backport of commit 9ae8f48 (hashicorp#20420)

Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
fopina · Apr 28, 2023 · 657c287 · 657c287
1 parent ba82d7a
commit 657c287
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 17 deletions.
diff --git a/changelog/20418.txt b/changelog/20418.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+command/server: fixes panic in Vault server command when running in recovery mode
+```
diff --git a/command/server.go b/command/server.go
@@ -446,7 +446,7 @@ func (c *ServerCommand) runRecoveryMode() int {
 	}
 
 	// Update the 'log' related aspects of shared config based on config/env var/cli
-	c.Flags().applyLogConfigOverrides(config.SharedConfig)
+	c.flags.applyLogConfigOverrides(config.SharedConfig)
 	l, err := c.configureLogging(config)
 	if err != nil {
 		c.UI.Error(err.Error())
@@ -661,6 +661,12 @@ func (c *ServerCommand) runRecoveryMode() int {
 
 	c.UI.Output("")
 
+	// Tests might not want to start a vault server and just want to verify
+	// the configuration.
+	if c.flagTestVerifyOnly {
+		return 0
+	}
+
 	for _, ln := range lns {
 		handler := vaulthttp.Handler.Handler(&vault.HandlerProperties{
 			Core:                  core,

diff --git a/command/server_test.go b/command/server_test.go
@@ -283,6 +283,13 @@ func TestServer(t *testing.T) {
 			0,
 			[]string{"-test-verify-only"},
 		},
+		{
+			"recovery_mode",
+			testBaseHCL(t, "") + inmemHCL,
+			"",
+			0,
+			[]string{"-test-verify-only", "-recovery"},
+		},
 	}
 
 	for _, tc := range cases {
@@ -292,26 +299,21 @@ func TestServer(t *testing.T) {
 			t.Parallel()
 
 			ui, cmd := testServerCommand(t)
-			f, err := ioutil.TempFile("", "")
-			if err != nil {
-				t.Fatalf("error creating temp dir: %v", err)
-			}
-			f.WriteString(tc.contents)
-			f.Close()
-			defer os.Remove(f.Name())
 
-			args := append(tc.args, "-config", f.Name())
+			f, err := os.CreateTemp(t.TempDir(), "")
+			require.NoErrorf(t, err, "error creating temp dir: %v", err)
 
-			code := cmd.Run(args)
-			output := ui.ErrorWriter.String() + ui.OutputWriter.String()
+			_, err = f.WriteString(tc.contents)
+			require.NoErrorf(t, err, "cannot write temp file contents")
 
-			if code != tc.code {
-				t.Errorf("expected %d to be %d: %s", code, tc.code, output)
-			}
+			err = f.Close()
+			require.NoErrorf(t, err, "unable to close temp file")
 
-			if !strings.Contains(output, tc.exp) {
-				t.Fatalf("expected %q to contain %q", output, tc.exp)
-			}
+			args := append(tc.args, "-config", f.Name())
+			code := cmd.Run(args)
+			output := ui.ErrorWriter.String() + ui.OutputWriter.String()
+			require.Equal(t, tc.code, code, "expected %d to be %d: %s", code, tc.code, output)
+			require.Contains(t, output, tc.exp, "expected %q to contain %q", output, tc.exp)
 		})
 	}
 }