Invalidate the ManagedKeyRegistry cache when Vault config is updated. (#14179)

Add the hook needed to implement this functionality in vault-enterprise.
This commit is contained in:
Victor Rodriguez 2022-02-21 09:55:44 -05:00 committed by GitHub
parent a14f19802d
commit f7f6f937e4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 0 deletions

View file

@ -1605,6 +1605,10 @@ func (c *ServerCommand) Run(args []string) int {
default:
}
// Let the managedKeyRegistry react to configuration changes (i.e.
// changes in kms_libraries)
core.ReloadManagedKeyRegistryConfig()
case <-c.SigUSR2Ch:
logWriter := c.logger.StandardWriter(&hclog.StandardLoggerOptions{})
pprof.Lookup("goroutine").WriteTo(logWriter, 2)

View file

@ -8,5 +8,10 @@ package vault
const managedKeyRegistrySubPath = "managed-key-registry/"
func (c *Core) setupManagedKeyRegistry() error {
// Nothing to do, the registry is only used by enterprise features
return nil
}
func (c *Core) ReloadManagedKeyRegistryConfig() {
// Nothing to do, the registry is only used by enterprise features
}