backport of commit ce35e22

enos/modules/docker_minio/main.tf

@@ -73,6 +73,11 @@ variable "user_secret_access_key" {
   type        = string
   default     = "secretaccesskey"
 }
+variable "minio_alias" {
+  description = "Alias used in the minio cli"
+  type        = string
+  default     = "miniotest"
+}
 
 data "docker_registry_image" "minio_server" {
   name = var.image_name_server
@@ -139,6 +144,20 @@ resource "enos_local_exec" "init_minio" {
   inline = ["bash ./${path.module}/init.sh \"${var.image_name_client}\""]
 }
 
+resource "enos_local_exec" "set_alias" {
+  depends_on = [enos_local_exec.init_minio]
+  environment = {
+    MINIO_SERVER_CONTAINER_NAME = var.container_name,
+    MINIO_ALIAS                 = var.minio_alias
+    MINIO_ROOT_USER             = var.root_user,
+    MINIO_ROOT_PASSWORD         = var.root_password,
+  }
+
+  inline = [
+    "docker exec ${var.container_name} mc alias set ${var.minio_alias} http://localhost:9000 ${var.root_user} ${var.root_password}"
+  ]
+}
+
 output "bucket_name" {
   value = var.bucket_name
 }
@@ -158,3 +177,7 @@ output "bucket_region" {
 output "endpoint_url" {
   value = "http://${var.container_name}:9000"
 }
+
+output "alias" {
+  value = var.minio_alias
+}

enos/modules/test_e2e_docker/main.tf

@@ -134,6 +134,11 @@ variable "bucket_name" {
   type        = string
   default     = ""
 }
+variable "minio_alias" {
+  description = "Alias used in the minio cli"
+  type        = string
+  default     = ""
+}
 variable "bucket_endpoint_url" {
   description = "Endpoint URL for the storage bucket"
   type        = string
@@ -258,6 +263,7 @@ resource "enos_local_exec" "run_e2e_test" {
     E2E_BUCKET_ENDPOINT_URL       = var.bucket_endpoint_url
     E2E_BUCKET_ACCESS_KEY_ID      = var.access_key_id
     E2E_BUCKET_SECRET_ACCESS_KEY  = var.secret_access_key
+    E2E_MINIO_ALIAS               = var.minio_alias
     E2E_REGION                    = var.region
     E2E_POSTGRES_USER             = var.postgres_user
     E2E_POSTGRES_PASSWORD         = var.postgres_password

enos/modules/test_e2e_docker/test_runner.sh

@@ -27,6 +27,7 @@ docker run \
     -e "E2E_BUCKET_ENDPOINT_URL=$E2E_BUCKET_ENDPOINT_URL" \
     -e "E2E_BUCKET_ACCESS_KEY_ID=$E2E_BUCKET_ACCESS_KEY_ID" \
     -e "E2E_BUCKET_SECRET_ACCESS_KEY=$E2E_BUCKET_SECRET_ACCESS_KEY" \
+    -e "E2E_MINIO_ALIAS=$E2E_MINIO_ALIAS" \
     -e "VAULT_ADDR=$VAULT_ADDR_INTERNAL" \
     -e "VAULT_TOKEN=$VAULT_TOKEN" \
     -e "E2E_VAULT_ADDR=$E2E_VAULT_ADDR" \

internal/event/hclog_formatter_node.go

@@ -35,7 +35,8 @@ type hclogFormatterFilter struct {
 	allow      []*filter
 	deny       []*filter
 	signer     signer
-	l          sync.RWMutex
+	// l protects the signer field
+	l sync.RWMutex
 }
 
 func newHclogFormatterFilter(jsonFormat bool, opt ...Option) (*hclogFormatterFilter, error) {
@@ -205,6 +206,8 @@ func (f *hclogFormatterFilter) Process(ctx context.Context, e *eventlogger.Event
 	if err != nil {
 		return nil, fmt.Errorf("%s: unable to format: %w", op, err)
 	}
+	f.l.Lock()
+	defer f.l.Unlock()
 	if f.signer != nil && string(e.Type) == string(AuditType) {
 		bufHmac, err := f.signer(ctx, buf.Bytes())
 		if err != nil {

internal/ui/VERSION

@@ -1,4 +1,4 @@
-80b633a063a5825e3c416b912ac32bde76e5e600
+f9cd1c331f878eb674109d2e0e2c2a2f35c07b21
 # This file determines the version of the UI to embed in the boundary binary.
 # Update this file by running 'make update-ui-version' from the root of this repo.
 # Set UI_COMMITISH when running the above target to update to a specific version.

website/content/docs/concepts/filtering/worker-tags.mdx

@@ -190,7 +190,7 @@ resource "boundary_target" "aws-webservers-prod" {
 
 ### Example worker filter for Vault credential store
 
-<EnterpriseAlert product="boundary">This feature requires <a href="https://www.hashicorp.com/products/boundary">HCP Boundary or Boundary Enterprise</a></EnterpriseAlert>
+
 
 Tags are used to control which [workers] can manage Vault requests by specifying
 a `worker_filter`attribute when configuring [credential stores].