Skip to content

Fix DB static role credential rotation replication issue#8105

Merged
briankassouf merged 3 commits into
masterfrom
fix_db_static_rotate_replication_issue
Jan 10, 2020
Merged

Fix DB static role credential rotation replication issue#8105
briankassouf merged 3 commits into
masterfrom
fix_db_static_rotate_replication_issue

Conversation

@michelvocks
Copy link
Copy Markdown
Contributor

@michelvocks michelvocks commented Jan 7, 2020
edited
Loading

This PR fixes a bug that prevents Vault performance secondaries and performance standby's to successfully forward a manual static role credential rotation request e.g. vault write -f database/rotate-role/education.

To prevent the client to run in a timeout:

vault/http/handler.go

Line 642 in 31bbb81

if r.LastRemoteWAL() > 0 && !vault.WaitUntilWALShipped(rawReq.Context(), core, r.LastRemoteWAL()) {

And the manual static role credential rotation method does not store anything in the backend (which usually triggers a guard check), we have to store a canary to make sure that a guard check is triggered.

@michelvocks michelvocks added this to the 1.4 milestone Jan 7, 2020
@michelvocks michelvocks mentioned this pull request Jan 7, 2020
Merged
briankassouf
briankassouf reviewed Jan 7, 2020
View reviewed changes
Comment thread builtin/logical/database/path_rotate_credentials.go Outdated
@briankassouf
Copy link
Copy Markdown
Contributor

briankassouf commented Jan 7, 2020

Maybe we should get this merged so it can be used here and in your other PR? #7175

@kalafut
Copy link
Copy Markdown
Contributor

kalafut commented Jan 7, 2020

#7175 is now merged.

@michelvocks michelvocks force-pushed the fix_db_static_rotate_replication_issue branch from dc7f79b to 8511489 Compare January 8, 2020 10:30
@michelvocks
Copy link
Copy Markdown
Contributor Author

michelvocks commented Jan 8, 2020

Thanks, @kalafut & @briankassouf! Done

briankassouf
briankassouf reviewed Jan 8, 2020
View reviewed changes
Comment thread builtin/logical/database/path_rotate_credentials.go Outdated
@briankassouf briankassouf modified the milestones: 1.4, 1.3.2 Jan 8, 2020
@michelvocks michelvocks mentioned this pull request Jan 9, 2020
Merged
@briankassouf briankassouf merged commit 7ebb303 into master Jan 10, 2020
@briankassouf briankassouf deleted the fix_db_static_rotate_replication_issue branch January 10, 2020 00:45
@michelvocks michelvocks mentioned this pull request Jan 14, 2020
Closed
@Ginja Ginja mentioned this pull request Mar 4, 2020
Closed
@catsby catsby mentioned this pull request May 14, 2020
Merged
@catsby catsby mentioned this pull request Jul 27, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@catsby catsby Awaiting requested review from catsby

1 more reviewer

@briankassouf briankassouf briankassouf approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

core/replication secret/database

Projects

None yet

Milestone

1.3.2

Development

Successfully merging this pull request may close these issues.

4 participants

@michelvocks @briankassouf @kalafut @catsby