From 6a3aef7bf54be71146dfe6390fd5b59423640ac6 Mon Sep 17 00:00:00 2001
From: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
Date: Thu, 10 Apr 2025 09:34:12 -0500
Subject: [PATCH] Fix panic when rotating transit managed keys produces an
 error (#30214)

* remove extra Unlock call

* add changelog
---
 builtin/logical/transit/path_rotate.go | 1 -
 changelog/30214.txt                    | 3 +++
 2 files changed, 3 insertions(+), 1 deletion(-)
 create mode 100644 changelog/30214.txt

diff --git a/builtin/logical/transit/path_rotate.go b/builtin/logical/transit/path_rotate.go
index c024aede4b..1d7efea56d 100644
--- a/builtin/logical/transit/path_rotate.go
+++ b/builtin/logical/transit/path_rotate.go
@@ -70,7 +70,6 @@ func (b *backend) pathRotateWrite(ctx context.Context, req *logical.Request, d *
 		var keyId string
 		keyId, err = GetManagedKeyUUID(ctx, b, managedKeyName, managedKeyId)
 		if err != nil {
-			p.Unlock()
 			return nil, err
 		}
 		err = p.RotateManagedKey(ctx, req.Storage, keyId)
diff --git a/changelog/30214.txt b/changelog/30214.txt
new file mode 100644
index 0000000000..733bd861dc
--- /dev/null
+++ b/changelog/30214.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+secrets/transit: fix a panic when rotating on a managed key returns an error
+```
\ No newline at end of file