Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix a bug reading auth mount using sys/internal/ui/mount endpoint when filter paths are enforced #23802

Merged
merged 3 commits into from
Oct 30, 2023
Merged

fix a bug reading auth mount using sys/internal/ui/mount endpoint when filter paths are enforced #23802

merged 3 commits into from
Oct 30, 2023

Conversation

hghaf099
Copy link
Contributor

@hghaf099 hghaf099 commented Oct 24, 2023
edited
Loading

Addresses https://hashicorp.atlassian.net/browse/VAULT-21207

Reading an "auth" mount using "sys/internal/ui/mounts/" when filter paths are enforced returns 500 error code from the secondary:

failed to read a mount point in allow mode, Error making API request.
        
        URL: GET https://127.0.0.1:49227/v1/sys/internal/ui/mounts/auth/d0681fa6-a5be-4d7e-8c38-c443325bb3ee
        Code: 500. Errors:
        
        * unable to retrieve route entry for mount path

@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label Oct 24, 2023
@hghaf099 hghaf099 changed the title fix a bug reading auth mount using sys/internal/ui/mount endpoint fix a bug reading auth mount using sys/internal/ui/mount endpoint when filter paths are enforced Oct 24, 2023
@github-actions
Copy link

Build Results:
All builds succeeded! ✅

@github-actions
Copy link

CI Results:
All Go tests succeeded! ✅

mpalmi
mpalmi reviewed Oct 24, 2023
View reviewed changes
Copy link
Contributor

@mpalmi mpalmi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just two quick questions, but the fix makes sense.

changelog/23802.txt Outdated Show resolved Hide resolved
vault/logical_system.go
Comment on lines +4555 to +4557
if strings.HasPrefix(me.APIPathNoNamespace(), credentialRoutePrefix) {
routerPrefix = credentialRoutePrefix
}
Copy link
Contributor

@mpalmi mpalmi Oct 24, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the bug specific to auth mounts, or are other path prefixes also affected?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, the secret engine mounts are working fine.

@hghaf099 hghaf099 requested a review from mpalmi October 25, 2023 14:11
@hghaf099 hghaf099 merged commit 26bae55 into main Oct 30, 2023
105 of 111 checks passed
@hghaf099 hghaf099 deleted the vault-21207-fix-bug-read-auth-mount branch October 30, 2023 15:15
This was referenced Oct 30, 2023
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ncabatoff ncabatoff ncabatoff approved these changes

@mpalmi mpalmi Awaiting requested review from mpalmi

Assignees
No one assigned
Labels
hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hghaf099 @ncabatoff @mpalmi