Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add duration/count metrics to PKI issue and revoke flows #13889

Merged
merged 14 commits into from
Feb 8, 2022
Merged

Conversation

sgmiller
Copy link
Collaborator

@sgmiller sgmiller commented Feb 3, 2022

No description provided.

@vercel vercel bot temporarily deployed to Preview – vault-storybook February 3, 2022 17:39 Inactive
@vercel vercel bot temporarily deployed to Preview – vault February 3, 2022 17:39 Inactive
@vercel vercel bot temporarily deployed to Preview – vault February 3, 2022 17:43 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 3, 2022 17:43 Inactive
@sgmiller sgmiller requested a review from a team February 3, 2022 17:43
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 3, 2022 18:03 Inactive
@vercel vercel bot temporarily deployed to Preview – vault February 3, 2022 18:03 Inactive
@sgmiller sgmiller requested review from a team and schultz-is February 3, 2022 18:03
@vercel vercel bot temporarily deployed to Preview – vault February 3, 2022 18:06 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 3, 2022 18:06 Inactive
Copy link
Contributor

@schultz-is schultz-is left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

if role.KeyType == "any" {
return logical.ErrorResponse("role key type \"any\" not allowed for issuing certificates, only signing"), nil
}

return b.pathIssueSignCert(ctx, req, data, role, false, false)
resp, err := b.pathIssueSignCert(ctx, req, data, role, false, false)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Simple return here and within pathSignVerbatim.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:nod: This is what happens when you go through several iterations and then don't check your work.

Copy link
Contributor

@stevendpclark stevendpclark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Just need to address that make fmt error CI is reporting.

Copy link
Contributor

@kitography kitography left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks pretty good to me. Would be cool if there was a test against the metrics here (I'm not sure how to test metrics).

builtin/logical/pki/path_revoke.go Outdated Show resolved Hide resolved
@sgmiller
Copy link
Collaborator Author

sgmiller commented Feb 3, 2022

This looks pretty good to me. Would be cool if there was a test against the metrics here (I'm not sure how to test metrics).

I'll have a look, I don't think we test metrics often outside the metrics system tests, but I'll make sure.

@vercel vercel bot temporarily deployed to Preview – vault-storybook February 7, 2022 18:27 Inactive
@vercel vercel bot temporarily deployed to Preview – vault February 7, 2022 18:27 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 7, 2022 18:29 Inactive
@vercel vercel bot temporarily deployed to Preview – vault February 7, 2022 18:29 Inactive
@vercel vercel bot temporarily deployed to Preview – vault February 7, 2022 18:31 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 7, 2022 18:31 Inactive
Copy link
Contributor

@kitography kitography left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks Good to Me :)

@vercel vercel bot temporarily deployed to Preview – vault-storybook February 7, 2022 19:51 Inactive
@vercel vercel bot temporarily deployed to Preview – vault February 7, 2022 19:51 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 7, 2022 20:02 Inactive
@vercel vercel bot temporarily deployed to Preview – vault February 7, 2022 20:02 Inactive
@vercel vercel bot temporarily deployed to Preview – vault February 7, 2022 20:52 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 7, 2022 20:52 Inactive
@sgmiller sgmiller requested a review from kitography February 7, 2022 20:52
@vercel vercel bot temporarily deployed to Preview – vault February 7, 2022 20:59 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 7, 2022 20:59 Inactive
Copy link
Contributor

@kitography kitography left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, one readability nit / possible error, but it's internally used so up to you.

}
if role == nil {
return logical.ErrorResponse(fmt.Sprintf("unknown role: %s", roleName)), nil
if roleMode > noRole {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this would be clearer with a != ;
Would also be cool to throw an error if the roleMode is not one of the possible values.

@sgmiller sgmiller merged commit 5e66ff9 into main Feb 8, 2022
@sgmiller sgmiller deleted the pki-metrics branch February 8, 2022 16:37
fairclothjm pushed a commit that referenced this pull request Feb 12, 2022
* Add duration/count metrics to PKI issue and revoke flows

* docs, changelog

* tidy

* last tidy

* remove err

* Update callsites

* Simple returns

* Handle the fact that test cases don't have namespaces

* Add mount point to the request

* fmt

* Handle empty mount point, and add it to unit tests

* improvement

* Turns out sign-verbatim is tricky, it can take a role but doesn't have to

* Get around the field schema problem
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants