vault

mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-02 03:27:54 +00:00

Author	SHA1	Message	Date
Anton Averchenkov	bc9a39a2f1	agent: Fix bug with early exits during restarts (#20950 )	2023-06-02 09:05:13 -04:00
Daniel Huckins	a5a49cde3f	agent: Prevent multiple restarts of child process in supervisor mode (#20940 ) * try timer Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * add to config Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * add test to verify behavior * remove closer func -- it was causing a race condition * Revert "add to config" This reverts commit 1de6af0ff676029e290cc42a0bb2b7e6f597d1a6. * rename variables, add comment * comment * comment re debounce timer * don't skip tests * fix comment * formatting * formatting --------- Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> Co-authored-by: Anton Averchenkov <anton.averchenkov@hashicorp.com>	2023-06-01 19:55:50 -04:00
Anton Averchenkov	8fe7076c02	agent: Allow for a 'cache' stanza in environment template configuration (#20918 )	2023-06-01 19:01:55 +00:00
Anton Averchenkov	e4c19ac0af	agent: Fix bug with 'cache' stanza validation (#20934 )	2023-06-01 18:08:04 +00:00
Anton Averchenkov	9be2903a34	agent: Don't restart process unless environment variables changed (#20917 )	2023-06-01 10:57:45 -04:00
Anton Averchenkov	fe53c4684c	agent: Don't render templates to stdout in supervisor mode (#20884 )	2023-05-31 12:04:33 -04:00
Anton Averchenkov	21eccf8b8d	agent: Add agent process supervisor tests (#20741 )	2023-05-30 18:06:44 +00:00
Anton Averchenkov	7f2d3f2c5c	fix exitCh race condition (#20817 )	2023-05-30 12:23:51 -04:00
Daniel Huckins	a66074425d	agent: Add implementation for injecting secrets as environment variables to vault agent cmd (#20739 ) * added exec and env_template config/parsing * add tests * we can reuse ctconfig here * do not create a non-nil map * check defaults * Apply suggestions from code review Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * first go of exec server Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * convert to list Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * convert to list Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * sig test Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * add failing example Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * refactor for config changes Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * add test for invalid signal Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * account for auth token changes Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * only start the runner once we have a token * tests in diff branch Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * fix rename Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * Update command/agent/exec/exec.go Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * apply suggestions from code review Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * cleanup Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * remove unnecessary lock Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * refactor to use enum Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * dont block Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * handle default Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * make more explicit Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * cleanup Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * remove unused Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * remove unused file Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * remove test app Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * apply suggestions from code review Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * update comment Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * add changelog Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * new channel for exec server token * wire to run with vault agent Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * watch for child process to exit on its own Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * block before returning Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> --------- Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>	2023-05-25 09:23:56 -04:00
Daniel Huckins	17a1e78ffb	agent: Add implementation for injecting secrets as environment variables (#20628 ) * added exec and env_template config/parsing * add tests * we can reuse ctconfig here * do not create a non-nil map * check defaults * Apply suggestions from code review Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * first go of exec server Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * convert to list Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * convert to list Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * sig test Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * add failing example Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * refactor for config changes Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * add test for invalid signal Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * account for auth token changes Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * only start the runner once we have a token * tests in diff branch Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * fix rename Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * Update command/agent/exec/exec.go Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * apply suggestions from code review Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * cleanup Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * remove unnecessary lock Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * refactor to use enum Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * dont block Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * handle default Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * make more explicit Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * cleanup Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * remove unused Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * remove unused file Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * remove test app Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * apply suggestions from code review Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * update comment Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * add changelog Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * watch for child process to exit on its own Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> --------- Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>	2023-05-24 16:56:06 -04:00
Anton Averchenkov	a051ab443f	agent: Add logic to validate env_template entries (#20569 )	2023-05-23 18:37:08 +00:00
Márk Sági-Kazár	200f0c0e03	Upgrade go-jose library to v3 (#20559 ) * upgrade go-jose library to v3 Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * chore: fix unnecessary import alias Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * upgrade go-jose library to v2 in vault Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> --------- Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	2023-05-23 12:25:58 +00:00
Daniel Huckins	a86d8c4539	agent: Add support for parsing env_template configuration files (#20598 ) * added exec and env_template config/parsing * add tests * we can reuse ctconfig here * do not create a non-nil map * check defaults * Apply suggestions from code review Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> * convert to list Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * convert to list Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * sig test Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * add failing example Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * add test for invalid signal Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * Update command/agent/config/config.go * use latest consul-template * fix build * fix test * fix test fixtures * make fmt * test docs * rename file * env var -> environment variable * default to SIGTERM * empty line * explicit naming Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * clean typo Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * replace $ HOME with /home/username in examples * remove empty line --------- Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com> Co-authored-by: Anton Averchenkov <anton.averchenkov@hashicorp.com>	2023-05-19 18:11:41 -04:00
Violet Hynes	3d7d8f4965	VAULT-15547 Agent/proxy decoupling, take two (#20634 ) * VAULT-15547 Additional tests, refactoring, for proxy split * VAULT-15547 Additional tests, refactoring, for proxy split * VAULT-15547 Import reorganization * VAULT-15547 Some missed updates for PersistConfig * VAULT-15547 address comments * VAULT-15547 address comments	2023-05-19 13:17:48 -04:00
Violet Hynes	6b4b0f7aaf	VAULT-15547 First pass at agent/proxy decoupling (#20548 ) * VAULT-15547 First pass at agent/proxy decoupling * VAULT-15547 Fix some imports * VAULT-15547 cases instead of string.Title * VAULT-15547 changelog * VAULT-15547 Fix some imports * VAULT-15547 some more dependency updates * VAULT-15547 More dependency paths * VAULT-15547 godocs for tests * VAULT-15547 godocs for tests * VAULT-15547 test package updates * VAULT-15547 test packages * VAULT-15547 add proxy to test packages * VAULT-15547 gitignore * VAULT-15547 address comments * VAULT-15547 Some typos and small fixes	2023-05-17 09:38:34 -04:00
Daniel Huckins	d899c57125	move private function to internal pkg for sharing (#20531 ) * move private function to internal pkg for sharing * rename to mc Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> * rename to NewConfig Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com> --------- Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>	2023-05-15 10:55:28 -04:00
Violet Hynes	33731d6f63	VAULT-12940 Vault Agent uses Vault Agent specific User-Agent header when issuing requests (#19776 ) * VAULT-12940 test for templating user agent * VAULT-12940 User agent work so far * VAULT-12940 Vault Agent uses Vault Agent specific User-Agent header when issuing requests * VAULT-12940 Clean-up and godocs * VAULT-12940 changelog * VAULT-12940 Fix test checking headers * VAULT-12940 Fix test checking headers * VAULT-12940 Fix test checking headers * VAULT-12940 Fix test checking headers * VAULT-12940 copy/paste typos * VAULT-12940 improve comments, use make(http.Header) * VAULT-12940 small typos and clean-up	2023-04-03 14:14:47 -04:00
Karel	5631e806c2	Fix: Optionally reload x509 key-pair from disk on agent auto-auth (#19002 ) * Optionally reload x509 key-pair from disk * Document 'reload' config value * Added changelog release note	2023-03-22 11:01:58 -04:00
Hamid Ghaf	e55c18ed12	adding copyright header (#19555 ) * adding copyright header * fix fmt and a test	2023-03-15 09:00:52 -07:00
Francis Chuang	789406ca90	Add Oracle Cloud auth to the Vault Agent (#19260 ) * Add Oracle Cloud auth to the Vault Agent * Use ParseDurationSecond to parse credential_poll_interval * Use os.UserHomeDir()	2023-03-15 09:08:52 -04:00
Violet Hynes	5581c26859	VAULT-12798 Correct removal behaviour when JWT is symlink (#18863 ) * VAULT-12798 testing for jwt symlinks * VAULT-12798 Add testing of jwt removal * VAULT-12798 Update docs for clarity * VAULT-12798 Small change, and changelog * VAULT-12798 Lstat -> Stat * VAULT-12798 remove forgotten comment * VAULT-12798 small refactor, add new config item * VAULT-12798 Require opt-in config for following symlinks for JWT deletion * VAULT-12798 change changelog	2023-03-14 15:44:19 -04:00
miagilepner	13caa0842e	VAULT-8436 remove <-time.After statements in for loops (#18818 ) * replace time.After with ticker in loops * add semgrep rule * update to use timers * remove stop	2023-02-06 17:49:01 +01:00
Violet Hynes	17be1024e4	VAULT-12564 Add new token_file auto-auth method (#18740 ) * VAULT-12564 Work so far on token file auto-auth * VAULT-12564 remove lifetime watcher struct modifications * VAULT-12564 add other config items, and clean up * VAULT-12564 clean-up and more tests * VAULT-12564 clean-up * VAULT-12564 lookup-self and some clean-up * VAULT-12564 safer client usage * VAULT-12564 some clean-up * VAULT-12564 changelog * VAULT-12564 some clean-ups * VAULT-12564 batch token warning * VAULT-12564 remove follow_symlink reference * VAULT-12564 Remove redundant stat, change temp file creation * VAULT-12564 Remove ability to delete token after auth	2023-01-24 16:09:32 -05:00
Peter Wilson	1fca38a4ae	VAULT-9883: Agent Reloadable Config (#18638 ) * Update command/agent.go * Attempt to only reload log level and certs * Mimicked 'server' test for cert reload in 'agent' Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com> Left out the `c.config` tweak that meant changes to lots of lines of code within the `Run` function of Agent command. :)	2023-01-10 17:45:34 +00:00
Violet Hynes	c2abcccb94	VAULT-12095 Support multiple config files for Vault Agent (#18403 ) * VAULT-12095 Code changes for multi-config * VAULT-12095 typo * VAULT-12095 make vault non-nil during update * VAULT-12095 docs * VAULT-12095 small refactor * VAULT-12095 typos	2023-01-03 12:50:19 -05:00
Nick Cabatoff	35df9489c7	Move version out of SDK. (#14229 ) Move version out of SDK. For now it's a copy rather than move: the part not addressed by this change is sdk/helper/useragent.String, which we'll want to remove in favour of PluginString. That will have to wait until we've removed uses of useragent.String from all builtins.	2022-12-07 13:29:51 -05:00
Violet Hynes	672cdc0fdb	VAULT-11510 Vault Agent can start listeners without caching (#18137 ) * VAULT-11510 Vault Agent can start listeners without caching * VAULT-11510 fix order of imports * VAULT-11510 changelog * VAULT-11510 typo and better switch * VAULT-11510 update name * VAULT-11510 New api_proxy stanza to configure API proxy * VAULT-11510 First pass at API Proxy docs * VAULT-11510 nav data * VAULT-11510 typo * VAULT-11510 docs update	2022-12-05 10:51:03 -05:00
Peter Wilson	2598651caf	VAULT-9900: Log rotation for 'agent' and 'server' commands (#18031 ) * Work to unify log-file for agent/server and add rotation * Updates to rotation code, tried to centralise the log config setup * logging + tests * Move LogFile to ShareConfig in test * Docs	2022-11-29 14:07:04 +00:00
Violet Hynes	a4a23f794a	VAULT-6368 Metrics-only listener for Agent (#18101 ) * VAULT-6368 Metrics-only listener for Agent * VAULT-6368 changelog * VAULT-6368 Update config to use string instead of bool * VAULT-6368 Fix leftover code * VAULT-6368 Fix changelog * VAULT-6368 fix typo * VAULT-6368 recommended doc update * VAULT-6368 use != over !(==)	2022-11-25 16:00:56 -05:00
Michael Anthony	f91bebcb18	[QT-309] Ensure environment variables are populated before proceeding (#17915 ) * Ensure environment variables are populated before proceeding * DRY up credNames var	2022-11-17 11:55:17 -07:00
Peter Wilson	7ae65df94e	VAULT-8732: Add `log-file` to Vault Agent (#17841 ) * Started work on adding log-file support to Agent * Allow log file to be picked up and appended * Use NewLogFile everywhere * Tried to pull out the config aggregation from Agent.Run Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>	2022-11-11 10:59:16 +00:00
Violet Hynes	2ae9835bbc	VAULT-8518 Increase HMAC limit to 4096, and limit approle names to the same limit (#17768 ) * VAULT-8518 Increase HMAC limit to 4096, and limit approle names to the same limit * VAULT-8518 Changelog * VAULT-8518 Sprintf the byte limit	2022-11-02 10:42:09 -04:00
Renato Costa	eb338de819	fix incorrect use of loop variable (#16872 ) This fixes a couple of references to loop variables in parallel tests and deferred functions. When running a parallel test (calling `t.Parallel()`) combined with the table-driven pattern, it's necessary to copy the test case loop variable, otherwise only the last test case is exercised. This is documented in the `testing` package: https://pkg.go.dev/testing#hdr-Subtests_and_Sub_benchmarks `defer` statements that invoke a closure should also not reference a loop variable directly as the referenced value will change in each iteration of the loop. Issues were automatically found with the `loopvarcapture` linter.	2022-10-04 09:23:37 -04:00
Mike Palmiotto	30e9a17619	agent: Fix missing file suffix in config test (#17245 )	2022-09-21 11:30:04 -04:00
Jason O'Donnell	8fddccdff0	agent/auto-auth: add exit_on_err configurable (#17091 ) * agent/auto-auth: add exit_on_err configurable * changelog * Update backoff function to quit * Clarify doc * Fix test	2022-09-15 11:00:31 -07:00
Josh Black	03d2be4cb9	update gofumpt to 0.3.1 and reformat the repo (#17055 ) * update gofumpt to 0.3.1 and reformat the repo * output the version of the formatter we're using	2022-09-07 17:31:20 -07:00
Violet Hynes	e0be62caf1	VAULT-6575 Vault agent respects retry config even with caching set (#16970 ) * VAULT-6575 Vault agent respects retry config even with caching set * VAULT-6575 Add changelog * VAULT-6575 Change log levels	2022-09-06 10:35:54 -04:00
Scott Miller	0d6a42c79e	OSS portion of wrapper-v2 (#16811 ) * OSS portion of wrapper-v2 * Prefetch barrier type to avoid encountering an error in the simple BarrierType() getter * Rename the OveriddenType to WrapperType and use it for the barrier type prefetch * Fix unit test	2022-08-23 15:37:16 -04:00
Eng Zer Jun	6141d61839	refactor: replace strings.Replace with strings.ReplaceAll (#15392 ) strings.ReplaceAll(s, old, new) is a wrapper function for strings.Replace(s, old, new, -1). But strings.ReplaceAll is more readable and removes the hardcoded -1. Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>	2022-08-03 15:22:48 -04:00
Jason O'Donnell	4bcc7e1bb3	agent: add disable_keep_alives configurable (#16479 ) agent: add disable_keep_alives config Co-authored-by: Christopher Swenson <christopher.swenson@hashicorp.com>	2022-07-28 12:59:49 -07:00
tdsacilowski	dac99be29d	Agent JWT auto auth `remove_jwt_after_reading` config option (#11969 ) Add a new config option for Vault Agent's JWT auto auth `remove_jwt_after_reading`, which defaults to true. Can stop Agent from attempting to delete the file, which is useful in k8s where the service account JWT is mounted as a read-only file and so any attempt to delete it generates spammy error logs. When leaving the JWT file in place, the read period for new tokens is 1 minute instead of 500ms to reflect the assumption that there will always be a file there, so finding a file does not provide any signal that it needs to be re-read. Kubernetes has a minimum TTL of 10 minutes for tokens, so a period of 1 minute gives Agent plenty of time to detect new tokens, without leaving it too unresponsive. We may want to add a config option to override these default periods in the future. Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>	2022-07-25 07:42:09 -06:00
Mike Palmiotto	e804f74efa	Fix agent use_auto_auth_token force test (#16313 ) Update the test to fix a copy-paste error.	2022-07-15 19:12:59 -04:00
Jason O'Donnell	8a49422979	agent/template: fix exec parsing error for templates (#16231 ) * agent/template: fix exec parsing error for templates * changelog	2022-07-06 21:21:35 +01:00
Jason O'Donnell	e38f6e72a2	agent: add disable_idle_connections configurable (#15986 ) * agent: add disable_keep_alives configurable * Add empty test * Add website doc * Change to disable_idle_connections * Update tests and doc * Add note about env * Changelog * Change to slice * Remove unused disable keep alive methods * Add invalid value test	2022-06-16 18:06:22 -04:00
Christopher Swenson	816036b8d5	VAULT-5935 agent: redact renew-self if using auto auth (#15380 ) Vault agent redacts the token and accessor for `/auth/token/lookup-self` (and `lookup`) if the token is the auto auth token to prevent it from leaking. Similarly, we need to redact the token and accessor from `renew-self` and `renew`, which also leak the token and accessor. I tested this locally by starting up a Vault agent and querying the agent endpoints, and ensuring that the accessor and token were set to the empty string in the response.	2022-05-12 09:25:55 -07:00
Jason O'Donnell	81f9ec7d2c	agent/auto-auth: Add `min_backoff` to set first backoff value (#15204 ) * Add initial_backoff to auto-auth method * Disable retries in client * Fix bug * Thread initial backoff to CT * Add comment * Change to min_backoff * changelog * remove initial references, review * fix test * Thread max_backoff through * Add doc note for max_backoff/templating	2022-04-29 12:31:32 -04:00
Tom Proctor	cf6004fa80	Upgrade hashicorp/consul-template dependency (#15092 ) * Includes sprig template functions * Includes improvements to writeTo template function * Add sprig functions test, improve failure message	2022-04-19 20:51:11 +01:00
Anton Averchenkov	e7b5b2a48d	Revert the WithContext changes to vault tests (#14947 )	2022-04-07 15:12:58 -04:00
Christopher Swenson	311910b90b	Agent error log level is mismatched (#14424 ) * [VAULT-1618] Agent error log level is mismatched `logLevelToStringPtr` translates `go-hclog`'s `ERROR` to `"ERROR"` for Consul Template's runner, but that expects `ERR` and is quite strict about it. This will address https://github.com/hashicorp/vault-k8s/issues/223 after it is set as the default image in `vault-k8s`. I didn't find a simple way to test this other than starting up a full server and agent and letting them run, which is unfortunately fairly slow. I confirmed that this addresses the original issue by modifying the helm chart with the values in this commit and patching the log level to `err`. * VAULT-1618 Add changelog/14424.txt * VAULT-1618 Update changelog/14424.txt based on @kalafut suggestion Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com> * VAULT-1618 Move cancel and server stop into defer in tests * VAULT-1618 Triggering CircleCI tests * VAULT-1618 Replace ioutil with os functions for agent template tests Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>	2022-04-07 11:03:38 -07:00
Anton Averchenkov	7d520d4022	Use WriteWithContext in auth helpers (#14775 )	2022-04-06 11:20:34 -04:00

1 2 3 4 5

209 Commits