vault icon indicating copy to clipboard operation
vault copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

GO API - namespace list

Open aram535 opened this issue 2 years ago • 5 comments

Describe the bug This maybe just a lack of documentation or possibly a missing feature? I cannot find any API to list the child-namespaces in the go api. Currently the best workaround to do this is drop down to URL and do the query.

Environment: Go 1.19.3 Vault 1.12.1 API Version: v1.8.2

aram535 avatar Nov 27 '22 12:11 aram535

Hi @aram535. Thanks for reaching out! I think you can accomplish what you want just using the regular namespaces APIs. Below is a screenshot of me creating a top level namespace, ns1, and then two child namespaces inside ns1: ns2 and ns3. Following that, I list the child namespaces inside ns1, and finally, list the namespaces visible from the root namespace. The Vault CLI is using the List Namespaces API call to produce these results.

CleanShot 2022-11-29 at 14 52 33

raskchanky avatar Nov 29 '22 22:11 raskchanky

@raskchanky I think you're confusing API/CLI with what I opened the ticket against, the Go SDK/API.

aram535 avatar Nov 29 '22 23:11 aram535

While you are correct that there is no dedicated API in the Vault Go SDK to accomplish namespace listing, it's still possible using logical list operations. Something like the following, for example, would roughly accomplish what's shown in my screenshot. Note that in the interest of brevity and showing the relevant calls, I've ignored all error handling. I also haven't tested this code, so it might not compile as written - it's off the top of my head, but I think it shows the gist of what I'm talking about.

client.Logical().Write("sys/namespaces/ns1", nil)
client.SetNamespace("ns1")
client.Logical().Write("sys/namespaces/ns2", nil)
client.Logical().Write("sys/namespaces/ns3", nil)
client.Logical().List("sys/namespaces")
client.ClearNamespace()
client.Logical().List("sys/namespaces")

Given the breadth of Vault's HTTP API, it's not always feasible to include dedicated methods in the Go SDK to cover all possible calls, but in the absence of a dedicated method, you can always use the Read(), Write(), List(), and Delete() methods on the *Logical object - that's how the dedicated methods are usually implemented anyway.

raskchanky avatar Nov 30 '22 00:11 raskchanky

@raskchanky I absolutely agree that this is a "want" and a shortcut but most of the functionality in the SDK is helper functions. I'd like to ask for reconsideration that listing child namespaces is a very often used function when dealing at an enterprise level where you're trying to finding a matching pattern of some entity, mount, etc.

aram535 avatar Nov 30 '22 10:11 aram535

Ok, I'll mark this as a feature request then.

raskchanky avatar Nov 30 '22 17:11 raskchanky