Add upgrade note for okta issue. (#9587)

This commit is contained in:
ncabatoff 2020-07-27 11:36:17 -04:00 committed by GitHub
parent 8a5b97198c
commit c3c253e76c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 13 additions and 4 deletions

View File

@ -18,3 +18,4 @@ for Vault 1.3.X compared to 1.4.0. Please read it carefully.
@include 'partials/ldap-upndomain-issue.mdx' @include 'partials/ldap-upndomain-issue.mdx'
@include 'partials/okta-group-pagination.mdx'

View File

@ -25,9 +25,7 @@ that allows for operators to sample the entry size, view the average, and adjust
the configuration value as necessary. For additional details, please see the configuration value as necessary. For additional details, please see
[Raft configuration](/docs/configuration/storage/raft). [Raft configuration](/docs/configuration/storage/raft).
## Known Issues ## Enabling telemetry on 32-bit systems will cause Vault to crash.
### Enabling telemetry on 32-bit systems will cause Vault to crash.
A workaround for this issue is to disable collection of usage gauges in A workaround for this issue is to disable collection of usage gauges in
the [telemetry](/docs/configuration/telemetry) stanza of the configuration. the [telemetry](/docs/configuration/telemetry) stanza of the configuration.
@ -44,7 +42,7 @@ This will suppress the metrics `vault.identity.entity.count`,
`vault.token.count.by_policy`, `vault.token.count.by_ttl` and `vault.secret.kv.count` `vault.token.count.by_policy`, `vault.token.count.by_ttl` and `vault.secret.kv.count`
that were introduced in version 1.5.0, but all other Vault telemetry will remain available. that were introduced in version 1.5.0, but all other Vault telemetry will remain available.
### Non-string values in seal config prevent startup ## Non-string values in seal config prevent startup
Any values in the [Seal configuration stanza](/docs/configuration/seal) Any values in the [Seal configuration stanza](/docs/configuration/seal)
that are not quoted strings yield a parse error of the form: that are not quoted strings yield a parse error of the form:
@ -63,3 +61,5 @@ The workaround is to quote the strings in question, as in:
``` ```
mechanism = "0x1082" mechanism = "0x1082"
``` ```
@include 'partials/okta-group-pagination.mdx'

View File

@ -0,0 +1,8 @@
## Okta auth with > 200 groups
In 1.4.0 Vault started using the official Okta Go client library. Unlike
the previous Okta library it used, the official library doesn't automatically
handle pagination when there are more than 200 groups listed. If a user
associated with more than 200 Okta groups logs in, only 200 of them will be
seen by Vault. The fix is [#9580](https://github.com/hashicorp/vault/pull/9580)
and will eventually appear in 1.4.x and 1.5.x point releases.