Upgrade Vault sdk and use plugin multiplex (#26)

Signed-off-by: Benoit Pourre <[email protected]>

Author: captnbp

cmd/vault-plugin-secrets-ibmcloud/main.go

@@ -17,7 +17,7 @@ func main() {
 	tlsConfig := apiClientMeta.GetTLSConfig()
 	tlsProviderFunc := api.VaultPluginTLSProvider(tlsConfig)
 
-	if err := plugin.Serve(&plugin.ServeOpts{
+	if err := plugin.ServeMultiplex(&plugin.ServeOpts{
 		BackendFactoryFunc: ibmcloud.Factory,
 		TLSProviderFunc:    tlsProviderFunc,
 	}); err != nil {

constants.go

@@ -5,7 +5,7 @@ const (
 	openIDIssuer            = "https://iam.cloud.ibm.com/identity"
 )
 
-//Number of minutes to renew the admin token before expiration
+// Number of minutes to renew the admin token before expiration
 const (
 	adminTokenRenewBeforeExpirationMinutes = 5
 	maxGroupsPerRole                       = 10

go.mod

@@ -3,34 +3,25 @@ module vault-plugin-secrets-ibmcloud
 go 1.16
 
 require (
-	github.com/armon/go-metrics v0.4.0 // indirect
 	github.com/aws/aws-sdk-go v1.44.66 // indirect
 	github.com/cenkalti/backoff/v3 v3.2.2 // indirect
 	github.com/coreos/go-oidc/v3 v3.2.0
 	github.com/evanphx/json-patch/v5 v5.6.0 // indirect
 	github.com/golang/mock v1.6.0
 	github.com/hashicorp/errwrap v1.1.0
 	github.com/hashicorp/go-cleanhttp v0.5.2
-	github.com/hashicorp/go-hclog v1.2.2
-	github.com/hashicorp/go-plugin v1.4.4 // indirect
+	github.com/hashicorp/go-hclog v1.4.0
 	github.com/hashicorp/go-retryablehttp v0.7.1 // indirect
 	github.com/hashicorp/go-secure-stdlib/mlock v0.1.2 // indirect
 	github.com/hashicorp/go-uuid v1.0.3 // indirect
 	github.com/hashicorp/go-version v1.6.0 // indirect
-	github.com/hashicorp/vault/api v1.7.2
-	github.com/hashicorp/vault/sdk v0.5.3
+	github.com/hashicorp/vault/api v1.9.2
+	github.com/hashicorp/vault/sdk v0.9.2
 	github.com/hashicorp/yamux v0.1.1 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
 	github.com/oklog/run v1.1.0 // indirect
 	github.com/pierrec/lz4 v2.6.1+incompatible // indirect
-	github.com/stretchr/testify v1.8.0 // indirect
-	golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa // indirect
-	golang.org/x/net v0.0.0-20220728211354-c7608f3a8462 // indirect
-	golang.org/x/oauth2 v0.0.0-20220722155238-128564f6959c // indirect
-	golang.org/x/sys v0.0.0-20220731174439-a90be440212d // indirect
-	golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9 // indirect
-	google.golang.org/genproto v0.0.0-20220728213248-dd149ef739b9 // indirect
 	google.golang.org/protobuf v1.28.1 // indirect
 	gopkg.in/square/go-jose.v2 v2.6.0 // indirect
 )

go.sum

@@ -141,7 +141,8 @@ func (h *ibmCloudHelper) getProvider() *oidc.Provider {
 	return provider
 }
 
-/**
+/*
+*
 Obtain an IAM token by way of an API Key
 */
 func (h *ibmCloudHelper) ObtainToken(apiKey string) (string, error) {
@@ -174,7 +175,8 @@ func (h *ibmCloudHelper) ObtainToken(apiKey string) (string, error) {
 	return result["access_token"].(string), nil
 }
 
-/**
+/*
+*
 Verifies an IBM Cloud IAM token. If successful, it will return a tokenInfo
 with relevant items contained in the token.
 */

iam_helper.go

@@ -119,9 +119,9 @@ func TestStaticServiceIDDeleted(t *testing.T) {
 }
 
 /*
- Tests a successful Get (read) of a credential and validates the returned Secret.
- The internalData parameter is used to pass in key-values that differ between static and dynamic service ID credentials.
- If the ttl and maxTTL values are greater than 0 they will be used to check the Secret's lease.
+Tests a successful Get (read) of a credential and validates the returned Secret.
+The internalData parameter is used to pass in key-values that differ between static and dynamic service ID credentials.
+If the ttl and maxTTL values are greater than 0 they will be used to check the Secret's lease.
 */
 func testSuccessfulGet(t *testing.T, b *ibmCloudSecretBackend, s logical.Storage, internalData map[string]string, ttl, maxTTL int) *logical.Secret {
 	t.Helper()

path_creds_test.go

@@ -250,7 +250,7 @@ func TestNoConfig(t *testing.T) {
 		[]string{"no API key was set in the configuration"})
 }
 
-//-- Utils --
+// -- Utils --
 func testRoleCreate(tb testing.TB, b logical.Backend, s logical.Storage, d map[string]interface{}) {
 	tb.Helper()
 
@@ -411,12 +411,12 @@ func testRole(tb testing.TB) string {
 }
 
 /*
-	This function configures the mock iamHelper expectations for the test. It then creates a test Backend with
-	with the mock, and configures it.
+This function configures the mock iamHelper expectations for the test. It then creates a test Backend with
+with the mock, and configures it.
 
-	The minCalls map is used to control the minimum number of times the functions of the iamHelper interface are
-	expected to be called. The keys are the function names (e.g. "ObtainToken", "VerifyAccessGroupExists", etc).
-	If unspecified 0 is used.
+The minCalls map is used to control the minimum number of times the functions of the iamHelper interface are
+expected to be called. The keys are the function names (e.g. "ObtainToken", "VerifyAccessGroupExists", etc).
+If unspecified 0 is used.
 */
 func getMockedBackend(t *testing.T, ctrl *gomock.Controller, minCalls map[string]int) (*ibmCloudSecretBackend, logical.Storage) {
 	t.Helper()