* Refactor sign-intermediate API response
- Allow the sign-intermediate response handling code to be shared
across different API calls.
* Add missing cieps.go
* add hashfunc field to EntryFormatter struct and adjust NewEntryFormatter function and tests
* add HeaderAdjuster interface and require it in EntryFormatter
* adjust all references to NewEntryFormatter to include a HeaderAdjuster parameter
* replace use of hash function in AuditedHeadersConfig's ApplyConfig method with Salter interface instance
* export audit.NewEvent function and adjust function signature
* add eventlogger based handling in LogRequest
* adjust eventlogger.Broker according to number of backends
* record auditing metrics
* only send events if a pipeline is registered
* remove TODO comments
* remove unused struct and method
* move setup of audited headers earlier into Core's initialization
* adjust entry_formatter to properly handle request headers
* protect against potential segmentation fault
* moved common code out of both switch cases
* protect against case where a.Data.Request or a.Data.Request.Headers is nil
---------
Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
* Automatically track subloggers in allLoggers
This PR introduces a new interface called `SubloggerAdder` for tracking
allLoggers across startup phases.
The interface enables us to register a single `SubloggerHook` during
initial logger creation and hand off management of `allLoggers` during
the three phases we need to handle:
- Before `CoreConfig` is created, the `SubloggerHook`
(`AppendToAllLoggers`) appends new subloggers to
`ServerCommand.allLoggers`.
- After `CoreConfig` is created and before `NewCore` returns, new subloggers
are added to `CoreConfig.AllLoggers`. Intermediate state must also be
kept in sync within NewCore to track new subloggers before we return
to the server command and register the `Core.SubloggerAdder`
implementation.
- After `NewCore` returns to the server command, we register Core as the
implementer of `ServerCommand.SubloggerAdder` ensuring that all new
subloggers are appended to `Core.allLoggers`.
* Wire up the sublogger hook in NewTestLogger
* Ignore errors from rollback manager invocations
During reload and mount move operations, we want to ensure that errors
created by the final Rollback are not fatal (which risk failing
replication in Enterprise when the core/mounts table gets invalidated).
This mirrors the behavior of the periodic rollback manager, which
only logs the error.
This updates the noop backend to allow failing just rollback operations,
which we can use in tests to verify this behavior and ensure the core
operations (plugin reload, plugin move, and seal/unseal) are not broken
by this. Note that most of these operations were asynchronous from the
client's PoV and thus did not fail anyways prior to this change.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update vault/external_tests/router/router_ext_test.go
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
- The Golang ACME library will retry on failures until the passed in
context times out. So if a test is broken it will never end until
the context expires.
- The timeouts are rather large to avoid some issues with slow CI
runners, that have already triggered on a nightly 32 bit run
* Use Hashicorp docker proxy for CI docker images
* Use library/consul as the mirror path instead of hashicorp/consul
- Looks like the older 1.4.4 image was not published within the
hashicorp/consul space, only newer images are.
- Switch to library/consul which seems to have both versions
* Replace older version text with tag links
* Split out v0 changelog
* Split out pre v1.10 changelog
* Link to previous versions
* fix newline
* add minor bumps
---------
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
