semgrep: Add replication-has-state and fix findings (#17179)

2025-10-29 17:52:32 +00:00 · 2022-09-19 08:15:27 -04:00
parent 5ac5eb6f9d
commit 585abb2cac
4 changed files with 64 additions and 6 deletions
--- a/tools/semgrep/replication-has-state.yml
+++ b/tools/semgrep/replication-has-state.yml
@@ -0,0 +1,58 @@
+rules:
+  - id: replication-state-should-use-IsPerfSecondary
+    patterns:
+      - pattern: |
+            $CORE.ReplicationState().HasState(consts.ReplicationPerformanceSecondary)
+      # Not the defining function
+      - pattern-not-inside: |
+            func ($CORE *Core) IsPerfSecondary() bool {
+               ...
+            }
+      # Not a call to System()
+      - pattern-not: |
+            $BACKEND.System().ReplicationState().HasState(consts.ReplicationPerformanceSecondary)
+      - pattern-not: |
+            $IDENTITYSTORE.localNode.ReplicationState().HasState(consts.ReplicationPerformanceSecondary)
+    message: "Consider replacing ReplicationState().HasState(...) with IsPerfSecondary()"
+    languages: [go]
+    severity: WARNING
+    fix: $CORE.IsPerfSecondary()
+
+  - id: replication-state-should-use-IsDrSecondar
+    patterns:
+      - pattern: |
+            $CORE.ReplicationState().HasState(consts.ReplicationDRSecondary)
+      # Not the defining function
+      - pattern-not-inside: |
+            func ($CORE *Core) IsDRSecondary() bool {
+               ...
+            }
+      # Not a call to System()
+      - pattern-not: |
+            $BACKEND.System().ReplicationState().HasState(consts.ReplicationDRSecondary)
+      - pattern-not: |
+            $IDENTITYSTORE.localNode.ReplicationState().HasState(consts.ReplicationDRSecondary)
+    message: "Consider replacing ReplicationState().HasState(...) with IsDRSecondary()"
+    languages: [go]
+    severity: WARNING
+    fix: $CORE.IsDRSecondary()
+
+  - id: replication-state-in-handler-op
+    patterns:
+      - pattern: |
+            $B.System().ReplicationState().HasState($STATE)
+      - pattern-inside: |
+            func ($T $TYPE) $FUNC($CTX context.Context, $REQ *logical.Request, $D *framework.FieldData) (*logical.Response, error) {
+               ...
+            }
+    message: "Consider using frameworks ForwardPerformance* setting"
+    languages: [go]
+    severity: WARNING
+
+  - id: replication-state-bad-logic
+    patterns:
+      - pattern: |
+            b.System().LocalMount() || !b.System().ReplicationState().HasState(<... consts.ReplicationPerformanceStandby ...>)
+    message: "Invalid replication state handling of local mounts"
+    languages: [go]
+    severity: ERROR
--- a/vault/auth.go
+++ b/vault/auth.go
@@ -329,14 +329,14 @@ func (c *Core) disableCredentialInternal(ctx context.Context, path string, updat
 			return err
 		}

-	case entry.Local, !c.ReplicationState().HasState(consts.ReplicationPerformanceSecondary):
+	case entry.Local, !c.IsPerfSecondary():
 		// Have writable storage, remove the whole thing
 		if err := logical.ClearViewWithLogging(ctx, view, c.logger.Named("auth.deletion").With("namespace", ns.ID, "path", path)); err != nil {
 			c.logger.Error("failed to clear view for path being unmounted", "error", err, "path", path)
 			return err
 		}

-	case !entry.Local && c.ReplicationState().HasState(consts.ReplicationPerformanceSecondary):
+	case !entry.Local && c.IsPerfSecondary():
 		if err := clearIgnoredPaths(ctx, c, backend, viewPath); err != nil {
 			return err
 		}
--- a/vault/core_metrics.go
+++ b/vault/core_metrics.go
@@ -122,7 +122,7 @@ func (c *Core) metricsLoop(stopCh chan struct{}) {
 			}
 			// Ship barrier encryption counts if a perf standby or the active node
 			// on a performance secondary cluster
-			if c.perfStandby || c.ReplicationState().HasState(consts.ReplicationPerformanceSecondary) { // already have lock here, do not re-acquire
+			if c.perfStandby || c.IsPerfSecondary() { // already have lock here, do not re-acquire
 				err := syncBarrierEncryptionCounter(c)
 				if err != nil {
 					c.logger.Error("writing syncing encryption counters", "err", err)
--- a/vault/mount.go
+++ b/vault/mount.go
@@ -812,14 +812,14 @@ func (c *Core) unmountInternal(ctx context.Context, path string, updateStorage b
 			return err
 		}

-	case entry.Local, !c.ReplicationState().HasState(consts.ReplicationPerformanceSecondary):
+	case entry.Local, !c.IsPerfSecondary():
 		// Have writable storage, remove the whole thing
 		if err := logical.ClearViewWithLogging(ctx, view, c.logger.Named("secrets.deletion").With("namespace", ns.ID, "path", path)); err != nil {
 			c.logger.Error("failed to clear view for path being unmounted", "error", err, "path", path)
 			return err
 		}

-	case !entry.Local && c.ReplicationState().HasState(consts.ReplicationPerformanceSecondary):
+	case !entry.Local && c.IsPerfSecondary():
 		if err := clearIgnoredPaths(ctx, c, backend, viewPath); err != nil {
 			return err
 		}
@@ -1233,7 +1233,7 @@ func (c *Core) runMountUpdates(ctx context.Context, needPersist bool) error {
 		// ensure this comes over. If we upgrade first, we simply don't
 		// create the mount, so we won't conflict when we sync. If this is
 		// local (e.g. cubbyhole) we do still add it.
-		if !foundRequired && (!c.ReplicationState().HasState(consts.ReplicationPerformanceSecondary) || requiredMount.Local) {
+		if !foundRequired && (!c.IsPerfSecondary() || requiredMount.Local) {
 			c.mounts.Entries = append(c.mounts.Entries, requiredMount)
 			needPersist = true
 		}