From eae51feabb2629f1e0bc8736f0b9ea4b4f88da39 Mon Sep 17 00:00:00 2001 From: Konstantin Demin Date: Mon, 1 Jul 2024 11:03:30 +0300 Subject: [PATCH] remove swift --- command/commands.go | 2 - go.mod | 1 - go.sum | 1 - physical/swift/swift.go | 249 ----------------------------------- physical/swift/swift_test.go | 94 ------------- 5 files changed, 347 deletions(-) delete mode 100644 physical/swift/swift.go delete mode 100644 physical/swift/swift_test.go diff --git a/command/commands.go b/command/commands.go index 4770e0ad7..d73f8b92b 100644 --- a/command/commands.go +++ b/command/commands.go @@ -52,7 +52,6 @@ import ( physOCI "github.com/hashicorp/vault/physical/oci" physPostgreSQL "github.com/hashicorp/vault/physical/postgresql" physRaft "github.com/hashicorp/vault/physical/raft" - physSwift "github.com/hashicorp/vault/physical/swift" physFile "github.com/hashicorp/vault/sdk/physical/file" physInmem "github.com/hashicorp/vault/sdk/physical/inmem" @@ -190,7 +189,6 @@ var ( "mysql": physMySQL.NewMySQLBackend, "oci": physOCI.NewBackend, "postgresql": physPostgreSQL.NewPostgreSQLBackend, - "swift": physSwift.NewSwiftBackend, "raft": physRaft.NewRaftBackend, } diff --git a/go.mod b/go.mod index a02e04d46..dc49c9752 100644 --- a/go.mod +++ b/go.mod @@ -140,7 +140,6 @@ require ( github.com/mitchellh/mapstructure v1.5.0 github.com/mitchellh/reflectwalk v1.0.2 github.com/natefinch/atomic v0.0.0-20150920032501-a62ce929ffcc - github.com/ncw/swift v1.0.47 github.com/oklog/run v1.1.0 github.com/okta/okta-sdk-golang/v2 v2.12.1 github.com/oracle/oci-go-sdk v24.3.0+incompatible diff --git a/go.sum b/go.sum index 58e483de3..c3f515a94 100644 --- a/go.sum +++ b/go.sum @@ -2426,7 +2426,6 @@ github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRW github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/natefinch/atomic v0.0.0-20150920032501-a62ce929ffcc h1:7xGrl4tTpBQu5Zjll08WupHyq+Sp0Z/adtyf1cfk3Q8= github.com/natefinch/atomic v0.0.0-20150920032501-a62ce929ffcc/go.mod h1:1rLVY/DWf3U6vSZgH16S7pymfrhK2lcUlXjgGglw/lY= -github.com/ncw/swift v1.0.47 h1:4DQRPj35Y41WogBxyhOXlrI37nzGlyEcsforeudyYPQ= github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= github.com/networkplumbing/go-nft v0.2.0/go.mod h1:HnnM+tYvlGAsMU7yoYwXEVLLiDW9gdMmb5HoGcwpuQs= github.com/nicolai86/scaleway-sdk v1.10.2-0.20180628010248-798f60e20bb2 h1:BQ1HW7hr4IVovMwWg0E0PYcyW8CzqDcVmaew9cujU4s= diff --git a/physical/swift/swift.go b/physical/swift/swift.go deleted file mode 100644 index b19b58bda..000000000 --- a/physical/swift/swift.go +++ /dev/null @@ -1,249 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package swift - -import ( - "context" - "fmt" - "os" - "sort" - "strconv" - "strings" - "time" - - log "github.com/hashicorp/go-hclog" - - metrics "github.com/armon/go-metrics" - cleanhttp "github.com/hashicorp/go-cleanhttp" - "github.com/hashicorp/go-secure-stdlib/strutil" - "github.com/hashicorp/vault/sdk/physical" - "github.com/ncw/swift" -) - -// Verify SwiftBackend satisfies the correct interfaces -var _ physical.Backend = (*SwiftBackend)(nil) - -// SwiftBackend is a physical backend that stores data -// within an OpenStack Swift container. -type SwiftBackend struct { - container string - client *swift.Connection - logger log.Logger - permitPool *physical.PermitPool -} - -// NewSwiftBackend constructs a Swift backend using a pre-existing -// container. Credentials can be provided to the backend, sourced -// from the environment. -func NewSwiftBackend(conf map[string]string, logger log.Logger) (physical.Backend, error) { - var ok bool - - username := os.Getenv("OS_USERNAME") - if username == "" { - username = conf["username"] - if username == "" { - return nil, fmt.Errorf("missing username") - } - } - password := os.Getenv("OS_PASSWORD") - if password == "" { - password = conf["password"] - if password == "" { - return nil, fmt.Errorf("missing password") - } - } - authUrl := os.Getenv("OS_AUTH_URL") - if authUrl == "" { - authUrl = conf["auth_url"] - if authUrl == "" { - return nil, fmt.Errorf("missing auth_url") - } - } - container := os.Getenv("OS_CONTAINER") - if container == "" { - container = conf["container"] - if container == "" { - return nil, fmt.Errorf("missing container") - } - } - project := os.Getenv("OS_PROJECT_NAME") - if project == "" { - if project, ok = conf["project"]; !ok { - // Check for KeyStone naming prior to V3 - project = os.Getenv("OS_TENANT_NAME") - if project == "" { - project = conf["tenant"] - } - } - } - - domain := os.Getenv("OS_USER_DOMAIN_NAME") - if domain == "" { - domain = conf["domain"] - } - projectDomain := os.Getenv("OS_PROJECT_DOMAIN_NAME") - if projectDomain == "" { - projectDomain = conf["project-domain"] - } - - region := os.Getenv("OS_REGION_NAME") - if region == "" { - region = conf["region"] - } - tenantID := os.Getenv("OS_TENANT_ID") - if tenantID == "" { - tenantID = conf["tenant_id"] - } - trustID := os.Getenv("OS_TRUST_ID") - if trustID == "" { - trustID = conf["trust_id"] - } - storageUrl := os.Getenv("OS_STORAGE_URL") - if storageUrl == "" { - storageUrl = conf["storage_url"] - } - authToken := os.Getenv("OS_AUTH_TOKEN") - if authToken == "" { - authToken = conf["auth_token"] - } - - c := swift.Connection{ - Domain: domain, - UserName: username, - ApiKey: password, - AuthUrl: authUrl, - Tenant: project, - TenantDomain: projectDomain, - Region: region, - TenantId: tenantID, - TrustId: trustID, - StorageUrl: storageUrl, - AuthToken: authToken, - Transport: cleanhttp.DefaultPooledTransport(), - } - - err := c.Authenticate() - if err != nil { - return nil, err - } - - _, _, err = c.Container(container) - if err != nil { - return nil, fmt.Errorf("Unable to access container %q: %w", container, err) - } - - maxParStr, ok := conf["max_parallel"] - var maxParInt int - if ok { - maxParInt, err = strconv.Atoi(maxParStr) - if err != nil { - return nil, fmt.Errorf("failed parsing max_parallel parameter: %w", err) - } - if logger.IsDebug() { - logger.Debug("max_parallel set", "max_parallel", maxParInt) - } - } - - s := &SwiftBackend{ - client: &c, - container: container, - logger: logger, - permitPool: physical.NewPermitPool(maxParInt), - } - return s, nil -} - -// Put is used to insert or update an entry -func (s *SwiftBackend) Put(ctx context.Context, entry *physical.Entry) error { - defer metrics.MeasureSince([]string{"swift", "put"}, time.Now()) - - s.permitPool.Acquire() - defer s.permitPool.Release() - - err := s.client.ObjectPutBytes(s.container, entry.Key, entry.Value, "") - if err != nil { - return err - } - - return nil -} - -// Get is used to fetch an entry -func (s *SwiftBackend) Get(ctx context.Context, key string) (*physical.Entry, error) { - defer metrics.MeasureSince([]string{"swift", "get"}, time.Now()) - - s.permitPool.Acquire() - defer s.permitPool.Release() - - // Do a list of names with the key first since eventual consistency means - // it might be deleted, but a node might return a read of bytes which fails - // the physical test - list, err := s.client.ObjectNames(s.container, &swift.ObjectsOpts{Prefix: key}) - if err != nil { - return nil, err - } - if 0 == len(list) { - return nil, nil - } - data, err := s.client.ObjectGetBytes(s.container, key) - if err == swift.ObjectNotFound { - return nil, nil - } - if err != nil { - return nil, err - } - ent := &physical.Entry{ - Key: key, - Value: data, - } - - return ent, nil -} - -// Delete is used to permanently delete an entry -func (s *SwiftBackend) Delete(ctx context.Context, key string) error { - defer metrics.MeasureSince([]string{"swift", "delete"}, time.Now()) - - s.permitPool.Acquire() - defer s.permitPool.Release() - - err := s.client.ObjectDelete(s.container, key) - - if err != nil && err != swift.ObjectNotFound { - return err - } - - return nil -} - -// List is used to list all the keys under a given -// prefix, up to the next prefix. -func (s *SwiftBackend) List(ctx context.Context, prefix string) ([]string, error) { - defer metrics.MeasureSince([]string{"swift", "list"}, time.Now()) - - s.permitPool.Acquire() - defer s.permitPool.Release() - - list, err := s.client.ObjectNamesAll(s.container, &swift.ObjectsOpts{Prefix: prefix}) - if nil != err { - return nil, err - } - - keys := []string{} - for _, key := range list { - key := strings.TrimPrefix(key, prefix) - - if i := strings.Index(key, "/"); i == -1 { - // Add objects only from the current 'folder' - keys = append(keys, key) - } else if i != -1 { - // Add truncated 'folder' paths - keys = strutil.AppendIfMissing(keys, key[:i+1]) - } - } - - sort.Strings(keys) - - return keys, nil -} diff --git a/physical/swift/swift_test.go b/physical/swift/swift_test.go deleted file mode 100644 index a17b15515..000000000 --- a/physical/swift/swift_test.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package swift - -import ( - "fmt" - "os" - "testing" - "time" - - log "github.com/hashicorp/go-hclog" - - cleanhttp "github.com/hashicorp/go-cleanhttp" - "github.com/hashicorp/vault/sdk/helper/logging" - "github.com/hashicorp/vault/sdk/physical" - "github.com/ncw/swift" -) - -func TestSwiftBackend(t *testing.T) { - if os.Getenv("OS_USERNAME") == "" || os.Getenv("OS_PASSWORD") == "" || - os.Getenv("OS_AUTH_URL") == "" { - t.SkipNow() - } - username := os.Getenv("OS_USERNAME") - password := os.Getenv("OS_PASSWORD") - authUrl := os.Getenv("OS_AUTH_URL") - project := os.Getenv("OS_PROJECT_NAME") - domain := os.Getenv("OS_USER_DOMAIN_NAME") - projectDomain := os.Getenv("OS_PROJECT_DOMAIN_NAME") - region := os.Getenv("OS_REGION_NAME") - tenantID := os.Getenv("OS_TENANT_ID") - - ts := time.Now().UnixNano() - container := fmt.Sprintf("vault-test-%d", ts) - - cleaner := swift.Connection{ - Domain: domain, - UserName: username, - ApiKey: password, - AuthUrl: authUrl, - Tenant: project, - TenantDomain: projectDomain, - Region: region, - TenantId: tenantID, - Transport: cleanhttp.DefaultPooledTransport(), - } - - err := cleaner.Authenticate() - if err != nil { - t.Fatalf("err: %s", err) - } - - err = cleaner.ContainerCreate(container, nil) - if nil != err { - t.Fatalf("Unable to create test container %q: %v", container, err) - } - defer func() { - newObjects, err := cleaner.ObjectNamesAll(container, nil) - if err != nil { - t.Fatalf("err: %s", err) - } - for _, o := range newObjects { - err := cleaner.ObjectDelete(container, o) - if err != nil { - t.Fatalf("err: %s", err) - } - } - err = cleaner.ContainerDelete(container) - if err != nil { - t.Fatalf("err: %s", err) - } - }() - - logger := logging.NewVaultLogger(log.Debug) - - b, err := NewSwiftBackend(map[string]string{ - "username": username, - "password": password, - "container": container, - "auth_url": authUrl, - "project": project, - "domain": domain, - "project-domain": projectDomain, - "tenant_id": tenantID, - "region": region, - }, logger) - if err != nil { - t.Fatalf("err: %s", err) - } - - physical.ExerciseBackend(t, b) - physical.ExerciseBackend_ListPrefix(t, b) -}