Check before enabling approle

Check to see if approle is not already enabled before enabling it. This prevents error messages on the vault server side Issue-ID: AAF-141 Change-Id: Ic5a0401f72385fb66d19d34da2ab38ea57ea44bc Signed-off-by: Kiran <kiran.k.kamineni@intel.com>
author: Kiran <kiran.k.kamineni@intel.com> 2018-02-23 12:55:57 -0800
committer: Kiran <kiran.k.kamineni@intel.com> 2018-02-23 13:07:51 -0800
commit: e3d682c5f14994c2b85ff26ddf6ae3148b499de3 (patch)
tree: 270338895898e7c645b10c363d6afcb1e499019b /sms-service
parent: 3909b2b804fcb7fdb2b8e5087f51a5d33aa2342f (diff)
1 files changed, 17 insertions, 1 deletions
diff --git a/sms-service/src/sms/backend/vault.go b/sms-service/src/sms/backend/vault.go
index 1359adb..7fc1747 100644
--- a/sms-service/src/sms/backend/vault.go
+++ b/sms-service/src/sms/backend/vault.go
@@ -194,8 +194,24 @@ func (v *Vault) initRole() error {
 	// Delete role if it already exists
 	v.vaultClient.Logical().Delete("auth/approle/role/" + rName)
 
+	//Check if approle is mounted
+	authMounts, err := v.vaultClient.Sys().ListAuth()
+	if err != nil {
+		return err
+	}
+
+	approleMounted := false
+	for k, v := range authMounts {
+		if v.Type == "approle" && k == "approle/" {
+			approleMounted = true
+			break
+		}
+	}
+
 	// Mount approle in case its not already mounted
-	v.vaultClient.Sys().EnableAuth("approle", "approle", "")
+	if !approleMounted {
+		v.vaultClient.Sys().EnableAuth("approle", "approle", "")
+	}
 
 	// Create a role-id
 	v.vaultClient.Logical().Write("auth/approle/role/"+rName, data)
author	Kiran <kiran.k.kamineni@intel.com>	2018-02-23 12:55:57 -0800
committer	Kiran <kiran.k.kamineni@intel.com>	2018-02-23 13:07:51 -0800
commit	e3d682c5f14994c2b85ff26ddf6ae3148b499de3 (patch)
tree	270338895898e7c645b10c363d6afcb1e499019b /sms-service
parent	3909b2b804fcb7fdb2b8e5087f51a5d33aa2342f (diff)