[PR PATCH] vault: update to 1.8.2.

[PR PATCH] vault: update to 1.8.2.

[the-maldridge]

[-- Attachment #1: Type: text/plain, Size: 1569 bytes --]

There is a new pull request by the-maldridge against master on the void-packages repository

https://github.com/void-linux/void-packages vault182
https://github.com/void-linux/void-packages/pull/32812

vault: update to 1.8.2.
<!-- Mark items with [x] where applicable -->

#### General
- [ ] This is a new package and it conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements)

#### Have the results of the proposed changes been tested?
- [ ] I use the packages affected by the proposed changes on a regular basis and confirm this PR works for me
- [ ] I generally don't use the affected packages but briefly tested this PR

<!--
If GitHub CI cannot be used to validate the build result (for example, if the
build is likely to take several hours), make sure to
[skip CI](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration).
When skipping CI, uncomment and fill out the following section.
Note: for builds that are likely to complete in less than 2 hours, it is not
acceptable to skip CI.
-->
<!-- 
#### Does it build and run successfully? 
(Please choose at least one native build and, if supported, at least one cross build. More are better.)
- [ ] I built this PR locally for my native architecture, (ARCH-LIBC)
- [ ] I built this PR locally for these architectures (if supported. mark crossbuilds):
  - [ ] aarch64-musl
  - [ ] armv7l
  - [ ] armv6l-musl
-->


A patch file from https://github.com/void-linux/void-packages/pull/32812.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-vault182-32812.patch --]
[-- Type: text/x-diff, Size: 14238 bytes --]

From 1ae94fae173ec921f5fcb6aebd56ca3f30a54f44 Mon Sep 17 00:00:00 2001
From: Michael Aldridge <maldridge@VoidLinux.org>
Date: Thu, 2 Sep 2021 21:54:37 -0500
Subject: [PATCH] vault: update to 1.8.2.

---
 srcpkgs/vault/patches/pr12358.patch | 313 ++++++++++++++++++++++++++++
 srcpkgs/vault/template              |   9 +-
 2 files changed, 317 insertions(+), 5 deletions(-)
 create mode 100644 srcpkgs/vault/patches/pr12358.patch

diff --git a/srcpkgs/vault/patches/pr12358.patch b/srcpkgs/vault/patches/pr12358.patch
new file mode 100644
index 000000000000..f0b840397cca
--- /dev/null
+++ b/srcpkgs/vault/patches/pr12358.patch
@@ -0,0 +1,313 @@
+From 83fa452c245bbee4e491a9341710d377c23f5c79 Mon Sep 17 00:00:00 2001
+From: "Scott G. Miller" <smiller@hashicorp.com>
+Date: Wed, 18 Aug 2021 20:49:41 -0400
+Subject: [PATCH 1/5] Upgrade go-limiter
+
+---
+ go.mod | 2 +-
+ go.sum | 2 ++
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/go.mod b/go.mod
+index eea85d2e11c..553ed07c28f 100644
+--- a/go.mod
++++ b/go.mod
+@@ -160,7 +160,7 @@ require (
+ 	github.com/ryanuber/go-glob v1.0.0
+ 	github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da
+ 	github.com/sasha-s/go-deadlock v0.2.0
+-	github.com/sethvargo/go-limiter v0.3.0
++	github.com/sethvargo/go-limiter v0.7.0
+ 	github.com/shirou/gopsutil v3.21.5+incompatible
+ 	github.com/stretchr/testify v1.7.0
+ 	github.com/tencentcloud/tencentcloud-sdk-go v3.0.171+incompatible // indirect
+diff --git a/go.sum b/go.sum
+index 6c0e366f593..894a1e6015d 100644
+--- a/go.sum
++++ b/go.sum
+@@ -1121,6 +1121,8 @@ github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 h1:nn5Wsu0esKSJiIVhscUt
+ github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
+ github.com/sethvargo/go-limiter v0.3.0 h1:yRMc+Qs2yqw6YJp6UxrO2iUs6DOSq4zcnljbB7/rMns=
+ github.com/sethvargo/go-limiter v0.3.0/go.mod h1:C0kbSFbiriE5k2FFOe18M1YZbAR2Fiwf72uGu0CXCcU=
++github.com/sethvargo/go-limiter v0.7.0 h1:CSvIHUxzNBVmsopHcMmYANZMsJFFJTi9kO+Ms+EYIhM=
++github.com/sethvargo/go-limiter v0.7.0/go.mod h1:C0kbSFbiriE5k2FFOe18M1YZbAR2Fiwf72uGu0CXCcU=
+ github.com/shirou/gopsutil v3.21.5+incompatible h1:OloQyEerMi7JUrXiNzy8wQ5XN+baemxSl12QgIzt0jc=
+ github.com/shirou/gopsutil v3.21.5+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA=
+ github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24 h1:pntxY8Ary0t43dCZ5dqY4YTJCObLY1kIXl0uzMv+7DE=
+
+From 43e8a7569e29071d5521651ae181e7ca21a9bb4a Mon Sep 17 00:00:00 2001
+From: "Scott G. Miller" <smiller@hashicorp.com>
+Date: Wed, 18 Aug 2021 20:49:59 -0400
+Subject: [PATCH 2/5] Modify quota system to pass contexts to upgraded
+ go-limiter
+
+---
+ vault/quotas/quotas.go            | 12 ++++++------
+ vault/quotas/quotas_rate_limit.go | 13 +++++++++----
+ vault/quotas/quotas_util.go       |  4 ++--
+ 3 files changed, 17 insertions(+), 12 deletions(-)
+
+diff --git a/vault/quotas/quotas.go b/vault/quotas/quotas.go
+index 99dc80e621d..f68e504ddec 100644
+--- a/vault/quotas/quotas.go
++++ b/vault/quotas/quotas.go
+@@ -168,7 +168,7 @@ type Manager struct {
+ // Quota represents the common properties of every quota type
+ type Quota interface {
+ 	// allow checks the if the request is allowed by the quota type implementation.
+-	allow(*Request) (Response, error)
++	allow(context.Context, *Request) (Response, error)
+ 
+ 	// quotaID is the identifier of the quota rule
+ 	quotaID() string
+@@ -181,7 +181,7 @@ type Quota interface {
+ 
+ 	// close defines any cleanup behavior that needs to be executed when a quota
+ 	// rule is deleted.
+-	close() error
++	close(context.Context) error
+ 
+ 	// handleRemount takes in the new mount path in the quota
+ 	handleRemount(string)
+@@ -287,7 +287,7 @@ func (m *Manager) setQuotaLocked(ctx context.Context, qType string, quota Quota,
+ 	// If there already exists an entry in the db, remove that first.
+ 	if raw != nil {
+ 		quota := raw.(Quota)
+-		if err := quota.close(); err != nil {
++		if err := quota.close(ctx); err != nil {
+ 			return err
+ 		}
+ 		err = txn.Delete(qType, raw)
+@@ -518,7 +518,7 @@ func (m *Manager) DeleteQuota(ctx context.Context, qType string, name string) er
+ 	}
+ 
+ 	quota := raw.(Quota)
+-	if err := quota.close(); err != nil {
++	if err := quota.close(ctx); err != nil {
+ 		return err
+ 	}
+ 
+@@ -541,7 +541,7 @@ func (m *Manager) DeleteQuota(ctx context.Context, qType string, name string) er
+ // ApplyQuota runs the request against any quota rule that is applicable to it. If
+ // there are multiple quota rule that matches the request parameters, rule that
+ // takes precedence will be used to allow/reject the request.
+-func (m *Manager) ApplyQuota(req *Request) (Response, error) {
++func (m *Manager) ApplyQuota(ctx context.Context, req *Request) (Response, error) {
+ 	var resp Response
+ 
+ 	quota, err := m.QueryQuota(req)
+@@ -562,7 +562,7 @@ func (m *Manager) ApplyQuota(req *Request) (Response, error) {
+ 		return resp, nil
+ 	}
+ 
+-	return quota.allow(req)
++	return quota.allow(ctx, req)
+ }
+ 
+ // SetEnableRateLimitAuditLogging updates the operator preference regarding the
+diff --git a/vault/quotas/quotas_rate_limit.go b/vault/quotas/quotas_rate_limit.go
+index 64117b00201..ad58b2af322 100644
+--- a/vault/quotas/quotas_rate_limit.go
++++ b/vault/quotas/quotas_rate_limit.go
+@@ -1,6 +1,7 @@
+ package quotas
+ 
+ import (
++	"context"
+ 	"encoding/hex"
+ 	"fmt"
+ 	"math"
+@@ -264,7 +265,7 @@ func (rlq *RateLimitQuota) QuotaName() string {
+ // returned if the request ID or address is empty. If the path is exempt, the
+ // quota will not be evaluated. Otherwise, the client rate limiter is retrieved
+ // by address and the rate limit quota is checked against that limiter.
+-func (rlq *RateLimitQuota) allow(req *Request) (Response, error) {
++func (rlq *RateLimitQuota) allow(ctx context.Context, req *Request) (Response, error) {
+ 	resp := Response{
+ 		Headers: make(map[string]string),
+ 	}
+@@ -300,7 +301,11 @@ func (rlq *RateLimitQuota) allow(req *Request) (Response, error) {
+ 		}
+ 	}
+ 
+-	limit, remaining, reset, allow := rlq.store.Take(req.ClientAddress)
++	limit, remaining, reset, allow, err := rlq.store.Take(ctx, req.ClientAddress)
++	if err != nil {
++		return resp, err
++	}
++
+ 	resp.Allowed = allow
+ 	resp.Headers[httplimit.HeaderRateLimitLimit] = strconv.FormatUint(limit, 10)
+ 	resp.Headers[httplimit.HeaderRateLimitRemaining] = strconv.FormatUint(remaining, 10)
+@@ -320,13 +325,13 @@ func (rlq *RateLimitQuota) allow(req *Request) (Response, error) {
+ 
+ // close stops the current running client purge loop.
+ // It should be called with the write lock held.
+-func (rlq *RateLimitQuota) close() error {
++func (rlq *RateLimitQuota) close(ctx context.Context) error {
+ 	if rlq.purgeBlocked {
+ 		close(rlq.closePurgeBlockedCh)
+ 	}
+ 
+ 	if rlq.store != nil {
+-		return rlq.store.Close()
++		return rlq.store.Close(ctx)
+ 	}
+ 
+ 	return nil
+diff --git a/vault/quotas/quotas_util.go b/vault/quotas/quotas_util.go
+index dc2fcdfacc6..7c0732f673b 100644
+--- a/vault/quotas/quotas_util.go
++++ b/vault/quotas/quotas_util.go
+@@ -40,7 +40,7 @@ func (*entManager) Reset() error {
+ 
+ type LeaseCountQuota struct{}
+ 
+-func (l LeaseCountQuota) allow(request *Request) (Response, error) {
++func (l LeaseCountQuota) allow(_ context.Context, _ *Request) (Response, error) {
+ 	panic("implement me")
+ }
+ 
+@@ -56,7 +56,7 @@ func (l LeaseCountQuota) initialize(logger log.Logger, sink *metricsutil.Cluster
+ 	panic("implement me")
+ }
+ 
+-func (l LeaseCountQuota) close() error {
++func (l LeaseCountQuota) close(_ context.Context) error {
+ 	panic("implement me")
+ }
+ 
+
+From 2d2fda4511baeacc810499da552e3ff680bfe0a6 Mon Sep 17 00:00:00 2001
+From: "Scott G. Miller" <smiller@hashicorp.com>
+Date: Wed, 18 Aug 2021 20:52:08 -0400
+Subject: [PATCH 3/5] One more spot
+
+---
+ http/util.go  | 2 +-
+ vault/core.go | 4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/http/util.go b/http/util.go
+index 0550a93c7e6..cbb364843c3 100644
+--- a/http/util.go
++++ b/http/util.go
+@@ -48,7 +48,7 @@ func rateLimitQuotaWrapping(handler http.Handler, core *vault.Core) http.Handler
+ 			return
+ 		}
+ 
+-		quotaResp, err := core.ApplyRateLimitQuota(&quotas.Request{
++		quotaResp, err := core.ApplyRateLimitQuota(r.Context(), &quotas.Request{
+ 			Type:          quotas.TypeRateLimit,
+ 			Path:          path,
+ 			MountPath:     strings.TrimPrefix(core.MatchingMount(r.Context(), path), ns.Path),
+diff --git a/vault/core.go b/vault/core.go
+index 7d629099f70..79308173026 100644
+--- a/vault/core.go
++++ b/vault/core.go
+@@ -2722,7 +2722,7 @@ func (c *Core) setupQuotas(ctx context.Context, isPerfStandby bool) error {
+ 
+ // ApplyRateLimitQuota checks the request against all the applicable quota rules.
+ // If the given request's path is exempt, no rate limiting will be applied.
+-func (c *Core) ApplyRateLimitQuota(req *quotas.Request) (quotas.Response, error) {
++func (c *Core) ApplyRateLimitQuota(ctx context.Context, req *quotas.Request) (quotas.Response, error) {
+ 	req.Type = quotas.TypeRateLimit
+ 
+ 	resp := quotas.Response{
+@@ -2736,7 +2736,7 @@ func (c *Core) ApplyRateLimitQuota(req *quotas.Request) (quotas.Response, error)
+ 			return resp, nil
+ 		}
+ 
+-		return c.quotaManager.ApplyQuota(req)
++		return c.quotaManager.ApplyQuota(ctx, req)
+ 	}
+ 
+ 	return resp, nil
+
+From b535a57ce36123b0968fa19ec29c75974f59d265 Mon Sep 17 00:00:00 2001
+From: "Scott G. Miller" <smiller@hashicorp.com>
+Date: Wed, 1 Sep 2021 15:54:19 -0500
+Subject: [PATCH 4/5] Add context vars to unit tests
+
+---
+ vault/quotas/quotas_rate_limit_test.go | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/vault/quotas/quotas_rate_limit_test.go b/vault/quotas/quotas_rate_limit_test.go
+index 27225e3381e..944b5a67868 100644
+--- a/vault/quotas/quotas_rate_limit_test.go
++++ b/vault/quotas/quotas_rate_limit_test.go
+@@ -37,7 +37,7 @@ func TestNewRateLimitQuota(t *testing.T) {
+ 			err := tc.rlq.initialize(logging.NewVaultLogger(log.Trace), metricsutil.BlackholeSink())
+ 			require.Equal(t, tc.expectErr, err != nil, err)
+ 			if err == nil {
+-				require.Nil(t, tc.rlq.close())
++				require.Nil(t, tc.rlq.close(context.Background()))
+ 			}
+ 		})
+ 	}
+@@ -46,7 +46,7 @@ func TestNewRateLimitQuota(t *testing.T) {
+ func TestRateLimitQuota_Close(t *testing.T) {
+ 	rlq := NewRateLimitQuota("test-rate-limiter", "qa", "/foo/bar", 16.7, time.Second, time.Minute)
+ 	require.NoError(t, rlq.initialize(logging.NewVaultLogger(log.Trace), metricsutil.BlackholeSink()))
+-	require.NoError(t, rlq.close())
++	require.NoError(t, rlq.close(context.Background()))
+ 
+ 	time.Sleep(time.Second) // allow enough time for purgeClientsLoop to receive on closeCh
+ 	require.False(t, rlq.getPurgeBlocked(), "expected blocked client purging to be disabled after explicit close")
+@@ -66,14 +66,14 @@ func TestRateLimitQuota_Allow(t *testing.T) {
+ 	}
+ 
+ 	require.NoError(t, rlq.initialize(logging.NewVaultLogger(log.Trace), metricsutil.BlackholeSink()))
+-	defer rlq.close()
++	defer rlq.close(context.Background())
+ 
+ 	var wg sync.WaitGroup
+ 
+ 	reqFunc := func(addr string, atomicNumAllow, atomicNumFail *atomic.Int32) {
+ 		defer wg.Done()
+ 
+-		resp, err := rlq.allow(&Request{ClientAddress: addr})
++		resp, err := rlq.allow(context.Background(), &Request{ClientAddress: addr})
+ 		if err != nil {
+ 			return
+ 		}
+@@ -141,7 +141,7 @@ func TestRateLimitQuota_Allow_WithBlock(t *testing.T) {
+ 	}
+ 
+ 	require.NoError(t, rlq.initialize(logging.NewVaultLogger(log.Trace), metricsutil.BlackholeSink()))
+-	defer rlq.close()
++	defer rlq.close(context.Background())
+ 	require.True(t, rlq.getPurgeBlocked())
+ 
+ 	var wg sync.WaitGroup
+@@ -149,7 +149,7 @@ func TestRateLimitQuota_Allow_WithBlock(t *testing.T) {
+ 	reqFunc := func(addr string, atomicNumAllow, atomicNumFail *atomic.Int32) {
+ 		defer wg.Done()
+ 
+-		resp, err := rlq.allow(&Request{ClientAddress: addr})
++		resp, err := rlq.allow(context.Background(), &Request{ClientAddress: addr})
+ 		if err != nil {
+ 			return
+ 		}
+
+From d340179ec7f6af6673b1e66c68c37e5d0bf6648d Mon Sep 17 00:00:00 2001
+From: "Scott G. Miller" <smiller@hashicorp.com>
+Date: Wed, 1 Sep 2021 16:09:41 -0500
+Subject: [PATCH 5/5] missed one
+
+---
+ vault/quotas/quotas_rate_limit_test.go | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/vault/quotas/quotas_rate_limit_test.go b/vault/quotas/quotas_rate_limit_test.go
+index 944b5a67868..21f35dac3cb 100644
+--- a/vault/quotas/quotas_rate_limit_test.go
++++ b/vault/quotas/quotas_rate_limit_test.go
+@@ -221,5 +221,5 @@ func TestRateLimitQuota_Update(t *testing.T) {
+ 	require.NoError(t, qm.SetQuota(context.Background(), TypeRateLimit.String(), quota, true))
+ 	require.NoError(t, qm.SetQuota(context.Background(), TypeRateLimit.String(), quota, true))
+ 
+-	require.Nil(t, quota.close())
++	require.Nil(t, quota.close(context.Background()))
+ }
diff --git a/srcpkgs/vault/template b/srcpkgs/vault/template
index 60a348770005..9d946c7c396e 100644
--- a/srcpkgs/vault/template
+++ b/srcpkgs/vault/template
@@ -1,11 +1,11 @@
 # Template file for 'vault'
 pkgname=vault
-version=1.8.1
-revision=2
+version=1.8.2
+revision=1
 build_style=go
 go_import_path="github.com/hashicorp/vault"
 go_build_tags="release"
-_git_commit=4b0264f28defc05454c31277cfa6ff63695a458d
+_git_commit=aca76f63357041a43b49f3e8c11d67358496959f
 go_ldflags="-X ${go_import_path}/sdk/version.GitCommit=${_git_commit}"
 hostmakedepends="git"
 depends="libcap-progs"
@@ -14,11 +14,10 @@ maintainer="Michael Aldridge <maldridge@voidlinux.org>"
 license="MPL-2.0"
 homepage="https://www.vaultproject.io/"
 distfiles="https://github.com/hashicorp/vault/archive/v${version}.tar.gz"
-checksum=dbf389458fddeb5f8c567d00b6d17ce054f5b7667c226dbb598aa2c0f9048004
+checksum=ead7e85a64d31a8e69ca9932f1c53cdc46ed813d9532a8a7a7f0d187ea4f01f3
 system_accounts="_vault"
 make_dirs="/var/lib/vault 0700 _vault _vault
  /etc/vault 0700 root root"
-broken="FTBFS w/ Go 1.17 - hashicorp/vault#12456"
 
 case "$XBPS_TARGET_MACHINE" in
 	arm*) go_ldflags="$go_ldflags -linkmode=external";;

Re: [PR PATCH] [Merged]: vault: update to 1.8.2.

[the-maldridge]

[-- Attachment #1: Type: text/plain, Size: 215 bytes --]

There's a merged pull request on the void-packages repository

vault: update to 1.8.2.
https://github.com/void-linux/void-packages/pull/32812

Description:
 - [x] This package is part of Void's Core Infrastructure.