New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changing default values for sys.initialize
parameters secret_shares
and secret_threshold
#1063
Conversation
Codecov Report
@@ Coverage Diff @@
## main #1063 +/- ##
==========================================
+ Coverage 85.08% 86.57% +1.48%
==========================================
Files 65 65
Lines 3145 3187 +42
==========================================
+ Hits 2676 2759 +83
+ Misses 469 428 -41
|
sys.initialize
parameters secret_shares
and secret_threshold
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is a good compromise. Plus deprecation warnings have been implemented 👍 LGTM
if recovery_threshold is not None: | ||
if recovery_threshold > recovery_shares: | ||
error_msg = "value for recovery_threshold argument must be less than or equal to recovery_shares argument" | ||
raise ParamValidationError(error_msg) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why use an explicit error_msg variable here when the current file has previously not done so? Its not a breaking instance of code just stylistic.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looking at left side in the side-by-side diff, it seems it's because the previous code did in fact use this variable, and I just changed the message minimally but didn't remove use of the var. I don't feel strongly about it, if you want to put in a suggested change in the comment that removes the variable I'll probably accept it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code looks good from my side just a single stylistic inconsistency.
been a little while since CI ran so I'm going to close/re-open to kick off CI again |
Fixes #1030
For more details see:
Because we set default values for
secret_shares
andsecret_threshold
in theinitialize
call, it's not possible to make the API request without values set.Unfortunately, there are certain cases in the API call where these values must not be set, when using certain auto-unseal configurations, in which only
recovery_shares
andrecovery_threshold
should be set, and Vault will reject the call if the other two are set as well.Breaking change
We're changing the default value of these parameters to
None
along with the rest.In
v2.0.0
, ifsecret_shares
isNone
, andrecovery_shares
is alsoNone
, then we will setsecret_shares
to5
(which was the default previously), and issue a warning.Likewise with
secret_threshold
andrecovery_threshold
, wheresecret_threshold
will be set to3
(the previous default) when both of those parameters areNone
.In
v3.0.0
we will remove the default fallback.This is very unlikely to actually be a breaking change in
v2.0.0
but it could be if all of the following are true:recovery_shares
and/orrecovery_threshold
while relying on the defaults forsecret_shares
and/orsecret_threshold
Action needed
If you currently call the
initialize
method relying on the previous default values, you should update to using explicit values right away. This can be done right away, even in already released versions.With
hvac>=2,<3
, relying on defaults will work (with above caveats) but will issue a deprecation warning.In
hvac>=3
default values will no longer be provided and your calls will probably break unless you specify your values explicitly.