From 2cd320709224f9b1250b8993432b4707b362c87f Mon Sep 17 00:00:00 2001 From: Konstantin Demin Date: Mon, 1 Jul 2024 20:56:17 +0300 Subject: [PATCH] remove cloudfoundry --- command/agent/cf_end_to_end_test.go | 192 ------------------------- command/agentproxyshared/auth/cf/cf.go | 86 ----------- command/agentproxyshared/helpers.go | 5 - command/commands.go | 3 - go.mod | 4 - go.sum | 25 ---- helper/builtinplugins/registry.go | 10 +- scripts/gen_openapi.sh | 1 - 8 files changed, 2 insertions(+), 324 deletions(-) delete mode 100644 command/agent/cf_end_to_end_test.go delete mode 100644 command/agentproxyshared/auth/cf/cf.go diff --git a/command/agent/cf_end_to_end_test.go b/command/agent/cf_end_to_end_test.go deleted file mode 100644 index 7a3a9416a..000000000 --- a/command/agent/cf_end_to_end_test.go +++ /dev/null @@ -1,192 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package agent - -import ( - "context" - "io/ioutil" - "os" - "testing" - "time" - - hclog "github.com/hashicorp/go-hclog" - credCF "github.com/hashicorp/vault-plugin-auth-cf" - "github.com/hashicorp/vault-plugin-auth-cf/testing/certificates" - cfAPI "github.com/hashicorp/vault-plugin-auth-cf/testing/cf" - "github.com/hashicorp/vault/api" - "github.com/hashicorp/vault/command/agentproxyshared/auth" - agentcf "github.com/hashicorp/vault/command/agentproxyshared/auth/cf" - "github.com/hashicorp/vault/command/agentproxyshared/sink" - "github.com/hashicorp/vault/command/agentproxyshared/sink/file" - vaulthttp "github.com/hashicorp/vault/http" - "github.com/hashicorp/vault/sdk/helper/logging" - "github.com/hashicorp/vault/sdk/logical" - "github.com/hashicorp/vault/vault" -) - -func TestCFEndToEnd(t *testing.T) { - logger := logging.NewVaultLogger(hclog.Trace) - - coreConfig := &vault.CoreConfig{ - DisableMlock: true, - DisableCache: true, - Logger: hclog.NewNullLogger(), - CredentialBackends: map[string]logical.Factory{ - "cf": credCF.Factory, - }, - } - - cluster := vault.NewTestCluster(t, coreConfig, &vault.TestClusterOptions{ - HandlerFunc: vaulthttp.Handler, - }) - - cluster.Start() - defer cluster.Cleanup() - - cores := cluster.Cores - vault.TestWaitActive(t, cores[0].Core) - client := cores[0].Client - if err := client.Sys().EnableAuthWithOptions("cf", &api.EnableAuthOptions{ - Type: "cf", - }); err != nil { - t.Fatal(err) - } - - testIPAddress := "127.0.0.1" - - // Generate some valid certs that look like the ones we get from CF. - testCFCerts, err := certificates.Generate(cfAPI.FoundServiceGUID, cfAPI.FoundOrgGUID, cfAPI.FoundSpaceGUID, cfAPI.FoundAppGUID, testIPAddress) - if err != nil { - t.Fatal(err) - } - defer func() { - if err := testCFCerts.Close(); err != nil { - t.Fatal(err) - } - }() - - // Start a mock server representing their API. - mockCFAPI := cfAPI.MockServer(false, nil) - defer mockCFAPI.Close() - - // Configure a CA certificate like a Vault operator would in setting up CF. - if _, err := client.Logical().Write("auth/cf/config", map[string]interface{}{ - "identity_ca_certificates": testCFCerts.CACertificate, - "cf_api_addr": mockCFAPI.URL, - "cf_username": cfAPI.AuthUsername, - "cf_password": cfAPI.AuthPassword, - }); err != nil { - t.Fatal(err) - } - - // Configure a role to be used for logging in, another thing a Vault operator would do. - if _, err := client.Logical().Write("auth/cf/roles/test-role", map[string]interface{}{ - "bound_instance_ids": cfAPI.FoundServiceGUID, - "bound_organization_ids": cfAPI.FoundOrgGUID, - "bound_space_ids": cfAPI.FoundSpaceGUID, - "bound_application_ids": cfAPI.FoundAppGUID, - }); err != nil { - t.Fatal(err) - } - - os.Setenv(credCF.EnvVarInstanceCertificate, testCFCerts.PathToInstanceCertificate) - os.Setenv(credCF.EnvVarInstanceKey, testCFCerts.PathToInstanceKey) - - ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second) - - am, err := agentcf.NewCFAuthMethod(&auth.AuthConfig{ - MountPath: "auth/cf", - Config: map[string]interface{}{ - "role": "test-role", - }, - }) - if err != nil { - t.Fatal(err) - } - - ahConfig := &auth.AuthHandlerConfig{ - Logger: logger.Named("auth.handler"), - Client: client, - } - - ah := auth.NewAuthHandler(ahConfig) - errCh := make(chan error) - go func() { - errCh <- ah.Run(ctx, am) - }() - defer func() { - select { - case <-ctx.Done(): - case err := <-errCh: - if err != nil { - t.Fatal(err) - } - } - }() - - tmpFile, err := ioutil.TempFile("", "auth.tokensink.test.") - if err != nil { - t.Fatal(err) - } - tokenSinkFileName := tmpFile.Name() - tmpFile.Close() - os.Remove(tokenSinkFileName) - t.Logf("output: %s", tokenSinkFileName) - - config := &sink.SinkConfig{ - Logger: logger.Named("sink.file"), - Config: map[string]interface{}{ - "path": tokenSinkFileName, - }, - WrapTTL: 10 * time.Second, - } - - fs, err := file.NewFileSink(config) - if err != nil { - t.Fatal(err) - } - config.Sink = fs - - ss := sink.NewSinkServer(&sink.SinkServerConfig{ - Logger: logger.Named("sink.server"), - Client: client, - }) - go func() { - errCh <- ss.Run(ctx, ah.OutputCh, []*sink.SinkConfig{config}) - }() - defer func() { - select { - case <-ctx.Done(): - case err := <-errCh: - if err != nil { - t.Fatal(err) - } - } - }() - - // This has to be after the other defers so it happens first. It allows - // successful test runs to immediately cancel all of the runner goroutines - // and unblock any of the blocking defer calls by the runner's DoneCh that - // comes before this and avoid successful tests from taking the entire - // timeout duration. - defer cancel() - - if stat, err := os.Lstat(tokenSinkFileName); err == nil { - t.Fatalf("expected err but got %s", stat) - } else if !os.IsNotExist(err) { - t.Fatal("expected notexist err") - } - - // Wait 2 seconds for the env variables to be detected and an auth to be generated. - time.Sleep(time.Second * 2) - - token, err := readToken(tokenSinkFileName) - if err != nil { - t.Fatal(err) - } - - if token.Token == "" { - t.Fatal("expected token but didn't receive it") - } -} diff --git a/command/agentproxyshared/auth/cf/cf.go b/command/agentproxyshared/auth/cf/cf.go deleted file mode 100644 index 27396be20..000000000 --- a/command/agentproxyshared/auth/cf/cf.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package cf - -import ( - "context" - "errors" - "fmt" - "io/ioutil" - "net/http" - "os" - "time" - - cf "github.com/hashicorp/vault-plugin-auth-cf" - "github.com/hashicorp/vault-plugin-auth-cf/signatures" - "github.com/hashicorp/vault/api" - "github.com/hashicorp/vault/command/agentproxyshared/auth" -) - -type cfMethod struct { - mountPath string - roleName string -} - -func NewCFAuthMethod(conf *auth.AuthConfig) (auth.AuthMethod, error) { - if conf == nil { - return nil, errors.New("empty config") - } - if conf.Config == nil { - return nil, errors.New("empty config data") - } - a := &cfMethod{ - mountPath: conf.MountPath, - } - if raw, ok := conf.Config["role"]; ok { - if roleName, ok := raw.(string); ok { - a.roleName = roleName - } else { - return nil, errors.New("could not convert 'role' config value to string") - } - } else { - return nil, errors.New("missing 'role' value") - } - return a, nil -} - -func (p *cfMethod) Authenticate(ctx context.Context, client *api.Client) (string, http.Header, map[string]interface{}, error) { - pathToClientCert := os.Getenv(cf.EnvVarInstanceCertificate) - if pathToClientCert == "" { - return "", nil, nil, fmt.Errorf("missing %q value", cf.EnvVarInstanceCertificate) - } - certBytes, err := ioutil.ReadFile(pathToClientCert) - if err != nil { - return "", nil, nil, err - } - pathToClientKey := os.Getenv(cf.EnvVarInstanceKey) - if pathToClientKey == "" { - return "", nil, nil, fmt.Errorf("missing %q value", cf.EnvVarInstanceKey) - } - signingTime := time.Now().UTC() - signatureData := &signatures.SignatureData{ - SigningTime: signingTime, - Role: p.roleName, - CFInstanceCertContents: string(certBytes), - } - signature, err := signatures.Sign(pathToClientKey, signatureData) - if err != nil { - return "", nil, nil, err - } - data := map[string]interface{}{ - "role": p.roleName, - "cf_instance_cert": string(certBytes), - "signing_time": signingTime.Format(signatures.TimeFormat), - "signature": signature, - } - return fmt.Sprintf("%s/login", p.mountPath), nil, data, nil -} - -func (p *cfMethod) NewCreds() chan struct{} { - return nil -} - -func (p *cfMethod) CredSuccess() {} - -func (p *cfMethod) Shutdown() {} diff --git a/command/agentproxyshared/helpers.go b/command/agentproxyshared/helpers.go index cfe08e544..06d963c13 100644 --- a/command/agentproxyshared/helpers.go +++ b/command/agentproxyshared/helpers.go @@ -15,7 +15,6 @@ import ( "github.com/hashicorp/vault/command/agentproxyshared/auth" "github.com/hashicorp/vault/command/agentproxyshared/auth/approle" "github.com/hashicorp/vault/command/agentproxyshared/auth/cert" - "github.com/hashicorp/vault/command/agentproxyshared/auth/cf" "github.com/hashicorp/vault/command/agentproxyshared/auth/jwt" "github.com/hashicorp/vault/command/agentproxyshared/auth/kerberos" "github.com/hashicorp/vault/command/agentproxyshared/auth/kubernetes" @@ -33,8 +32,6 @@ func GetAutoAuthMethodFromConfig(autoAuthMethodType string, authConfig *auth.Aut switch autoAuthMethodType { case "cert": return cert.NewCertAuthMethod(authConfig) - case "cf": - return cf.NewCFAuthMethod(authConfig) case "jwt": return jwt.NewJWTAuthMethod(authConfig) case "kerberos": @@ -45,8 +42,6 @@ func GetAutoAuthMethodFromConfig(autoAuthMethodType string, authConfig *auth.Aut return approle.NewApproleAuthMethod(authConfig) case "token_file": return token_file.NewTokenFileAuthMethod(authConfig) - case "pcf": // Deprecated. - return cf.NewCFAuthMethod(authConfig) default: return nil, errors.New(fmt.Sprintf("unknown auth method %q", autoAuthMethodType)) } diff --git a/command/commands.go b/command/commands.go index 7c241f5fb..384b05414 100644 --- a/command/commands.go +++ b/command/commands.go @@ -27,7 +27,6 @@ import ( auditSyslog "github.com/hashicorp/vault/builtin/audit/syslog" credCentrify "github.com/hashicorp/vault-plugin-auth-centrify" - credCF "github.com/hashicorp/vault-plugin-auth-cf" credOIDC "github.com/hashicorp/vault-plugin-auth-jwt" credKerb "github.com/hashicorp/vault-plugin-auth-kerberos" credCert "github.com/hashicorp/vault/builtin/credential/cert" @@ -181,12 +180,10 @@ func initCommands(ui, serverCmdUi cli.Ui, runOpts *RunOptions) map[string]cli.Co loginHandlers := map[string]LoginHandler{ "centrify": &credCentrify.CLIHandler{}, "cert": &credCert.CLIHandler{}, - "cf": &credCF.CLIHandler{}, "github": &credGitHub.CLIHandler{}, "kerberos": &credKerb.CLIHandler{}, "ldap": &credLdap.CLIHandler{}, "oidc": &credOIDC.CLIHandler{}, - "pcf": &credCF.CLIHandler{}, // Deprecated. "radius": &credUserpass.CLIHandler{ DefaultMount: "radius", }, diff --git a/go.mod b/go.mod index 1f8a2503f..0afc76f0d 100644 --- a/go.mod +++ b/go.mod @@ -95,7 +95,6 @@ require ( github.com/hashicorp/raft-boltdb/v2 v2.0.0-20210421194847-a7e34179d62c github.com/hashicorp/raft-snapshot v1.0.4 github.com/hashicorp/vault-plugin-auth-centrify v0.15.1 - github.com/hashicorp/vault-plugin-auth-cf v0.15.0 github.com/hashicorp/vault-plugin-auth-jwt v0.16.1 github.com/hashicorp/vault-plugin-auth-kerberos v0.10.0 github.com/hashicorp/vault-plugin-auth-kubernetes v0.16.0 @@ -173,7 +172,6 @@ require ( require ( cloud.google.com/go/compute v1.23.3 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect - code.cloudfoundry.org/gofileutils v0.0.0-20170111115228-4d0c80011a0f // indirect github.com/Azure/azure-sdk-for-go v67.2.0+incompatible // indirect github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect @@ -191,7 +189,6 @@ require ( github.com/DataDog/datadog-go v3.2.0+incompatible // indirect github.com/Jeffail/gabs v1.1.1 // indirect github.com/Masterminds/goutils v1.1.1 // indirect - github.com/Masterminds/semver v1.5.0 // indirect github.com/Masterminds/semver/v3 v3.2.1 // indirect github.com/Masterminds/sprig/v3 v3.2.3 // indirect github.com/Microsoft/go-winio v0.6.1 // indirect @@ -209,7 +206,6 @@ require ( github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible // indirect github.com/circonus-labs/circonusllhist v0.1.3 // indirect github.com/cloudflare/circl v1.3.7 // indirect - github.com/cloudfoundry-community/go-cfclient v0.0.0-20210823134051-721f0e559306 // indirect github.com/containerd/containerd v1.7.12 // indirect github.com/containerd/continuity v0.4.2 // indirect github.com/containerd/log v0.1.0 // indirect diff --git a/go.sum b/go.sum index 7f52e7e7b..472cfd44a 100644 --- a/go.sum +++ b/go.sum @@ -795,8 +795,6 @@ cloud.google.com/go/workflows v1.9.0/go.mod h1:ZGkj1aFIOd9c8Gerkjjq7OW7I5+l6cSvT cloud.google.com/go/workflows v1.10.0/go.mod h1:fZ8LmRmZQWacon9UCX1r/g/DfAXx5VcPALq2CxzdePw= cloud.google.com/go/workflows v1.11.1/go.mod h1:Z+t10G1wF7h8LgdY/EmRcQY8ptBD/nvofaL6FqlET6g= cloud.google.com/go/workflows v1.12.0/go.mod h1:PYhSk2b6DhZ508tj8HXKaBh+OFe+xdl0dHF/tJdzPQM= -code.cloudfoundry.org/gofileutils v0.0.0-20170111115228-4d0c80011a0f h1:UrKzEwTgeiff9vxdrfdqxibzpWjxLnuXDI5m6z3GJAk= -code.cloudfoundry.org/gofileutils v0.0.0-20170111115228-4d0c80011a0f/go.mod h1:sk5LnIjB/nIEU7yP5sDQExVm62wu0pBh3yrElngUisI= dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= @@ -878,9 +876,6 @@ github.com/Jeffail/gabs v1.1.1/go.mod h1:6xMvQMK4k33lb7GUUpaAPh6nKMmemQeg5d4gn7/ github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0CRv0ky0k6m906ixxpzmDRLvX58TFUKS2eePweuyxk= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= -github.com/Masterminds/semver v1.4.2/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= -github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= -github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= @@ -1072,8 +1067,6 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= -github.com/cloudfoundry-community/go-cfclient v0.0.0-20210823134051-721f0e559306 h1:k8q2Nsz7kNaUlysVCnWIFLMUSqiKXaGLdIf9P0GsX2Y= -github.com/cloudfoundry-community/go-cfclient v0.0.0-20210823134051-721f0e559306/go.mod h1:0FdHblxw7g3M2PPICOw9i8YZOHP9dZTHbJUtoxL7Z/E= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= @@ -1095,8 +1088,6 @@ github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:z github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= -github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0 h1:sDMmm+q/3+BukdIpxwO365v/Rbspp2Nt5XntgQRXq8Q= -github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0/go.mod h1:4Zcjuz89kmFXt9morQgcfYZAYZ5n8WHjt81YYWIwtTM= github.com/container-orchestrated-devices/container-device-interface v0.6.1/go.mod h1:40T6oW59rFrL/ksiSs7q45GzjGlbvxnA4xaK6cyq+kA= github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= @@ -1470,8 +1461,6 @@ github.com/go-logr/stdr v1.2.0/go.mod h1:YkVgnZu1ZjjL7xTxrfm/LLZBfkhTqSR1ydtm6jT github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4= -github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab h1:xveKWz2iaueeTaUgdetzel+U7exyigDYBryyVfV/rZk= -github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8= github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI= @@ -1809,7 +1798,6 @@ github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+ github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= github.com/gophercloud/gophercloud v0.1.0 h1:P/nh25+rzXouhytV2pUHBb65fnds26Ghl8/391+sT5o= github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= @@ -2019,8 +2007,6 @@ github.com/hashicorp/serf v0.10.1 h1:Z1H2J60yRKvfDYAOZLd2MU0ND4AH/WDz7xYHDWQsIPY github.com/hashicorp/serf v0.10.1/go.mod h1:yL2t6BqATOLGc5HF7qbFkTfXoPIY0WZdWHfEvMqbG+4= github.com/hashicorp/vault-plugin-auth-centrify v0.15.1 h1:6StAr5tltpySNgyUwWC8czm9ZqkO7NIZfcRmxxtFwQ8= github.com/hashicorp/vault-plugin-auth-centrify v0.15.1/go.mod h1:xXs4I5yLxbQ5VHcpvSxkRhShCTXd8Zyrni8qnFrfQ4Y= -github.com/hashicorp/vault-plugin-auth-cf v0.15.0 h1:zIVGlYXCRBY/ElucWdFC9xF27d2QMGMQPm9wSezGREI= -github.com/hashicorp/vault-plugin-auth-cf v0.15.0/go.mod h1:FEIjQkYmzno4MfU36MAjFUG9/JUWeMPxvBG5DRTMYVM= github.com/hashicorp/vault-plugin-auth-jwt v0.16.1 h1:QUGRRvO3x+4+/leav+K2I9BVeGJcSBjCjgNbsZXrSTA= github.com/hashicorp/vault-plugin-auth-jwt v0.16.1/go.mod h1:m5dbjs4Ept6CCHn+E6rRQzgwWBDX4nFcms6ycrBc/4c= github.com/hashicorp/vault-plugin-auth-kerberos v0.10.0 h1:YH2x9kIV0jKXk22tVkpydhmPeEgprC7IOfN8l0pjF6c= @@ -2126,8 +2112,6 @@ github.com/jackc/puddle v0.0.0-20190413234325-e4ced69a3a2b/go.mod h1:m4B5Dj62Y0f github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= github.com/jarcoal/httpmock v0.0.0-20180424175123-9c70cfe4a1da/go.mod h1:ks+b9deReOc7jgqp+e7LuFiCBH6Rm5hL32cLcEAArb4= -github.com/jarcoal/httpmock v1.0.7 h1:d1a2VFpSdm5gtjhCPWsQHSnx8+5V3ms5431YwvmkuNk= -github.com/jarcoal/httpmock v1.0.7/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT8nX0Txik= github.com/jcmturner/aescts/v2 v2.0.0 h1:9YKLH6ey7H4eDBXW8khjYslgyqG2xZikXP0EQFKrle8= github.com/jcmturner/aescts/v2 v2.0.0/go.mod h1:AiaICIRyfYg35RUkr8yESTqvSy7csK90qZ5xfvvsoNs= github.com/jcmturner/dnsutils/v2 v2.0.0 h1:lltnkeZGL0wILNvrNiVCR6Ro5PGU/SeBvVO/8c/iPbo= @@ -2177,7 +2161,6 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= @@ -2268,8 +2251,6 @@ github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJ github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= -github.com/martini-contrib/render v0.0.0-20150707142108-ec18f8345a11 h1:YFh+sjyJTMQSYjKwM4dFKhJPJC/wfo98tPUc17HdoYw= -github.com/martini-contrib/render v0.0.0-20150707142108-ec18f8345a11/go.mod h1:Ah2dBMoxZEqk118as2T4u4fjfXarE0pPnMJaArZQZsI= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= @@ -2448,7 +2429,6 @@ github.com/onsi/ginkgo/v2 v2.9.1 h1:zie5Ly042PD3bsCvsSOPvRnFwyo3rKe64TJlD6nu0mk= github.com/onsi/ginkgo/v2 v2.9.1/go.mod h1:FEcmzVcCHl+4o9bQZVab+4dC9+j+91t2FHSzmGAPfuo= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= @@ -2517,8 +2497,6 @@ github.com/ory/dockertest v3.3.5+incompatible h1:iLLK6SQwIhcbrG783Dghaaa3WPzGc+4 github.com/ory/dockertest v3.3.5+incompatible/go.mod h1:1vX4m9wsvi00u5bseYwXaSnhNrne+V0E6LAcBILJdPs= github.com/ory/dockertest/v3 v3.10.0 h1:4K3z2VMe8Woe++invjaTB7VRyQXQy5UY+loujO4aNE4= github.com/ory/dockertest/v3 v3.10.0/go.mod h1:nr57ZbRWMqfsdGdFNLHz5jjNdDb7VVFnzAeW1n5N1Lg= -github.com/oxtoacart/bpool v0.0.0-20150712133111-4e1c5567d7c2 h1:CXwSGu/LYmbjEab5aMCs5usQRVBGThelUKBNnoSOuso= -github.com/oxtoacart/bpool v0.0.0-20150712133111-4e1c5567d7c2/go.mod h1:L3UMQOThbttwfYRNFOWLLVXMhk5Lkio4GGOtw5UrxS0= github.com/packethost/packngo v0.1.1-0.20180711074735-b9cb5096f54c h1:vwpFWvAO8DeIZfFeqASzZfsxuWPno9ncAebBEP0N3uE= github.com/packethost/packngo v0.1.1-0.20180711074735-b9cb5096f54c/go.mod h1:otzZQXgoO96RTzDB/Hycg0qZcXZsWJGJRSXbmEIJ+4M= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= @@ -2699,10 +2677,8 @@ github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 h1:JIAuq3EEf9cgbU6AtGPK4CTG3Zf6CKMNqf0MHTggAUA= github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966/go.mod h1:sUM3LWHvSMaG192sy56D9F7CNvL7jUJVXoqM1QKLnog= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/softlayer/softlayer-go v0.0.0-20180806151055-260589d94c7d h1:bVQRCxQvfjNUeRqaY/uT0tFuvuFY0ulgnczuR684Xic= github.com/softlayer/softlayer-go v0.0.0-20180806151055-260589d94c7d/go.mod h1:Cw4GTlQccdRGSEf6KiMju767x0NEHE0YIVPJSaXjlsw= @@ -3220,7 +3196,6 @@ golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190130055435-99b60b757ec1/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= diff --git a/helper/builtinplugins/registry.go b/helper/builtinplugins/registry.go index bc0e01ced..3026c2134 100644 --- a/helper/builtinplugins/registry.go +++ b/helper/builtinplugins/registry.go @@ -7,7 +7,6 @@ import ( "context" credCentrify "github.com/hashicorp/vault-plugin-auth-centrify" - credCF "github.com/hashicorp/vault-plugin-auth-cf" credJWT "github.com/hashicorp/vault-plugin-auth-jwt" credKerb "github.com/hashicorp/vault-plugin-auth-kerberos" credKube "github.com/hashicorp/vault-plugin-auth-kubernetes" @@ -83,19 +82,14 @@ func newRegistry() *registry { "approle": {Factory: credAppRole.Factory}, "centrify": {Factory: credCentrify.Factory}, "cert": {Factory: credCert.Factory}, - "cf": {Factory: credCF.Factory}, "github": {Factory: credGitHub.Factory}, "jwt": {Factory: credJWT.Factory}, "kerberos": {Factory: credKerb.Factory}, "kubernetes": {Factory: credKube.Factory}, "ldap": {Factory: credLdap.Factory}, "oidc": {Factory: credJWT.Factory}, - "pcf": { - Factory: credCF.Factory, - DeprecationStatus: consts.Deprecated, - }, - "radius": {Factory: credRadius.Factory}, - "userpass": {Factory: credUserpass.Factory}, + "radius": {Factory: credRadius.Factory}, + "userpass": {Factory: credUserpass.Factory}, }, databasePlugins: map[string]databasePlugin{ // These four plugins all use the same mysql implementation but with diff --git a/scripts/gen_openapi.sh b/scripts/gen_openapi.sh index e00d6ee34..cb98d9a3d 100755 --- a/scripts/gen_openapi.sh +++ b/scripts/gen_openapi.sh @@ -53,7 +53,6 @@ echo "Mounting all builtin plugins ..." vault auth enable "approle" vault auth enable "centrify" vault auth enable "cert" -vault auth enable "cf" vault auth enable "github" vault auth enable "jwt" vault auth enable "kerberos"