Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

identity/group-alias: add api client lock #2140

Merged
merged 6 commits into from
Feb 14, 2024
Merged

identity/group-alias: add api client lock #2140

merged 6 commits into from
Feb 14, 2024

Conversation

fairclothjm
Copy link
Contributor

@fairclothjm fairclothjm commented Feb 13, 2024
edited
Loading

Description

Relates #1695

I haven't been able to reproduce the issue from #1695 yet, but the lack of locking here is quite suspicious.

Checklist

  • Added CHANGELOG entry (only for user-facing changes)
  • Acceptance tests where run against all supported Vault Versions

fairclothjm
fairclothjm commented Feb 13, 2024
View reviewed changes
CHANGELOG.md
@@ -5,6 +5,9 @@ FEATURES:
* Add support for configuration of plugin WIF to the AWS Secret Backend. Requires Vault 1.16+ ([#2138](https://github.com/hashicorp/terraform-provider-vault/pull/2138)).
* Add support for Oracle database plugin configuration options `split_statements` and `disconnect_sessions`: ([#2085](https://github.com/hashicorp/terraform-provider-vault/pull/2085))

IMPROVEMENTS:
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Or BUG? I went with improvement since I have not been able to verify that this fixes the reported error.

@fairclothjm fairclothjm added this to the 3.25.0 milestone Feb 13, 2024
@fairclothjm
Copy link
Contributor Author

Looking into the test timeout failures: https://github.com/hashicorp/terraform-provider-vault/actions/runs/7890026265/job/21531339605

@github-actions github-actions bot added size/S and removed size/XS labels Feb 13, 2024
vinay-gopalan
vinay-gopalan approved these changes Feb 13, 2024
View reviewed changes
Copy link
Contributor

@vinay-gopalan vinay-gopalan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for looking into this! Though it is hard to come up with a testcase using just the TF testing framework that can validate the exact fix for the issue, I do think this is a valid addition to the code, as it matches the Group Alias resource behavior to the Entity Alias resource (both of which support performance secondaries and standbys). Had 1 nit but looks good to me otherwise 👍🏼

vault/resource_identity_group_alias.go
@@ -49,6 +52,10 @@ func identityGroupAliasResource() *schema.Resource {
}

func identityGroupAliasCreate(d *schema.ResourceData, meta interface{}) error {
lock, unlock := getEntityLockFuncs(d, identityGroupAliasIDPath)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: is it worth updating the function name to something more generic, like getLockFuncs since it is not specific to entities?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I will keep it as-is since an Identity Group is a collection of Entities and the lock keys that we create are specific to entities in that the key is tied to the mount accessor. I don't see this function being used much or at all outside of entities use cases.

@github-actions github-actions bot added size/M and removed size/S labels Feb 14, 2024
@fairclothjm fairclothjm merged commit 07da515 into main Feb 14, 2024
12 checks passed
@fairclothjm fairclothjm deleted the VAULT-12098/identity-group-alias-lock branch February 14, 2024 19:12
@fairclothjm fairclothjm mentioned this pull request Feb 14, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vinay-gopalan vinay-gopalan vinay-gopalan approved these changes

@benashz benashz Awaiting requested review from benashz

Assignees
No one assigned
Labels
size/M
Projects
None yet
Milestone
3.25.0
Development

Successfully merging this pull request may close these issues.
2 participants
@fairclothjm @vinay-gopalan