Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pass BAO_ADDR to the token helper #348

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Pass BAO_ADDR to the token helper #348

wants to merge 3 commits into from

Conversation

ruuda
Copy link
Contributor

@ruuda ruuda commented May 29, 2024
edited
Loading

Previously the token helper might inherit BAO_ADDR from the process, but if the address was specified through an -address command-line flag, then the token helper would not know the address, or it would use the wrong one. Fix that by propagating the address everywhere, and then setting BAO_ADDR explicitly in the token helper's environment.

Resolves #314.

  • One thing I’m not sure about: should we set VAULT_ADDR in addition to BAO_ADDR? I see there are still many uses of VAULT_ADDR in the codebase. ⇒ Yes, set both.

Target Release

It filled out this by default: 1.14.7

@ruuda
Pass BAO_ADDR to the token helper
950fba2 
Previously the token helper might inherit BAO_ADDR from the process,
but if the address was specified through an -address command-line flag,
then the token helper would not know the address, or it would use the
wrong one. Fix that by propagating the address everywhere, and then
setting BAO_ADDR explicitly in the token helper's environment.

Fixes openbao#314.

Signed-off-by: Ruud van Asseldonk <[email protected]>
@ruuda
Add changelog entry for openbao#348
486902d 
Signed-off-by: Ruud van Asseldonk <[email protected]>
@ruuda ruuda marked this pull request as ready for review May 29, 2024 08:24
cipherboy
cipherboy reviewed May 29, 2024
View reviewed changes
command/config/util.go Outdated
// of through an environment variable, we propagate the address to the token
// helper through an environment variable. Otherwise the token helper may
// read BAO_ADDR and assume a different address than the one we are using.
env := []string{"BAO_ADDR=" + vaultAddr}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd copy from #321 and set VAULT_ADDR as well. :-)

@ruuda ruuda requested a review from cipherboy June 11, 2024 06:54
@cipherboy
Copy link
Member

cipherboy commented Jun 15, 2024
edited
Loading

\o hello @ruuda -- I think there's some test failures introduced by this PR. If I rebuild this PR on top of my #362, I think in command/login_test.go there's several places where cmd.TokenHelper() is called without the vaultAddr string.

Sorry for the noisy test failures, I hadn't realized some of my PRs had been merged without passing tests :o

ok  	github.com/openbao/openbao/builtin/logical/openldap/client	(cached)
# github.com/openbao/openbao/command [github.com/openbao/openbao/command.test]
command/login_test.go:65:22: not enough arguments in call to cmd.TokenHelper
	have ()
	want (string)
command/login_test.go:118:22: not enough arguments in call to cmd.TokenHelper
	have ()
	want (string)
command/login_test.go:164:22: not enough arguments in call to cmd.TokenHelper
	have ()
	want (string)
command/login_test.go:205:22: not enough arguments in call to cmd.TokenHelper
	have ()
	want (string)
command/login_test.go:241:22: not enough arguments in call to cmd.TokenHelper
	have ()
	want (string)
command/login_test.go:299:22: not enough arguments in call to cmd.TokenHelper
	have ()
	want (string)
command/login_test.go:359:22: not enough arguments in call to cmd.TokenHelper
	have ()
	want (string)
command/login_test.go:420:22: not enough arguments in call to cmd.TokenHelper
	have ()
	want (string)
command/login_test.go:494:23: not enough arguments in call to cmd.TokenHelper
	have ()
	want (string)
command/login_test.go:545:22: not enough arguments in call to cmd.TokenHelper
	have ()
	want (string)
command/login_test.go:545:22: too many errors

@cipherboy cipherboy added this to the 2.0.0 - GA milestone Jun 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cipherboy cipherboy Awaiting requested review from cipherboy

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.0.0 - GA
Development

Successfully merging this pull request may close these issues.

BAO_ADDR is not propagated to the token helper when provided as -address
2 participants
@ruuda @cipherboy