Vault-31540 : Parallelization support for Sync and Unsync flows within Secret Sync (#10473) (#10749)

* Fix typos * Use a goroutine around syncSecret * Lock around map writes and memDB operations * Add TODO comments * Add unsync TODO * adding unsync changes * initial commit * moving nil checks in memdb calls * fixed tests; adjusted mutex locks while setting secret stores * adding changelog * addressing review comments: mutex adjustments, nits * adding mutex to memDBSetStoresForSecret * fixing data race test failures * addressing review comments: configurable workerpool limit, nits * removing debug logs that got missed * Update changelog/_10473.txt * addressing review comments: using default when custom woker pool count read fails, nits * fix: updating worker pool count to address Vercel API rate limits * Vault 40557/parallelize secret sync test aws gcp (#10645) * add integratio test case for parallelize secret sync test aws and gcp store types * resolve PR comments * resolve PR comments * add doc comments on TestSecretsSyncBackend_Queue_SecretKey test function --------- --------- Co-authored-by: Murali <137029787+murali-partha@users.noreply.github.com> Co-authored-by: robmonte <17119716+robmonte@users.noreply.github.com> Co-authored-by: Vivek Pandey <vivek.pandey@hashicorp.com> Co-authored-by: Vivek Pandey <vivekpandey@Viveks-MacBook-Pro.local>
2026-02-18 18:38:08 -05:00 · 2025-11-14 13:39:01 -05:00 · 2025-11-14 13:39:01 -05:00 · 92ddb4684c
commit 92ddb4684c
parent f6df5de721
4 changed files with 6 additions and 3 deletions
--- a/builtin/credential/ldap/path_config_rotate_root.go
+++ b/builtin/credential/ldap/path_config_rotate_root.go
@ -45,7 +45,7 @@ func (b *backend) pathConfigRotateRootUpdate(ctx context.Context, req *logical.R
 		b.Logger().Error("failed to rotate root credential on user request", "path", req.Path, "error", err.Error())
 	} else {
 		// err is nil in this case
-		b.Logger().Info("succesfully rotated root credential on user request", "path", req.Path)
+		b.Logger().Info("successfully rotated root credential on user request", "path", req.Path)
 	}
 	var responseError responseError
 	if errors.As(err, &responseError) {
--- a/builtin/logical/database/path_rotate_credentials.go
+++ b/builtin/logical/database/path_rotate_credentials.go
@ -92,7 +92,7 @@ func (b *databaseBackend) pathRotateRootCredentialsUpdate() framework.OperationF
 		if err != nil {
 			b.Logger().Error("failed to rotate root credential on user request", "path", req.Path, "error", err.Error())
 		} else {
-			b.Logger().Info("succesfully rotated root credential on user request", "path", req.Path)
+			b.Logger().Info("successfully rotated root credential on user request", "path", req.Path)
 		}
 		return resp, err
 	}
--- a/builtin/logical/transit/path_rotate.go
+++ b/builtin/logical/transit/path_rotate.go
@ -91,7 +91,7 @@ func (b *backend) pathRotateWrite(ctx context.Context, req *logical.Request, d *
 	if err != nil {
 		b.Logger().Error("failed to rotate key on user request", "name", name, "error", err.Error())
 	} else {
-		b.Logger().Info("succesfully rotated key on user request", "name", name)
+		b.Logger().Info("successfully rotated key on user request", "name", name)
 	}
 	// formatKeyPolicy returns a response even on error so be sure to return both.
 	return resp, err
--- a/changelog/_10473.txt
+++ b/changelog/_10473.txt
@ -0,0 +1,3 @@
+```release-note:improvement
+secret-sync: add parallelization support to sync and unsync operations for secret-key granularity associations
+```