Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Small fixes on UX of Automated Root Rotation parameters #29685

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Small fixes on UX of Automated Root Rotation parameters #29685

wants to merge 2 commits into from
+131 −41

Conversation

vinay-gopalan
Copy link
Contributor

Description

Small fixes around the usability of the new automated root rotation parameters added to select Secret and Auth engines for 1.19 Enterprise.

This PR:

  • enables rotation_period and rotation_window to be duration strings instead of just integers to be consistent with static role mechanisms
  • makes it easier to zero out rotation params while setting others in the same call (previously user would have to unset rotation_period — which would first de-register — and then set rotation_schedule in a follow up call to re-register)
  • fixes a bug where if disable_automated_rotation was not passed in a request, it was treated as being set to false, which would cause a de-registration. Now it will only de-register if the param is explicitly set to false
  • removes an extra nested AutomatedRotationParams struct in the DB Config read method
  • 'mutually exclusive' and 'incompatible fields' errors are only dispatched if fields are non-zero (UI sets rotation_period and rotation_window to 0, which was causing unnecessary errors)

@vinay-gopalan vinay-gopalan requested review from a team as code owners February 21, 2025 01:30
@vinay-gopalan vinay-gopalan requested a review from pmmukh February 21, 2025 01:30
@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label Feb 21, 2025
@vinay-gopalan vinay-gopalan added pr/no-changelog and removed hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed labels Feb 21, 2025
@vinay-gopalan vinay-gopalan added this to the 1.19.0 milestone Feb 21, 2025
@vinay-gopalan vinay-gopalan requested review from kpcraig and robmonte and removed request for pmmukh February 21, 2025 01:34
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 21, 2025
edited
Loading

CI Results:
All Go tests succeeded! ✅

@github-actions GitHub Actions
Copy link

Build Results:
All builds succeeded! ✅

@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label Feb 21, 2025
kpcraig
kpcraig reviewed Feb 21, 2025
View reviewed changes
builtin/logical/aws/path_config_root_test.go
@@ -43,7 +44,8 @@ func TestBackend_PathConfigRoot(t *testing.T) {
"identity_token_audience": "",
"identity_token_ttl": int64(0),
"rotation_schedule": "",
"rotation_window": 0,
"rotation_period": time.Duration(0).Seconds(),
Copy link
Contributor

@kpcraig kpcraig Feb 21, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a way to write this test so we can show it accepting a string format duration?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kpcraig kpcraig kpcraig left review comments

@robmonte robmonte Awaiting requested review from robmonte

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed pr/no-changelog
Projects
None yet
Milestone
1.19.0
Development

Successfully merging this pull request may close these issues.
2 participants
@vinay-gopalan @kpcraig