Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auto Auth Healing for Proxy #26307

Merged
merged 4 commits into from
Apr 9, 2024
Merged

Auto Auth Healing for Proxy #26307

merged 4 commits into from
Apr 9, 2024

Conversation

divyaac
Copy link
Contributor

@divyaac divyaac commented Apr 8, 2024

Auto Auth will self heal if Proxy is using an auto auth token that is bogus, has reached max uses, or max ttl.

Approved Ent Pr: https://github.com/hashicorp/vault-enterprise/pull/5672

closes : https://github.com/hashicorp/vault-enterprise/pull/5672

@divyaac divyaac requested a review from VioletHynes April 8, 2024 21:44
@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label Apr 8, 2024
@divyaac divyaac added this to the 1.17.0-rc milestone Apr 8, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 8, 2024
edited
Loading

CI Results:
All Go tests succeeded! ✅

@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 8, 2024
edited
Loading

Build Results:
All builds succeeded! ✅

@VioletHynes
Copy link
Contributor

There are some test failures due to a panic:

2024-04-08T21:57:39.940Z [INFO]  agent.apiproxy: http: panic serving 127.0.0.1:34436: interface conversion: interface is nil, not sink.SinkReader
goroutine 10762 [running]:
net/http.(*conn).serve.func1()
	/opt/hostedtoolcache/go/1.21.8/x64/src/net/http/server.go:1868 +0xff
panic({0xe60d380?, 0xc0050dea80?})
	/opt/hostedtoolcache/go/1.21.8/x64/src/runtime/panic.go:920 +0x270
github.com/hashicorp/vault/command.(*AgentCommand).Run.ProxyHandler.func15({0x1273ad20?, 0xc004877a40}, 0xc005dade00)
	/home/runner/work/vault/vault/command/agentproxyshared/cache/handler.go:39 +0x354
net/http.HandlerFunc.ServeHTTP(0xc005806b40, {0x1273ad20, 0xc004877a40}, 0xc0047e8c40?)
	/opt/hostedtoolcache/go/1.21.8/x64/src/net/http/server.go:2136 +0x48
net/http.(*ServeMux).ServeHTTP(0x0?, {0x1273ad20, 0xc004877a40}, 0xc005dade00)
	/opt/hostedtoolcache/go/1.21.8/x64/src/net/http/server.go:2514 +0xbd
net/http.serverHandler.ServeHTTP({0xc0050de9c0?}, {0x1273ad20, 0xc004877a40}, 0xc005dade00)
	/opt/hostedtoolcache/go/1.21.8/x64/src/net/http/server.go:2938 +0x2a2
net/http.(*conn).serve(0xc0059baea0, {0x1275a060, 0xc00548b800})
	/opt/hostedtoolcache/go/1.21.8/x64/src/net/http/server.go:2009 +0xc25
created by net/http.(*Server).Serve in goroutine 10783
	/opt/hostedtoolcache/go/1.21.8/x64/src/net/http/server.go:3086 +0x86d
    agent_test.go:2271: default expectError=false error=Get "http://127.0.0.1:46727/v1/secret/foo": EOF secret=<nil>

VioletHynes
VioletHynes reviewed Apr 9, 2024
View reviewed changes
Copy link
Contributor

@VioletHynes VioletHynes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, but I'll hold off approving until we figure out the test failures. Once we've addressed them, feel free to re-request me :D

command/agentproxyshared/cache/static_secret_cache_updater.go Outdated Show resolved Hide resolved
@divyaac divyaac requested a review from VioletHynes April 9, 2024 18:31
@divyaac divyaac merged commit fcef8ad into main Apr 9, 2024
83 checks passed
@divyaac divyaac deleted the VAULT-23742_Vault_Proxy_Auto_Auth_Healing branch April 9, 2024 19:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@VioletHynes VioletHynes VioletHynes approved these changes

Assignees
No one assigned
Labels
hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed
Projects
None yet
Milestone
1.17.0-rc
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@divyaac @VioletHynes