Backport of keyring: E2E testing for KMS/rotation into release/1.8.x #23652
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backport
This PR is auto-generated from #23601 to be assessed for backporting due to the inclusion of the label backport/1.8.x.
The below text is copied from the body of the original PR.
In #23580 we're implementing support for encrypting Nomad's key material with external KMS providers or Vault Transit. In #23577 we're implementing support for prepublishing keys. This changeset updates the E2E infrastructure to use an external KMS and adds tests for rotation.
Ref: https://hashicorp.atlassian.net/browse/NET-10398
Ref: https://hashicorp.atlassian.net/browse/NET-10280
Ref: https://hashicorp.atlassian.net/browse/NET-10334
Ref: #14852
Ref: #23580
Note to reviewers: this PR requires #23580 and #23577 to be merged before we can merge this. Test run against a build that includes both PRs:
Overview of commits