+ cargo fmt
+ zeroize secret
This commit is contained in:
sam
parent
6bc9bbbf50
commit
ee8f6d8e65
4 changed files with 31 additions and 15 deletions
|
|
@ -6,7 +6,7 @@ edition = "2021"
|
|||
[dependencies]
|
||||
log = "0.4.21"
|
||||
env_logger = "0.11.3"
|
||||
zeroize = { version = "1.7.0", features = ["zeroize_derive"] }
|
||||
zeroize = { version = "1.7.0", features = ["derive"]}
|
||||
chrono = { version = "0.4.38", features = ["serde"] }
|
||||
tokio = { version = "1.37.0", features = ["full"] }
|
||||
tower = { version = "0.4.13", features = [] }
|
||||
|
|
|
|||
|
|
@ -116,9 +116,12 @@ async fn post_data(
|
|||
);
|
||||
|
||||
let mut highest_num = 0;
|
||||
match sqlx::query("SELECT version_number FROM secret_versions WHERE secret_path = $1").bind (&path).fetch_all(&pool).await{
|
||||
match sqlx::query("SELECT version_number FROM secret_versions WHERE secret_path = $1")
|
||||
.bind(&path)
|
||||
.fetch_all(&pool)
|
||||
.await
|
||||
{
|
||||
Ok(v) => {
|
||||
|
||||
for curr_ver in v {
|
||||
let curr_num = curr_ver.get("version_number");
|
||||
if highest_num < curr_num {
|
||||
|
|
|
|||
|
|
@ -2,15 +2,13 @@ use chrono::{DateTime, Utc};
|
|||
use serde::Serialize;
|
||||
use sqlx::FromRow;
|
||||
|
||||
#[derive(FromRow)]
|
||||
#[derive(Debug)]
|
||||
#[derive(FromRow, Debug)]
|
||||
pub struct DbSecretMeta {
|
||||
pub secret_path: String,
|
||||
pub cas_required: bool,
|
||||
pub created_time: DateTime<Utc>,
|
||||
// Consider implementation of duration type for further development:
|
||||
// https://developer.hashicorp.com/vault/docs/concepts/duration-format
|
||||
|
||||
/// In Hashicorp:
|
||||
/// If not set, the backend's configured delete_version_after is used.
|
||||
/// Cannot be greater than the backend's delete_version_after
|
||||
|
|
@ -24,7 +22,6 @@ pub struct DbSecretMeta {
|
|||
pub max_versions: i64,
|
||||
pub updated_time: DateTime<Utc>,
|
||||
/// User-provided key-value pairs that are used to describe arbitrary and version-agnostic information about a secret.
|
||||
|
||||
pub custom_data: Option<String>,
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -6,12 +6,14 @@ use axum::{
|
|||
use chrono::{DateTime, Utc};
|
||||
use serde::{Deserialize, Serialize};
|
||||
use std::collections::HashMap;
|
||||
use zeroize::Zeroize;
|
||||
|
||||
pub type KvSecretData = HashMap<String, String>;
|
||||
|
||||
// This file contains structures for serializing HTTP Responses (Res) and deserializing Requests (Req) for the KV engine
|
||||
|
||||
#[derive(Deserialize, Debug)]
|
||||
// #[zeroize(drop)]
|
||||
/// HTTP Request to create or update a secret
|
||||
pub struct KvSecretReq {
|
||||
/// Map (required)
|
||||
|
|
@ -23,6 +25,20 @@ pub struct KvSecretReq {
|
|||
// pub version: Option<i64>,
|
||||
}
|
||||
|
||||
impl Zeroize for KvSecretReq {
|
||||
fn zeroize(&mut self) {
|
||||
// Zero out each field individually
|
||||
self.data = HashMap::new();
|
||||
self.options = None;
|
||||
}
|
||||
}
|
||||
|
||||
impl Drop for KvSecretReq {
|
||||
fn drop(&mut self) {
|
||||
self.zeroize();
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Serialize, Debug)]
|
||||
/// HTTP Response to creating or updating a secret
|
||||
/// Contained by [`KvSecretRes`]
|
||||
|
|
|
|||
Loading…
Reference in a new issue