rgw/kms/vault - relax configuration parsing for rgw_crypt_vault_secret_engine

To better manage forwards and backwards compatibility when using vault
transit for rgw object encryption (sse:kms); it is desirable to provide
parameters to control how this works.  It was more attractive to overload
the existing rgw_crypt_vault_secret_engine parameter for this purpose
than to invent one or more all-new parameters.

Additionally, the enum support in the configuration parser looks like
it ought to have helpful syntax checking functionality.  This is not so;
failure to provide a supported enum results in silently replacing that
with the default option, resulting in confusing and non-obvious behavior
that is not at all helpful.

This change removes the enum constraint on rgw_crypt_vault_secret_engine,
allowing for more useful messages from the rgw code, and the possibility
to also provide additional information on the same line.

Fixes: http://tracker.ceph.com/issues/48746
Signed-off-by: Marcus Watts <mwatts@redhat.com>

diff --git a/src/common/options.cc b/src/common/options.cc
index 12fd4d747b6d46dd4555e3b38a80c159597f3ce4..efa592471903d4f6039aa51ea3f5c0d1d62731b6 100644 (file)
--- a/src/common/options.cc
+++ b/src/common/options.cc
@@ -7047,7 +7047,6 @@ std::vector<Option> get_rgw_options() {
 
 
     Option("rgw_crypt_vault_secret_engine", Option::TYPE_STR, Option::LEVEL_ADVANCED)
-    .set_enum_allowed({"kv", "transit"})
     .set_default("transit")
     .set_description(
         "Vault Secret Engine to be used to retrieve encryption keys.")