Commit graph

16742 commits

Author SHA1 Message Date
mickael-hc a8d8bf7c9d
update x/net (#18483) 2022-12-19 17:52:28 -05:00
akshya96 4126060d88
Prevent Brute Forcing: Create api endpoint to unlock users (#18279)
* code changes for unlock

* add test

* adding sys help

* adding sys help

* updating unlock user function

* edit test

* add changelog

* syshelp

* adding open api response definition

* removing response fields

* change path name
2022-12-19 14:24:42 -08:00
Alexander Scheel 3ccbddab0e
Add issuer reference info on JSON endpoint (#18482)
* Add issuer reference info on JSON endpoint

This endpoint is unauthenticated and shouldn't contain sensitive
information. However, listing the issuers (LIST /issuers) already
returns both the issuer ID and the issuer name (if any) so this
information is safe to return here.

When fetching /pki/issuer/default/json, it would be nice to know exactly
which issuer ID and name it corresponds to, without having to fetch the
authenticated endpoint as well.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-12-19 21:39:01 +00:00
Jaymala f86eaf2f98
Fix autopilot scenario race condition (#18469)
* Verify that upgraded nodes are unsealed before autopilot verification tests

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

* Fix failing autopilot verification test

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
2022-12-19 15:44:38 -05:00
Ellie c16e9df88c
docs: highlight paragraph about path in kv secrets engines docs (#18413) 2022-12-19 13:52:22 -06:00
Luis (LT) Carbonell c1a4a1150f
Add GitHub action to check for a milestone (#18406)
* Add GitHub action to check for a milestone

* Update comment

* Cleanup

* Add config

* move config to own directory
2022-12-19 12:38:41 -06:00
Jagger 1fd715f2cb
Fix typo (#18459)
If there are other typo related changes in flight, this fix can be included there.
2022-12-19 18:30:19 +00:00
Josh Black cd7d6d5761
De-duplicate namespaces when historical and current month data are mixed (#18452)
* De-duplicate namespaces when historical and current month data are mixed

* add changelog
2022-12-16 16:02:42 -08:00
Chelsea Shaw ec601025cb
Fix mount backend type-form enterprise test (#18457) 2022-12-16 23:32:08 +00:00
claire bontempo db1d3bc519
ui: add capabilities to pki key model (#18412)
* add capabilities to pki key model

* move key list from route into component

* rename test file

* rename test file

* add tests

* pass capabilities directly to key list componente

* add test for key list component

* rename test files

* remove href assertion
2022-12-16 22:13:59 +00:00
Hamid Ghaf f5720dd83b
Adding an Enos test for undo logs (#17675)
* Adding an Enos test for undo logs

* fixing a typo

* feedback

* fixing typo

* running make fmt

* removing a dependency

* var name change

* fixing a variable

* fix builder

* fix product version

* adding required fields

* feedback

* add artifcat bundle back

* fmt check

* point to correct instance

* minor fix

* feedback

* feedback
2022-12-16 16:51:34 -05:00
Chelsea Shaw 71b146a0d2
UI: glimmerize mount backend form (#18335) 2022-12-16 21:26:43 +00:00
Jaymala 360eaeb865
Fix the checkout sha for enos-run workflow (#18445)
- enos-run workflow will checkout the `main` branch by default, which would pass incorrect metadata to the workflow
so we use the `revision` passed by the calling workflow to checkout the sha and get the relavant metadata`

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
2022-12-16 15:19:10 -05:00
claire bontempo db801b9f03
UI/fix policy template doclinks (#18443)
* wip tests

* fix links

* Revert "wip tests"

This reverts commit aed9bb9b8fffb1b4d52d9c27644033ff3d983fff.
2022-12-16 11:09:21 -08:00
Yoko Hyakuna fc79152c48
Update the notes about Consul Connect CA issue (#18444) 2022-12-16 10:52:42 -08:00
Scott Miller 53e73ceba2
Use a cleaner worker pattern (#18422) 2022-12-16 11:35:24 -06:00
davidadeleon 51b1b6d446
Approle: Fix CIDR validation for /32 masks on Token Bound CIDRs (#18145)
* Fix CIDR validation for /32 masks

* run go fmt

* add changelog
2022-12-16 12:09:05 -05:00
John-Michael Faircloth 74f5a44684
docs: update azure docs to reflect new managed identity support (#18357)
* docs: update azure docs to reflect new managed identity support

* update links and formatting

* update wording

* update resource_id description

* fix formatting; add section on token limitations

* fix link and formatting
2022-12-16 09:40:59 -06:00
Ryan Cragun ebbbcf7e5e
test: normalize job and steps between build and release test workflows (#18425)
Signed-off-by: Ryan Cragun <me@ryan.ec>
2022-12-15 16:10:49 -07:00
claire bontempo caf8f83cd4
UI: download generated pki key (#18381)
* rename download service file

* rename file again

* add download-file service to engine

* refactor download button to use service

* refactor download service

* finish refactor download service, make arg  order consistent: filename, content, extension

* add download button to key details

* fix flaky test?
2022-12-15 22:57:20 +00:00
Chelsea Shaw 19decbd95d
UI: PKI Sign Certificate (#18343) 2022-12-15 22:42:18 +00:00
divyaac cb3f47065f
Added default endpoint info. Added note about backwards compabitibility (#17972)
* Added default endpoint info. Added note about backwards compabitibility

* Change wording

* Added note to router
2022-12-15 13:01:56 -08:00
claire bontempo 5b1071982f
ui: fix flaky oid auth test (#18417)
* add waitUntil

* add timeout
2022-12-15 20:54:18 +00:00
divyaac f8ad8bc5a5
OSS PR for Config Changes PR (#18418)
* OSS PR for Config Changes PR

* Edited tests

* typo

* Added changelog

* Remove changelog
2022-12-15 12:19:19 -08:00
Ryan Cragun 3051100e0a
test: pass build artifact name to release testing workflow (#18411)
Signed-off-by: Ryan Cragun <me@ryan.ec>
2022-12-15 11:47:14 -07:00
Scott Miller ffca8af4ff
Capture cryptosec responsibilities in CODEOWNERS (#18338)
* Capture cryptosec responsibilities in CODEOWNERS

* ->vault-crypto

* moooore
2022-12-15 12:11:43 -06:00
Nick Cabatoff 429916c135
Prevent panics in expiration invalidation, and make some changes for testing (#18401) 2022-12-15 18:09:36 +00:00
Mike Palmiotto 9d5f021792
Fix SHA1 patch for Go 1.19.4; patch test (#18405)
Bad news: the hot patch we were using breaks in Go 1.19.4: 6109c07ec4

Good news: we can now patch with an environment variable at runtime.

Co-authored-by: Christopher Swenson <christopher.swenson@hashicorp.com>
2022-12-15 12:52:45 -05:00
Turan Asikoglu 8c8a17f83b
[Doc] Fix minor inconsistencies with vault Helm chart (#18306)
* Fix minor inconsistencies with vault Helm chart

* extraSecretEnvironmentVars not a multiline string

* Trigger CCI
2022-12-15 11:59:09 -05:00
Sarah Thompson 8940880efd
Revert "Create test-reusable.yml" (#18371)
This reverts commit 131bf240293b0de1c22394b555b3e9878720738f.
2022-12-15 16:01:15 +00:00
Mike Palmiotto 55e9555ec4
Bump go version to 1.19.4 (#18393) 2022-12-15 10:55:58 -05:00
Mike Palmiotto 28d99481d3
Fix race in fsm.db (#18386)
We need to take a read lock when reading any of the FSM fields. Expose a
new fsm.Stats to handle a racy read and make sure we're consistently using
the f.db read lock wrappers.
2022-12-15 10:04:27 -05:00
claire bontempo d91e69d183
UI: update host to new doc link location (developer.hashicorp.com/) (#18374)
* change host for doc link

* add todo to LearnLink

* add changelog
2022-12-14 23:25:16 +00:00
Mike Palmiotto 5715cc9e54
Fix ci-config for go-version bumps (#18382)
The removal of the phony $(OUT) target was preventing `make ci-config`
from recognizing changes to .go-version, since it is not an explicit file target.
Reintroduce this change to get parity with ENT and fix go version bumps.
2022-12-14 16:35:03 -05:00
Alexander Scheel 3a5b48afe4
Correctly handle issuer tidying in auto-tidy config (#18347)
* Correctly handle issuer tidying in auto-tidy config

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add missing parameters to auto-tidy docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-12-14 15:35:21 -05:00
Christopher Swenson 53e49f1a39
Add a workaround to allow SHA-1 signatures in certs to work for Vault <= 1.11 (#18016) 2022-12-14 12:00:08 -08:00
Mike Palmiotto cb3406b1eb
plugins: Handle mount/enable for shadowed builtins (#17879)
* Allow mounting external plugins with same name/type as deprecated builtins
* Add some go tests for deprecation status handling
* Move timestamp storage to post-unseal
* Add upgrade-aware deprecation shutdown and tests
2022-12-14 13:06:33 -05:00
Chelsea Shaw 23a156122f
UI: PKI stub configure page (#18349) 2022-12-14 17:57:03 +00:00
Jason O'Donnell fccc90ce75
docs/policies: update denied_parameters description (#18366) 2022-12-14 16:51:02 +00:00
Chelsea Shaw 6d80ecdbdf
UI: Update database to connection name on role (#18350)
* Update database to connection name on role

* Add changelog
2022-12-14 10:23:59 -06:00
Mike Palmiotto 809a04c8b4
core: Make shutdownDoneCh atomic (#18358)
When issuing a core.Shutdown(), it is common to background the shutdown
request. This allows Vault to continue cleaning up, mainly to release
the stateLock. This allows the shutdown to complete, but is inherently
racy, so the core.shutdownDoneCh needs to be made atomic.
2022-12-14 15:59:11 +00:00
Sarah Thompson 55b21f2012
Create test-reusable.yml 2022-12-14 15:27:56 +00:00
Mike Palmiotto 4b8747ab51
command/audit: Recommend multiple audit devices (#18348)
* command/audit: Add note about enabling multiple audit devices

* docs: Recommend multiple audit devices
2022-12-13 17:51:03 -05:00
Jordan Reimer b2aa164c21
Duo Passcode Prepend (#18342)
* prepends passcode= for duo totp mfa method

* adds changelog entry
2022-12-13 14:50:11 -07:00
John-Michael Faircloth 5d8897528f
docs: add note on aws snapstart incompatibility (#18344)
* add note on snapstart incompatibility

* update note with link to aws and more details

* fix typo
2022-12-13 15:38:38 -06:00
Ryan Cragun 0a884689a0
test: add build artifacts to release testing workflow (#18336)
Add build artifacts to release testing workflow

Signed-off-by: Ryan Cragun <me@ryan.ec>
2022-12-13 12:00:58 -07:00
Chelsea Shaw 790156a07b
UI: PKI generate cert from role (#18300) 2022-12-13 18:37:10 +00:00
Scott Miller c9531431a4
Add the batch reference field, as in Transform, to Transit operations (#18243)
* Add the batch reference field, as in Transform, to Transit operations

* changelog

* docs

* More mapstructure tags
2022-12-13 12:03:40 -06:00
Mike Baum 5b07829941
Fix role name in CI bootstrap workflow (#18330)
Fixed role name in ci bootstrap workflow
2022-12-13 09:20:49 -05:00
Scott Miller c1cfc11a51
Return the partial success code override for all batch error types (#18310)
* Return the partial success code override for all batch error types

* changelog

* docs

* Lost the actual override logic. :)

* And don't hardcode 400

* gate on success
2022-12-12 17:08:22 -06:00