands/dev/dev.go index 458feb90b1..1d18dd69a4 100644 --- a/internal/cmd/commands/dev/dev.go +++ b/internal/cmd/commands/dev/dev.go @@ -236,7 +236,7 @@ func (c *Command) Run(args []string) int { return 1 } - if err := c.SetupKMSes(c.UI, devConfig.SharedConfig, []string{"controller", "worker-auth"}); err != nil { + if err := c.SetupKMSes(c.UI, devConfig.SharedConfig, []string{"root", "worker-auth"}); err != nil { c.UI.Error(err.Error()) return 1 } diff --git a/internal/cmd/config/config.go b/internal/cmd/config/config.go index c58ba03f6b..21299c7f7a 100644 --- a/internal/cmd/config/config.go +++ b/internal/cmd/config/config.go @@ -30,7 +30,7 @@ controller { } kms "aead" { - purpose = "controller" + purpose = "root" aead_type = "aes-gcm" key = "%s" } diff --git a/internal/cmd/config/config_test.go b/internal/cmd/config/config_test.go index 85752e2538..13b0de2f30 100644 --- a/internal/cmd/config/config_test.go +++ b/internal/cmd/config/config_test.go @@ -49,7 +49,7 @@ func TestDevController(t *testing.T) { Seals: []*configutil.KMS{ { Type: "aead", - Purpose: []string{"controller"}, + Purpose: []string{"root"}, Config: map[string]string{ "aead_type": "aes-gcm", }, @@ -140,7 +140,7 @@ kms "aead" { } kms "aead" { - purpose = "controller" + purpose = "root" aead_type = "aes-gcm" key ="eb78KqCwowELYnkOOko/XYz01q1ax3g76J1vCAvt5dQ=" }` @@ -153,7 +153,7 @@ kms "aead" { } kms "aead" { - purpose = "controller" + purpose = "root" aead_type = "aes-gcm" key ="{{decrypt(Ckh57d4NA6nsnRKV6DiHTyfwLIakdhN8w7qdPJgo-KWnBdlEKv3NQkUFbouU0eorSGik1Qbca5xEy2NqYT9UYj_GUGo6hHz13MEqAA)}}" }` diff --git a/internal/servers/controller/cors_test.go b/internal/servers/controller/cors_test.go index 31c15d7a57..2cbc5a72b5 100644 --- a/internal/servers/controller/cors_test.go +++ b/internal/servers/controller/cors_test.go @@ -22,7 +22,7 @@ telemetry { } kms "aead" { - purpose = "controller" + purpose = "root" aead_type = "aes-gcm" key = "09iqFxRJNYsl/b8CQxjnGw==" } diff --git a/internal/servers/controller/testing.go b/internal/servers/controller/testing.go index c6d311449a..dc73ee00c2 100644 --- a/internal/servers/controller/testing.go +++ b/internal/servers/controller/testing.go @@ -262,7 +262,7 @@ func NewTestController(t *testing.T, opts *TestControllerOpts) *TestController { tc.b.ControllerKMS = opts.ControllerKMS tc.b.WorkerAuthKMS = opts.WorkerAuthKMS case opts.ControllerKMS == nil && opts.WorkerAuthKMS == nil: - if err := tc.b.SetupKMSes(nil, opts.Config.SharedConfig, []string{"controller", "worker-auth"}); err != nil { + if err := tc.b.SetupKMSes(nil, opts.Config.SharedConfig, []string{"root", "worker-auth"}); err != nil { t.Fatal(err) } default: