Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit: Extracted SSCT related auditing code to formatter node #25443

Merged
merged 2 commits into from
Feb 15, 2024
Merged

Audit: Extracted SSCT related auditing code to formatter node #25443

merged 2 commits into from
Feb 15, 2024

Conversation

peteski22
Copy link

This PR addresses a potential race condition which occurred when an SSCT is present in the auth related audit entry.

It removes some unrequired code which captured the current headers, and moves the logic for updating the client token with the SSCT to the entry formatter which deals with a cloned version of the input.

Previous race detection occurred in command/agentproxyshared/auth TestAuthHandler

Removed unneeded header tracking in log request/log response of audit…
e7e2137 
… broker, moved SSCT overwrite to entry formatter
@peteski22 peteski22 added bug Used to indicate a potential bug core Issues and Pull-Requests specific to Vault Core core/audit do-not-merge hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed labels Feb 15, 2024
@peteski22 peteski22 added this to the 1.16.0-rc2 milestone Feb 15, 2024
VioletHynes
VioletHynes approved these changes Feb 15, 2024
View reviewed changes
Copy link
Contributor

@VioletHynes VioletHynes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me -- did you run the race test with untilfail before and after to see if you could reproduce before/after? That'd be the ultimate confidence

@github-actions GitHub Actions
Copy link

CI Results:
All Go tests succeeded! ✅

@github-actions GitHub Actions
Copy link

Build Results:
All builds succeeded! ✅

@peteski22 peteski22 modified the milestones: 1.16.0-rc2, 1.16.1 Feb 15, 2024
@peteski22
Copy link
Author

This looks good to me -- did you run the race test with untilfail before and after to see if you could reproduce before/after? That'd be the ultimate confidence

I did run it, but alas I cannot get it to fail locally with main and this branch. 😞

@peteski22 peteski22 merged commit 83986f3 into main Feb 15, 2024
90 checks passed
@peteski22 peteski22 deleted the peteski22/VAULT-24139/audit-race branch February 15, 2024 20:02
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@VioletHynes VioletHynes VioletHynes approved these changes

Assignees
No one assigned
Labels
bug Used to indicate a potential bug core/audit core Issues and Pull-Requests specific to Vault Core hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed
Projects
None yet
Milestone
1.16.1
Development

Successfully merging this pull request may close these issues.
2 participants
@peteski22 @VioletHynes