From bbaaa3f76e0399ac1d25235655d45e612a934747 Mon Sep 17 00:00:00 2001 From: Violet Hynes Date: Tue, 18 Mar 2025 16:01:59 -0400 Subject: [PATCH] VAULT-34541 CE changes (#29920) --- api/sys_utilization_report.go | 2 ++ vault/core_metrics.go | 29 +++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/api/sys_utilization_report.go b/api/sys_utilization_report.go index 47bd9c0f14..2a1ffcc6b8 100644 --- a/api/sys_utilization_report.go +++ b/api/sys_utilization_report.go @@ -53,6 +53,8 @@ type UtilizationReportOutput struct { AuthMethods map[string]int `json:"auth_methods,omitempty" structs:"auth_methods" mapstructure:"auth_methods"` SecretEngines map[string]int `json:"secret_engines,omitempty" structs:"secret_engines" mapstructure:"secret_engines"` + LeasesByAuthMethod map[string]int `json:"leases_by_auth_method,omitempty" structs:"leases_by_auth_method" mapstructure:"leases_by_auth_method"` + ReplicationStatus *UtilizationReportReplicationStatusInformation `json:"replication_status,omitempty" structs:"replication_status" mapstructure:"replication_status"` PKI *UtilizationReportPKIInformation `json:"pki,omitempty" structs:"pki" mapstructure:"pki"` diff --git a/vault/core_metrics.go b/vault/core_metrics.go index b5b5c15f72..5279070e8b 100644 --- a/vault/core_metrics.go +++ b/vault/core_metrics.go @@ -650,6 +650,35 @@ func (c *Core) GetAuthMethodUsageMetrics() map[string]int { return mounts } +// GetAuthMethodLeaseCounts returns a map of auth mount types to the number of leases those mounts have. +func (c *Core) GetAuthMethodLeaseCounts() (map[string]int, error) { + mounts := make(map[string]int) + + c.authLock.RLock() + defer c.authLock.RUnlock() + + for _, entry := range c.auth.Entries { + authType := entry.Type + + if authType == mountTypeNSToken { + authType = pluginconsts.AuthTypeToken + } + + mountPath := fmt.Sprintf("%s/%s", credentialTableType, entry.Path) + keys, err := logical.CollectKeysWithPrefix(c.expiration.quitContext, c.expiration.leaseView(entry.namespace), mountPath) + if err != nil { + return nil, err + } + + if _, ok := mounts[authType]; !ok { + mounts[authType] = len(keys) + } else { + mounts[authType] += len(keys) + } + } + return mounts, nil +} + // GetKvUsageMetrics returns a map of namespace paths to KV secret counts within those namespaces. func (c *Core) GetKvUsageMetrics(ctx context.Context, kvVersion string) (map[string]int, error) { mounts := c.findKvMounts()