Final changes to config sub-system (#8600)

- Introduces changes such as certain types of errors that can be ignored or which need to go into safe mode. - Update help text as per the review
2025-11-25 20:16:10 -05:00 · 2019-12-04 15:32:37 -08:00
parent 794eb54da8
commit c9940d8c3f
65 changed files with 605 additions and 1033 deletions
--- a/cmd/crypto/legacy.go
+++ b/cmd/crypto/legacy.go
@@ -83,10 +83,6 @@ func SetKMSConfig(s config.Config, cfg KMSConfig) {
 		return
 	}
 	s[config.KmsVaultSubSys][config.Default] = config.KVS{
-		config.KV{
-			Key:   config.State,
-			Value: config.StateOn,
-		},
 		config.KV{
 			Key:   KMSVaultEndpoint,
 			Value: cfg.Vault.Endpoint,
@@ -141,7 +137,7 @@ func SetKMSConfig(s config.Config, cfg KMSConfig) {
 // It sets the global KMS configuration according to the merged configuration
 // on success.
 func lookupConfigLegacy(kvs config.KVS) (KMSConfig, error) {
-	autoBool, err := config.ParseBool(env.Get(EnvAutoEncryptionLegacy, config.StateOff))
+	autoBool, err := config.ParseBool(env.Get(EnvAutoEncryptionLegacy, config.EnableOff))
 	if err != nil {
 		return KMSConfig{}, err
 	}
@@ -155,17 +151,6 @@ func lookupConfigLegacy(kvs config.KVS) (KMSConfig, error) {
 		},
 	}

-	// Assume default as "on" for legacy config since we didn't have a _STATE
-	// flag to turn it off, but we should honor it nonetheless to turn it off
-	// if the vault endpoint is down and there is no way to start the server.
-	stateBool, err := config.ParseBool(env.Get(EnvKMSVaultState, config.StateOn))
-	if err != nil {
-		return cfg, err
-	}
-	if !stateBool {
-		return cfg, nil
-	}
-
 	endpointStr := env.Get(EnvLegacyVaultEndpoint, "")
 	if endpointStr != "" {
 		// Lookup Hashicorp-Vault configuration & overwrite config entry if ENV var is present