Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VLT-32875 Export API panics when mount is deleted #7288 #29376

Merged
merged 8 commits into from
Jan 22, 2025
Merged

VLT-32875 Export API panics when mount is deleted #7288 #29376

merged 8 commits into from
Jan 22, 2025
+24 −14

Conversation

divyaac
Copy link
Contributor

@divyaac divyaac commented Jan 21, 2025

Description

When the Export API is called and the time frame contains a client usage on a deleted mount, the API panics and fails. This PR fixes this bug.

TODO only if you're a HashiCorp employee

  • Backport Labels: If this fix needs to be backported, use the appropriate backport/ label that matches the desired release branch. Note that in the CE repo, the latest release branch will look like backport/x.x.x, but older release branches will be backport/ent/x.x.x+ent.
    • LTS: If this fixes a critical security vulnerability or severity 1 bug, it will also need to be backported to the current LTS versions of Vault. To ensure this, use all available enterprise labels.
  • ENT Breakage: If this PR either 1) removes a public function OR 2) changes the signature
    of a public function, even if that change is in a CE file, double check that
    applying the patch for this PR to the ENT repo and running tests doesn't
    break any tests. Sometimes ENT only tests rely on public functions in CE
    files.
  • Jira: If this change has an associated Jira, it's referenced either
    in the PR description, commit message, or branch name.
  • RFC: If this change has an associated RFC, please link it in the description.
  • ENT PR: If this change has an associated ENT PR, please link it in the
    description. Also, make sure the changelog is in this PR, not in your ENT PR.

@divyaac divyaac requested a review from a team as a code owner January 21, 2025 23:49
@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label Jan 21, 2025
@divyaac divyaac added this to the 1.19.0-rc milestone Jan 21, 2025
@divyaac divyaac added backport/ent/1.16.x+ent Changes are backported to 1.16.x+ent backport/1.18.x backport/ent/1.17.x+ent Changes are backported to 1.17.x+ent and removed hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed labels Jan 21, 2025
@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label Jan 21, 2025
@divyaac divyaac requested a review from VioletHynes January 21, 2025 23:52
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 21, 2025
edited
Loading

CI Results:
All Go tests succeeded! ✅

@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 21, 2025
edited
Loading

Build Results:
All builds succeeded! ✅

VioletHynes
VioletHynes reviewed Jan 22, 2025
View reviewed changes
Copy link
Contributor

@VioletHynes VioletHynes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks mostly good! A few nits, deletedMountFmt needs to be updated in a few more places, and I think this might need to move to Ent, but otherwise looks good.

vault/external_tests/activity_testonly/activity_testonly_test.go Outdated
Comment on lines 899 to 900
var err error
var exportedClients map[string]vault.ActivityLogExportRecord
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like these are unnecessary, and we can just define them inline when we first initialize them

vault/external_tests/activity_testonly/activity_testonly_test.go Outdated
require.NoError(t, err)
client.SetToken(cluster.RootToken)

err = cluster.Cores[0].Core.SaveCurrentFragmentEarly()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SaveCurrentFragmentEarly is an ent-only function, so this test should be in an ent only file (and this should probably be an Ent + CE PR as opposed to just CE). Though this might be an avoidable call? I'm not so sure.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point. I added an ENT pr... because this is an unavoidable call indeed.

vault/activity_log_util_common.go
@@ -392,7 +392,7 @@ func (a *ActivityLog) sortActivityLogMonthsResponse(months []*ResponseMonth) {

const (
noMountAccessor = "no mount accessor (pre-1.10 upgrade?)"
deletedMountFmt = "deleted mount; accessor %q"
DeletedMountFmt = "deleted mount; accessor %q"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are some references to deletedMountFmt in vault/activity_log_util_common_test.go that will need to be updated also (and maybe elsewhere).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for catching this!! I don't know how my Goland didn't get this :(

changelog/29376.txt Outdated Show resolved Hide resolved
VioletHynes
VioletHynes previously approved these changes Jan 22, 2025
View reviewed changes
@divyaac divyaac enabled auto-merge (squash) January 22, 2025 17:38
@divyaac divyaac disabled auto-merge January 22, 2025 17:38
akshya96
akshya96 previously approved these changes Jan 22, 2025
View reviewed changes
Copy link
Contributor

@akshya96 akshya96 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@divyaac divyaac dismissed stale reviews from akshya96 and VioletHynes via 740cff8 January 22, 2025 18:16
@divyaac divyaac merged commit dcd737b into main Jan 22, 2025
91 of 92 checks passed
@divyaac divyaac deleted the VAULT-3287 branch January 22, 2025 18:38
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@VioletHynes VioletHynes VioletHynes approved these changes

@akshya96 akshya96 akshya96 left review comments

@ryancragun ryancragun Awaiting requested review from ryancragun ryancragun is a code owner automatically assigned from hashicorp/vault

Assignees
No one assigned
Labels
backport/ent/1.16.x+ent Changes are backported to 1.16.x+ent backport/ent/1.17.x+ent Changes are backported to 1.17.x+ent backport/1.18.x hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed
Projects
None yet
Milestone
1.19.0-rc
Development

Successfully merging this pull request may close these issues.
3 participants
@divyaac @VioletHynes @akshya96