Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make encryption persistence timeout configurable via env var #25636

Merged
merged 6 commits into from
Feb 27, 2024

Conversation

sgmiller
Copy link
Collaborator

Adds VAULT_ENCRYPTION_COUNT_PERSIST_TIMEOUT, which overrides the default 1
second best effort timeout for encryption count tracking, as some customers
have slower HSMs that don't respond within 1 second.

@sgmiller sgmiller requested review from a team as code owners February 26, 2024 18:59
@sgmiller sgmiller added this to the 1.16.0 milestone Feb 26, 2024
@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label Feb 26, 2024
Copy link

github-actions bot commented Feb 26, 2024

CI Results:
All Go tests succeeded! ✅

Copy link

github-actions bot commented Feb 26, 2024

Build Results:
All builds succeeded! ✅

vault/barrier_aes_gcm.go Fixed Show fixed Hide fixed
Copy link
Contributor

@stevendpclark stevendpclark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall looks good, one small nit and possibly address the semgrep scanner warning

Should this not be backported beyond 1.16.x? We have the timeout all the way back to 1.13 I believe.

vault/barrier_aes_gcm.go Outdated Show resolved Hide resolved
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants