Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support setting plugin TMPDIR in config as well as env #24978

Merged
merged 2 commits into from Jan 30, 2024
Merged

Support setting plugin TMPDIR in config as well as env #24978

merged 2 commits into from Jan 30, 2024

Conversation

tomhjp
Copy link
Collaborator

@tomhjp tomhjp commented Jan 22, 2024

To run containerized plugins under systemd with PrivateTmp=true, users need control over the tmpdir used for Unix sockets (see #23215). Previously we supported this solely with a VAULT_PLUGIN_TMPDIR env var, and this PR adds the option to the config file as well. As with other settings supported in config and env, the env takes precedence.

@tomhjp tomhjp requested review from tvoran and thyton January 22, 2024 16:38
@tomhjp tomhjp requested a review from a team as a code owner January 22, 2024 16:38
@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label Jan 22, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 22, 2024
edited

Build Results:
All builds succeeded! ✅

@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 22, 2024
edited

CI Results:
All Go tests succeeded! ✅

tvoran
tvoran approved these changes Jan 23, 2024
View reviewed changes
Copy link
Member

@tvoran tvoran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this need a changelog entry?

vault/core.go Outdated Show resolved Hide resolved
vault/plugincatalog/plugin_catalog.go
Comment on lines +141 to +149
type PluginCatalogInput struct {
Logger log.Logger
BuiltinRegistry BuiltinRegistry
CatalogView logical.Storage
PluginDirectory string
Tmpdir string
EnableMlock bool
PluginRuntimeCatalog *PluginRuntimeCatalog
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@tomhjp tomhjp added this to the 1.16.0-rc1 milestone Jan 30, 2024
@tomhjp
Copy link
Collaborator Author

tomhjp commented Jan 30, 2024

Does this need a changelog entry?

Thanks for the reminder, added one in the latest commit.

@tomhjp
Copy link
Collaborator Author

tomhjp commented Jan 30, 2024

Thanks!

@tomhjp tomhjp enabled auto-merge (squash) January 30, 2024 12:13
@tomhjp tomhjp merged commit 6e111d9 into main Jan 30, 2024
109 of 111 checks passed
@tomhjp tomhjp deleted the vault-20279/vault-plugin-tmpdir-config branch January 30, 2024 13:10
Monkeychip pushed a commit that referenced this pull request Jan 30, 2024
@tomhjp @Monkeychip
Support setting plugin TMPDIR in config as well as env (#24978)
909da77
Monkeychip pushed a commit that referenced this pull request Feb 7, 2024
@tomhjp @Monkeychip
Support setting plugin TMPDIR in config as well as env (#24978)
b56150f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tvoran tvoran tvoran approved these changes

@thyton thyton Awaiting requested review from thyton

Assignees
No one assigned
Labels
hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed
Projects
None yet
Milestone
1.16.0-rc1
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@tomhjp @tvoran