vault

mirrors/vault

Fork 0

mirror of https://github.com/hashicorp/vault.git synced 2025-11-23 03:31:09 +01:00

Commit Graph

Author	SHA1	Message	Date
Alexander Scheel	1985d658d1	Increase sleep to fix CI cert auth test failure (#17332 ) The periodic function only runs every 50ms, so waiting 60ms means we might not be done fetching the CRL on slower CI systems or with high test parallelism. Tested with: > untilfail -parallel=-9 ../../../cert.test -test.run=TestCRLFetch -test.count=1 -test.v And shown to reliably fail before, fixed after. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>	2022-09-27 17:44:27 -04:00
Alexander Scheel	9a80004dce	Fix race in cert auth tests (#17181 ) There were two races here: 1. Tests racing against periodic func on updating the backend. 2. Tests racing internally to itself, to access the http-served CRL data. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>	2022-09-19 09:09:03 -04:00
Scott Miller	f5cc167bff	Fetch CRLs from a user defined URL (#17136 ) * Fetch CRLs from a user defined CDP (PoC) * Handle no param sent * Move CRL fetch to a periodFunc. Use configured CA certs + system root as trusted certs for CRL fetch * comments * changelog * Just use root trust * cdp->url in api * Store CRL and populate it initially in cdlWrite * Update docs * Update builtin/credential/cert/path_crls.go Co-authored-by: Steven Clark <steven.clark@hashicorp.com> * Handle pre-verification of a CRL url better * just in case * Fix crl write locking * Add a CRL fetch unit test * Remove unnecessary validity clear * Better func name * Don't exit early updating CRLs * lock in updateCRLs * gofumpt * err- Co-authored-by: Steven Clark <steven.clark@hashicorp.com>	2022-09-16 16:44:30 -05:00

Author

SHA1

Message

Date

Alexander Scheel

1985d658d1

Increase sleep to fix CI cert auth test failure (#17332 )

The periodic function only runs every 50ms, so waiting 60ms means we
might not be done fetching the CRL on slower CI systems or with high
test parallelism.

Tested with:

> untilfail -parallel=-9 ../../../cert.test -test.run=TestCRLFetch -test.count=1 -test.v

And shown to reliably fail before, fixed after.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

2022-09-27 17:44:27 -04:00

Alexander Scheel

9a80004dce

Fix race in cert auth tests (#17181 )

There were two races here:

 1. Tests racing against periodic func on updating the backend.
 2. Tests racing internally to itself, to access the http-served
    CRL data.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

2022-09-19 09:09:03 -04:00

Scott Miller

f5cc167bff

Fetch CRLs from a user defined URL (#17136 )

* Fetch CRLs from a user defined CDP (PoC)

* Handle no param sent

* Move CRL fetch to a periodFunc.  Use configured CA certs + system root as trusted certs for CRL fetch

* comments

* changelog

* Just use root trust

* cdp->url in api

* Store CRL and populate it initially in cdlWrite

* Update docs

* Update builtin/credential/cert/path_crls.go

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Handle pre-verification of a CRL url better

* just in case

* Fix crl write locking

* Add a CRL fetch unit test

* Remove unnecessary validity clear

* Better func name

* Don't exit early updating CRLs

* lock in updateCRLs

* gofumpt

* err-

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

2022-09-16 16:44:30 -05:00

3 Commits