Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dev Message after log quiescence #9702

Merged
merged 7 commits into from
Aug 31, 2020
Merged

Dev Message after log quiescence #9702

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
4c88aab
Register a log sink that delays the printing of the big dev warning u…
sgmiller Aug 10, 2020
546440a
Since this is always an intercept logger, just be explicit about the …
sgmiller Aug 10, 2020
9f6f2cb
Merge branch 'master' into delay-dev-notice
sgmiller Aug 27, 2020
5905c6a
changelog++
sgmiller Aug 27, 2020
32ea781
Merge branch 'delay-dev-notice' of github.com:/hashicorp/vault into d…
sgmiller Aug 27, 2020
e1db900
Merge branch 'master' into delay-dev-notice
sgmiller Aug 31, 2020
faff1f6
Merge branch 'master' into delay-dev-notice
sgmiller Aug 31, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ IMPROVEMENTS:

* auth/jwt: Add support for fetching groups and user information from G Suite during authentication. [[GH-123](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/123)]
* secrets/openldap: Add "ad" schema that allows the engine to correctly rotate AD passwords. [[GH-16](https://github.com/hashicorp/vault-plugin-secrets-openldap/pull/16)]
* command/server: Delay informational messages in -dev mode until logs have settled. [[GH-9702](https://github.com/hashicorp/vault/pull/9702)]

BUG FIXES:

Expand Down
132 changes: 75 additions & 57 deletions command/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ type ServerCommand struct {

logOutput io.Writer
gatedWriter *gatedwriter.Writer
logger log.Logger
logger log.InterceptLogger

cleanupGuard sync.Once

Expand Down Expand Up @@ -797,6 +797,15 @@ func (c *ServerCommand) processLogLevelAndFormat(config *server.Config) (log.Lev
return level, logLevelString, logLevelWasNotSet, logFormat, nil
}

type quiescenceSink struct {
t *time.Timer
}


func (q quiescenceSink) Accept(name string, level log.Level, msg string, args ...interface{}) {
q.t.Reset(100 * time.Millisecond)
}

func (c *ServerCommand) Run(args []string) int {
f := c.Flags()

Expand Down Expand Up @@ -1592,6 +1601,7 @@ CLUSTER_SYNTHESIS_COMPLETE:

// If we're in Dev mode, then initialize the core
if c.flagDev && !c.flagDevSkipInit {

init, err := c.enableDev(core, coreConfig)
if err != nil {
c.UI.Error(fmt.Sprintf("Error initializing Dev mode: %s", err))
Expand Down Expand Up @@ -1630,69 +1640,77 @@ CLUSTER_SYNTHESIS_COMPLETE:
sort.Strings(plugins)
}

// Print the big dev mode warning!
c.UI.Warn(wrapAtLength(
"WARNING! dev mode is enabled! In this mode, Vault runs entirely " +
"in-memory and starts unsealed with a single unseal key. The root " +
"token is already authenticated to the CLI, so you can immediately " +
"begin using Vault."))
c.UI.Warn("")
c.UI.Warn("You may need to set the following environment variable:")
c.UI.Warn("")
var qw *quiescenceSink
qw = &quiescenceSink{
t: time.AfterFunc(100*time.Millisecond, func() {
// Print the big dev mode warning!
c.UI.Warn(wrapAtLength(
"WARNING! dev mode is enabled! In this mode, Vault runs entirely " +
"in-memory and starts unsealed with a single unseal key. The root " +
"token is already authenticated to the CLI, so you can immediately " +
"begin using Vault."))
c.UI.Warn("")
c.UI.Warn("You may need to set the following environment variable:")
c.UI.Warn("")

endpointURL := "http://" + config.Listeners[0].Address
if runtime.GOOS == "windows" {
c.UI.Warn("PowerShell:")
c.UI.Warn(fmt.Sprintf(" $env:VAULT_ADDR=\"%s\"", endpointURL))
c.UI.Warn("cmd.exe:")
c.UI.Warn(fmt.Sprintf(" set VAULT_ADDR=%s", endpointURL))
} else {
c.UI.Warn(fmt.Sprintf(" $ export VAULT_ADDR='%s'", endpointURL))
}

endpointURL := "http://" + config.Listeners[0].Address
if runtime.GOOS == "windows" {
c.UI.Warn("PowerShell:")
c.UI.Warn(fmt.Sprintf(" $env:VAULT_ADDR=\"%s\"", endpointURL))
c.UI.Warn("cmd.exe:")
c.UI.Warn(fmt.Sprintf(" set VAULT_ADDR=%s", endpointURL))
} else {
c.UI.Warn(fmt.Sprintf(" $ export VAULT_ADDR='%s'", endpointURL))
}
// Unseal key is not returned if stored shares is supported
if len(init.SecretShares) > 0 {
c.UI.Warn("")
c.UI.Warn(wrapAtLength(
"The unseal key and root token are displayed below in case you want " +
"to seal/unseal the Vault or re-authenticate."))
c.UI.Warn("")
c.UI.Warn(fmt.Sprintf("Unseal Key: %s", base64.StdEncoding.EncodeToString(init.SecretShares[0])))
}

// Unseal key is not returned if stored shares is supported
if len(init.SecretShares) > 0 {
c.UI.Warn("")
c.UI.Warn(wrapAtLength(
"The unseal key and root token are displayed below in case you want " +
"to seal/unseal the Vault or re-authenticate."))
c.UI.Warn("")
c.UI.Warn(fmt.Sprintf("Unseal Key: %s", base64.StdEncoding.EncodeToString(init.SecretShares[0])))
}
if len(init.RecoveryShares) > 0 {
c.UI.Warn("")
c.UI.Warn(wrapAtLength(
"The recovery key and root token are displayed below in case you want " +
"to seal/unseal the Vault or re-authenticate."))
c.UI.Warn("")
c.UI.Warn(fmt.Sprintf("Recovery Key: %s", base64.StdEncoding.EncodeToString(init.RecoveryShares[0])))
}

if len(init.RecoveryShares) > 0 {
c.UI.Warn("")
c.UI.Warn(wrapAtLength(
"The recovery key and root token are displayed below in case you want " +
"to seal/unseal the Vault or re-authenticate."))
c.UI.Warn("")
c.UI.Warn(fmt.Sprintf("Recovery Key: %s", base64.StdEncoding.EncodeToString(init.RecoveryShares[0])))
}
c.UI.Warn(fmt.Sprintf("Root Token: %s", init.RootToken))

c.UI.Warn(fmt.Sprintf("Root Token: %s", init.RootToken))
if len(plugins) > 0 {
c.UI.Warn("")
c.UI.Warn(wrapAtLength(
"The following dev plugins are registered in the catalog:"))
for _, p := range plugins {
c.UI.Warn(fmt.Sprintf(" - %s", p))
}
}

if len(plugins) > 0 {
c.UI.Warn("")
c.UI.Warn(wrapAtLength(
"The following dev plugins are registered in the catalog:"))
for _, p := range plugins {
c.UI.Warn(fmt.Sprintf(" - %s", p))
}
}
if len(pluginsNotLoaded) > 0 {
c.UI.Warn("")
c.UI.Warn(wrapAtLength(
"The following dev plugins FAILED to be registered in the catalog due to unknown type:"))
for _, p := range pluginsNotLoaded {
c.UI.Warn(fmt.Sprintf(" - %s", p))
}
}

if len(pluginsNotLoaded) > 0 {
c.UI.Warn("")
c.UI.Warn(wrapAtLength(
"The following dev plugins FAILED to be registered in the catalog due to unknown type:"))
for _, p := range pluginsNotLoaded {
c.UI.Warn(fmt.Sprintf(" - %s", p))
}
}
c.UI.Warn("")
c.UI.Warn(wrapAtLength(
"Development mode should NOT be used in production installations!"))
c.UI.Warn("")
c.logger.DeregisterSink(qw)

c.UI.Warn("")
c.UI.Warn(wrapAtLength(
"Development mode should NOT be used in production installations!"))
c.UI.Warn("")
}),
}
c.logger.RegisterSink(qw)
}

// Initialize the HTTP servers
Expand Down