+ cargo fmt
+ zeroize secret
This commit is contained in:
sam
parent
6bc9bbbf50
commit
ee8f6d8e65
4 changed files with 31 additions and 15 deletions
|
|
@ -6,7 +6,7 @@ edition = "2021"
|
||||||
[dependencies]
|
[dependencies]
|
||||||
log = "0.4.21"
|
log = "0.4.21"
|
||||||
env_logger = "0.11.3"
|
env_logger = "0.11.3"
|
||||||
zeroize = { version = "1.7.0", features = ["zeroize_derive"] }
|
zeroize = { version = "1.7.0", features = ["derive"]}
|
||||||
chrono = { version = "0.4.38", features = ["serde"] }
|
chrono = { version = "0.4.38", features = ["serde"] }
|
||||||
tokio = { version = "1.37.0", features = ["full"] }
|
tokio = { version = "1.37.0", features = ["full"] }
|
||||||
tower = { version = "0.4.13", features = [] }
|
tower = { version = "0.4.13", features = [] }
|
||||||
|
|
|
||||||
|
|
@ -116,9 +116,12 @@ async fn post_data(
|
||||||
);
|
);
|
||||||
|
|
||||||
let mut highest_num = 0;
|
let mut highest_num = 0;
|
||||||
match sqlx::query("SELECT version_number FROM secret_versions WHERE secret_path = $1").bind (&path).fetch_all(&pool).await{
|
match sqlx::query("SELECT version_number FROM secret_versions WHERE secret_path = $1")
|
||||||
Ok(v)=> {
|
.bind(&path)
|
||||||
|
.fetch_all(&pool)
|
||||||
|
.await
|
||||||
|
{
|
||||||
|
Ok(v) => {
|
||||||
for curr_ver in v {
|
for curr_ver in v {
|
||||||
let curr_num = curr_ver.get("version_number");
|
let curr_num = curr_ver.get("version_number");
|
||||||
if highest_num < curr_num {
|
if highest_num < curr_num {
|
||||||
|
|
@ -127,7 +130,7 @@ async fn post_data(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Err(e)=> {
|
Err(e) => {
|
||||||
log::error!("Error: {}", e)
|
log::error!("Error: {}", e)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -2,15 +2,13 @@ use chrono::{DateTime, Utc};
|
||||||
use serde::Serialize;
|
use serde::Serialize;
|
||||||
use sqlx::FromRow;
|
use sqlx::FromRow;
|
||||||
|
|
||||||
#[derive(FromRow)]
|
#[derive(FromRow, Debug)]
|
||||||
#[derive(Debug)]
|
|
||||||
pub struct DbSecretMeta {
|
pub struct DbSecretMeta {
|
||||||
pub secret_path: String,
|
pub secret_path: String,
|
||||||
pub cas_required: bool,
|
pub cas_required: bool,
|
||||||
pub created_time: DateTime<Utc>,
|
pub created_time: DateTime<Utc>,
|
||||||
// Consider implementation of duration type for further development:
|
// Consider implementation of duration type for further development:
|
||||||
// https://developer.hashicorp.com/vault/docs/concepts/duration-format
|
// https://developer.hashicorp.com/vault/docs/concepts/duration-format
|
||||||
|
|
||||||
/// In Hashicorp:
|
/// In Hashicorp:
|
||||||
/// If not set, the backend's configured delete_version_after is used.
|
/// If not set, the backend's configured delete_version_after is used.
|
||||||
/// Cannot be greater than the backend's delete_version_after
|
/// Cannot be greater than the backend's delete_version_after
|
||||||
|
|
@ -24,11 +22,10 @@ pub struct DbSecretMeta {
|
||||||
pub max_versions: i64,
|
pub max_versions: i64,
|
||||||
pub updated_time: DateTime<Utc>,
|
pub updated_time: DateTime<Utc>,
|
||||||
/// User-provided key-value pairs that are used to describe arbitrary and version-agnostic information about a secret.
|
/// User-provided key-value pairs that are used to describe arbitrary and version-agnostic information about a secret.
|
||||||
|
|
||||||
pub custom_data: Option<String>,
|
pub custom_data: Option<String>,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize,Debug, FromRow)]
|
#[derive(Serialize, Debug, FromRow)]
|
||||||
/// Metadata concerning a specific secret version
|
/// Metadata concerning a specific secret version
|
||||||
/// contained by [KvMetaRes]
|
/// contained by [KvMetaRes]
|
||||||
pub struct DbSecretVersionMeta {
|
pub struct DbSecretVersionMeta {
|
||||||
|
|
|
||||||
|
|
@ -6,12 +6,14 @@ use axum::{
|
||||||
use chrono::{DateTime, Utc};
|
use chrono::{DateTime, Utc};
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
use std::collections::HashMap;
|
use std::collections::HashMap;
|
||||||
|
use zeroize::Zeroize;
|
||||||
|
|
||||||
pub type KvSecretData = HashMap<String, String>;
|
pub type KvSecretData = HashMap<String, String>;
|
||||||
|
|
||||||
// This file contains structures for serializing HTTP Responses (Res) and deserializing Requests (Req) for the KV engine
|
// This file contains structures for serializing HTTP Responses (Res) and deserializing Requests (Req) for the KV engine
|
||||||
|
|
||||||
#[derive(Deserialize, Debug)]
|
#[derive(Deserialize, Debug)]
|
||||||
|
// #[zeroize(drop)]
|
||||||
/// HTTP Request to create or update a secret
|
/// HTTP Request to create or update a secret
|
||||||
pub struct KvSecretReq {
|
pub struct KvSecretReq {
|
||||||
/// Map (required)
|
/// Map (required)
|
||||||
|
|
@ -23,6 +25,20 @@ pub struct KvSecretReq {
|
||||||
// pub version: Option<i64>,
|
// pub version: Option<i64>,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
impl Zeroize for KvSecretReq {
|
||||||
|
fn zeroize(&mut self) {
|
||||||
|
// Zero out each field individually
|
||||||
|
self.data = HashMap::new();
|
||||||
|
self.options = None;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl Drop for KvSecretReq {
|
||||||
|
fn drop(&mut self) {
|
||||||
|
self.zeroize();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Debug)]
|
#[derive(Serialize, Debug)]
|
||||||
/// HTTP Response to creating or updating a secret
|
/// HTTP Response to creating or updating a secret
|
||||||
/// Contained by [`KvSecretRes`]
|
/// Contained by [`KvSecretRes`]
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue