CE changes for VAULT-33018 (#29470)

tvoran · web-flow · commit 6a87419ab0ee · 2025-01-31T11:11:44.000-08:00
diff --git a/changelog/29470.txt b/changelog/29470.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+events (enterprise): Send events downstream to performance standby nodes in a cluster, removing the need to redirect client event subscriptions to the active node.
+```
diff --git a/http/handler.go b/http/handler.go
@@ -127,7 +127,6 @@ func init() {
 		"!sys/storage/raft/snapshot-auto/config",
 	})
 	websocketPaths.AddPaths(websocketRawPaths)
-	alwaysRedirectPaths.AddPaths(websocketRawPaths)
 }
 
 type HandlerAnchor struct{}
diff --git a/vault/eventbus/bus.go b/vault/eventbus/bus.go
@@ -118,19 +118,25 @@ func patchMountPath(data *logical.EventData, pluginInfo *logical.EventPluginInfo
 // the namespace and plugin info automatically.
 // The context passed in is currently ignored to ensure that the event is sent if the context is short-lived,
 // such as with an HTTP request context.
-func (bus *EventBus) SendEventInternal(_ context.Context, ns *namespace.Namespace, pluginInfo *logical.EventPluginInfo, eventType logical.EventType, data *logical.EventData) error {
+func (bus *EventBus) SendEventInternal(_ context.Context, ns *namespace.Namespace, pluginInfo *logical.EventPluginInfo, eventType logical.EventType, forwarded bool, data *logical.EventData) error {
 	if ns == nil {
 		return namespace.ErrNoNamespace
 	}
 	if !bus.started.Load() {
 		return ErrNotStarted
 	}
 	eventReceived := &logical.EventReceived{
-		Event:      patchMountPath(data, pluginInfo),
 		Namespace:  ns.Path,
 		EventType:  string(eventType),
 		PluginInfo: pluginInfo,
 	}
+	// If the event has been forwarded downstream, no need to patch the mount
+	// path again
+	if forwarded {
+		eventReceived.Event = data
+	} else {
+		eventReceived.Event = patchMountPath(data, pluginInfo)
+	}
 
 	// We can't easily know when the SendEvent is complete, so we can't call the cancel function.
 	// But, it is called automatically after bus.timeout, so there won't be any leak as long as bus.timeout is not too long.
@@ -161,10 +167,10 @@ func (bus *EventBus) WithPlugin(ns *namespace.Namespace, eventPluginInfo *logica
 // This function does *not* wait for all subscribers to acknowledge before returning.
 // The context passed in is currently ignored.
 func (bus *pluginEventBus) SendEvent(ctx context.Context, eventType logical.EventType, data *logical.EventData) error {
-	return bus.bus.SendEventInternal(ctx, bus.namespace, bus.pluginInfo, eventType, data)
+	return bus.bus.SendEventInternal(ctx, bus.namespace, bus.pluginInfo, eventType, false, data)
 }
 
-func NewEventBus(localClusterID string, logger hclog.Logger) (*EventBus, error) {
+func NewEventBus(localNodeID string, logger hclog.Logger) (*EventBus, error) {
 	broker, err := eventlogger.NewBroker()
 	if err != nil {
 		return nil, err
@@ -180,7 +186,7 @@ func NewEventBus(localClusterID string, logger hclog.Logger) (*EventBus, error)
 		logger = hclog.Default().Named("events")
 	}
 
-	sourceUrl, err := url.Parse("vault://" + localClusterID)
+	sourceUrl, err := url.Parse("vault://" + localNodeID)
 	if err != nil {
 		return nil, err
 	}
@@ -198,7 +204,7 @@ func NewEventBus(localClusterID string, logger hclog.Logger) (*EventBus, error)
 		formatterNodeID:            formatterNodeID,
 		timeout:                    defaultTimeout,
 		cloudEventsFormatterFilter: cloudEventsFormatterFilter,
-		filters:                    NewFilters(localClusterID),
+		filters:                    NewFilters(localNodeID),
 	}, nil
 }
 
@@ -336,6 +342,11 @@ func (bus *EventBus) NotifyOnClusterFilterChanges(ctx context.Context, cluster s
 	return bus.filters.watch(ctx, clusterID(cluster))
 }
 
+// NewAllEventsSubscription creates a new subscription to all events.
+func (bus *EventBus) NewAllEventsSubscription(ctx context.Context) (<-chan *eventlogger.Event, context.CancelFunc, error) {
+	return bus.subscribeInternal(ctx, nil, "*", "", nil)
+}
+
 // NewGlobalSubscription creates a new subscription to all events that match the global filter.
 func (bus *EventBus) NewGlobalSubscription(ctx context.Context) (<-chan *eventlogger.Event, context.CancelFunc, error) {
 	g := globalCluster
diff --git a/vault/eventbus/bus_test.go b/vault/eventbus/bus_test.go
@@ -36,14 +36,14 @@ func TestBusBasics(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)
 	if !errors.Is(err, ErrNotStarted) {
 		t.Errorf("Expected not started error but got: %v", err)
 	}
 
 	bus.Start()
 
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)
 	if err != nil {
 		t.Errorf("Expected no error sending: %v", err)
 	}
@@ -59,7 +59,7 @@ func TestBusBasics(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)
 	if err != nil {
 		t.Error(err)
 	}
@@ -100,7 +100,7 @@ func TestBusIgnoresSendContext(t *testing.T) {
 	ctx, cancel := context.WithCancel(context.Background())
 	cancel() // cancel immediately
 
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)
 	if err != nil {
 		t.Errorf("Expected no error sending: %v", err)
 	}
@@ -144,7 +144,7 @@ func TestSubscribeNonRootNamespace(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	err = bus.SendEventInternal(ctx, ns, nil, eventType, event)
+	err = bus.SendEventInternal(ctx, ns, nil, eventType, false, event)
 	if err != nil {
 		t.Error(err)
 	}
@@ -190,7 +190,7 @@ func TestNamespaceFiltering(t *testing.T) {
 	err = bus.SendEventInternal(ctx, &namespace.Namespace{
 		ID:   "abc",
 		Path: "/abc",
-	}, nil, eventType, event)
+	}, nil, eventType, false, event)
 	if err != nil {
 		t.Error(err)
 	}
@@ -203,7 +203,7 @@ func TestNamespaceFiltering(t *testing.T) {
 		// okay
 	}
 
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)
 	if err != nil {
 		t.Error(err)
 	}
@@ -253,11 +253,11 @@ func TestBus2Subscriptions(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType2, event2)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType2, false, event2)
 	if err != nil {
 		t.Error(err)
 	}
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType1, event1)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType1, false, event1)
 	if err != nil {
 		t.Error(err)
 	}
@@ -345,7 +345,7 @@ func TestBusSubscriptionsCancel(t *testing.T) {
 			if err != nil {
 				t.Fatal(err)
 			}
-			err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)
+			err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)
 			if err != nil {
 				t.Error(err)
 			}
@@ -357,7 +357,7 @@ func TestBusSubscriptionsCancel(t *testing.T) {
 			if err != nil {
 				t.Fatal(err)
 			}
-			err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)
+			err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)
 			if err != nil {
 				t.Error(err)
 			}
@@ -427,11 +427,11 @@ func TestBusWildcardSubscriptions(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, barEventType, event2)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, barEventType, false, event2)
 	if err != nil {
 		t.Error(err)
 	}
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, fooEventType, event1)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, fooEventType, false, event1)
 	if err != nil {
 		t.Error(err)
 	}
@@ -504,7 +504,7 @@ func TestDataPathIsPrependedWithMount(t *testing.T) {
 	}
 
 	// no plugin info means nothing should change
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, fooEventType, event)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, fooEventType, false, event)
 	if err != nil {
 		t.Error(err)
 	}
@@ -530,7 +530,7 @@ func TestDataPathIsPrependedWithMount(t *testing.T) {
 		PluginVersion: "v1.13.1+builtin",
 		Version:       "2",
 	}
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, fooEventType, event)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, fooEventType, false, event)
 	if err != nil {
 		t.Error(err)
 	}
@@ -571,7 +571,7 @@ func TestDataPathIsPrependedWithMount(t *testing.T) {
 	if err := event.Metadata.UnmarshalJSON(metadataBytes); err != nil {
 		t.Fatal(err)
 	}
-	err = bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, fooEventType, event)
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, fooEventType, false, event)
 	if err != nil {
 		t.Error(err)
 	}
@@ -587,6 +587,40 @@ func TestDataPathIsPrependedWithMount(t *testing.T) {
 	case <-timeout:
 		t.Error("Timeout waiting for event")
 	}
+
+	// Test that a forwarded event does not have anything prepended
+	event, err = logical.NewEvent()
+	if err != nil {
+		t.Fatal(err)
+	}
+	metadata = map[string]string{
+		logical.EventMetadataDataPath: "your/secret/path",
+		"not_touched":                 "xyz",
+	}
+	metadataBytes, err = json.Marshal(metadata)
+	if err != nil {
+		t.Fatal(err)
+	}
+	event.Metadata = &structpb.Struct{}
+	if err := event.Metadata.UnmarshalJSON(metadataBytes); err != nil {
+		t.Fatal(err)
+	}
+	err = bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, fooEventType, true, event)
+	if err != nil {
+		t.Error(err)
+	}
+
+	timeout = time.After(1 * time.Second)
+	select {
+	case message := <-ch:
+		metadata := message.Payload.(*logical.EventReceived).Event.Metadata.AsMap()
+		assert.Contains(t, metadata, "not_touched")
+		assert.Equal(t, "xyz", metadata["not_touched"])
+		assert.Contains(t, metadata, "data_path")
+		assert.Equal(t, "your/secret/path", metadata["data_path"])
+	case <-timeout:
+		t.Error("Timeout waiting for event")
+	}
 }
 
 // TestBexpr tests go-bexpr filters are evaluated on an event.
@@ -625,7 +659,7 @@ func TestBexpr(t *testing.T) {
 			PluginVersion: "v1.13.1+builtin",
 			Version:       "2",
 		}
-		return bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, logical.EventType(eventType), event)
+		return bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, logical.EventType(eventType), false, event)
 	}
 
 	testCases := []struct {
@@ -725,7 +759,7 @@ func TestSubscribeGlobal(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)
+	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -769,7 +803,7 @@ func TestSubscribeGlobal_WithApply(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)
+	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -805,7 +839,7 @@ func TestSubscribeCluster(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)
+	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -847,7 +881,7 @@ func TestSubscribeCluster_WithApply(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)
+	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -890,7 +924,7 @@ func TestClearGlobalFilter(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)
+	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -931,7 +965,7 @@ func TestClearClusterFilter(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)
+	err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)
 	if err != nil {
 		t.Fatal(err)
 	}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	+```release-note:improvement
	`2`	`+events (enterprise): Send events downstream to performance standby nodes in a cluster, removing the need to redirect client event subscriptions to the active node.`
	`3`	+```
Original file line number	Diff line number	Diff line change
`@@ -127,7 +127,6 @@ func init() {`
`127`	`127`	`"!sys/storage/raft/snapshot-auto/config",`
`128`	`128`	`})`
`129`	`129`	`websocketPaths.AddPaths(websocketRawPaths)`
`130`		`- alwaysRedirectPaths.AddPaths(websocketRawPaths)`
`131`	`130`	`}`
`132`	`131`
`133`	`132`	`type HandlerAnchor struct{}`
Original file line number	Diff line number	Diff line change
`@@ -36,14 +36,14 @@ func TestBusBasics(t *testing.T) {`
`36`	`36`	`t.Fatal(err)`
`37`	`37`	`}`
`38`	`38`
`39`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)`
	`39`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)`
`40`	`40`	`if !errors.Is(err, ErrNotStarted) {`
`41`	`41`	`t.Errorf("Expected not started error but got: %v", err)`
`42`	`42`	`}`
`43`	`43`
`44`	`44`	`bus.Start()`
`45`	`45`
`46`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)`
	`46`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)`
`47`	`47`	`if err != nil {`
`48`	`48`	`t.Errorf("Expected no error sending: %v", err)`
`49`	`49`	`}`
`@@ -59,7 +59,7 @@ func TestBusBasics(t *testing.T) {`
`59`	`59`	`t.Fatal(err)`
`60`	`60`	`}`
`61`	`61`
`62`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)`
	`62`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)`
`63`	`63`	`if err != nil {`
`64`	`64`	`t.Error(err)`
`65`	`65`	`}`
`@@ -100,7 +100,7 @@ func TestBusIgnoresSendContext(t *testing.T) {`
`100`	`100`	`ctx, cancel := context.WithCancel(context.Background())`
`101`	`101`	`cancel() // cancel immediately`
`102`	`102`
`103`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)`
	`103`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)`
`104`	`104`	`if err != nil {`
`105`	`105`	`t.Errorf("Expected no error sending: %v", err)`
`106`	`106`	`}`
`@@ -144,7 +144,7 @@ func TestSubscribeNonRootNamespace(t *testing.T) {`
`144`	`144`	`t.Fatal(err)`
`145`	`145`	`}`
`146`	`146`
`147`		`- err = bus.SendEventInternal(ctx, ns, nil, eventType, event)`
	`147`	`+ err = bus.SendEventInternal(ctx, ns, nil, eventType, false, event)`
`148`	`148`	`if err != nil {`
`149`	`149`	`t.Error(err)`
`150`	`150`	`}`
`@@ -190,7 +190,7 @@ func TestNamespaceFiltering(t *testing.T) {`
`190`	`190`	`err = bus.SendEventInternal(ctx, &namespace.Namespace{`
`191`	`191`	`ID: "abc",`
`192`	`192`	`Path: "/abc",`
`193`		`- }, nil, eventType, event)`
	`193`	`+ }, nil, eventType, false, event)`
`194`	`194`	`if err != nil {`
`195`	`195`	`t.Error(err)`
`196`	`196`	`}`
`@@ -203,7 +203,7 @@ func TestNamespaceFiltering(t *testing.T) {`
`203`	`203`	`// okay`
`204`	`204`	`}`
`205`	`205`
`206`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)`
	`206`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)`
`207`	`207`	`if err != nil {`
`208`	`208`	`t.Error(err)`
`209`	`209`	`}`
`@@ -253,11 +253,11 @@ func TestBus2Subscriptions(t *testing.T) {`
`253`	`253`	`t.Fatal(err)`
`254`	`254`	`}`
`255`	`255`
`256`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType2, event2)`
	`256`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType2, false, event2)`
`257`	`257`	`if err != nil {`
`258`	`258`	`t.Error(err)`
`259`	`259`	`}`
`260`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType1, event1)`
	`260`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType1, false, event1)`
`261`	`261`	`if err != nil {`
`262`	`262`	`t.Error(err)`
`263`	`263`	`}`
`@@ -345,7 +345,7 @@ func TestBusSubscriptionsCancel(t *testing.T) {`
`345`	`345`	`if err != nil {`
`346`	`346`	`t.Fatal(err)`
`347`	`347`	`}`
`348`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)`
	`348`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)`
`349`	`349`	`if err != nil {`
`350`	`350`	`t.Error(err)`
`351`	`351`	`}`
`@@ -357,7 +357,7 @@ func TestBusSubscriptionsCancel(t *testing.T) {`
`357`	`357`	`if err != nil {`
`358`	`358`	`t.Fatal(err)`
`359`	`359`	`}`
`360`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, event)`
	`360`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, eventType, false, event)`
`361`	`361`	`if err != nil {`
`362`	`362`	`t.Error(err)`
`363`	`363`	`}`
`@@ -427,11 +427,11 @@ func TestBusWildcardSubscriptions(t *testing.T) {`
`427`	`427`	`t.Fatal(err)`
`428`	`428`	`}`
`429`	`429`
`430`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, barEventType, event2)`
	`430`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, barEventType, false, event2)`
`431`	`431`	`if err != nil {`
`432`	`432`	`t.Error(err)`
`433`	`433`	`}`
`434`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, fooEventType, event1)`
	`434`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, fooEventType, false, event1)`
`435`	`435`	`if err != nil {`
`436`	`436`	`t.Error(err)`
`437`	`437`	`}`
`@@ -504,7 +504,7 @@ func TestDataPathIsPrependedWithMount(t *testing.T) {`
`504`	`504`	`}`
`505`	`505`
`506`	`506`	`// no plugin info means nothing should change`
`507`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, fooEventType, event)`
	`507`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, nil, fooEventType, false, event)`
`508`	`508`	`if err != nil {`
`509`	`509`	`t.Error(err)`
`510`	`510`	`}`
`@@ -530,7 +530,7 @@ func TestDataPathIsPrependedWithMount(t *testing.T) {`
`530`	`530`	`PluginVersion: "v1.13.1+builtin",`
`531`	`531`	`Version: "2",`
`532`	`532`	`}`
`533`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, fooEventType, event)`
	`533`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, fooEventType, false, event)`
`534`	`534`	`if err != nil {`
`535`	`535`	`t.Error(err)`
`536`	`536`	`}`
`@@ -571,7 +571,7 @@ func TestDataPathIsPrependedWithMount(t *testing.T) {`
`571`	`571`	`if err := event.Metadata.UnmarshalJSON(metadataBytes); err != nil {`
`572`	`572`	`t.Fatal(err)`
`573`	`573`	`}`
`574`		`- err = bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, fooEventType, event)`
	`574`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, fooEventType, false, event)`
`575`	`575`	`if err != nil {`
`576`	`576`	`t.Error(err)`
`577`	`577`	`}`
`@@ -587,6 +587,40 @@ func TestDataPathIsPrependedWithMount(t *testing.T) {`
`587`	`587`	`case <-timeout:`
`588`	`588`	`t.Error("Timeout waiting for event")`
`589`	`589`	`}`
	`590`	`+`
	`591`	`+ // Test that a forwarded event does not have anything prepended`
	`592`	`+ event, err = logical.NewEvent()`
	`593`	`+ if err != nil {`
	`594`	`+ t.Fatal(err)`
	`595`	`+ }`
	`596`	`+ metadata = map[string]string{`
	`597`	`+ logical.EventMetadataDataPath: "your/secret/path",`
	`598`	`+ "not_touched": "xyz",`
	`599`	`+ }`
	`600`	`+ metadataBytes, err = json.Marshal(metadata)`
	`601`	`+ if err != nil {`
	`602`	`+ t.Fatal(err)`
	`603`	`+ }`
	`604`	`+ event.Metadata = &structpb.Struct{}`
	`605`	`+ if err := event.Metadata.UnmarshalJSON(metadataBytes); err != nil {`
	`606`	`+ t.Fatal(err)`
	`607`	`+ }`
	`608`	`+ err = bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, fooEventType, true, event)`
	`609`	`+ if err != nil {`
	`610`	`+ t.Error(err)`
	`611`	`+ }`
	`612`	`+`
	`613`	`+ timeout = time.After(1 * time.Second)`
	`614`	`+ select {`
	`615`	`+ case message := <-ch:`
	`616`	`+ metadata := message.Payload.(*logical.EventReceived).Event.Metadata.AsMap()`
	`617`	`+ assert.Contains(t, metadata, "not_touched")`
	`618`	`+ assert.Equal(t, "xyz", metadata["not_touched"])`
	`619`	`+ assert.Contains(t, metadata, "data_path")`
	`620`	`+ assert.Equal(t, "your/secret/path", metadata["data_path"])`
	`621`	`+ case <-timeout:`
	`622`	`+ t.Error("Timeout waiting for event")`
	`623`	`+ }`
`590`	`624`	`}`
`591`	`625`
`592`	`626`	`// TestBexpr tests go-bexpr filters are evaluated on an event.`
`@@ -625,7 +659,7 @@ func TestBexpr(t *testing.T) {`
`625`	`659`	`PluginVersion: "v1.13.1+builtin",`
`626`	`660`	`Version: "2",`
`627`	`661`	`}`
`628`		`- return bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, logical.EventType(eventType), event)`
	`662`	`+ return bus.SendEventInternal(ctx, namespace.RootNamespace, &pluginInfo, logical.EventType(eventType), false, event)`
`629`	`663`	`}`
`630`	`664`
`631`	`665`	`testCases := []struct {`
`@@ -725,7 +759,7 @@ func TestSubscribeGlobal(t *testing.T) {`
`725`	`759`	`if err != nil {`
`726`	`760`	`t.Fatal(err)`
`727`	`761`	`}`
`728`		`- err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)`
	`762`	`+ err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)`
`729`	`763`	`if err != nil {`
`730`	`764`	`t.Fatal(err)`
`731`	`765`	`}`
`@@ -769,7 +803,7 @@ func TestSubscribeGlobal_WithApply(t *testing.T) {`
`769`	`803`	`if err != nil {`
`770`	`804`	`t.Fatal(err)`
`771`	`805`	`}`
`772`		`- err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)`
	`806`	`+ err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)`
`773`	`807`	`if err != nil {`
`774`	`808`	`t.Fatal(err)`
`775`	`809`	`}`
`@@ -805,7 +839,7 @@ func TestSubscribeCluster(t *testing.T) {`
`805`	`839`	`if err != nil {`
`806`	`840`	`t.Fatal(err)`
`807`	`841`	`}`
`808`		`- err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)`
	`842`	`+ err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)`
`809`	`843`	`if err != nil {`
`810`	`844`	`t.Fatal(err)`
`811`	`845`	`}`
`@@ -847,7 +881,7 @@ func TestSubscribeCluster_WithApply(t *testing.T) {`
`847`	`881`	`if err != nil {`
`848`	`882`	`t.Fatal(err)`
`849`	`883`	`}`
`850`		`- err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)`
	`884`	`+ err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)`
`851`	`885`	`if err != nil {`
`852`	`886`	`t.Fatal(err)`
`853`	`887`	`}`
`@@ -890,7 +924,7 @@ func TestClearGlobalFilter(t *testing.T) {`
`890`	`924`	`if err != nil {`
`891`	`925`	`t.Fatal(err)`
`892`	`926`	`}`
`893`		`- err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)`
	`927`	`+ err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)`
`894`	`928`	`if err != nil {`
`895`	`929`	`t.Fatal(err)`
`896`	`930`	`}`
`@@ -931,7 +965,7 @@ func TestClearClusterFilter(t *testing.T) {`
`931`	`965`	`if err != nil {`
`932`	`966`	`t.Fatal(err)`
`933`	`967`	`}`
`934`		`- err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", ev)`
	`968`	`+ err = bus.SendEventInternal(nil, namespace.RootNamespace, nil, "abcd", false, ev)`
`935`	`969`	`if err != nil {`
`936`	`970`	`t.Fatal(err)`
`937`	`971`	`}`