move noop audit to audit package (#26448)

audit/backend_noop.go

@@ -0,0 +1,350 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package audit
+
+import (
+	"context"
+	"crypto/sha256"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"strings"
+	"sync"
+	"testing"
+
+	"github.com/hashicorp/eventlogger"
+	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
+	"github.com/hashicorp/vault/internal/observability/event"
+	"github.com/hashicorp/vault/sdk/helper/salt"
+	"github.com/hashicorp/vault/sdk/logical"
+)
+
+var (
+	_ Backend          = (*NoopAudit)(nil)
+	_ eventlogger.Node = (*noopWrapper)(nil)
+)
+
+// noopWrapper is designed to wrap a formatter node in order to allow access to
+// bytes formatted, headers formatted and parts of the logical.LogInput.
+// Some older tests relied on being able to query this information so while those
+// tests stick around we should look after them.
+type noopWrapper struct {
+	format  string
+	node    eventlogger.Node
+	backend *NoopAudit
+}
+
+// NoopAuditEventListener is a callback used by noopWrapper.Process() to notify
+// of each received audit event.
+type NoopAuditEventListener func(*AuditEvent)
+
+func (n *NoopAudit) SetListener(listener NoopAuditEventListener) {
+	n.listener = listener
+}
+
+type NoopAudit struct {
+	Config *BackendConfig
+
+	ReqErr         error
+	ReqAuth        []*logical.Auth
+	Req            []*logical.Request
+	ReqHeaders     []map[string][]string
+	ReqNonHMACKeys []string
+	ReqErrs        []error
+
+	RespErr            error
+	RespAuth           []*logical.Auth
+	RespReq            []*logical.Request
+	Resp               []*logical.Response
+	RespNonHMACKeys    [][]string
+	RespReqNonHMACKeys [][]string
+	RespErrs           []error
+	records            [][]byte
+	l                  sync.RWMutex
+	salt               *salt.Salt
+	saltMutex          sync.RWMutex
+
+	nodeIDList []eventlogger.NodeID
+	nodeMap    map[eventlogger.NodeID]eventlogger.Node
+
+	listener NoopAuditEventListener
+}
+
+// NoopHeaderFormatter can be used within no-op audit devices to do nothing when
+// it comes to only allow configured headers to appear in the result.
+// Whatever is passed in will be returned (nil becomes an empty map) in lowercase.
+type NoopHeaderFormatter struct{}
+
+// ApplyConfig implements the relevant interface to make NoopHeaderFormatter an HeaderFormatter.
+func (f *NoopHeaderFormatter) ApplyConfig(_ context.Context, headers map[string][]string, _ Salter) (result map[string][]string, retErr error) {
+	if len(headers) < 1 {
+		return map[string][]string{}, nil
+	}
+
+	// Make a copy of the incoming headers with everything lower so we can
+	// case-insensitively compare
+	lowerHeaders := make(map[string][]string, len(headers))
+	for k, v := range headers {
+		lowerHeaders[strings.ToLower(k)] = v
+	}
+
+	return lowerHeaders, nil
+}
+
+// NewNoopAudit should be used to create a NoopAudit as it handles creation of a
+// predictable salt and wraps eventlogger nodes so information can be retrieved on
+// what they've seen or formatted.
+func NewNoopAudit(config *BackendConfig) (*NoopAudit, error) {
+	view := &logical.InmemStorage{}
+
+	// Create the salt with a known key for predictable hmac values.
+	se := &logical.StorageEntry{Key: "salt", Value: []byte("foo")}
+	err := view.Put(context.Background(), se)
+	if err != nil {
+		return nil, err
+	}
+
+	// Override the salt related config settings.
+	backendConfig := &BackendConfig{
+		SaltView: view,
+		SaltConfig: &salt.Config{
+			HMAC:     sha256.New,
+			HMACType: "hmac-sha256",
+		},
+		Config:    config.Config,
+		MountPath: config.MountPath,
+	}
+
+	noopBackend := &NoopAudit{
+		Config:     backendConfig,
+		nodeIDList: make([]eventlogger.NodeID, 2),
+		nodeMap:    make(map[eventlogger.NodeID]eventlogger.Node, 2),
+	}
+
+	cfg, err := NewFormatterConfig(&NoopHeaderFormatter{})
+	if err != nil {
+		return nil, err
+	}
+
+	formatterNodeID, err := event.GenerateNodeID()
+	if err != nil {
+		return nil, fmt.Errorf("error generating random NodeID for formatter node: %w", err)
+	}
+
+	formatterNode, err := NewEntryFormatter(config.MountPath, cfg, noopBackend, config.Logger)
+	if err != nil {
+		return nil, fmt.Errorf("error creating formatter: %w", err)
+	}
+
+	// Wrap the formatting node, so we can get any bytes that were formatted etc.
+	wrappedFormatter := &noopWrapper{format: "json", node: formatterNode, backend: noopBackend}
+
+	noopBackend.nodeIDList[0] = formatterNodeID
+	noopBackend.nodeMap[formatterNodeID] = wrappedFormatter
+
+	sinkNode := event.NewNoopSink()
+	sinkNodeID, err := event.GenerateNodeID()
+	if err != nil {
+		return nil, fmt.Errorf("error generating random NodeID for sink node: %w", err)
+	}
+
+	noopBackend.nodeIDList[1] = sinkNodeID
+	noopBackend.nodeMap[sinkNodeID] = sinkNode
+
+	return noopBackend, nil
+}
+
+// NoopAuditFactory should be used when the test needs a way to access bytes that
+// have been formatted by the pipeline during audit requests.
+// The records parameter will be repointed to the one used within the pipeline.
+func NoopAuditFactory(records **[][]byte) Factory {
+	return func(config *BackendConfig, _ HeaderFormatter) (Backend, error) {
+		n, err := NewNoopAudit(config)
+		if err != nil {
+			return nil, err
+		}
+		if records != nil {
+			*records = &n.records
+		}
+
+		return n, nil
+	}
+}
+
+// Process handles the contortions required by older test code to ensure behavior.
+// It will attempt to do some pre/post processing of the logical.LogInput that should
+// form part of the event's payload data, as well as capturing the resulting headers
+// that were formatted and track the overall bytes that a formatted event uses when
+// it's ready to head down the pipeline to the sink node (a noop for us).
+func (n *noopWrapper) Process(ctx context.Context, e *eventlogger.Event) (*eventlogger.Event, error) {
+	n.backend.l.Lock()
+	defer n.backend.l.Unlock()
+
+	var err error
+
+	// We're expecting audit events since this is an audit device.
+	a, ok := e.Payload.(*AuditEvent)
+	if !ok {
+		return nil, errors.New("cannot parse payload as an audit event")
+	}
+
+	if n.backend.listener != nil {
+		n.backend.listener(a)
+	}
+
+	in := a.Data
+
+	// Depending on the type of the audit event (request or response) we need to
+	// track different things.
+	switch a.Subtype {
+	case RequestType:
+		n.backend.ReqAuth = append(n.backend.ReqAuth, in.Auth)
+		n.backend.Req = append(n.backend.Req, in.Request)
+		n.backend.ReqNonHMACKeys = in.NonHMACReqDataKeys
+		n.backend.ReqErrs = append(n.backend.ReqErrs, in.OuterErr)
+
+		if n.backend.ReqErr != nil {
+			return nil, n.backend.ReqErr
+		}
+	case ResponseType:
+		n.backend.RespAuth = append(n.backend.RespAuth, in.Auth)
+		n.backend.RespReq = append(n.backend.RespReq, in.Request)
+		n.backend.Resp = append(n.backend.Resp, in.Response)
+		n.backend.RespErrs = append(n.backend.RespErrs, in.OuterErr)
+
+		if in.Response != nil {
+			n.backend.RespNonHMACKeys = append(n.backend.RespNonHMACKeys, in.NonHMACRespDataKeys)
+			n.backend.RespReqNonHMACKeys = append(n.backend.RespReqNonHMACKeys, in.NonHMACReqDataKeys)
+		}
+
+		if n.backend.RespErr != nil {
+			return nil, n.backend.RespErr
+		}
+	default:
+		return nil, fmt.Errorf("unknown audit event type: %q", a.Subtype)
+	}
+
+	// Once we've taken note of the relevant properties of the event, we get the
+	// underlying (wrapped) node to process it as normal.
+	e, err = n.node.Process(ctx, e)
+	if err != nil {
+		return nil, fmt.Errorf("error processing wrapped node: %w", err)
+	}
+
+	// Once processing has been carried out, the underlying node (a formatter node)
+	// should contain the output ready for the sink node. We'll get that in order
+	// to track how many bytes we formatted.
+	b, ok := e.Format(n.format)
+	if ok {
+		n.backend.records = append(n.backend.records, b)
+	}
+
+	// Finally, the last bit of post-processing is to make sure that we track the
+	// formatted headers that would have made it to the logs via the sink node.
+	// They only appear in requests.
+	if a.Subtype == RequestType {
+		reqEntry := &RequestEntry{}
+		err = json.Unmarshal(b, &reqEntry)
+		if err != nil {
+			return nil, fmt.Errorf("unable to parse formatted audit entry data: %w", err)
+		}
+
+		n.backend.ReqHeaders = append(n.backend.ReqHeaders, reqEntry.Request.Headers)
+	}
+
+	// Return the event and no error in order to let the pipeline continue on.
+	return e, nil
+}
+
+func (n *noopWrapper) Reopen() error {
+	return n.node.Reopen()
+}
+
+func (n *noopWrapper) Type() eventlogger.NodeType {
+	return n.node.Type()
+}
+
+// LogTestMessage will manually crank the handle on the nodes associated with this backend.
+func (n *NoopAudit) LogTestMessage(ctx context.Context, in *logical.LogInput) error {
+	if len(n.nodeIDList) > 0 {
+		return ProcessManual(ctx, in, n.nodeIDList, n.nodeMap)
+	}
+
+	return nil
+}
+
+func (n *NoopAudit) Salt(ctx context.Context) (*salt.Salt, error) {
+	n.saltMutex.RLock()
+	if n.salt != nil {
+		defer n.saltMutex.RUnlock()
+		return n.salt, nil
+	}
+	n.saltMutex.RUnlock()
+	n.saltMutex.Lock()
+	defer n.saltMutex.Unlock()
+	if n.salt != nil {
+		return n.salt, nil
+	}
+	s, err := salt.NewSalt(ctx, n.Config.SaltView, n.Config.SaltConfig)
+	if err != nil {
+		return nil, err
+	}
+	n.salt = s
+	return s, nil
+}
+
+func (n *NoopAudit) GetHash(ctx context.Context, data string) (string, error) {
+	s, err := n.Salt(ctx)
+	if err != nil {
+		return "", err
+	}
+	return s.GetIdentifiedHMAC(data), nil
+}
+
+func (n *NoopAudit) Reload() error {
+	return nil
+}
+
+func (n *NoopAudit) Invalidate(_ context.Context) {
+	n.saltMutex.Lock()
+	defer n.saltMutex.Unlock()
+	n.salt = nil
+}
+
+func (n *NoopAudit) EventType() eventlogger.EventType {
+	return event.AuditType.AsEventType()
+}
+
+func (n *NoopAudit) HasFiltering() bool {
+	return false
+}
+
+func (n *NoopAudit) Name() string {
+	return n.Config.MountPath
+}
+
+func (n *NoopAudit) Nodes() map[eventlogger.NodeID]eventlogger.Node {
+	return n.nodeMap
+}
+
+func (n *NoopAudit) NodeIDs() []eventlogger.NodeID {
+	return n.nodeIDList
+}
+
+func (n *NoopAudit) IsFallback() bool {
+	return false
+}
+
+func TestNoopAudit(t *testing.T, path string, config map[string]string) *NoopAudit {
+	cfg := &BackendConfig{
+		Config:    config,
+		MountPath: path,
+		Logger:    corehelpers.NewTestLogger(t),
+	}
+	n, err := NewNoopAudit(cfg)
+	if err != nil {
+		t.Fatal(err)
+	}
+	return n
+}

audit/types.go

@@ -36,7 +36,7 @@ type Backend interface {
 	LogTestMessage(context.Context, *logical.LogInput) error
 
 	// Reload is called on SIGHUP for supporting backends.
-	Reload(context.Context) error
+	Reload() error
 
 	// Invalidate is called for path invalidation
 	Invalidate(context.Context)
@@ -203,4 +203,4 @@ type BackendConfig struct {
 }
 
 // Factory is the factory function to create an audit backend.
-type Factory func(context.Context, *BackendConfig, HeaderFormatter) (Backend, error)
+type Factory func(*BackendConfig, HeaderFormatter) (Backend, error)

builtin/audit/file/backend.go

@@ -44,7 +44,7 @@ type Backend struct {
 	saltView   logical.Storage
 }
 
-func Factory(_ context.Context, conf *audit.BackendConfig, headersConfig audit.HeaderFormatter) (audit.Backend, error) {
+func Factory(conf *audit.BackendConfig, headersConfig audit.HeaderFormatter) (audit.Backend, error) {
 	if conf.SaltConfig == nil {
 		return nil, fmt.Errorf("nil salt config: %w", audit.ErrInvalidParameter)
 	}
@@ -164,7 +164,7 @@ func (b *Backend) LogTestMessage(ctx context.Context, in *logical.LogInput) erro
 	return nil
 }
 
-func (b *Backend) Reload(_ context.Context) error {
+func (b *Backend) Reload() error {
 	for _, n := range b.nodeMap {
 		if n.Type() == eventlogger.NodeTypeSink {
 			return n.Reopen()

builtin/audit/file/backend_filter_node_test.go

@@ -11,7 +11,6 @@ import (
 	"github.com/hashicorp/eventlogger"
 	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/vault/audit"
-	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
 	"github.com/stretchr/testify/require"
 )
 
@@ -75,7 +74,7 @@ func TestBackend_configureFilterFormatterSink(t *testing.T) {
 		nodeMap:    map[eventlogger.NodeID]eventlogger.Node{},
 	}
 
-	formatConfig, err := audit.NewFormatterConfig(&corehelpers.NoopHeaderFormatter{})
+	formatConfig, err := audit.NewFormatterConfig(&audit.NoopHeaderFormatter{})
 	require.NoError(t, err)
 
 	err = b.configureFilterNode("path == bar")

builtin/audit/file/backend_test.go

@@ -4,7 +4,6 @@
 package file
 
 import (
-	"context"
 	"os"
 	"path/filepath"
 	"strconv"
@@ -13,7 +12,6 @@ import (
 	"github.com/hashicorp/eventlogger"
 	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/vault/audit"
-	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
 	"github.com/hashicorp/vault/internal/observability/event"
 	"github.com/hashicorp/vault/sdk/helper/salt"
 	"github.com/hashicorp/vault/sdk/logical"
@@ -41,7 +39,7 @@ func TestAuditFile_fileModeNew(t *testing.T) {
 		SaltView:   &logical.InmemStorage{},
 		Logger:     hclog.NewNullLogger(),
 	}
-	_, err = Factory(context.Background(), backendConfig, &corehelpers.NoopHeaderFormatter{})
+	_, err = Factory(backendConfig, &audit.NoopHeaderFormatter{})
 	require.NoError(t, err)
 
 	info, err := os.Stat(file)
@@ -74,7 +72,7 @@ func TestAuditFile_fileModeExisting(t *testing.T) {
 		Logger:     hclog.NewNullLogger(),
 	}
 
-	_, err = Factory(context.Background(), backendConfig, &corehelpers.NoopHeaderFormatter{})
+	_, err = Factory(backendConfig, &audit.NoopHeaderFormatter{})
 	require.NoError(t, err)
 
 	info, err := os.Stat(f.Name())
@@ -108,7 +106,7 @@ func TestAuditFile_fileMode0000(t *testing.T) {
 		Logger:     hclog.NewNullLogger(),
 	}
 
-	_, err = Factory(context.Background(), backendConfig, &corehelpers.NoopHeaderFormatter{})
+	_, err = Factory(backendConfig, &audit.NoopHeaderFormatter{})
 	require.NoError(t, err)
 
 	info, err := os.Stat(f.Name())
@@ -137,7 +135,7 @@ func TestAuditFile_EventLogger_fileModeNew(t *testing.T) {
 		Logger:     hclog.NewNullLogger(),
 	}
 
-	_, err = Factory(context.Background(), backendConfig, &corehelpers.NoopHeaderFormatter{})
+	_, err = Factory(backendConfig, &audit.NoopHeaderFormatter{})
 	require.NoError(t, err)
 
 	info, err := os.Stat(file)
@@ -243,7 +241,7 @@ func TestBackend_newFormatterConfig(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
 
-			got, err := newFormatterConfig(&corehelpers.NoopHeaderFormatter{}, tc.config)
+			got, err := newFormatterConfig(&audit.NoopHeaderFormatter{}, tc.config)
 			if tc.wantErr {
 				require.Error(t, err)
 				require.EqualError(t, err, tc.expectedMessage)
@@ -270,7 +268,7 @@ func TestBackend_configureFormatterNode(t *testing.T) {
 		nodeMap:    map[eventlogger.NodeID]eventlogger.Node{},
 	}
 
-	formatConfig, err := audit.NewFormatterConfig(&corehelpers.NoopHeaderFormatter{})
+	formatConfig, err := audit.NewFormatterConfig(&audit.NoopHeaderFormatter{})
 	require.NoError(t, err)
 
 	err = b.configureFormatterNode("juan", formatConfig, hclog.NewNullLogger())
@@ -425,8 +423,6 @@ func TestBackend_configureSinkNode(t *testing.T) {
 func TestBackend_Factory_Conf(t *testing.T) {
 	t.Parallel()
 
-	ctx := context.Background()
-
 	tests := map[string]struct {
 		backendConfig        *audit.BackendConfig
 		isErrorExpected      bool
@@ -493,7 +489,7 @@ func TestBackend_Factory_Conf(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
 
-			be, err := Factory(ctx, tc.backendConfig, &corehelpers.NoopHeaderFormatter{})
+			be, err := Factory(tc.backendConfig, &audit.NoopHeaderFormatter{})
 
 			switch {
 			case tc.isErrorExpected:
@@ -512,8 +508,6 @@ func TestBackend_Factory_Conf(t *testing.T) {
 func TestBackend_IsFallback(t *testing.T) {
 	t.Parallel()
 
-	ctx := context.Background()
-
 	tests := map[string]struct {
 		backendConfig      *audit.BackendConfig
 		isFallbackExpected bool
@@ -552,7 +546,7 @@ func TestBackend_IsFallback(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
 
-			be, err := Factory(ctx, tc.backendConfig, &corehelpers.NoopHeaderFormatter{})
+			be, err := Factory(tc.backendConfig, &audit.NoopHeaderFormatter{})
 			require.NoError(t, err)
 			require.NotNil(t, be)
 			require.Equal(t, tc.isFallbackExpected, be.IsFallback())

builtin/audit/socket/backend.go

@@ -34,7 +34,7 @@ type Backend struct {
 	saltView   logical.Storage
 }
 
-func Factory(_ context.Context, conf *audit.BackendConfig, headersConfig audit.HeaderFormatter) (audit.Backend, error) {
+func Factory(conf *audit.BackendConfig, headersConfig audit.HeaderFormatter) (audit.Backend, error) {
 	if conf.SaltConfig == nil {
 		return nil, fmt.Errorf("nil salt config: %w", audit.ErrInvalidParameter)
 	}
@@ -129,7 +129,7 @@ func (b *Backend) LogTestMessage(ctx context.Context, in *logical.LogInput) erro
 	return nil
 }
 
-func (b *Backend) Reload(ctx context.Context) error {
+func (b *Backend) Reload() error {
 	for _, n := range b.nodeMap {
 		if n.Type() == eventlogger.NodeTypeSink {
 			return n.Reopen()

builtin/audit/socket/backend_filter_node_test.go

@@ -11,7 +11,6 @@ import (
 	"github.com/hashicorp/eventlogger"
 	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/vault/audit"
-	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
 	"github.com/stretchr/testify/require"
 )
 
@@ -75,7 +74,7 @@ func TestBackend_configureFilterFormatterSink(t *testing.T) {
 		nodeMap:    map[eventlogger.NodeID]eventlogger.Node{},
 	}
 
-	formatConfig, err := audit.NewFormatterConfig(&corehelpers.NoopHeaderFormatter{})
+	formatConfig, err := audit.NewFormatterConfig(&audit.NoopHeaderFormatter{})
 	require.NoError(t, err)
 
 	err = b.configureFilterNode("path == bar")

builtin/audit/socket/backend_test.go

@@ -4,13 +4,11 @@
 package socket
 
 import (
-	"context"
 	"testing"
 
 	"github.com/hashicorp/eventlogger"
 	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/vault/audit"
-	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
 	"github.com/hashicorp/vault/internal/observability/event"
 	"github.com/hashicorp/vault/sdk/helper/salt"
 	"github.com/hashicorp/vault/sdk/logical"
@@ -115,7 +113,7 @@ func TestBackend_newFormatterConfig(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
 
-			got, err := newFormatterConfig(&corehelpers.NoopHeaderFormatter{}, tc.config)
+			got, err := newFormatterConfig(&audit.NoopHeaderFormatter{}, tc.config)
 			if tc.wantErr {
 				require.Error(t, err)
 				require.EqualError(t, err, tc.expectedErrMsg)
@@ -142,7 +140,7 @@ func TestBackend_configureFormatterNode(t *testing.T) {
 		nodeMap:    map[eventlogger.NodeID]eventlogger.Node{},
 	}
 
-	formatConfig, err := audit.NewFormatterConfig(&corehelpers.NoopHeaderFormatter{})
+	formatConfig, err := audit.NewFormatterConfig(&audit.NoopHeaderFormatter{})
 	require.NoError(t, err)
 
 	err = b.configureFormatterNode("juan", formatConfig, hclog.NewNullLogger())
@@ -253,8 +251,6 @@ func TestBackend_configureSinkNode(t *testing.T) {
 func TestBackend_Factory_Conf(t *testing.T) {
 	t.Parallel()
 
-	ctx := context.Background()
-
 	tests := map[string]struct {
 		backendConfig        *audit.BackendConfig
 		isErrorExpected      bool
@@ -387,7 +383,7 @@ func TestBackend_Factory_Conf(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
 
-			be, err := Factory(ctx, tc.backendConfig, &corehelpers.NoopHeaderFormatter{})
+			be, err := Factory(tc.backendConfig, &audit.NoopHeaderFormatter{})
 
 			switch {
 			case tc.isErrorExpected:
@@ -406,8 +402,6 @@ func TestBackend_Factory_Conf(t *testing.T) {
 func TestBackend_IsFallback(t *testing.T) {
 	t.Parallel()
 
-	ctx := context.Background()
-
 	tests := map[string]struct {
 		backendConfig      *audit.BackendConfig
 		isFallbackExpected bool
@@ -448,7 +442,7 @@ func TestBackend_IsFallback(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
 
-			be, err := Factory(ctx, tc.backendConfig, &corehelpers.NoopHeaderFormatter{})
+			be, err := Factory(tc.backendConfig, &audit.NoopHeaderFormatter{})
 			require.NoError(t, err)
 			require.NotNil(t, be)
 			require.Equal(t, tc.isFallbackExpected, be.IsFallback())

builtin/audit/syslog/backend.go

@@ -34,7 +34,7 @@ type Backend struct {
 	saltView   logical.Storage
 }
 
-func Factory(_ context.Context, conf *audit.BackendConfig, headersConfig audit.HeaderFormatter) (audit.Backend, error) {
+func Factory(conf *audit.BackendConfig, headersConfig audit.HeaderFormatter) (audit.Backend, error) {
 	if conf.SaltConfig == nil {
 		return nil, fmt.Errorf("nil salt config: %w", audit.ErrInvalidParameter)
 	}
@@ -127,7 +127,7 @@ func (b *Backend) LogTestMessage(ctx context.Context, in *logical.LogInput) erro
 	return nil
 }
 
-func (b *Backend) Reload(_ context.Context) error {
+func (b *Backend) Reload() error {
 	return nil
 }
 

builtin/audit/syslog/backend_filter_node_test.go

@@ -11,7 +11,6 @@ import (
 	"github.com/hashicorp/eventlogger"
 	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/vault/audit"
-	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
 	"github.com/stretchr/testify/require"
 )
 
@@ -75,7 +74,7 @@ func TestBackend_configureFilterFormatterSink(t *testing.T) {
 		nodeMap:    map[eventlogger.NodeID]eventlogger.Node{},
 	}
 
-	formatConfig, err := audit.NewFormatterConfig(&corehelpers.NoopHeaderFormatter{})
+	formatConfig, err := audit.NewFormatterConfig(&audit.NoopHeaderFormatter{})
 	require.NoError(t, err)
 
 	err = b.configureFilterNode("path == bar")

builtin/audit/syslog/backend_test.go

@@ -4,13 +4,11 @@
 package syslog
 
 import (
-	"context"
 	"testing"
 
 	"github.com/hashicorp/eventlogger"
 	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/vault/audit"
-	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
 	"github.com/hashicorp/vault/internal/observability/event"
 	"github.com/hashicorp/vault/sdk/helper/salt"
 	"github.com/hashicorp/vault/sdk/logical"
@@ -115,7 +113,7 @@ func TestBackend_newFormatterConfig(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
 
-			got, err := newFormatterConfig(&corehelpers.NoopHeaderFormatter{}, tc.config)
+			got, err := newFormatterConfig(&audit.NoopHeaderFormatter{}, tc.config)
 			if tc.wantErr {
 				require.Error(t, err)
 				require.EqualError(t, err, tc.expectedErrMsg)
@@ -142,7 +140,7 @@ func TestBackend_configureFormatterNode(t *testing.T) {
 		nodeMap:    map[eventlogger.NodeID]eventlogger.Node{},
 	}
 
-	formatConfig, err := audit.NewFormatterConfig(&corehelpers.NoopHeaderFormatter{})
+	formatConfig, err := audit.NewFormatterConfig(&audit.NoopHeaderFormatter{})
 	require.NoError(t, err)
 
 	err = b.configureFormatterNode("juan", formatConfig, hclog.NewNullLogger())
@@ -235,8 +233,6 @@ func TestBackend_configureSinkNode(t *testing.T) {
 func TestBackend_Factory_Conf(t *testing.T) {
 	t.Parallel()
 
-	ctx := context.Background()
-
 	tests := map[string]struct {
 		backendConfig        *audit.BackendConfig
 		isErrorExpected      bool
@@ -291,7 +287,7 @@ func TestBackend_Factory_Conf(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
 
-			be, err := Factory(ctx, tc.backendConfig, &corehelpers.NoopHeaderFormatter{})
+			be, err := Factory(tc.backendConfig, &audit.NoopHeaderFormatter{})
 
 			switch {
 			case tc.isErrorExpected:
@@ -310,8 +306,6 @@ func TestBackend_Factory_Conf(t *testing.T) {
 func TestBackend_IsFallback(t *testing.T) {
 	t.Parallel()
 
-	ctx := context.Background()
-
 	tests := map[string]struct {
 		backendConfig      *audit.BackendConfig
 		isFallbackExpected bool
@@ -348,7 +342,7 @@ func TestBackend_IsFallback(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
 
-			be, err := Factory(ctx, tc.backendConfig, &corehelpers.NoopHeaderFormatter{})
+			be, err := Factory(tc.backendConfig, &audit.NoopHeaderFormatter{})
 			require.NoError(t, err)
 			require.NotNil(t, be)
 			require.Equal(t, tc.isFallbackExpected, be.IsFallback())

helper/builtinplugins/builtinplugins_test.go

@@ -10,7 +10,6 @@ import (
 	"github.com/hashicorp/vault/api"
 	"github.com/hashicorp/vault/audit"
 	logicalDb "github.com/hashicorp/vault/builtin/logical/database"
-	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
 	vaulthttp "github.com/hashicorp/vault/http"
 	"github.com/hashicorp/vault/sdk/helper/consts"
 	"github.com/hashicorp/vault/sdk/logical"
@@ -48,7 +47,7 @@ func TestBuiltinPluginsWork(t *testing.T) {
 			// Specifying at least one audit backend factory will prevent NewTestCluster
 			// from attempting to enable a noop audit, and audit isn't required for this test.
 			AuditBackends: map[string]audit.Factory{
-				"noop": corehelpers.NoopAuditFactory(nil),
+				"noop": audit.NoopAuditFactory(nil),
 			},
 		},
 		&vault.TestClusterOptions{

helper/testhelpers/corehelpers/corehelpers.go

@@ -7,35 +7,20 @@ package corehelpers
 
 import (
 	"context"
-	"crypto/sha256"
-	"encoding/json"
-	"errors"
-	"fmt"
 	"io"
 	"os"
 	"path/filepath"
-	"strings"
-	"sync"
 	"time"
 
-	"github.com/hashicorp/eventlogger"
 	"github.com/hashicorp/go-hclog"
-	"github.com/hashicorp/vault/audit"
 	"github.com/hashicorp/vault/builtin/credential/approle"
-	"github.com/hashicorp/vault/internal/observability/event"
 	"github.com/hashicorp/vault/plugins/database/mysql"
 	"github.com/hashicorp/vault/sdk/framework"
 	"github.com/hashicorp/vault/sdk/helper/consts"
-	"github.com/hashicorp/vault/sdk/helper/salt"
 	"github.com/hashicorp/vault/sdk/logical"
 	"github.com/mitchellh/go-testing-interface"
 )
 
-var (
-	_ audit.Backend    = (*NoopAudit)(nil)
-	_ eventlogger.Node = (*noopWrapper)(nil)
-)
-
 var externalPlugins = []string{"transform", "kmip", "keymgmt"}
 
 // RetryUntil runs f until it returns a nil result or the timeout is reached.
@@ -217,324 +202,6 @@ func (m *mockBuiltinRegistry) DeprecationStatus(name string, pluginType consts.P
 	return consts.Unknown, false
 }
 
-func TestNoopAudit(t testing.T, path string, config map[string]string) *NoopAudit {
-	cfg := &audit.BackendConfig{
-		Config:    config,
-		MountPath: path,
-		Logger:    NewTestLogger(t),
-	}
-	n, err := NewNoopAudit(cfg)
-	if err != nil {
-		t.Fatal(err)
-	}
-	return n
-}
-
-// NoopHeaderFormatter can be used within no-op audit devices to do nothing when
-// it comes to only allow configured headers to appear in the result.
-// Whatever is passed in will be returned (nil becomes an empty map) in lowercase.
-type NoopHeaderFormatter struct{}
-
-// ApplyConfig implements the relevant interface to make NoopHeaderFormatter an audit.HeaderFormatter.
-func (f *NoopHeaderFormatter) ApplyConfig(_ context.Context, headers map[string][]string, _ audit.Salter) (result map[string][]string, retErr error) {
-	if len(headers) < 1 {
-		return map[string][]string{}, nil
-	}
-
-	// Make a copy of the incoming headers with everything lower so we can
-	// case-insensitively compare
-	lowerHeaders := make(map[string][]string, len(headers))
-	for k, v := range headers {
-		lowerHeaders[strings.ToLower(k)] = v
-	}
-
-	return lowerHeaders, nil
-}
-
-// NewNoopAudit should be used to create a NoopAudit as it handles creation of a
-// predictable salt and wraps eventlogger nodes so information can be retrieved on
-// what they've seen or formatted.
-func NewNoopAudit(config *audit.BackendConfig) (*NoopAudit, error) {
-	view := &logical.InmemStorage{}
-
-	// Create the salt with a known key for predictable hmac values.
-	se := &logical.StorageEntry{Key: "salt", Value: []byte("foo")}
-	err := view.Put(context.Background(), se)
-	if err != nil {
-		return nil, err
-	}
-
-	// Override the salt related config settings.
-	backendConfig := &audit.BackendConfig{
-		SaltView: view,
-		SaltConfig: &salt.Config{
-			HMAC:     sha256.New,
-			HMACType: "hmac-sha256",
-		},
-		Config:    config.Config,
-		MountPath: config.MountPath,
-	}
-
-	noopBackend := &NoopAudit{
-		Config:     backendConfig,
-		nodeIDList: make([]eventlogger.NodeID, 2),
-		nodeMap:    make(map[eventlogger.NodeID]eventlogger.Node, 2),
-	}
-
-	cfg, err := audit.NewFormatterConfig(&NoopHeaderFormatter{})
-	if err != nil {
-		return nil, err
-	}
-
-	formatterNodeID, err := event.GenerateNodeID()
-	if err != nil {
-		return nil, fmt.Errorf("error generating random NodeID for formatter node: %w", err)
-	}
-
-	formatterNode, err := audit.NewEntryFormatter(config.MountPath, cfg, noopBackend, config.Logger)
-	if err != nil {
-		return nil, fmt.Errorf("error creating formatter: %w", err)
-	}
-
-	// Wrap the formatting node, so we can get any bytes that were formatted etc.
-	wrappedFormatter := &noopWrapper{format: "json", node: formatterNode, backend: noopBackend}
-
-	noopBackend.nodeIDList[0] = formatterNodeID
-	noopBackend.nodeMap[formatterNodeID] = wrappedFormatter
-
-	sinkNode := event.NewNoopSink()
-	sinkNodeID, err := event.GenerateNodeID()
-	if err != nil {
-		return nil, fmt.Errorf("error generating random NodeID for sink node: %w", err)
-	}
-
-	noopBackend.nodeIDList[1] = sinkNodeID
-	noopBackend.nodeMap[sinkNodeID] = sinkNode
-
-	return noopBackend, nil
-}
-
-// NoopAuditFactory should be used when the test needs a way to access bytes that
-// have been formatted by the pipeline during audit requests.
-// The records parameter will be repointed to the one used within the pipeline.
-func NoopAuditFactory(records **[][]byte) audit.Factory {
-	return func(_ context.Context, config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
-		n, err := NewNoopAudit(config)
-		if err != nil {
-			return nil, err
-		}
-		if records != nil {
-			*records = &n.records
-		}
-
-		return n, nil
-	}
-}
-
-// noopWrapper is designed to wrap a formatter node in order to allow access to
-// bytes formatted, headers formatted and parts of the logical.LogInput.
-// Some older tests relied on being able to query this information so while those
-// tests stick around we should look after them.
-type noopWrapper struct {
-	format  string
-	node    eventlogger.Node
-	backend *NoopAudit
-}
-
-// NoopAuditEventListener is a callback used by noopWrapper.Process() to notify
-// of each received audit event.
-type NoopAuditEventListener func(*audit.AuditEvent)
-
-type NoopAudit struct {
-	Config *audit.BackendConfig
-
-	ReqErr         error
-	ReqAuth        []*logical.Auth
-	Req            []*logical.Request
-	ReqHeaders     []map[string][]string
-	ReqNonHMACKeys []string
-	ReqErrs        []error
-
-	RespErr            error
-	RespAuth           []*logical.Auth
-	RespReq            []*logical.Request
-	Resp               []*logical.Response
-	RespNonHMACKeys    [][]string
-	RespReqNonHMACKeys [][]string
-	RespErrs           []error
-	records            [][]byte
-	l                  sync.RWMutex
-	salt               *salt.Salt
-	saltMutex          sync.RWMutex
-
-	nodeIDList []eventlogger.NodeID
-	nodeMap    map[eventlogger.NodeID]eventlogger.Node
-
-	listener NoopAuditEventListener
-}
-
-// Process handles the contortions required by older test code to ensure behavior.
-// It will attempt to do some pre/post processing of the logical.LogInput that should
-// form part of the event's payload data, as well as capturing the resulting headers
-// that were formatted and track the overall bytes that a formatted event uses when
-// it's ready to head down the pipeline to the sink node (a noop for us).
-func (n *noopWrapper) Process(ctx context.Context, e *eventlogger.Event) (*eventlogger.Event, error) {
-	n.backend.l.Lock()
-	defer n.backend.l.Unlock()
-
-	var err error
-
-	// We're expecting audit events since this is an audit device.
-	a, ok := e.Payload.(*audit.AuditEvent)
-	if !ok {
-		return nil, errors.New("cannot parse payload as an audit event")
-	}
-
-	if n.backend.listener != nil {
-		n.backend.listener(a)
-	}
-
-	in := a.Data
-
-	// Depending on the type of the audit event (request or response) we need to
-	// track different things.
-	switch a.Subtype {
-	case audit.RequestType:
-		n.backend.ReqAuth = append(n.backend.ReqAuth, in.Auth)
-		n.backend.Req = append(n.backend.Req, in.Request)
-		n.backend.ReqNonHMACKeys = in.NonHMACReqDataKeys
-		n.backend.ReqErrs = append(n.backend.ReqErrs, in.OuterErr)
-
-		if n.backend.ReqErr != nil {
-			return nil, n.backend.ReqErr
-		}
-	case audit.ResponseType:
-		n.backend.RespAuth = append(n.backend.RespAuth, in.Auth)
-		n.backend.RespReq = append(n.backend.RespReq, in.Request)
-		n.backend.Resp = append(n.backend.Resp, in.Response)
-		n.backend.RespErrs = append(n.backend.RespErrs, in.OuterErr)
-
-		if in.Response != nil {
-			n.backend.RespNonHMACKeys = append(n.backend.RespNonHMACKeys, in.NonHMACRespDataKeys)
-			n.backend.RespReqNonHMACKeys = append(n.backend.RespReqNonHMACKeys, in.NonHMACReqDataKeys)
-		}
-
-		if n.backend.RespErr != nil {
-			return nil, n.backend.RespErr
-		}
-	default:
-		return nil, fmt.Errorf("unknown audit event type: %q", a.Subtype)
-	}
-
-	// Once we've taken note of the relevant properties of the event, we get the
-	// underlying (wrapped) node to process it as normal.
-	e, err = n.node.Process(ctx, e)
-	if err != nil {
-		return nil, fmt.Errorf("error processing wrapped node: %w", err)
-	}
-
-	// Once processing has been carried out, the underlying node (a formatter node)
-	// should contain the output ready for the sink node. We'll get that in order
-	// to track how many bytes we formatted.
-	b, ok := e.Format(n.format)
-	if ok {
-		n.backend.records = append(n.backend.records, b)
-	}
-
-	// Finally, the last bit of post-processing is to make sure that we track the
-	// formatted headers that would have made it to the logs via the sink node.
-	// They only appear in requests.
-	if a.Subtype == audit.RequestType {
-		reqEntry := &audit.RequestEntry{}
-		err = json.Unmarshal(b, &reqEntry)
-		if err != nil {
-			return nil, fmt.Errorf("unable to parse formatted audit entry data: %w", err)
-		}
-
-		n.backend.ReqHeaders = append(n.backend.ReqHeaders, reqEntry.Request.Headers)
-	}
-
-	// Return the event and no error in order to let the pipeline continue on.
-	return e, nil
-}
-
-func (n *noopWrapper) Reopen() error {
-	return n.node.Reopen()
-}
-
-func (n *noopWrapper) Type() eventlogger.NodeType {
-	return n.node.Type()
-}
-
-// LogTestMessage will manually crank the handle on the nodes associated with this backend.
-func (n *NoopAudit) LogTestMessage(ctx context.Context, in *logical.LogInput) error {
-	if len(n.nodeIDList) > 0 {
-		return audit.ProcessManual(ctx, in, n.nodeIDList, n.nodeMap)
-	}
-
-	return nil
-}
-
-func (n *NoopAudit) Salt(ctx context.Context) (*salt.Salt, error) {
-	n.saltMutex.RLock()
-	if n.salt != nil {
-		defer n.saltMutex.RUnlock()
-		return n.salt, nil
-	}
-	n.saltMutex.RUnlock()
-	n.saltMutex.Lock()
-	defer n.saltMutex.Unlock()
-	if n.salt != nil {
-		return n.salt, nil
-	}
-	s, err := salt.NewSalt(ctx, n.Config.SaltView, n.Config.SaltConfig)
-	if err != nil {
-		return nil, err
-	}
-	n.salt = s
-	return s, nil
-}
-
-func (n *NoopAudit) GetHash(ctx context.Context, data string) (string, error) {
-	s, err := n.Salt(ctx)
-	if err != nil {
-		return "", err
-	}
-	return s.GetIdentifiedHMAC(data), nil
-}
-
-func (n *NoopAudit) Reload(_ context.Context) error {
-	return nil
-}
-
-func (n *NoopAudit) Invalidate(_ context.Context) {
-	n.saltMutex.Lock()
-	defer n.saltMutex.Unlock()
-	n.salt = nil
-}
-
-// RegisterNodesAndPipeline registers the nodes and a pipeline as required by
-// the audit.Backend interface.
-func (n *NoopAudit) RegisterNodesAndPipeline(broker *eventlogger.Broker, name string) error {
-	for id, node := range n.nodeMap {
-		if err := broker.RegisterNode(id, node); err != nil {
-			return err
-		}
-	}
-
-	pipeline := eventlogger.Pipeline{
-		PipelineID: eventlogger.PipelineID(name),
-		EventType:  event.AuditType.AsEventType(),
-		NodeIDs:    n.nodeIDList,
-	}
-
-	return broker.RegisterPipeline(pipeline)
-}
-
-func (n *NoopAudit) SetListener(listener NoopAuditEventListener) {
-	n.listener = listener
-}
-
 type TestLogger struct {
 	hclog.InterceptLogger
 	Path string
@@ -598,27 +265,3 @@ func NewTestLogger(t testing.T) *TestLogger {
 func (tl *TestLogger) StopLogging() {
 	tl.InterceptLogger.DeregisterSink(tl.sink)
 }
-
-func (n *NoopAudit) EventType() eventlogger.EventType {
-	return event.AuditType.AsEventType()
-}
-
-func (n *NoopAudit) HasFiltering() bool {
-	return false
-}
-
-func (n *NoopAudit) Name() string {
-	return n.Config.MountPath
-}
-
-func (n *NoopAudit) Nodes() map[eventlogger.NodeID]eventlogger.Node {
-	return n.nodeMap
-}
-
-func (n *NoopAudit) NodeIDs() []eventlogger.NodeID {
-	return n.nodeIDList
-}
-
-func (n *NoopAudit) IsFallback() bool {
-	return false
-}

helper/testhelpers/teststorage/teststorage.go

@@ -20,7 +20,6 @@ import (
 	logicalDb "github.com/hashicorp/vault/builtin/logical/database"
 	"github.com/hashicorp/vault/builtin/plugin"
 	"github.com/hashicorp/vault/helper/namespace"
-	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
 	vaulthttp "github.com/hashicorp/vault/http"
 	"github.com/hashicorp/vault/internalshared/configutil"
 	"github.com/hashicorp/vault/physical/raft"
@@ -324,7 +323,7 @@ func ClusterSetup(conf *vault.CoreConfig, opts *vault.TestClusterOptions, setup
 			"file":   auditFile.Factory,
 			"socket": auditSocket.Factory,
 			"syslog": auditSyslog.Factory,
-			"noop":   corehelpers.NoopAuditFactory(nil),
+			"noop":   audit.NoopAuditFactory(nil),
 		}
 	}
 

http/logical_test.go

@@ -569,10 +569,10 @@ func TestLogical_RespondWithStatusCode(t *testing.T) {
 
 func TestLogical_Audit_invalidWrappingToken(t *testing.T) {
 	// Create a noop audit backend
-	noop := corehelpers.TestNoopAudit(t, "noop/", nil)
+	noop := audit.TestNoopAudit(t, "noop/", nil)
 	c, _, root := vault.TestCoreUnsealedWithConfig(t, &vault.CoreConfig{
 		AuditBackends: map[string]audit.Factory{
-			"noop": func(ctx context.Context, config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
+			"noop": func(config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
 				return noop, nil
 			},
 		},

http/sys_generate_root_test.go

@@ -231,7 +231,7 @@ func testCoreUnsealedWithAudit(t *testing.T, records **[][]byte) (*vault.Core, [
 	conf := &vault.CoreConfig{
 		BuiltinRegistry: corehelpers.NewMockBuiltinRegistry(),
 		AuditBackends: map[string]audit.Factory{
-			"noop": corehelpers.NoopAuditFactory(records),
+			"noop": audit.NoopAuditFactory(records),
 		},
 	}
 	core, keys, token := vault.TestCoreUnsealedWithConfig(t, conf)

vault/audit.go

@@ -545,15 +545,13 @@ func (c *Core) newAuditBackend(ctx context.Context, entry *MountEntry, view logi
 	}
 	auditLogger := c.baseLogger.Named("audit")
 
-	be, err := f(
+	be, err := f(&audit.BackendConfig{
-		ctx, &audit.BackendConfig{
+		SaltView:   view,
-			SaltView:   view,
+		SaltConfig: saltConfig,
-			SaltConfig: saltConfig,
+		Config:     conf,
-			Config:     conf,
+		MountPath:  entry.Path,
-			MountPath:  entry.Path,
+		Logger:     auditLogger,
-			Logger:     auditLogger,
+	}, c.auditedHeaders)
-		},
-		c.auditedHeaders)
 	if err != nil {
 		return nil, fmt.Errorf("unable to create new audit backend: %w", err)
 	}
@@ -576,7 +574,7 @@ func (c *Core) newAuditBackend(ctx context.Context, entry *MountEntry, view logi
 
 		c.reloadFuncs[key] = append(c.reloadFuncs[key], func() error {
 			auditLogger.Info("reloading file audit backend", "path", entry.Path)
-			return be.Reload(ctx)
+			return be.Reload()
 		})
 
 		c.reloadFuncsLock.Unlock()

vault/audit_broker_test.go

@@ -47,7 +47,7 @@ func testAuditBackend(t *testing.T, path string, config map[string]string) audit
 		MountPath: path,
 	}
 
-	be, err := syslog.Factory(context.Background(), cfg, headersCfg)
+	be, err := syslog.Factory(cfg, headersCfg)
 	require.NoError(t, err)
 	require.NotNil(t, be)
 
@@ -118,7 +118,7 @@ func BenchmarkAuditBroker_File_Request_DevNull(b *testing.B) {
 		Logger:     hclog.NewNullLogger(),
 	}
 
-	sink, err := file.Factory(context.Background(), backendConfig, nil)
+	sink, err := file.Factory(backendConfig, nil)
 	require.NoError(b, err)
 
 	broker, err := NewAuditBroker(nil)

vault/audit_test.go

@@ -18,7 +18,6 @@ import (
 	"github.com/hashicorp/vault/audit"
 	"github.com/hashicorp/vault/helper/constants"
 	"github.com/hashicorp/vault/helper/namespace"
-	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
 	"github.com/hashicorp/vault/sdk/helper/jsonutil"
 	"github.com/hashicorp/vault/sdk/helper/logging"
 	"github.com/hashicorp/vault/sdk/logical"
@@ -28,16 +27,16 @@ import (
 
 func TestAudit_ReadOnlyViewDuringMount(t *testing.T) {
 	c, _, _ := TestCoreUnsealed(t)
-	c.auditBackends["noop"] = func(ctx context.Context, config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
+	c.auditBackends["noop"] = func(config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
-		err := config.SaltView.Put(ctx, &logical.StorageEntry{
+		err := config.SaltView.Put(context.Background(), &logical.StorageEntry{
 			Key:   "bar",
 			Value: []byte("baz"),
 		})
 		if err == nil || !strings.Contains(err.Error(), logical.ErrSetupReadOnly.Error()) {
 			t.Fatalf("expected a read-only error")
 		}
-		factory := corehelpers.NoopAuditFactory(nil)
+		factory := audit.NoopAuditFactory(nil)
-		return factory(ctx, config, nil)
+		return factory(config, nil)
 	}
 
 	me := &MountEntry{
@@ -53,7 +52,7 @@ func TestAudit_ReadOnlyViewDuringMount(t *testing.T) {
 
 func TestCore_EnableAudit(t *testing.T) {
 	c, keys, _ := TestCoreUnsealed(t)
-	c.auditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	c.auditBackends["noop"] = audit.NoopAuditFactory(nil)
 
 	me := &MountEntry{
 		Table: auditTableType,
@@ -74,7 +73,7 @@ func TestCore_EnableAudit(t *testing.T) {
 		AuditBackends: make(map[string]audit.Factory),
 		DisableMlock:  true,
 	}
-	conf.AuditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	conf.AuditBackends["noop"] = audit.NoopAuditFactory(nil)
 	c2, err := NewCore(conf)
 	if err != nil {
 		t.Fatalf("err: %v", err)
@@ -103,8 +102,8 @@ func TestCore_EnableAudit(t *testing.T) {
 
 func TestCore_EnableAudit_MixedFailures(t *testing.T) {
 	c, _, _ := TestCoreUnsealed(t)
-	c.auditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	c.auditBackends["noop"] = audit.NoopAuditFactory(nil)
-	c.auditBackends["fail"] = func(ctx context.Context, config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
+	c.auditBackends["fail"] = func(config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
 		return nil, fmt.Errorf("failing enabling")
 	}
 
@@ -152,8 +151,8 @@ func TestCore_EnableAudit_MixedFailures(t *testing.T) {
 // correctly
 func TestCore_EnableAudit_Local(t *testing.T) {
 	c, _, _ := TestCoreUnsealed(t)
-	c.auditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	c.auditBackends["noop"] = audit.NoopAuditFactory(nil)
-	c.auditBackends["fail"] = func(ctx context.Context, config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
+	c.auditBackends["fail"] = func(config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
 		return nil, fmt.Errorf("failing enabling")
 	}
 
@@ -238,7 +237,7 @@ func TestCore_EnableAudit_Local(t *testing.T) {
 
 func TestCore_DisableAudit(t *testing.T) {
 	c, keys, _ := TestCoreUnsealed(t)
-	c.auditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	c.auditBackends["noop"] = audit.NoopAuditFactory(nil)
 
 	existed, err := c.disableAudit(namespace.RootContext(context.Background()), "foo", true)
 	if existed && err != nil {
@@ -346,8 +345,8 @@ func TestAuditBroker_LogRequest(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	a1 := corehelpers.TestNoopAudit(t, "foo", nil)
+	a1 := audit.TestNoopAudit(t, "foo", nil)
-	a2 := corehelpers.TestNoopAudit(t, "bar", nil)
+	a2 := audit.TestNoopAudit(t, "bar", nil)
 	err = b.Register("foo", a1, false)
 	require.NoError(t, err)
 	err = b.Register("bar", a2, false)
@@ -399,7 +398,7 @@ func TestAuditBroker_LogRequest(t *testing.T) {
 		t.Fatalf("err: %v", err)
 	}
 
-	for _, a := range []*corehelpers.NoopAudit{a1, a2} {
+	for _, a := range []*audit.NoopAudit{a1, a2} {
 		if !reflect.DeepEqual(a.ReqAuth[0], auth) {
 			t.Fatalf("Bad: %#v", a.ReqAuth[0])
 		}
@@ -435,8 +434,8 @@ func TestAuditBroker_LogResponse(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	a1 := corehelpers.TestNoopAudit(t, "foo", nil)
+	a1 := audit.TestNoopAudit(t, "foo", nil)
-	a2 := corehelpers.TestNoopAudit(t, "bar", nil)
+	a2 := audit.TestNoopAudit(t, "bar", nil)
 	err = b.Register("foo", a1, false)
 	require.NoError(t, err)
 	err = b.Register("bar", a2, false)
@@ -499,7 +498,7 @@ func TestAuditBroker_LogResponse(t *testing.T) {
 		t.Fatalf("err: %v", err)
 	}
 
-	for _, a := range []*corehelpers.NoopAudit{a1, a2} {
+	for _, a := range []*audit.NoopAudit{a1, a2} {
 		if !reflect.DeepEqual(a.RespAuth[0], auth) {
 			t.Fatalf("Bad: %#v", a.ReqAuth[0])
 		}
@@ -540,8 +539,8 @@ func TestAuditBroker_AuditHeaders(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	a1 := corehelpers.TestNoopAudit(t, "foo", nil)
+	a1 := audit.TestNoopAudit(t, "foo", nil)
-	a2 := corehelpers.TestNoopAudit(t, "bar", nil)
+	a2 := audit.TestNoopAudit(t, "bar", nil)
 
 	err = b.Register("foo", a1, false)
 	require.NoError(t, err)
@@ -589,7 +588,7 @@ func TestAuditBroker_AuditHeaders(t *testing.T) {
 		"x-vault-header": {"bar"},
 	}
 
-	for _, a := range []*corehelpers.NoopAudit{a1, a2} {
+	for _, a := range []*audit.NoopAudit{a1, a2} {
 		if !reflect.DeepEqual(a.ReqHeaders[0], expected) {
 			t.Fatalf("Bad audited headers: %#v", a.ReqHeaders[0])
 		}
@@ -710,7 +709,7 @@ func TestAudit_enableAudit(t *testing.T) {
 	defer cluster.Cleanup()
 
 	c := cluster.Cores[0]
-	c.auditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	c.auditBackends["noop"] = audit.NoopAuditFactory(nil)
 
 	me := &MountEntry{
 		Table:   auditTableType,
@@ -734,7 +733,7 @@ func TestAudit_newAuditBackend(t *testing.T) {
 	defer cluster.Cleanup()
 
 	c := cluster.Cores[0]
-	c.auditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	c.auditBackends["noop"] = audit.NoopAuditFactory(nil)
 
 	me := &MountEntry{
 		Table:   auditTableType,

vault/core_test.go

@@ -1543,11 +1543,11 @@ func TestCore_HandleLogin_Token(t *testing.T) {
 
 func TestCore_HandleRequest_AuditTrail(t *testing.T) {
 	// Create a noop audit backend
-	var noop *corehelpers.NoopAudit
+	var noop *audit.NoopAudit
 	c, _, root := TestCoreUnsealed(t)
-	c.auditBackends["noop"] = func(_ context.Context, config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
+	c.auditBackends["noop"] = func(config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
 		var err error
-		noop, err = corehelpers.NewNoopAudit(config)
+		noop, err = audit.NewNoopAudit(config)
 		return noop, err
 	}
 
@@ -1606,11 +1606,11 @@ func TestCore_HandleRequest_AuditTrail(t *testing.T) {
 
 func TestCore_HandleRequest_AuditTrail_noHMACKeys(t *testing.T) {
 	// Create a noop audit backend
-	var noop *corehelpers.NoopAudit
+	var noop *audit.NoopAudit
 	c, _, root := TestCoreUnsealed(t)
-	c.auditBackends["noop"] = func(_ context.Context, config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
+	c.auditBackends["noop"] = func(config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
 		var err error
-		noop, err = corehelpers.NewNoopAudit(config)
+		noop, err = audit.NewNoopAudit(config)
 		return noop, err
 	}
 
@@ -1709,7 +1709,7 @@ func TestCore_HandleRequest_AuditTrail_noHMACKeys(t *testing.T) {
 
 func TestCore_HandleLogin_AuditTrail(t *testing.T) {
 	// Create a badass credential backend that always logs in as armon
-	var noop *corehelpers.NoopAudit
+	var noop *audit.NoopAudit
 	noopBack := &NoopBackend{
 		Login: []string{"login"},
 		Response: &logical.Response{
@@ -1729,9 +1729,9 @@ func TestCore_HandleLogin_AuditTrail(t *testing.T) {
 	c.credentialBackends["noop"] = func(context.Context, *logical.BackendConfig) (logical.Backend, error) {
 		return noopBack, nil
 	}
-	c.auditBackends["noop"] = func(_ context.Context, config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
+	c.auditBackends["noop"] = func(config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
 		var err error
-		noop, err = corehelpers.NewNoopAudit(config)
+		noop, err = audit.NewNoopAudit(config)
 		return noop, err
 	}
 

vault/external_tests/identity/login_mfa_totp_test.go

@@ -17,7 +17,6 @@ import (
 	"github.com/hashicorp/vault/builtin/credential/userpass"
 	"github.com/hashicorp/vault/builtin/logical/totp"
 	"github.com/hashicorp/vault/helper/testhelpers"
-	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
 	vaulthttp "github.com/hashicorp/vault/http"
 	"github.com/hashicorp/vault/sdk/logical"
 	"github.com/hashicorp/vault/vault"
@@ -51,7 +50,7 @@ func doTwoPhaseLogin(t *testing.T, client *api.Client, totpCodePath, methodID, u
 }
 
 func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) {
-	noop := corehelpers.TestNoopAudit(t, "noop/", nil)
+	noop := audit.TestNoopAudit(t, "noop/", nil)
 
 	cluster := vault.NewTestCluster(t, &vault.CoreConfig{
 		CredentialBackends: map[string]logical.Factory{
@@ -61,7 +60,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) {
 			"totp": totp.Factory,
 		},
 		AuditBackends: map[string]audit.Factory{
-			"noop": func(ctx context.Context, config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
+			"noop": func(config *audit.BackendConfig, _ audit.HeaderFormatter) (audit.Backend, error) {
 				return noop, nil
 			},
 		},

vault/external_tests/router/router_ext_test.go

@@ -12,7 +12,6 @@ import (
 	"github.com/hashicorp/vault/api"
 	"github.com/hashicorp/vault/audit"
 	"github.com/hashicorp/vault/helper/testhelpers"
-	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
 	"github.com/hashicorp/vault/helper/testhelpers/minimal"
 	vaulthttp "github.com/hashicorp/vault/http"
 	"github.com/hashicorp/vault/sdk/logical"
@@ -95,7 +94,7 @@ func TestWellKnownRedirect_HA(t *testing.T) {
 	var records *[][]byte
 	cluster := vault.NewTestCluster(t, &vault.CoreConfig{
 		AuditBackends: map[string]audit.Factory{
-			"noop": corehelpers.NoopAuditFactory(&records),
+			"noop": audit.NoopAuditFactory(&records),
 		},
 		DisablePerformanceStandby: true,
 		LogicalBackends: map[string]logical.Factory{

vault/logical_system_test.go

@@ -25,6 +25,7 @@ import (
 	wrapping "github.com/hashicorp/go-kms-wrapping/v2"
 	aeadwrapper "github.com/hashicorp/go-kms-wrapping/wrappers/aead/v2"
 	"github.com/hashicorp/go-uuid"
+	"github.com/hashicorp/vault/audit"
 	credUserpass "github.com/hashicorp/vault/builtin/credential/userpass"
 	"github.com/hashicorp/vault/helper/builtinplugins"
 	"github.com/hashicorp/vault/helper/experiments"
@@ -2667,7 +2668,7 @@ func TestSystemBackend_policyCRUD(t *testing.T) {
 
 func TestSystemBackend_enableAudit(t *testing.T) {
 	c, b, _ := testCoreSystemBackend(t)
-	c.auditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	c.auditBackends["noop"] = audit.NoopAuditFactory(nil)
 
 	req := logical.TestRequest(t, logical.UpdateOperation, "audit/foo")
 	req.Data["type"] = "noop"
@@ -2737,7 +2738,7 @@ func TestSystemBackend_decodeToken(t *testing.T) {
 
 func TestSystemBackend_auditHash(t *testing.T) {
 	c, b, _ := testCoreSystemBackend(t)
-	c.auditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	c.auditBackends["noop"] = audit.NoopAuditFactory(nil)
 
 	req := logical.TestRequest(t, logical.UpdateOperation, "audit/foo")
 	req.Data["type"] = "noop"
@@ -2799,7 +2800,7 @@ func TestSystemBackend_enableAudit_invalid(t *testing.T) {
 
 func TestSystemBackend_auditTable(t *testing.T) {
 	c, b, _ := testCoreSystemBackend(t)
-	c.auditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	c.auditBackends["noop"] = audit.NoopAuditFactory(nil)
 
 	req := logical.TestRequest(t, logical.UpdateOperation, "audit/foo")
 	req.Data["type"] = "noop"
@@ -2834,7 +2835,7 @@ func TestSystemBackend_auditTable(t *testing.T) {
 
 func TestSystemBackend_disableAudit(t *testing.T) {
 	c, b, _ := testCoreSystemBackend(t)
-	c.auditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	c.auditBackends["noop"] = audit.NoopAuditFactory(nil)
 
 	req := logical.TestRequest(t, logical.UpdateOperation, "audit/foo")
 	req.Data["type"] = "noop"

vault/mount_test.go

@@ -13,6 +13,7 @@ import (
 
 	"github.com/armon/go-metrics"
 	"github.com/go-test/deep"
+	"github.com/hashicorp/vault/audit"
 	"github.com/hashicorp/vault/helper/metricsutil"
 	"github.com/hashicorp/vault/helper/namespace"
 	"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
@@ -721,7 +722,7 @@ func TestDefaultMountTable(t *testing.T) {
 
 func TestCore_MountTable_UpgradeToTyped(t *testing.T) {
 	c, _, _ := TestCoreUnsealed(t)
-	c.auditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+	c.auditBackends["noop"] = audit.NoopAuditFactory(nil)
 
 	me := &MountEntry{
 		Table: auditTableType,

vault/testing.go

@@ -273,7 +273,7 @@ func TestCoreWithSealAndUINoCleanup(t testing.T, opts *CoreConfig) *Core {
 func testCoreConfig(t testing.T, physicalBackend physical.Backend, logger log.Logger) *CoreConfig {
 	t.Helper()
 	noopAudits := map[string]audit.Factory{
-		"noop": corehelpers.NoopAuditFactory(nil),
+		"noop": audit.NoopAuditFactory(nil),
 	}
 
 	noopBackends := make(map[string]logical.Factory)
@@ -1539,7 +1539,7 @@ func NewTestCluster(t testing.T, base *CoreConfig, opts *TestClusterOptions) *Te
 
 	addAuditBackend := len(coreConfig.AuditBackends) == 0
 	if addAuditBackend {
-		coreConfig.AuditBackends["noop"] = corehelpers.NoopAuditFactory(nil)
+		coreConfig.AuditBackends["noop"] = audit.NoopAuditFactory(nil)
 	}
 
 	if coreConfig.Physical == nil && (opts == nil || opts.PhysicalFactory == nil) {