Fix trust store error messages

Signed-off-by: Peyton Walters <[email protected]>

cmd/plugin/vault-auth-spire.go

@@ -114,14 +114,14 @@ func BackendFactory(ctx context.Context, backendConfig *logical.BackendConfig) (
 		spirePlugin.verifier.AddTrustSource(trustSource)
 	}
 	if settings.SourceOfTrust.Spire != nil {
-		trustSource, err := common.NewSpireTrustSource(settings.SourceOfTrust.Spire.URLs, settings.SourceOfTrust.Spire.CertLocation)
+		trustSource, err := common.NewSpireTrustSource(settings.SourceOfTrust.Spire.SpireEndpoints, settings.SourceOfTrust.Spire.CertStorePath)
 		if err != nil {
-			return nil, errors.New("vault-auth-spire: Failed to initialize file TrustSource - " + err.Error())
+			return nil, errors.New("vault-auth-spire: Failed to initialize spire TrustSource - " + err.Error())
 		}
 		spirePlugin.verifier.AddTrustSource(trustSource)
 	}
 	if settings.SourceOfTrust.File == nil && settings.SourceOfTrust.Spire == nil {
-		return nil, errors.New("vault-auth-spire: No sources of truth in settings")
+		return nil, errors.New("vault-auth-spire: No sources of trust in settings")
 	}
 
 	// Calls standard Vault plugin setup - magic happens here I bet :shrugs: but if it fails then we're gonna

internal/common/settings.go

@@ -36,8 +36,8 @@ type FileTrustSourceSettings struct {
 }
 
 type SpireTrustSourceSettings struct {
-	URLs         map[string]string
-	CertLocation string
+	SpireEndpoints map[string]string
+	CertStorePath  string
 }
 
 type LogSettings struct {
@@ -144,12 +144,12 @@ func readSpireSourceOfTrustSettings() (*SpireTrustSourceSettings, error) {
 	}
 
 	spireSettings := new(SpireTrustSourceSettings)
-	spireSettings.URLs = viper.GetStringMapString("trustsource.spire.domains")
+	spireSettings.SpireEndpoints = viper.GetStringMapString("trustsource.spire.domains")
 	viper.SetDefault("trustsource.spire.certLocation", "/tmp/vault-spire-certs.json")
 	viper.SetDefault("trustsource.spire.storeEnabled", true)
-	spireSettings.CertLocation = viper.GetString("trustsource.spire.certLocation")
+	spireSettings.CertStorePath = viper.GetString("trustsource.spire.certLocation")
 	if !viper.GetBool("trustsource.spire.storeEnabled") {
-		spireSettings.CertLocation = ""
+		spireSettings.CertStorePath = ""
 	}
 
 	return spireSettings, nil

internal/common/svidverifier_test.go

@@ -39,7 +39,7 @@ func TestValid(t *testing.T) {
 		Bytes: svidFoo[0].Raw,
 	}
 
-	id, err := verif.VerifyAndExtractSpiffeId(string(pem.EncodeToMemory(svidBlock)))
+	id, err := verif.VerifyAndExtractSpiffeID(string(pem.EncodeToMemory(svidBlock)))
 	assert.Equal(t, "spiffe://example.org/foo", id)
 }
 
@@ -63,7 +63,7 @@ func TestDifferentDomain(t *testing.T) {
 		Bytes: svidFoo[0].Raw,
 	}
 
-	_, err = verif.VerifyAndExtractSpiffeId(string(pem.EncodeToMemory(svidBlock)))
+	_, err = verif.VerifyAndExtractSpiffeID(string(pem.EncodeToMemory(svidBlock)))
 	assert.Error(t, err)
 }
 
@@ -88,6 +88,6 @@ func TestBadCA(t *testing.T) {
 		Bytes: svidFoo[0].Raw,
 	}
 
-	_, err = verif.VerifyAndExtractSpiffeId(string(pem.EncodeToMemory(svidBlock)))
+	_, err = verif.VerifyAndExtractSpiffeID(string(pem.EncodeToMemory(svidBlock)))
 	assert.Error(t, err)
 }