mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-22 07:01:09 +02:00
8700becc45
* updates api client vars to snake_case for custom messages * updates api client vars to snake_case for tools * updates api client vars to snake_case for sync * updates api client vars to snake_case for secrets engine * updates api client vars to snake_case for auth * updates api client vars to snake_case for usage * updates api client dep to point to gh repo * fixes custom-messages service unit tests * fixes configure-ssh test * fixes configure-ssh test...again
68 lines
2.5 KiB
TypeScript
68 lines
2.5 KiB
TypeScript
/**
|
|
* Copyright (c) HashiCorp, Inc.
|
|
* SPDX-License-Identifier: BUSL-1.1
|
|
*/
|
|
|
|
import WifConfigForm from './wif-config';
|
|
import FormField from 'vault/utils/forms/field';
|
|
import FormFieldGroup from 'vault/utils/forms/field-group';
|
|
|
|
import type { GcpConfigFormData } from 'vault/secrets/engine';
|
|
|
|
export default class AzureConfigForm extends WifConfigForm<GcpConfigFormData> {
|
|
// the "credentials" param is not checked for "isAccountPluginConfigured" because it's never return by the API
|
|
// additionally credentials can be set via GOOGLE_APPLICATION_CREDENTIALS env var so we cannot call it a required field in the ui.
|
|
// thus we can never say for sure if the account accessType has been configured so we always return false
|
|
isAccountPluginConfigured = false;
|
|
|
|
get isWifPluginConfigured() {
|
|
const { identity_token_audience, identity_token_ttl, service_account_email } = this.data;
|
|
return !!identity_token_audience || !!identity_token_ttl || !!service_account_email;
|
|
}
|
|
|
|
accountFields = [
|
|
new FormField('credentials', 'string', {
|
|
label: 'JSON credentials',
|
|
subText:
|
|
'If empty, Vault will use the GOOGLE_APPLICATION_CREDENTIALS environment variable if configured.',
|
|
editType: 'file',
|
|
docLink: '/vault/docs/secrets/gcp#authentication',
|
|
}),
|
|
];
|
|
|
|
optionFields = [
|
|
new FormField('ttl', 'string', {
|
|
label: 'Config TTL',
|
|
editType: 'ttl',
|
|
helperTextDisabled: 'Vault will use the default config TTL (time-to-live) for long-lived credentials.',
|
|
helperTextEnabled:
|
|
'The default config TTL (time-to-live) for long-lived credentials (i.e. service account keys).',
|
|
}),
|
|
new FormField('max_ttl', 'string', {
|
|
label: 'Max TTL',
|
|
editType: 'ttl',
|
|
helperTextDisabled:
|
|
'Vault will use the default maximum config TTL (time-to-live) for long-lived credentials.',
|
|
helperTextEnabled:
|
|
'The maximum config TTL (time-to-live) for long-lived credentials (i.e. service account keys).',
|
|
}),
|
|
];
|
|
|
|
wifFields = [
|
|
this.commonWifFields.issuer,
|
|
this.commonWifFields.identity_token_audience,
|
|
new FormField('service_account_email', 'string', {
|
|
subText: 'Email ID for the Service Account to impersonate for Workload Identity Federation.',
|
|
}),
|
|
this.commonWifFields.identity_token_ttl,
|
|
];
|
|
|
|
get formFieldGroups() {
|
|
const defaultFields = this.accessType === 'account' ? this.accountFields : this.wifFields;
|
|
return [
|
|
new FormFieldGroup('default', defaultFields),
|
|
new FormFieldGroup('More options', this.optionFields),
|
|
];
|
|
}
|
|
}
|