Check before enabling approle

Check to see if approle is not already enabled
before enabling it. This prevents error messages on
the vault server side

Issue-ID: AAF-141
Change-Id: Ic5a0401f72385fb66d19d34da2ab38ea57ea44bc
Signed-off-by: Kiran <kiran.k.kamineni@intel.com>

diff --git a/sms-service/src/sms/backend/vault.go b/sms-service/src/sms/backend/vault.go
index 1359adb..7fc1747 100644 (file)
--- a/sms-service/src/sms/backend/vault.go
+++ b/sms-service/src/sms/backend/vault.go
@@ -194,8 +194,24 @@ func (v *Vault) initRole() error {
        // Delete role if it already exists
        v.vaultClient.Logical().Delete("auth/approle/role/" + rName)
 
+       //Check if approle is mounted
+       authMounts, err := v.vaultClient.Sys().ListAuth()
+       if err != nil {
+               return err
+       }
+
+       approleMounted := false
+       for k, v := range authMounts {
+               if v.Type == "approle" && k == "approle/" {
+                       approleMounted = true
+                       break
+               }
+       }
+
        // Mount approle in case its not already mounted
-       v.vaultClient.Sys().EnableAuth("approle", "approle", "")
+       if !approleMounted {
+               v.vaultClient.Sys().EnableAuth("approle", "approle", "")
+       }
 
        // Create a role-id
        v.vaultClient.Logical().Write("auth/approle/role/"+rName, data)