afccbcb15e
CLI: Add version info to auth/secrets list -detailed ( #17293 )
2022-09-23 10:40:42 +01:00
c77f009759
Plugins: Allow explicitly specifying the builtin version of a plugin ( #17289 )
2022-09-22 23:15:46 +01:00
b0499a7cdb
render ss tooltip conditionally ( #17288 )
2022-09-22 18:02:24 -04:00
2b8d8a3c6a
VAULT-8630 Fix goroutine leak from RLQ initialize ( #17281 )
...
* VAULT-8630 Fix goroutine leak from RLQ initialize
* VAULT-8630 Changelog
* VAULT-8630 additional nil check
2022-09-22 15:59:53 -04:00
7d09d5a653
CLI: Tune plugin version for auth/secret mounts ( #17277 )
...
* Add -plugin-version flag to vault auth/secrets tune
* CLI tests for auth/secrets tune
* CLI test for plugin register
* Plugin catalog listing bug where plugins of different type with the same name could be double counted
* Use constant for -plugin-version flag name
2022-09-22 20:55:46 +01:00
b17ea8c6bd
Add managed key docs for gcp ( #17280 )
...
* add managed key docs for gcp
* fix algorithm parameter
* add missing bracket
2022-09-22 14:44:21 -05:00
254608f579
Add test for multihost connection strings with Postgres ( #16912 )
...
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2022-09-22 14:00:56 -05:00
a6139cd5b2
Fixes multiplexed plugin initialization after manual plugin reload ( #17248 )
...
* Fixes initialize not called after v5 plugin reload
* use request context instead of core activeContext
2022-09-22 10:16:21 -07:00
5477fd86fa
Activity new clients for current month docs ( #16472 )
...
* docs draft
* docs complete
* change json for legibility
* change json for legibility
* namespace and mount attribution should exist outside new clients stanza
* address feedback
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* remove version from doc
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-09-22 10:00:18 -07:00
1c69e690aa
Transform BYOK Documentation ( #17121 )
...
* add api docs for transform byok endpoints
* add byok description to transform index page
* fix merge conflicts
* remove import_version for FPE
* text edits and add note about convergent tokenization
* add note for convergent tokenization
2022-09-22 10:56:12 -05:00
dfc3ad015a
website: content updates for developer ( #17035 )
...
* Chore (dev portal): update learn nav data links (#15515 )
* Update docs-nav-data.json
* Update docs-nav-data.json
* website: fixes internal redirects (#15750 )
* chore: remove duplicate overview item (#15805 )
* Use `badge` for `<sup>` tags in nav data JSON files (#15928 )
* Replacing <sup> tags with badge
* Adding type and color to badges
* fix broken links in vault docs (#15976 )
* website: Update old learn links to redirect locations (#16047 )
* update previews to render developer UI
* update redirects
* adjust content so it is backwards compat
Co-authored-by: HashiBot <62622282+hashibot-web@users.noreply.github.com>
Co-authored-by: Kendall Strautman <36613477+kendallstrautman@users.noreply.github.com>
Co-authored-by: Ashlee M Boyer <43934258+ashleemboyer@users.noreply.github.com>
2022-09-22 08:11:04 -07:00
fa8f7c793f
fix: PGP subkeys support ( #16224 )
...
* fix: PGP subkeys support
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
* fix: bump ProtonMail/go-crypto
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
* fix: bump ProtonMail/go-crypto
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2022-09-22 09:12:41 -04:00
f920640db7
Plugins: Auto version selection for auth/secrets + tune version ( #17167 )
2022-09-22 13:53:52 +01:00
6593466b3e
secret/database/redis: upgrade plugin to v0.1.0 ( #17270 )
2022-09-21 19:39:50 -05:00
895f2c9f3d
Change usages of RunningSha to RunningSha256 ( #17266 )
...
Some PRs got crossed and somehow these were missed in the
build checks for #17182 .
2022-09-21 13:32:00 -07:00
4e51491f7a
Upgrade vault-plugin-auth-alicloud to v0.13.0 ( #17251 )
2022-09-21 21:05:18 +01:00
b0a580de47
CLI: Fix erroneous warning when reading from stdin ( #17252 )
2022-09-21 21:04:49 +01:00
2c8e88ab67
Check if plugin version matches running version ( #17182 )
...
Check if plugin version matches running version
When registering a plugin, we check if the request version matches the
self-reported version from the plugin. If these do not match, we log a
warning.
This uncovered a few missing pieces for getting the database version
code fully working.
We added an environment variable that helps us unit test the running
version behavior as well, but only for approle, postgresql, and consul
plugins.
Return 400 on plugin not found or version mismatch
Populate the running SHA256 of plugins in the mount and auth tables (#17217 )
2022-09-21 12:25:04 -07:00
dc3beb428e
docs: Update agent autoauth sinks examples ( #17229 )
2022-09-21 14:19:16 -04:00
6495522ab7
adding boundary and waypoint plugins to portal ( #17259 )
2022-09-21 14:05:17 -04:00
65b851bc2c
Fixes concurrent map writes in GRPC plugin server setup ( #17247 )
...
* Fixes concurrent map writes in GRPC plugin server setup
* move lock closer to critical section
2022-09-21 11:04:20 -07:00
45cb910d0b
Try to bring versions of gofumpt to be the same (so running make bootstrap doesn't change version of gofumpt needed for make fmt) ( #17254 )
2022-09-21 12:57:34 -04:00
9164d04262
Remove extra spaces in the table ( #17257 )
2022-09-21 08:42:51 -07:00
9ced47be66
agent: Fix missing file suffix in config test ( #17245 )
2022-09-21 11:30:04 -04:00
2d58591feb
Fix non-atomic read of atomic value fix ( #17255 )
...
* Always load to access certCount
* Test-reads of the atomic value.
2022-09-21 11:24:34 -04:00
aef402a30f
PKI Keys List View ( #17239 )
...
* setup
* cleanup
* cleanup
2022-09-21 08:41:44 -06:00
3623271601
vault-plugin-secrets-apigee ( #17249 )
2022-09-21 09:08:25 -04:00
17898e5588
PKI Certificates List View ( #17236 )
...
* setup
* cleanup
* cleanup
* cleanup
* remove filtering for now:
2022-09-20 17:22:37 -06:00
cca25103f6
Merge branch 'main' of github.com:hashicorp/vault
2022-09-20 16:33:25 -05:00
c0d7ad6d5d
update changelog
2022-09-20 16:32:37 -05:00
ad3a093b40
Prevent PSS with Go-incompatible CAs, CSRs, Private Keys ( #17223 )
...
* Fix interoperability concerns with PSS
When Go parses a certificate with rsaPSS OID, it will accept this
certificate but not parse the SubjectPublicKeyInfo, leaving the
PublicKeyAlgorithm and PublicKey fields blank, but otherwise not erring.
The same behavior occurs with rsaPSS OID CSRs.
On the other hand, when Go parses rsaPSS OID PKCS8 private keys, these
keys will fail to parse completely.
Thus, detect and fail on any empty PublicKey certs and CSRs, warning the
user that we cannot parse these correctly and thus refuse to operate.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Run more PKI tests in parallel
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add notes about PSS shortcomings to considerations
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-09-20 17:30:58 -04:00
0856fa11a3
Fix fmt error ( #17241 )
2022-09-20 13:33:01 -07:00
a231f68549
Update Vault on main to pull in SDK 1.13 version bump ( #17240 )
2022-09-20 16:08:06 -04:00
e5319bcc3c
Bump version in SDK to 1.13 for next major release ( #17233 )
2022-09-20 15:40:06 -04:00
a89586a3cb
adds enhanced checks for hcp link status timestamp and error message and uses HCP abbreviation in messaging ( #17235 )
2022-09-20 12:57:32 -06:00
f2adbb3e47
Basics of Cert-Count Non-Locking Telemetry ( #16676 )
...
Basics of Cert-Count Telemetry, changelog, "best attempt" slice to capture (and test for) duplicates, Move sorting of possibleDoubleCountedRevokedSerials to after compare of entries. Add values to counter when still initializing.
Set lists to nil after use, Fix atomic2 import, Delay reporting metrics until after deduplication has completed,
The test works now, Move string slice to helper function; Add backendUUID to gauge name.
2022-09-20 10:32:20 -07:00
2e197fcfcd
PKI Issuer List view ( #17210 )
...
* initial setup for issuers toolbar and some slight changes to roles model after discussion with design.
* wip
* wip ... :/
* finalizes serializer and linkedblock iteration of is_default
* clean up
* fix
* forgot this bit
* pr comments amendments:
* small PR comment changes
2022-09-20 09:25:57 -06:00
559754d580
Break grabLockOrStop into two pieces to facilitate investigating deadlocks ( #17187 )
...
Break grabLockOrStop into two pieces to facilitate investigating deadlocks. Without this change, the "grab" goroutine looks the same regardless of who was calling grabLockOrStop, so there's no way to identify one of the deadlock parties.
2022-09-20 11:03:16 -04:00
ba096f9dfa
update vault auth submodules to api/v1.8.0 ( #17228 )
2022-09-20 10:51:51 -04:00
bd27bdba5a
update vault to api/v1.8.0 ( #17227 )
2022-09-20 10:31:08 -04:00
b7c4c80a5c
update api to use sdk/v0.6.0 ( #17224 )
2022-09-20 10:11:29 -04:00
d8101f82ee
Handle when pluginCatalog.Get returns (nil,nil) during cred backend creation ( #17204 )
2022-09-20 08:57:08 -04:00
c7f4d79684
We don't need to test LifetimeWatcher's behaviour with database leases specifically. ( #17208 )
2022-09-20 08:23:51 -04:00
f5655ae857
Plugins: Consistently use plugin_version ( #17171 )
...
* Delete Sha field, rename RunningSha -> RunningSha256
* Rename version -> plugin_version
2022-09-20 12:35:50 +01:00
abfeb59646
Upgrade vault-plugin-auth-centrify to v0.13.0 ( #17195 )
2022-09-20 06:05:50 -04:00
c548ea39be
Re-initialize v5 backend after a plugin crash ( #17140 )
2022-09-19 16:48:45 -07:00
5a8a896b5a
fix: upgrade vault-plugin-database-elasticsearch to v0.12.0 ( #17203 )
2022-09-19 14:46:23 -07:00
4ad2dcbfe3
fix: upgrade vault-plugin-database-couchbase to v0.8.0 ( #17205 )
2022-09-19 14:12:33 -07:00
e89745178b
UI: Add 'disable' to CRL config ( #17153 )
...
* add disable to crl attrs
* add changelog
* change styling per design
* update tests and fix default setting of buildCrl
* cleanup + refactor
2022-09-19 14:03:50 -07:00
b8afefbc6a
secrets/ad: update plugin to v0.14.0 ( #17214 )
2022-09-19 16:03:17 -05:00
Tom Proctor