PR review: factor out a function to add the PKI cert verification fie…

…lds.
hashicorp · Feb 4, 2025 · 82fcaa0 · 82fcaa0
1 parent 8d2a782
commit 82fcaa0
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 27 deletions.
diff --git a/vault/data_source_pki_secret_backend_issuer.go b/vault/data_source_pki_secret_backend_issuer.go
@@ -133,13 +133,7 @@ func readPKISecretBackendIssuer(ctx context.Context, d *schema.ResourceData, met
 		consts.FieldManualChain,
 		consts.FieldUsage,
 	}
-	if supportPkiCertVerifyDisableChecksFields(meta) {
-		issuerComputedFields = append(issuerComputedFields,
-			consts.FieldDisableCriticalExtensionChecks,
-			consts.FieldDisablePathLengthChecks,
-			consts.FieldDisableNameChecks,
-			consts.FieldDisableNameConstraintChecks)
-	}
+	issuerComputedFields = appendPkiCertVerifyDisableChecksFields(meta, issuerComputedFields)
 
 	for _, k := range issuerComputedFields {
 		if err := d.Set(k, resp.Data[k]); err != nil {
@@ -150,6 +144,14 @@ func readPKISecretBackendIssuer(ctx context.Context, d *schema.ResourceData, met
 	return nil
 }
 
-func supportPkiCertVerifyDisableChecksFields(meta interface{}) bool {
-	return provider.IsAPISupported(meta, provider.VaultVersion119) && provider.IsEnterpriseSupported(meta)
+func appendPkiCertVerifyDisableChecksFields(meta interface{}, fields []string) []string {
+	if !provider.IsAPISupported(meta, provider.VaultVersion119) && provider.IsEnterpriseSupported(meta) {
+		return fields
+	}
+	return append(fields,
+		consts.FieldDisableCriticalExtensionChecks,
+		consts.FieldDisablePathLengthChecks,
+		consts.FieldDisableNameChecks,
+		consts.FieldDisableNameConstraintChecks,
+	)
 }
diff --git a/vault/resource_pki_secret_backend_issuer.go b/vault/resource_pki_secret_backend_issuer.go
@@ -183,15 +183,7 @@ func pkiSecretBackendIssuerUpdate(ctx context.Context, d *schema.ResourceData, m
 		consts.FieldOCSPServers,
 		consts.FieldEnableAIAURLTemplating,
 	}
-
-	if supportPkiCertVerifyDisableChecksFields(meta) {
-		configurableFields = append(configurableFields,
-			consts.FieldDisableCriticalExtensionChecks,
-			consts.FieldDisablePathLengthChecks,
-			consts.FieldDisableNameChecks,
-			consts.FieldDisableNameConstraintChecks,
-		)
-	}
+	configurableFields = appendPkiCertVerifyDisableChecksFields(meta, configurableFields)
 
 	var patchRequired bool
 	data := map[string]interface{}{}
@@ -271,15 +263,7 @@ func pkiSecretBackendIssuerRead(ctx context.Context, d *schema.ResourceData, met
 		consts.FieldEnableAIAURLTemplating,
 		consts.FieldIssuerID,
 	}
-
-	if supportPkiCertVerifyDisableChecksFields(meta) {
-		fields = append(fields,
-			consts.FieldDisableCriticalExtensionChecks,
-			consts.FieldDisablePathLengthChecks,
-			consts.FieldDisableNameChecks,
-			consts.FieldDisableNameConstraintChecks,
-		)
-	}
+	fields = appendPkiCertVerifyDisableChecksFields(meta, fields)
 
 	for _, k := range fields {
 		if v, ok := resp.Data[k]; ok {