mgr/dashboard: fix bucket encryption checkbox

Fixes: https://tracker.ceph.com/issues/58474
The encryption checkbox in the bucket creation form remains disabled after setting the vault authentication method as agent.

Signed-off-by: Aashish Sharma <aasharma@redhat.com>

diff --git a/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.html b/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.html
index a9bd8367d7916df3d4a92197c10dc15c86d06947..dbf93f4de3f971daf9a781cbd6b4be29abbd6c23 100644 (file)
--- a/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.html
+++ b/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.html
@@ -174,24 +174,6 @@
         </div>
       </div>
 
-      <div *ngIf="configForm.getValue('auth_method') === 'agent'">
-        <div class="form-group row">
-          <label class="cd-col-form-label required"
-                 for="role"
-                 i18n>Role
-          </label>
-          <div class="cd-col-form-input">
-            <input id="role"
-                   name="role"
-                   class="form-control"
-                   formControlName="role">
-            <span class="invalid-feedback"
-                  *ngIf="configForm.showError('role', frm, 'required')"
-                  i18n>This field is required.</span>
-          </div>
-        </div>
-      </div>
-
       <div *ngIf="configForm.getValue('encryptionType') === 'aws:kms' || configForm.getValue('encryptionType') === 'AES256'">
         <div class="form-group row">
           <label class="cd-col-form-label"

diff --git a/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.ts b/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.ts
index 8be85b905b7e32b191264d57f6490a123fe63464..de1541a680fe0fd36f6ef50a56e712f74346a880 100644 (file)
--- a/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.ts
+++ b/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.ts
@@ -80,14 +80,6 @@ export class RgwConfigModalComponent implements OnInit {
       ssl_cert: [null, CdValidators.sslCert()],
       client_cert: [null, CdValidators.pemCert()],
       client_key: [null, CdValidators.sslPrivKey()],
-      role: [
-        null,
-        [
-          CdValidators.requiredIf({
-            auth_method: 'agent'
-          })
-        ]
-      ],
       kmsEnabled: [{ value: false }],
       s3Enabled: [{ value: false }]
     });

diff --git a/src/pybind/mgr/dashboard/services/ceph_service.py b/src/pybind/mgr/dashboard/services/ceph_service.py
index 6a429eee3a75fc03e19cc44d026e36132d7d5d6b..730556e1d2b844af741768d5d44fddac0136beef 100644 (file)
--- a/src/pybind/mgr/dashboard/services/ceph_service.py
+++ b/src/pybind/mgr/dashboard/services/ceph_service.py
@@ -211,13 +211,11 @@ class CephService(object):
             kms_vault_token: str = CephService.send_command('mon', 'config get',
                                                             who=name_to_config_section(full_daemon_name),  # noqa E501 #pylint: disable=line-too-long
                                                             key='rgw_crypt_vault_token_file')  # noqa E501 #pylint: disable=line-too-long
-            if (
-                kms_vault_auth.strip() != ""
-                and kms_vault_engine.strip() != ""
-                and kms_vault_address.strip() != ""
-                and kms_vault_token.strip() != ""
-            ):
-                kms_vault_configured = True
+            if (kms_vault_auth.strip() != "" and kms_vault_engine.strip() != "" and kms_vault_address.strip() != ""):  # noqa E501 #pylint: disable=line-too-long
+                if(kms_vault_auth == 'token' and kms_vault_token.strip() == ""):
+                    kms_vault_configured = False
+                else:
+                    kms_vault_configured = True
 
         if sse_s3_backend.strip() == 'vault':
             s3_vault_auth: str = CephService.send_command('mon', 'config get',
@@ -233,13 +231,12 @@ class CephService(object):
             s3_vault_token: str = CephService.send_command('mon', 'config get',
                                                            who=name_to_config_section(full_daemon_name),  # noqa E501 #pylint: disable=line-too-long
                                                            key='rgw_crypt_sse_s3_vault_token_file')  # noqa E501 #pylint: disable=line-too-long
-            if (
-                s3_vault_auth.strip() != ""
-                and s3_vault_engine.strip() != ""
-                and s3_vault_address.strip() != ""
-                and s3_vault_token.strip() != ""
-            ):
-                s3_vault_configured = True
+
+            if (s3_vault_auth.strip() != "" and s3_vault_engine.strip() != "" and s3_vault_address.strip() != ""):  # noqa E501 #pylint: disable=line-too-long
+                if(s3_vault_auth == 'token' and s3_vault_token.strip() == ""):
+                    s3_vault_configured = False
+                else:
+                    s3_vault_configured = True
 
         vault_stats.append(kms_vault_configured)
         vault_stats.append(s3_vault_configured)