Merge pull request #32 from sapcc/fix/patchmetadata

fix PatchMetadata function
sapcc · Feb 5, 2025 · 8f1d490 · 8f1d490
2 parents 7eea684 + 0874d41
commit 8f1d490
Showing 1 changed file with 8 additions and 5 deletions.
diff --git a/pkg/vault/client.go b/pkg/vault/client.go
@@ -24,7 +24,6 @@ import (
 	"errors"
 	"fmt"
 	"os"
-	"path"
 	"reflect"
 	"sync"
 	"time"
@@ -117,7 +116,7 @@ func (c *Client) UpdateCertificate(data CertificateData) error {
 		return err
 	}
 
-	fullSecretPath := path.Join(c.Options.KVEngineName, "data", data.VaultPath)
+	fullSecretPath := c.secretPath(data.VaultPath)
 	payload := map[string]interface{}{ // this exact type is necessary because we do reflect.DeepEqual() below!
 		"certificate": string(data.CertBytes),
 		"private-key": string(data.KeyBytes),
@@ -140,13 +139,13 @@ func (c *Client) UpdateCertificate(data CertificateData) error {
 		if err != nil {
 			return fmt.Errorf("while writing payload to vault: %w", err)
 		}
-		err = c.patchMetadata(fullSecretPath)
+		err = c.patchMetadata(data.VaultPath)
 		return err
 	}
 	return nil
 }
 
-func (c *Client) patchMetadata(fullSecretPath string) error {
+func (c *Client) patchMetadata(vaultPath string) error {
 	t := time.Now().Add(365 * 24 * time.Hour)
 	date := fmt.Sprintf("%d-%02d-%02d", t.Year(), t.Month(), t.Day())
 	customMetadata := map[string]interface{}{
@@ -159,8 +158,12 @@ func (c *Client) patchMetadata(fullSecretPath string) error {
 		"username":                "UNLINKED",
 	}
 
-	err := c.client.KVv2(fullSecretPath).PatchMetadata(context.TODO(), fullSecretPath, vaultapi.KVMetadataPatchInput{
+	err := c.client.KVv2(c.Options.KVEngineName).PatchMetadata(context.TODO(), vaultPath, vaultapi.KVMetadataPatchInput{
 		CustomMetadata: customMetadata,
 	})
 	return err
 }
+
+func (c *Client) secretPath(filePath string) string {
+	return fmt.Sprintf("%s/data/%s", c.Options.KVEngineName, filePath)
+}