Generate openapi.json response structures for approle requests #18055
Conversation
averche
changed the title
There was a problem hiding this comment.
took a closer look at path_role.go after meeting yesterday, far as I can tell all the functions matched up
(would really recommend moving the approle stuff into its own PR)
this looks like its not all the paths for the approle plugin
vault/builtin/credential/approle/backend.go
Lines 110 to 116 in c6eaac4
its more than enough code changes 😅 but can you change the PR title? right now it reads as if its the entire plugin and not only the "role" paths
| responseOK := map[int][]framework.Response{ | ||
| http.StatusOK: {{ | ||
| Description: "OK", | ||
| }}, | ||
| } |
There was a problem hiding this comment.
I don't want to call it a "standard", but is this a frequent response for the api? maybe we can even export a var from framework
There was a problem hiding this comment.
This is basically a Null response (with no fields). I think it's a good idea to move it out, agreed!
| @@ -210,15 +210,42 @@ can only be set during role creation and once set, it can't be reset later.`, | |||
| Type: framework.TypeBool, | |||
| Description: "If true, the secret identifiers generated using this role will be cluster local. This can only be set during role creation and once set, it can't be reset later", | |||
| }, | |||
| "period": { | |||
There was a problem hiding this comment.
so "period" is a field, was it removed? (git diff is weird)
There was a problem hiding this comment.
This might be referencing an older commit. It's a deprecated response field but I added it back for backwards compatibility.
|
@dhuckins Agreed, I will split this into two PR's and change the title accordingly. Thanks for the reviews! |
This PR modifies the path schema of `approle/path_role.go`, switching the old `Callbacks` to the equivalent `Operations` objects with a list of response fields for the 200 responses. This will allow us to generate a response structures in openapi.json. This PR is split out from #18055 along with #18192. ### Example For `GET "/auth/approle/role/{role_name}/bind-secret-id"` path, it will update the response as follows: ```diff "responses": { "200": { "description": "OK", ++ "content": { ++ "application/json": { ++ "schema": { ++ "$ref": "#/components/schemas/ApproleRoleBindSecretIdResponse" ++ } ++ } } } } ``` And will add the actual response structure: ```diff ++ "ApproleRoleBindSecretIdResponse": { ++ "type": "object", ++ "properties": { ++ "bind_secret_id": { ++ "type": "boolean", ++ "description": "Impose secret_id to be presented when logging in using this role. Defaults to 'true'." ++ } ++ } ++ }, ```
This PR modifies the path schema of `approle/path_role.go`, switching the old `Callbacks` to the equivalent `Operations` objects with a list of response fields for the 200 responses. This will allow us to generate a response structures in openapi.json. This PR is split out from #18055 along with #18192. ### Example For `GET "/auth/approle/role/{role_name}/bind-secret-id"` path, it will update the response as follows: ```diff "responses": { "200": { "description": "OK", ++ "content": { ++ "application/json": { ++ "schema": { ++ "$ref": "#/components/schemas/ApproleRoleBindSecretIdResponse" ++ } ++ } } } } ``` And will add the actual response structure: ```diff ++ "ApproleRoleBindSecretIdResponse": { ++ "type": "object", ++ "properties": { ++ "bind_secret_id": { ++ "type": "boolean", ++ "description": "Impose secret_id to be presented when logging in using this role. Defaults to 'true'." ++ } ++ } ++ }, ```
This PR adds logic to generate
openapi.jsonresponse structures and implements the response structures for applrole path_role requests.Example
For
GET "/auth/approle/role/{role_name}/bind-secret-id"path, it will update the response as follows:"responses": { "200": { "description": "OK", ++ "content": { ++ "application/json": { ++ "schema": { ++ "$ref": "#/components/schemas/ApproleRoleBindSecretIdResponse" ++ } ++ } } } }And will add the actual response structure: