Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

configurable lease check wait for non-renewable secrets #1546

Merged
merged 1 commit into from
Mar 8, 2022
Merged

configurable lease check wait for non-renewable secrets #1546

merged 1 commit into from
Mar 8, 2022

Conversation

rgeoghegan
Copy link
Contributor

This should be a fix for #1526

Now the vault config has a lease_renewal_threshold parameter which controls the
fraction of how long of the original lease duration consul-template should wait to
ask for a new secret on non-renewable secrets (like for PKIs). By default, consul-template
will wait (90 +/- 5)% of the lease time.

@rgeoghegan
configurable lease check wait for non-renewable secrets
8805a44 
Now the vault config has a `lease_renewal_threshold` parameter which controls the
fraction of how long of the original lease duration consul-template should wait to
ask for a new secret on non-renewable secrets (like for PKIs). By default, consul-template
will wait (90 +/- 5)% of the lease time.
@rgeoghegan rgeoghegan requested a review from a team March 1, 2022 21:59
@hashicorp-cla
Copy link

hashicorp-cla commented Mar 1, 2022
edited
Loading

CLA assistant check
All committers have signed the CLA.

eikenb
eikenb reviewed Mar 8, 2022
View reviewed changes
config/vault.go
@@ -310,8 +328,9 @@ func (c *VaultConfig) GoString() string {
"Token:%t, "+
"VaultAgentTokenFile:%t, "+
"Transport:%#v, "+
"UnwrapToken:%s"+
"UnwrapToken:%s, "+
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Drive-by formatting fix. Thanks!

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was trying to figure out why the unit tests would not pass, and I noticed this typo when my print statements were all weird.

eikenb
eikenb approved these changes Mar 8, 2022
View reviewed changes
Copy link
Contributor

@eikenb eikenb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like you've covered all the bases.
LGTM.

@eikenb eikenb added this to the v0.29.0 milestone Mar 8, 2022
@eikenb eikenb added the hashicat-update-required Changes that need to be ported to hashicat label Mar 8, 2022
@eikenb eikenb merged commit cc67cc9 into hashicorp:master Mar 8, 2022
@daveadams daveadams mentioned this pull request Mar 22, 2022
Merged
@eikenb eikenb modified the milestones: v0.29.0, v0.28.1 Mar 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eikenb eikenb eikenb approved these changes

Assignees
No one assigned
Labels
enhancement hashicat-update-required Changes that need to be ported to hashicat
Projects
None yet
Milestone
v0.28.1
Development

Successfully merging this pull request may close these issues.
3 participants
@rgeoghegan @hashicorp-cla @eikenb