Skip to content

Commit 5f70d06

Browse files
eriktateeriktate
committed
fixing HSM integration test issues
1 parent 968ddcf commit 5f70d06

File tree

1 file changed

+14
-10
lines changed

1 file changed

+14
-10
lines changed

lib/service/service.go

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -2067,19 +2067,19 @@ func (process *TeleportProcess) initAuthService() error {
20672067
ClusterName: clusterName,
20682068
})
20692069

2070-
if cfg.ClusterConfiguration == nil {
2071-
clusterConfig, err := local.NewClusterConfigurationService(b)
2070+
clusterConfig := cfg.ClusterConfiguration
2071+
if clusterConfig == nil {
2072+
clusterConfig, err = local.NewClusterConfigurationService(b)
20722073
if err != nil {
20732074
return trace.Wrap(err)
20742075
}
2075-
cfg.ClusterConfiguration = clusterConfig
20762076
}
20772077

20782078
// create keystore
20792079
keystoreOpts := &keystore.Options{
20802080
HostUUID: cfg.HostUUID,
20812081
ClusterName: cn,
2082-
AuthPreferenceGetter: cfg.ClusterConfiguration,
2082+
AuthPreferenceGetter: clusterConfig,
20832083
FIPS: cfg.FIPS,
20842084
}
20852085

@@ -2112,17 +2112,24 @@ func (process *TeleportProcess) initAuthService() error {
21122112
Backend: localRecordingEncryption,
21132113
KeyStore: keyStore,
21142114
Logger: logger,
2115+
LockConfig: backend.RunWhileLockedConfig{
2116+
LockConfiguration: backend.LockConfiguration{
2117+
Backend: process.backend,
2118+
TTL: time.Second * 30,
2119+
LockNameComponents: []string{"recording_encryption"},
2120+
},
2121+
},
21152122
})
21162123
if err != nil {
21172124
return trace.Wrap(err)
21182125
}
21192126

2120-
cfg.ClusterConfiguration = recordingencryption.NewClusterConfigService(cfg.ClusterConfiguration, recordingEncryptionManager)
2127+
clusterConfig = recordingencryption.NewClusterConfigService(clusterConfig, recordingEncryptionManager)
21212128
var emitter apievents.Emitter
21222129
var streamer events.Streamer
21232130
var uploadHandler events.MultipartHandler
21242131
var externalAuditStorage *externalauditstorage.Configurator
2125-
encryptedIO := recordingencryption.NewEncryptedIO(cfg.ClusterConfiguration, recordingEncryptionManager)
2132+
encryptedIO := recordingencryption.NewEncryptedIO(clusterConfig, recordingEncryptionManager)
21262133

21272134
// create the audit log, which will be consuming (and recording) all events
21282135
// and recording all sessions.
@@ -2229,9 +2236,6 @@ func (process *TeleportProcess) initAuthService() error {
22292236

22302237
traceClt = clt
22312238
}
2232-
if err != nil {
2233-
return trace.Wrap(err)
2234-
}
22352239

22362240
// Environment variable for disabling the check major version upgrade check and overrides
22372241
// latest known version in backend.
@@ -2245,7 +2249,7 @@ func (process *TeleportProcess) initAuthService() error {
22452249
VersionStorage: process.storage,
22462250
SkipVersionCheck: cfg.SkipVersionCheck || skipVersionCheckFromEnv,
22472251
Authority: cfg.Keygen,
2248-
ClusterConfiguration: cfg.ClusterConfiguration,
2252+
ClusterConfiguration: clusterConfig,
22492253
AutoUpdateService: cfg.AutoUpdateService,
22502254
ClusterAuditConfig: cfg.Auth.AuditConfig,
22512255
ClusterNetworkingConfig: cfg.Auth.NetworkingConfig,

0 commit comments

Comments
 (0)