VAULT-13191: OSS changes (#19891)

* add open source changes for reporting * fix function signature * add changelog
2023-03-31 17:05:16 +02:00 · 2023-03-31 17:05:16 +02:00 · de56c728a1
parent af20d4a6aa
commit de56c728a1
7 changed files with 24 additions and 0 deletions
--- a/changelog/19891.txt
+++ b/changelog/19891.txt
@ -0,0 +1,3 @@
+```release-note:improvement
+core (enterprise): add configuration for license reporting 
+```
--- a/command/server/config_test_helpers.go
+++ b/command/server/config_test_helpers.go
@ -1100,6 +1100,7 @@ func testParseSeals(t *testing.T) {
 			},
 		},
 	}
+	addExpectedDefaultEntConfig(expected)
 	config.Prune()
 	require.Equal(t, config, expected)
 }
--- a/command/server/config_test_helpers_util.go
+++ b/command/server/config_test_helpers_util.go
@ -6,4 +6,5 @@
 package server

 func addExpectedEntConfig(c *Config, sentinelModules []string)                         {}
+func addExpectedDefaultEntConfig(c *Config)                                            {}
 func addExpectedEntSanitizedConfig(c map[string]interface{}, sentinelModules []string) {}
--- a/vault/activity_log.go
+++ b/vault/activity_log.go
@ -196,6 +196,9 @@ type ActivityLogCoreConfig struct {

 	// CensusReportInterval is the testing configuration for time
 	CensusReportInterval time.Duration
+
+	// MinimumRetentionMonths defines the minimum value for retention
+	MinimumRetentionMonths int
 }

 // NewActivityLog creates an activity log.
@ -956,6 +959,10 @@ func (a *ActivityLog) SetConfigInit(config activityConfig) {
 	a.defaultReportMonths = config.DefaultReportMonths
 	a.retentionMonths = config.RetentionMonths

+	if a.retentionMonths < a.configOverrides.MinimumRetentionMonths {
+		a.retentionMonths = a.configOverrides.MinimumRetentionMonths
+	}
+
 	if a.configOverrides.CensusReportInterval > 0 {
 		a.CensusReportInterval = a.configOverrides.CensusReportInterval
 	}
@ -1013,6 +1020,9 @@ func (a *ActivityLog) SetConfig(ctx context.Context, config activityConfig) {

 	a.defaultReportMonths = config.DefaultReportMonths
 	a.retentionMonths = config.RetentionMonths
+	if a.retentionMonths < a.configOverrides.MinimumRetentionMonths {
+		a.retentionMonths = a.configOverrides.MinimumRetentionMonths
+	}

 	// check for segments out of retention period, if it has changed
 	go a.retentionWorker(ctx, time.Now(), a.retentionMonths)
--- a/vault/core.go
+++ b/vault/core.go
@ -644,6 +644,9 @@ type Core struct {
 	// censusAgent is the mechanism used for reporting Vault's billing data.
 	censusAgent *CensusAgent

+	// censusLicensingEnabled records whether Vault is exporting census metrics
+	censusLicensingEnabled bool
+
 	// activeTime is set on active nodes indicating the time at which this node
 	// became active.
 	activeTime time.Time
--- a/vault/logical_system_activity.go
+++ b/vault/logical_system_activity.go
@ -325,6 +325,11 @@ func (b *SystemBackend) handleActivityConfigUpdate(ctx context.Context, req *log
 			if config.Enabled == "enable" && enabledStr == "disable" ||
 				!activityLogEnabledDefault && config.Enabled == "enable" && enabledStr == "default" ||
 				activityLogEnabledDefault && config.Enabled == "default" && enabledStr == "disable" {
+
+				// if census is enabled, the activity log cannot be disabled
+				if a.core.censusLicensingEnabled {
+					return logical.ErrorResponse("cannot disable the activity log while Reporting is enabled"), logical.ErrInvalidRequest
+				}
 				warnings = append(warnings, "the current monthly segment will be deleted because the activity log was disabled")
 			}

--- a/vault/testing.go
+++ b/vault/testing.go
@ -239,6 +239,7 @@ func TestCoreWithSealAndUINoCleanup(t testing.T, opts *CoreConfig) *Core {
 	}

 	conf.ActivityLogConfig = opts.ActivityLogConfig
+	testApplyEntBaseConfig(conf, opts)

 	c, err := NewCore(conf)
 	if err != nil {