From 657c287221a5302826d9bd47092c181648b59787 Mon Sep 17 00:00:00 2001 From: hc-github-team-secure-vault-core <82990506+hc-github-team-secure-vault-core@users.noreply.github.com> Date: Fri, 28 Apr 2023 11:50:58 -0400 Subject: [PATCH] backport of commit 9ae8f48f9b05c3f54eeca68e118122a92f46caaa (#20420) Co-authored-by: Peter Wilson --- changelog/20418.txt | 3 +++ command/server.go | 8 +++++++- command/server_test.go | 34 ++++++++++++++++++---------------- 3 files changed, 28 insertions(+), 17 deletions(-) create mode 100644 changelog/20418.txt diff --git a/changelog/20418.txt b/changelog/20418.txt new file mode 100644 index 000000000000..596b7e461d23 --- /dev/null +++ b/changelog/20418.txt @@ -0,0 +1,3 @@ +```release-note:bug +command/server: fixes panic in Vault server command when running in recovery mode +``` \ No newline at end of file diff --git a/command/server.go b/command/server.go index a15f1b7122db..dedc085fdd67 100644 --- a/command/server.go +++ b/command/server.go @@ -446,7 +446,7 @@ func (c *ServerCommand) runRecoveryMode() int { } // Update the 'log' related aspects of shared config based on config/env var/cli - c.Flags().applyLogConfigOverrides(config.SharedConfig) + c.flags.applyLogConfigOverrides(config.SharedConfig) l, err := c.configureLogging(config) if err != nil { c.UI.Error(err.Error()) @@ -661,6 +661,12 @@ func (c *ServerCommand) runRecoveryMode() int { c.UI.Output("") + // Tests might not want to start a vault server and just want to verify + // the configuration. + if c.flagTestVerifyOnly { + return 0 + } + for _, ln := range lns { handler := vaulthttp.Handler.Handler(&vault.HandlerProperties{ Core: core, diff --git a/command/server_test.go b/command/server_test.go index e114cc105a54..24dda4a76daf 100644 --- a/command/server_test.go +++ b/command/server_test.go @@ -283,6 +283,13 @@ func TestServer(t *testing.T) { 0, []string{"-test-verify-only"}, }, + { + "recovery_mode", + testBaseHCL(t, "") + inmemHCL, + "", + 0, + []string{"-test-verify-only", "-recovery"}, + }, } for _, tc := range cases { @@ -292,26 +299,21 @@ func TestServer(t *testing.T) { t.Parallel() ui, cmd := testServerCommand(t) - f, err := ioutil.TempFile("", "") - if err != nil { - t.Fatalf("error creating temp dir: %v", err) - } - f.WriteString(tc.contents) - f.Close() - defer os.Remove(f.Name()) - args := append(tc.args, "-config", f.Name()) + f, err := os.CreateTemp(t.TempDir(), "") + require.NoErrorf(t, err, "error creating temp dir: %v", err) - code := cmd.Run(args) - output := ui.ErrorWriter.String() + ui.OutputWriter.String() + _, err = f.WriteString(tc.contents) + require.NoErrorf(t, err, "cannot write temp file contents") - if code != tc.code { - t.Errorf("expected %d to be %d: %s", code, tc.code, output) - } + err = f.Close() + require.NoErrorf(t, err, "unable to close temp file") - if !strings.Contains(output, tc.exp) { - t.Fatalf("expected %q to contain %q", output, tc.exp) - } + args := append(tc.args, "-config", f.Name()) + code := cmd.Run(args) + output := ui.ErrorWriter.String() + ui.OutputWriter.String() + require.Equal(t, tc.code, code, "expected %d to be %d: %s", code, tc.code, output) + require.Contains(t, output, tc.exp, "expected %q to contain %q", output, tc.exp) }) } }