Backport Add kmip cluster tests. Also fix a bug in EnableDRSecondaryNoWait. into ce/main (#12059)

* no-op commit * Apply CE changes from #12052 --------- Co-authored-by: ncabatoff <ncabatoff@hashicorp.com>
2026-02-03 20:40:45 -05:00 · 2026-01-29 10:38:19 -05:00 · 2026-01-29 10:38:19 -05:00 · d7d140a3a3
commit d7d140a3a3
parent c499aa5288
2 changed files with 18 additions and 3 deletions
--- a/helper/testhelpers/replication/testcluster.go
+++ b/helper/testhelpers/replication/testcluster.go
@ -33,6 +33,21 @@ func SetCorePerf(t *testing.T, conf *vault.CoreConfig, opts *vault.TestClusterOp
 	return r
 }

+func SetCoreDR(t *testing.T, conf *vault.CoreConfig, opts *vault.TestClusterOptions) *testcluster.ReplicationSet {
+	r := NewReplicationSetCore(t, conf, opts, teststorage.InmemBackendSetup)
+	t.Cleanup(r.Cleanup)
+
+	// By default NewTestCluster will mount a kv under secret/.  This isn't
+	// done by docker-based clusters, so remove this to make us more like that.
+	require.Nil(t, r.Clusters["A"].Nodes()[0].APIClient().Sys().Unmount("secret"))
+
+	err := r.StandardDRReplication(context.Background())
+	if err != nil {
+		t.Fatal(err)
+	}
+	return r
+}
+
 func NewReplicationSetCore(t *testing.T, conf *vault.CoreConfig, opts *vault.TestClusterOptions, setup teststorage.ClusterSetupMutator) *testcluster.ReplicationSet {
 	r := &testcluster.ReplicationSet{
 		Clusters: map[string]testcluster.VaultCluster{},
--- a/sdk/helper/testcluster/replication.go
+++ b/sdk/helper/testcluster/replication.go
@ -463,10 +463,10 @@ func WaitForDRSecondary(ctx context.Context, pri, sec VaultCluster, skipPoisonPi
 	return nil
 }

-func EnableDRSecondaryNoWait(ctx context.Context, sec VaultCluster, drToken string) error {
+func EnableDRSecondaryNoWait(ctx context.Context, pri, sec VaultCluster, drToken string) error {
 	postData := map[string]interface{}{
 		"token":   drToken,
-		"ca_file": sec.GetCACertPEMFile(),
+		"ca_file": pri.GetCACertPEMFile(),
 	}

 	_, err := sec.Nodes()[0].APIClient().Logical().Write("sys/replication/dr/secondary/enable", postData)
@ -553,7 +553,7 @@ func WaitForDRReplicationWorking(ctx context.Context, pri, sec VaultCluster) err
 }

 func EnableDrSecondary(ctx context.Context, pri, sec VaultCluster, drToken string) error {
-	err := EnableDRSecondaryNoWait(ctx, sec, drToken)
+	err := EnableDRSecondaryNoWait(ctx, pri, sec, drToken)
 	if err != nil {
 		return err
 	}