From ec0857075e059df47e690f6dd877338aae2df4c6 Mon Sep 17 00:00:00 2001
From: "R.B. Boyer" <4903+rboyer@users.noreply.github.com>
Date: Tue, 6 Dec 2022 13:15:13 -0600
Subject: [PATCH] connect: use -dev-no-store-token for test vaults to reduce
 source of flakes (#15691)

It turns out that by default the dev mode vault server will attempt to interact with the
filesystem to store the provided root token. If multiple vault instances are running
they'll all awkwardly share the filesystem and if timing results in one server stopping
while another one is starting then the starting one will error with:

    Error initializing Dev mode: rename /home/circleci/.vault-token.tmp /home/circleci/.vault-token: no such file or directory

This change uses `-dev-no-store-token` to bypass that source of flakes. Also the
stdout/stderr from the vault process is included if the test fails.

The introduction of more `t.Parallel` use in https://github.com/hashicorp/consul/pull/15669
increased the likelihood of this failure, but any of the tests with multiple vaults in use
(or running multiple package tests in parallel that all use vault) were eventually going
to flake on this.
---
 agent/connect/ca/testing.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/agent/connect/ca/testing.go b/agent/connect/ca/testing.go
index ee5bb473c..70c297732 100644
--- a/agent/connect/ca/testing.go
+++ b/agent/connect/ca/testing.go
@@ -143,6 +143,12 @@ func NewTestVaultServer(t testing.T) *TestVaultServer {
 		clientAddr,
 		"-address",
 		clusterAddr,
+		// We pass '-dev-no-store-token' to avoid having multiple vaults oddly
+		// interact and fail like this:
+		//
+		//   Error initializing Dev mode: rename /home/circleci/.vault-token.tmp /home/circleci/.vault-token: no such file or directory
+		//
+		"-dev-no-store-token",
 	}
 
 	cmd := exec.Command(vaultBinaryName, args...)