From d28a5a5f2387b231cbccee8e05317397511e4dd7 Mon Sep 17 00:00:00 2001
From: Niels de Vos <ndevos@redhat.com>
Date: Tue, 1 Dec 2020 09:30:28 +0100
Subject: [PATCH] util: pass map[string]interface{} to initialize KMS

This makes it possible to pass a more complex configuration to the
initialize functions for KMS's. The upcoming VaultTokensKMS can use
overrides for configiration options on a per tenant basis. Without this
change, it would not be possible to consume the JSON configuration file.

See-also: #1743
Signed-off-by: Niels de Vos <ndevos@redhat.com>
---
 internal/util/crypto.go | 10 +---------
 internal/util/vault.go  |  4 ++--
 2 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/internal/util/crypto.go b/internal/util/crypto.go
index b977d42b3..29c5553d0 100644
--- a/internal/util/crypto.go
+++ b/internal/util/crypto.go
@@ -115,18 +115,10 @@ func GetKMS(kmsID string, secrets map[string]string) (EncryptionKMS, error) {
 		return nil, fmt.Errorf("failed to parse kms configuration: %s", err)
 	}
 
-	kmsConfigData, ok := config[kmsID].(map[string]interface{})
+	kmsConfig, ok := config[kmsID].(map[string]interface{})
 	if !ok {
 		return nil, fmt.Errorf("missing encryption KMS configuration with %s", kmsID)
 	}
-	kmsConfig := make(map[string]string)
-	for key, value := range kmsConfigData {
-		kmsConfig[key], ok = value.(string)
-		if !ok {
-			return nil, fmt.Errorf("broken KMS config: '%s' for '%s' is not a string",
-				value, key)
-		}
-	}
 
 	kmsType, ok := kmsConfig[kmsTypeKey]
 	if !ok {
diff --git a/internal/util/vault.go b/internal/util/vault.go
index a3019c59a..62aede41e 100644
--- a/internal/util/vault.go
+++ b/internal/util/vault.go
@@ -107,7 +107,7 @@ func setConfigString(option *string, config map[string]interface{}, key string)
 	return nil
 }
 
-func (vc *vaultConnection) initConnection(kmsID string, config, secrets map[string]string) error {
+func (vc *vaultConnection) initConnection(kmsID string, config map[string]interface{}, secrets map[string]string) error {
 	vaultConfig := make(map[string]interface{})
 	keyContext := make(map[string]string)
 
@@ -165,7 +165,7 @@ func (vc *vaultConnection) initConnection(kmsID string, config, secrets map[stri
 }
 
 // InitVaultKMS returns an interface to HashiCorp Vault KMS.
-func InitVaultKMS(kmsID string, config, secrets map[string]string) (EncryptionKMS, error) {
+func InitVaultKMS(kmsID string, config map[string]interface{}, secrets map[string]string) (EncryptionKMS, error) {
 	kms := &VaultKMS{}
 	err := kms.initConnection(kmsID, config, secrets)
 	if err != nil {