Fix review comments and new changes in config (#8515)

- Migrate and save only settings which are enabled - Rename logger_http to logger_webhook and logger_http_audit to audit_webhook - No more pretty printing comments, comment is a key=value pair now. - Avoid quotes on values which do not have space in them - `state="on"` is implicit for all SetConfigKV unless specified explicitly as `state="off"` - Disabled IAM users should be disabled always
2025-11-07 04:42:56 -05:00 · 2019-11-13 17:38:05 -08:00
parent 60690a7e1d
commit 26a866a202
37 changed files with 363 additions and 466 deletions
--- a/cmd/crypto/config.go
+++ b/cmd/crypto/config.go
@@ -149,8 +149,12 @@ func LookupConfig(kvs config.KVS) (KMSConfig, error) {
 	if kmsCfg.Vault.Enabled {
 		return kmsCfg, nil
 	}
+
 	stateBool, err := config.ParseBool(env.Get(EnvKMSVaultState, kvs.Get(config.State)))
 	if err != nil {
+		if kvs.Empty() {
+			return kmsCfg, nil
+		}
 		return kmsCfg, err
 	}
 	if !stateBool {
--- a/cmd/crypto/legacy.go
+++ b/cmd/crypto/legacy.go
@@ -79,6 +79,9 @@ const (

 // SetKMSConfig helper to migrate from older KMSConfig to new KV.
 func SetKMSConfig(s config.Config, cfg KMSConfig) {
+	if cfg.Vault.Endpoint == "" {
+		return
+	}
 	s[config.KmsVaultSubSys][config.Default] = config.KVS{
 		KMSVaultEndpoint: cfg.Vault.Endpoint,
 		KMSVaultCAPath:   cfg.Vault.CAPath,
@@ -93,13 +96,8 @@ func SetKMSConfig(s config.Config, cfg KMSConfig) {
 		KMSVaultKeyName:       cfg.Vault.Key.Name,
 		KMSVaultKeyVersion:    strconv.Itoa(cfg.Vault.Key.Version),
 		KMSVaultNamespace:     cfg.Vault.Namespace,
-		config.State: func() string {
-			if cfg.Vault.Endpoint != "" {
-				return config.StateOn
-			}
-			return config.StateOff
-		}(),
-		config.Comment: "Settings for KMS Vault, after migrating config",
+		config.State:          config.StateOn,
+		config.Comment:        "Settings for KMS Vault, after migrating config",
 	}
 }