Order all keys in config (#8541)

New changes - return default values when sub-sys is not configured. - state is hidden parameter now - remove worm mode to be saved in config
2025-11-07 04:42:56 -05:00 · 2019-11-20 15:10:24 -08:00
parent ca96560d56
commit 5ac4b517c9
51 changed files with 1436 additions and 642 deletions
--- a/cmd/crypto/config.go
+++ b/cmd/crypto/config.go
@@ -46,16 +46,42 @@ const (
 // DefaultKVS - default KV crypto config
 var (
 	DefaultKVS = config.KVS{
-		config.State:          config.StateOff,
-		config.Comment:        "This is a default Vault configuration",
-		KMSVaultEndpoint:      "",
-		KMSVaultCAPath:        "",
-		KMSVaultKeyName:       "",
-		KMSVaultKeyVersion:    "",
-		KMSVaultNamespace:     "",
-		KMSVaultAuthType:      "approle",
-		KMSVaultAppRoleID:     "",
-		KMSVaultAppRoleSecret: "",
+		config.KV{
+			Key:   config.State,
+			Value: config.StateOff,
+		},
+		config.KV{
+			Key:   KMSVaultEndpoint,
+			Value: "",
+		},
+		config.KV{
+			Key:   KMSVaultKeyName,
+			Value: "",
+		},
+		config.KV{
+			Key:   KMSVaultAuthType,
+			Value: "approle",
+		},
+		config.KV{
+			Key:   KMSVaultAppRoleID,
+			Value: "",
+		},
+		config.KV{
+			Key:   KMSVaultAppRoleSecret,
+			Value: "",
+		},
+		config.KV{
+			Key:   KMSVaultCAPath,
+			Value: "",
+		},
+		config.KV{
+			Key:   KMSVaultKeyVersion,
+			Value: "",
+		},
+		config.KV{
+			Key:   KMSVaultNamespace,
+			Value: "",
+		},
 	}
 )

--- a/cmd/crypto/help.go
+++ b/cmd/crypto/help.go
@@ -21,11 +21,6 @@ import "github.com/minio/minio/cmd/config"
 // Help template for KMS vault
 var (
 	Help = config.HelpKVS{
-		config.HelpKV{
-			Key:         config.State,
-			Description: "Indicates if KMS Vault is enabled or not",
-			Type:        "on|off",
-		},
 		config.HelpKV{
 			Key:         KMSVaultEndpoint,
 			Description: `Points to Vault API endpoint eg: "http://vault-endpoint-ip:8200"`,
--- a/cmd/crypto/legacy.go
+++ b/cmd/crypto/legacy.go
@@ -83,20 +83,47 @@ func SetKMSConfig(s config.Config, cfg KMSConfig) {
 		return
 	}
 	s[config.KmsVaultSubSys][config.Default] = config.KVS{
-		KMSVaultEndpoint: cfg.Vault.Endpoint,
-		KMSVaultCAPath:   cfg.Vault.CAPath,
-		KMSVaultAuthType: func() string {
-			if cfg.Vault.Auth.Type != "" {
-				return cfg.Vault.Auth.Type
-			}
-			return "approle"
-		}(),
-		KMSVaultAppRoleID:     cfg.Vault.Auth.AppRole.ID,
-		KMSVaultAppRoleSecret: cfg.Vault.Auth.AppRole.Secret,
-		KMSVaultKeyName:       cfg.Vault.Key.Name,
-		KMSVaultKeyVersion:    strconv.Itoa(cfg.Vault.Key.Version),
-		KMSVaultNamespace:     cfg.Vault.Namespace,
-		config.State:          config.StateOn,
+		config.KV{
+			Key:   config.State,
+			Value: config.StateOn,
+		},
+		config.KV{
+			Key:   KMSVaultEndpoint,
+			Value: cfg.Vault.Endpoint,
+		},
+		config.KV{
+			Key:   KMSVaultCAPath,
+			Value: cfg.Vault.CAPath,
+		},
+		config.KV{
+			Key: KMSVaultAuthType,
+			Value: func() string {
+				if cfg.Vault.Auth.Type != "" {
+					return cfg.Vault.Auth.Type
+				}
+				return "approle"
+			}(),
+		},
+		config.KV{
+			Key:   KMSVaultAppRoleID,
+			Value: cfg.Vault.Auth.AppRole.ID,
+		},
+		config.KV{
+			Key:   KMSVaultAppRoleSecret,
+			Value: cfg.Vault.Auth.AppRole.Secret,
+		},
+		config.KV{
+			Key:   KMSVaultKeyName,
+			Value: cfg.Vault.Key.Name,
+		},
+		config.KV{
+			Key:   KMSVaultKeyVersion,
+			Value: strconv.Itoa(cfg.Vault.Key.Version),
+		},
+		config.KV{
+			Key:   KMSVaultNamespace,
+			Value: cfg.Vault.Namespace,
+		},
 	}
 }