search

hashicorp / vault-plugin-secrets-azure

Vault Azure Secrets plugin
Mozilla Public License 2.0
26 stars 19 forks source link

Permanently delete app during WAL rollback #138

Closed kazimierzbudzyk closed 1 year ago

kazimierzbudzyk commented 1 year ago

Overview

In the current form WAL rollback leaves apps in soft-deleted state which makes them still count towards tenant AD resource limit. As WAL rollback is supposed to cleanup when role assignment fails during dynamic SP creation it's alway guaranteed to have the App completely unused. With that it makes more sense to always permanently delete those apps on rollback, which is easily configurable in the current implementation.

Design of Change

No real design, just changing to permanently delete apps during rollback instead of default soft-delete.

Test Output

go test -v -run TestRoleAssignmentWALRollback
=== RUN   TestRoleAssignmentWALRollback
--- SKIP: TestRoleAssignmentWALRollback (0.00s)
PASS
ok      github.com/hashicorp/vault-plugin-secrets-azure 0.198s

Related Issues/Pull Requests

https://github.com/hashicorp/vault-plugin-secrets-azure/pull/110 https://github.com/hashicorp/vault-plugin-secrets-azure/pull/104

hashicorp-cla commented 1 year ago

CLA assistant check
All committers have signed the CLA.

calvn commented 1 year ago

Could you add an entry to the changelog?

kazimierzbudzyk commented 1 year ago

Could you add an entry to the changelog?

Done!

kazimierzbudzyk commented 1 year ago

Thanks a lot for the merge @vinay-gopalan! Do you happen to know when will the next release will be cut?