diff --git a/command/server.go b/command/server.go index 476c1f6fb9..103294942e 100644 --- a/command/server.go +++ b/command/server.go @@ -1121,6 +1121,13 @@ func (c *ServerCommand) Run(args []string) int { } } + if envLicensePath := os.Getenv("VAULT_LICENSE_PATH"); envLicensePath != "" { + config.LicensePath = envLicensePath + } + if envLicense := os.Getenv("VAULT_LICENSE"); envLicense != "" { + config.License = envLicense + } + // If mlockall(2) isn't supported, show a warning. We disable this in dev // because it is quite scary to see when first using Vault. We also disable // this if the user has explicitly disabled mlock in configuration. @@ -1318,6 +1325,8 @@ func (c *ServerCommand) Run(args []string) int { SecureRandomReader: secureRandomReader, EnableResponseHeaderHostname: config.EnableResponseHeaderHostname, EnableResponseHeaderRaftNodeID: config.EnableResponseHeaderRaftNodeID, + License: config.License, + LicensePath: config.LicensePath, } if c.flagDev { coreConfig.EnableRaw = true diff --git a/command/server/config.go b/command/server/config.go index 63074289a1..744f57c035 100644 --- a/command/server/config.go +++ b/command/server/config.go @@ -76,6 +76,9 @@ type Config struct { EnableResponseHeaderRaftNodeID bool `hcl:"-"` EnableResponseHeaderRaftNodeIDRaw interface{} `hcl:"enable_response_header_raft_node_id"` + + License string `hcl:"-"` + LicensePath string `hcl:"license_path"` } const ( @@ -276,6 +279,11 @@ func (c *Config) Merge(c2 *Config) *Config { result.EnableResponseHeaderRaftNodeID = c2.EnableResponseHeaderRaftNodeID } + result.LicensePath = c.LicensePath + if c2.LicensePath != "" { + result.LicensePath = c2.LicensePath + } + // Use values from top-level configuration for storage if set if storage := result.Storage; storage != nil { if result.APIAddr != "" { diff --git a/command/server/config_oss_test.go b/command/server/config_oss_test.go new file mode 100644 index 0000000000..6f466ddf6d --- /dev/null +++ b/command/server/config_oss_test.go @@ -0,0 +1,19 @@ +// +build !enterprise + +package server + +import ( + "testing" +) + +func TestLoadConfigFile_topLevel(t *testing.T) { + testLoadConfigFile_topLevel(t, nil) +} + +func TestLoadConfigFile_json2(t *testing.T) { + testLoadConfigFile_json2(t, nil) +} + +func TestParseEntropy(t *testing.T) { + testParseEntropy(t, true) +} diff --git a/command/server/config_test.go b/command/server/config_test.go index dda4e7821f..db6364c83e 100644 --- a/command/server/config_test.go +++ b/command/server/config_test.go @@ -1,5 +1,3 @@ -// +build !enterprise - package server import ( @@ -10,18 +8,10 @@ func TestLoadConfigFile(t *testing.T) { testLoadConfigFile(t) } -func TestLoadConfigFile_topLevel(t *testing.T) { - testLoadConfigFile_topLevel(t, nil) -} - func TestLoadConfigFile_json(t *testing.T) { testLoadConfigFile_json(t) } -func TestLoadConfigFile_json2(t *testing.T) { - testLoadConfigFile_json2(t, nil) -} - func TestLoadConfigFileIntegerAndBooleanValues(t *testing.T) { testLoadConfigFileIntegerAndBooleanValues(t) } @@ -46,10 +36,6 @@ func TestParseListeners(t *testing.T) { testParseListeners(t) } -func TestParseEntropy(t *testing.T) { - testParseEntropy(t, true) -} - func TestConfigRaftRetryJoin(t *testing.T) { testConfigRaftRetryJoin(t) } diff --git a/command/server/config_test_helpers.go b/command/server/config_test_helpers.go index 5b8f2f03b4..1f3a4dfd5f 100644 --- a/command/server/config_test_helpers.go +++ b/command/server/config_test_helpers.go @@ -448,6 +448,8 @@ func testLoadConfigFile(t *testing.T) { EnableResponseHeaderHostnameRaw: true, EnableResponseHeaderRaftNodeID: true, EnableResponseHeaderRaftNodeIDRaw: true, + + LicensePath: "/path/to/license", } addExpectedEntConfig(expected, []string{}) diff --git a/command/server/test-fixtures/config.hcl b/command/server/test-fixtures/config.hcl index d9ec982856..271291f1eb 100644 --- a/command/server/test-fixtures/config.hcl +++ b/command/server/test-fixtures/config.hcl @@ -47,4 +47,5 @@ raw_storage_endpoint = true disable_sealwrap = true disable_printable_check = true enable_response_header_hostname = true -enable_response_header_raft_node_id = true \ No newline at end of file +enable_response_header_raft_node_id = true +license_path = "/path/to/license" \ No newline at end of file diff --git a/vault/core.go b/vault/core.go index e75cebced8..464eb7c203 100644 --- a/vault/core.go +++ b/vault/core.go @@ -648,6 +648,8 @@ type CoreConfig struct { ReloadFuncsLock *sync.RWMutex // Licensing + License string + LicensePath string LicensingConfig *LicensingConfig // Don't set this unless in dev mode, ideally only when using inmem DevLicenseDuration time.Duration