New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
UI/Add Elasticsearch DB #12672
Merged
Merged
UI/Add Elasticsearch DB #12672
Changes from 20 commits
Commits
Show all changes
24 commits
Select commit
Hold shift + click to select a range
d585b55
wip//changes linked block to angle bracket'
hellobontempo b7d7dd6
displays empty state if database is not supported in the UI
hellobontempo 006df83
adds elasticsearch db plugin
hellobontempo cabf6b0
adds changelog
hellobontempo 6607482
fixes typo
hellobontempo 19ca5d8
Merge branch 'main' into ui/elasticsearch-db
hellobontempo e3d798d
edits changelog
hellobontempo 93df386
updates elasticsearch attrs
hellobontempo cb68a65
oops
hellobontempo 4fc1887
updates subtext
hellobontempo 49c8350
move tls_server_name to pluginConfig group
hellobontempo 9692c6e
move role setting fields to util
hellobontempo e5be1f2
remove unnecessary statement attrs
hellobontempo d657d87
updates isAvailablePlugin to default true
hellobontempo 989c451
fixes isAvailable boolean
hellobontempo b7765cf
removes loading.hbs that wasn't working
hellobontempo a962b45
updates comments and refactors using util function
hellobontempo 2567645
adds tests for elasticsearch
hellobontempo 785f191
Merge branch 'main' into ui/elasticsearch-db
hellobontempo 45b671d
fixes typo
hellobontempo 5f39b68
fixes indentation
hellobontempo ed05ced
when local host needs https
hellobontempo b6690ef
updates text to fix to match tests
hellobontempo 0829457
adds space below hbs file
hellobontempo File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
```release-note:feature | ||
**Elasticsearch in the UI**: Elasticsearch DB is now supported by the UI | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -121,6 +121,26 @@ const AVAILABLE_PLUGIN_TYPES = [ | |
{ attr: 'root_rotation_statements', group: 'statements' }, | ||
], | ||
}, | ||
{ | ||
value: 'elasticsearch-database-plugin', | ||
displayName: 'Elasticsearch', | ||
fields: [ | ||
{ attr: 'plugin_name' }, | ||
{ attr: 'name' }, | ||
{ attr: 'verify_connection' }, | ||
{ attr: 'password_policy' }, | ||
{ attr: 'url', group: 'pluginConfig' }, | ||
{ attr: 'username', group: 'pluginConfig', show: false }, | ||
{ attr: 'password', group: 'pluginConfig', show: false }, | ||
{ attr: 'ca_cert', group: 'pluginConfig' }, | ||
{ attr: 'ca_path', group: 'pluginConfig' }, | ||
{ attr: 'client_cert', group: 'pluginConfig' }, | ||
{ attr: 'client_key', group: 'pluginConfig' }, | ||
{ attr: 'tls_server_name', group: 'pluginConfig' }, | ||
{ attr: 'insecure', group: 'pluginConfig' }, | ||
{ attr: 'username_template', group: 'pluginConfig' }, | ||
], | ||
}, | ||
]; | ||
|
||
/** | ||
|
@@ -177,22 +197,38 @@ export default Model.extend({ | |
|
||
// common fields | ||
connection_url: attr('string', { | ||
subText: 'The connection string used to connect to the database.', | ||
label: 'Connection URL', | ||
subText: | ||
'The connection string used to connect to the database. This allows for simple templating of username and password of the root user in the {{field_name}} format.', | ||
}), | ||
url: attr('string', { | ||
subText: | ||
'The connection string used to connect to the database. This allows for simple templating of username and password of the root user.', | ||
label: 'URL', | ||
subText: `The URL for Elasticsearch's API ("http://localhost:9200").`, | ||
}), | ||
username: attr('string', { | ||
subText: 'Optional. The name of the user to use as the "root" user when connecting to the database.', | ||
subText: `The name of the user to use as the "root" user when connecting to the database.`, | ||
}), | ||
password: attr('string', { | ||
subText: | ||
'Optional. The password to use when connecting to the database. Typically used in the connection_url field via the templating directive {{password}}.', | ||
subText: 'The password to use when connecting with the above username.', | ||
editType: 'password', | ||
}), | ||
|
||
Monkeychip marked this conversation as resolved.
Show resolved
Hide resolved
|
||
// optional | ||
ca_cert: attr('string', { | ||
hellobontempo marked this conversation as resolved.
Show resolved
Hide resolved
|
||
label: 'CA certificate', | ||
subText: `The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.`, | ||
}), | ||
ca_path: attr('string', { | ||
label: 'CA path', | ||
subText: `The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.`, | ||
}), | ||
client_cert: attr('string', { | ||
label: 'Client certificate', | ||
subText: 'The path to the certificate for the Elasticsearch client to present for communication.', | ||
}), | ||
client_key: attr('string', { | ||
subText: 'The path to the key for the Elasticsearch client to use for communication.', | ||
}), | ||
hosts: attr('string', {}), | ||
host: attr('string', {}), | ||
port: attr('string', {}), | ||
|
@@ -220,6 +256,10 @@ export default Model.extend({ | |
max_connection_lifetime: attr('string', { | ||
defaultValue: '0s', | ||
}), | ||
insecure: attr('boolean', { | ||
defaultValue: false, | ||
label: 'Disable SSL verification', | ||
}), | ||
tls: attr('string', { | ||
label: 'TLS Certificate Key', | ||
helpText: | ||
|
@@ -232,12 +272,20 @@ export default Model.extend({ | |
'x509 CA file for validating the certificate presented by the MongoDB server. Must be PEM encoded.', | ||
editType: 'file', | ||
}), | ||
tls_server_name: attr('string', { | ||
label: 'TLS server name', | ||
subText: 'If set, this name is used to set the SNI host when connecting via 1TLS.', | ||
}), | ||
root_rotation_statements: attr({ | ||
subText: `The database statements to be executed to rotate the root user's credentials. If nothing is entered, Vault will use a reasonable default.`, | ||
editType: 'stringArray', | ||
defaultShown: 'Default', | ||
}), | ||
|
||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Databases unsupported by the UI will trigger |
||
isAvailablePlugin: computed('plugin_name', function() { | ||
return !!AVAILABLE_PLUGIN_TYPES.find(a => a.value === this.plugin_name); | ||
}), | ||
|
||
showAttrs: computed('plugin_name', function() { | ||
const fields = AVAILABLE_PLUGIN_TYPES.find(a => a.value === this.plugin_name) | ||
.fields.filter(f => f.show !== false) | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,6 +3,7 @@ import { computed } from '@ember/object'; | |
import { alias } from '@ember/object/computed'; | ||
import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities'; | ||
import { expandAttributeMeta } from 'vault/utils/field-to-attrs'; | ||
import { getRoleFields } from '../../utils/database-role-fields'; | ||
|
||
export default Model.extend({ | ||
idPrefix: 'role/', | ||
|
@@ -90,11 +91,7 @@ export default Model.extend({ | |
|
||
get showFields() { | ||
let fields = ['name', 'database', 'type']; | ||
if (this.type === 'dynamic') { | ||
fields = fields.concat(['ttl', 'max_ttl', 'creation_statements', 'revocation_statements']); | ||
} else { | ||
fields = fields.concat(['username', 'rotation_period']); | ||
} | ||
fields = fields.concat(getRoleFields(this.type)).concat(['creation_statements', 'revocation_statements']); | ||
return expandAttributeMeta(this, fields); | ||
}, | ||
|
||
|
@@ -106,9 +103,9 @@ export default Model.extend({ | |
'username', | ||
'rotation_period', | ||
'creation_statements', | ||
'creation_statement', // only for MongoDB (styling difference) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. No longer just for MongoDB, Elasticsearch needed as well :) |
||
'creation_statement', // for editType: JSON | ||
'revocation_statements', | ||
'revocation_statement', // only for MongoDB (styling difference) | ||
'revocation_statement', // only for MongoDB (editType: JSON) | ||
'rotation_statements', | ||
'rollback_statements', | ||
'renew_statements', | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This update is to match verbiage from design docs