From 763095fec6c601bb94713e4d69d34730fc7c1ca0 Mon Sep 17 00:00:00 2001 From: Nick Cabatoff Date: Fri, 15 Dec 2023 08:59:29 -0500 Subject: [PATCH] Don't touch ActiveTime in preSeal/postUnseal (#24549) --- changelog/24549.txt | 3 +++ vault/core.go | 2 -- vault/ha.go | 2 ++ 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 changelog/24549.txt diff --git a/changelog/24549.txt b/changelog/24549.txt new file mode 100644 index 0000000000..6838b024c7 --- /dev/null +++ b/changelog/24549.txt @@ -0,0 +1,3 @@ +```release-note:bug +api: sys/leader ActiveTime field no longer gets reset when we do an internal state change that doesn't change our active status. +``` diff --git a/vault/core.go b/vault/core.go index 9d3bf06cbf..a04f52de79 100644 --- a/vault/core.go +++ b/vault/core.go @@ -2390,7 +2390,6 @@ func (s standardUnsealStrategy) unseal(ctx context.Context, logger log.Logger, c // Mark the active time. We do this first so it can be correlated to the logs // for the active startup. - c.activeTime = time.Now().UTC() if err := postUnsealPhysical(c); err != nil { return err @@ -2766,7 +2765,6 @@ func (c *Core) preSeal() error { } // Clear any pending funcs c.postUnsealFuncs = nil - c.activeTime = time.Time{} // Clear any rekey progress c.barrierRekeyConfig = nil diff --git a/vault/ha.go b/vault/ha.go index ba2b490457..e81787e7e9 100644 --- a/vault/ha.go +++ b/vault/ha.go @@ -663,6 +663,7 @@ func (c *Core) waitForLeadership(newLeaderCh chan func(), manualStepDownCh, stop err = c.postUnseal(activeCtx, activeCtxCancel, standardUnsealStrategy{}) if err == nil { c.standby = false + c.activeTime = time.Now() c.leaderUUID = uuid c.metricSink.SetGaugeWithLabels([]string{"core", "active"}, 1, nil) } @@ -715,6 +716,7 @@ func (c *Core) waitForLeadership(newLeaderCh chan func(), manualStepDownCh, stop // Mark as standby c.standby = true + c.activeTime = time.Time{} c.leaderUUID = "" c.metricSink.SetGaugeWithLabels([]string{"core", "active"}, 0, nil)