Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Load SSCT Generation Counter Upon DR Promotion [OSS] #16956

Merged
merged 4 commits into from
Aug 31, 2022
Merged

Load SSCT Generation Counter Upon DR Promotion [OSS] #16956

merged 4 commits into from
Aug 31, 2022

Conversation

HridoyRoy
Copy link
Contributor

This PR is a port of https://github.com/hashicorp/vault-enterprise/pull/3170/files.

Description (from ent PR):
This PR fixes the regression with SSCT.

The issue is that the SSCT Generation counter was not being loaded from storage, so when it was written to storage during DR promotion it would always be 1. The fix is to load the value from storage during DR promotion. DRs never use the generation counter, but on DR clusters the value in memory will always be 1 less than the value in storage. However, the moment the DR gets updated to a primary, the value from storage will be incremented and written back.

Will open the OSS port after this PR is approved, with a changelog in OSS.

The PR will need to be backported to 1.10.

ncabatoff
ncabatoff reviewed Aug 31, 2022
View reviewed changes
changelog/16956.txt Outdated
@@ -0,0 +1,3 @@
```release-note:bug
core: Load SSCT Token Generation counter from storage when upgrading a DR to a primary
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This describes the change but isn't meaningful to most changelog readers. Can you instead describe the change from a user perspective?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done!

@HridoyRoy HridoyRoy merged commit d7d5c05 into main Aug 31, 2022
@HridoyRoy HridoyRoy deleted the ssct-bugfix-epoch-oss branch August 31, 2022 18:05
This was referenced Aug 31, 2022
Merged
Merged
@mladlow mladlow added this to the 1.10.10 milestone Nov 30, 2022
@mladlow
Copy link
Collaborator

mladlow commented Nov 30, 2022

The associated enterprise changes for this fix didn't merge alongside the OSS changes. The enterprise changes will be released in 1.10.10. The whole change was released in 1.11.4.

@mladlow
Copy link
Collaborator

mladlow commented Dec 6, 2022

Upon further review, it looks like the enterprise changes are tests. Those have merged into 1.10.x now on the enterprise side, so it's good that this is complete, but I think the functionality was fully released in 1.10.7.

@mladlow mladlow modified the milestones: 1.10.10, 1.10.7 Dec 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@raskchanky raskchanky raskchanky approved these changes

@ncabatoff ncabatoff ncabatoff approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.10.7
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@HridoyRoy @mladlow @raskchanky @ncabatoff