diff --git a/command/init_func_test.go b/command/init_func_test.go new file mode 100644 index 0000000000..c733b8345e --- /dev/null +++ b/command/init_func_test.go @@ -0,0 +1,12 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package command + +import "os" + +func init() { + if signed := os.Getenv("VAULT_LICENSE_CI"); signed != "" { + os.Setenv(EnvVaultLicense, signed) + } +} diff --git a/command/operator_migrate_test.go b/command/operator_migrate_test.go index b2a92d3396..1a75cfbf8a 100644 --- a/command/operator_migrate_test.go +++ b/command/operator_migrate_test.go @@ -15,7 +15,6 @@ import ( "strings" "sync" "testing" - "time" "github.com/go-test/deep" "github.com/hashicorp/cli" @@ -29,10 +28,6 @@ import ( const trailing_slash_key = "trailing_slash/" -func init() { - rand.Seed(time.Now().UnixNano()) -} - func TestMigration(t *testing.T) { handlers := newVaultHandlers() t.Run("Default", func(t *testing.T) { diff --git a/command/server.go b/command/server.go index 26c692b653..0c0832a798 100644 --- a/command/server.go +++ b/command/server.go @@ -142,6 +142,7 @@ type ServerCommand struct { flagTestServerConfig bool flagDevConsul bool flagExitOnCoreShutdown bool + ignoreLicenseEnvVar bool sealsToFinalize []*vault.Seal } @@ -1192,7 +1193,7 @@ func (c *ServerCommand) Run(args []string) int { if envLicensePath := os.Getenv(EnvVaultLicensePath); envLicensePath != "" { config.LicensePath = envLicensePath } - if envLicense := os.Getenv(EnvVaultLicense); envLicense != "" { + if envLicense := os.Getenv(EnvVaultLicense); envLicense != "" && !c.ignoreLicenseEnvVar { config.License = envLicense } @@ -1756,11 +1757,6 @@ func (c *ServerCommand) Run(args []string) int { c.UI.Error(err.Error()) } - select { - case c.licenseReloadedCh <- err: - default: - } - // Let the managedKeyRegistry react to configuration changes (i.e. // changes in kms_libraries) core.ReloadManagedKeyRegistryConfig() @@ -2988,6 +2984,7 @@ func createCoreConfig(c *ServerCommand, config *server.Config, backend physical. EnableResponseHeaderRaftNodeID: config.EnableResponseHeaderRaftNodeID, License: config.License, LicensePath: config.LicensePath, + LicenseReload: c.licenseReloadedCh, DisableSSCTokens: config.DisableSSCTokens, Experiments: config.Experiments, AdministrativeNamespacePath: config.AdministrativeNamespacePath, diff --git a/command/server_test.go b/command/server_test.go index 896925e91f..5ac5fe2181 100644 --- a/command/server_test.go +++ b/command/server_test.go @@ -43,12 +43,6 @@ func regexReplacer(re, repl string) Modifier { } } -func init() { - if signed := os.Getenv("VAULT_LICENSE_CI"); signed != "" { - os.Setenv(EnvVaultLicense, signed) - } -} - func testBaseHCL(tb testing.TB, listenerExtras string, modifiers ...Modifier) string { tb.Helper() diff --git a/command/server_util.go b/command/server_util.go index c0227ea28b..62de9cd1e8 100644 --- a/command/server_util.go +++ b/command/server_util.go @@ -48,6 +48,6 @@ func testServerCommand(tb testing.TB) (*cli.MockUi, *ServerCommand) { // These prevent us from random sleep guessing... startedCh: make(chan struct{}, 5), reloadedCh: make(chan struct{}, 5), - licenseReloadedCh: make(chan error), + licenseReloadedCh: make(chan error, 1), } } diff --git a/vault/core.go b/vault/core.go index b906174763..d51a67190d 100644 --- a/vault/core.go +++ b/vault/core.go @@ -753,6 +753,7 @@ type Core struct { // Activation flags for enterprise features that require a one-time activation FeatureActivationFlags *activationflags.FeatureActivationFlags + licenseReloadCh chan error } func (c *Core) ActiveNodeClockSkewMillis() int64 { @@ -941,6 +942,7 @@ type CoreConfig struct { PeriodicLeaderRefreshInterval time.Duration ClusterAddrBridge *raft.ClusterAddrBridge + LicenseReload chan error } // GetServiceRegistration returns the config's ServiceRegistration, or nil if it does @@ -1402,6 +1404,7 @@ func NewCore(conf *CoreConfig) (*Core, error) { } c.clusterAddrBridge = conf.ClusterAddrBridge + c.licenseReloadCh = conf.LicenseReload return c, nil }