Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid unseal failure if plugin backends fail to setup during postUnseal #3686

Merged
merged 2 commits into from
Dec 15, 2017
Merged

Avoid unseal failure if plugin backends fail to setup during postUnseal #3686

merged 2 commits into from
Dec 15, 2017

Conversation

calvn
Copy link
Member

@calvn calvn commented Dec 14, 2017

Fixes #3602

@calvn calvn added this to the 0.9.1 milestone Dec 14, 2017
briankassouf
briankassouf approved these changes Dec 14, 2017
View reviewed changes
Copy link
Member

@briankassouf briankassouf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just one small comment, otherwise 👍

vault/auth.go
// If we encounter an error instantiating the backend due to an error,
// skip backend initialization but register the entry to the mount table
// to preserve storage and path.
c.logger.Warn("core: skipping plugin-based credential entry", "path", entry.Path)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we output the error here so the user knows why it failed (plugin missing, bad SHA, etc.), and the same for mounts?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The error is printed out up top in https://github.com/hashicorp/vault/pull/3686/files#diff-444ea30b36f7a95d6672fd6fd9b7a87cR461.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pfft, obviously @bk, duh

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ha, I even looked there and thought "Oh, it's only printing out the path", missed the error somehow :)

@jefferai jefferai merged commit 9dc7bc7 into master Dec 15, 2017
chrishoffman pushed a commit that referenced this pull request Dec 15, 2017
Merge remote-tracking branch 'oss/master' into f-nomad
16e2edf 
* oss/master:
  Defer reader.Close that is used to determine sha256
  changelog++
  Avoid unseal failure if plugin backends fail to setup during postUnseal (#3686)
  Add logic for using Auth.Period when handling auth login/renew requests (#3677)
  plugins/database: use context with plugins that use database/sql package (#3691)
  changelog++
  Fix plaintext backup in transit (#3692)
  Database gRPC plugins (#3666)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jefferai jefferai jefferai approved these changes

@briankassouf briankassouf briankassouf approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.9.1
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@calvn @jefferai @briankassouf