* Replace deprecated terms in AWS Auth
This PR is part of an effort to remove non-inclusive language throughout
Vault. The AWS Auth backend uses the "whitelist" and "blacklist" term
extensively, and these are the focus of the PR:
* Add new API endpoints that use the preferred terminology, while
deprecating the old endpoints. These endpoints offer identical
functionality and are basically aliases. This is the only functional
change in the PR except for terms in error messages.
* Replace "whitelist" -> "access list", "blacklist" -> "deny list" in
variable names, comments, etc.
Note that storage locations were *not* changed at this time, as that is
a more complex process involving versioning that we may tackle in a future
revision. We have reduced the occurrences of non-inclusive language,
however.
Reviewers should be sure to "Ignore Whitespace" in diffs, especially for
the tests, which were basically indented one level as part of looping
over the tests with both the old and new names.
* Added support for iam_tags for AWS secret roles
This change allows iam_users generated by the secrets engine
to add custom tags in the form of key-value pairs to users
that are created.
* add side navigation for Terraform Cloud Secret Engine
* terraform cloud engine docs
* add api-docs for terraform cloud secret engine
* fix some typos and improve wording, now with less management
* fix capitalization
* change text->shell-session
* clarify rotating user roles returns an error
* Update role toolbar, serialization for special mongo values
* Only show defaultShown if no value on info table row
* Remove root_rotation_statements from mongo connection fields
* Wrap this.router in try/catch if in then statement
* Add changelog
* upgrade vault dependency set
* etcd and grpc issues:
* better for tests
* testing
* all upgrades for hashicorp deps
* kubernetes plugin upgrade seems to work
* kubernetes plugin upgrade seems to work
* etcd and a bunch of other stuff
* all vulnerable packages upgraded
* k8s is broken in linux env but not locally
* test fixes
* fix testing
* fix etcd and grpc
* fix etcd and grpc
* use master branch of go-testing-interface
* roll back etcd upgrade
* have to fix grpc since other vendors pull in grpc 1.35.0 but we cant due to etcd
* rolling back in the replace directives
* a few more testing dependencies to clean up
* fix go mod vendor
* move the ttls on enable for db to default and not as options
* refactor form field to angle brackets
* add database to supported backend
* initial setup of components and models
* setup selectable cards, need to make own component
* styling setup
* subtext and links
* number styling
* search select put in place and button, all pretty things
* search label text
* messy but closer to data configuration. making models and fetching those models on routes
* connection adapter and serializer that is pulled in by the overview route
* clean up and add new model params connections and roles to overview route hbs
* setting up overview as route with SecretHeader component. TODO, show Overview tab, but have link to route. It's going be on the secret header list component
* setup overview tab on secret-list-header to go to overview page
* setup id in overview route
* Correct link on secrets engine list for database and others
* Roles tab on database fetches correct model
* Update options for backend with hasOverview param so overview tab is rendered conditionally on secret list header
* create new getCrendentialsComponent
* Rename database connection parent component and start working on display
* setup routing to credentials route for database from overview page
* setup network request for the credentials of role
* setup serializer for credentials
* redirect previous route
* fix border color on button disable
* add margin to back button
* change to glimmer component
* glimmerize and clean up the get-credentials-card
* Begin database connection show and create form
* add component test for the get-credentials-card
* Database connection model and field groups
* add static roles to searhSelect
* add staticRoles on overview page
* Toolbar and tabs on database connection show view looks correct
* combine static and dynamic role models for pagination
* Update database-list-item with real link to connection
* Add support for optionalText edit type on form-field
* handle situation when no static and/or dynamic roles
* turn partial into component so can handle computed and eventually click actions, similar to transform
* glimmerize database-list-item
* use lazy capabilities on list role and static-role actions
* Create connection works and redirects to show page
* creds request based on dynamic or static and unload the store by record creds when they transition away.
* dynamcially add in backend for queries
* fixes on overview page for get credentials with hardcoded backend and layout for static creds
* Rotate and Reset connection actions working on connection
* get credentials set the query params
* setup async for handling permission errors on overivew
* Move query logic to store for getting both types of role
* Filtering works on combined role models
* cleanup
* Fix no meta on connections list
* better handle the situation where you don't have access to list roles but do to generate
* implment updated empty state component and add to credentials page when roleType is noRoleType
* glimmerize the input search component
* move logic for generate credentials urlto the generate creds component
* remove query param for role type
* handle permissions on the overview page
* permissions for role list
* New roles route for backends
* handle different permissions for empty return on 404 vs 403 on overview page
* fix links on overview page
* Connetions WIP
* setup lazy caps for the connections model and list
* add computed to role and static role models to clean up permissions
* setup actions for connections list
* Update form-field to show password type and update json input to angle bracket syntax with optional theme option
* setup capabilities on overview for empty state
* fix hardcoded on the backend
* toggle inner label has width 100%
* Add custom update password togglable input on database connection edit form, and only submit defined attrs
* Add updateRecord to connection adapter
* glimmerize secret list header and make new component which either shows or does not show the tab based on permissions
* Remove tabs on show connection
* add peek record
* Update database role to get both models on a single model, remove static-role model and adapter, remove roles route
* fix creds permissions on database-list-item
* add component info and rename for secret-list-header-tab
* fix issues on overview page
* Add path to individual role on serializer
* add accetpance test for testing the engine
* fix transform test
* test fix
* Update connection before role created, disable button with tooltip if user cannot update path
* Add add-to-array and remove-from-array helpers with tests
* Clean up connection update on delete or create role, cleanup logs, role create link works
* Database role create and edit forms with readonly fields and validation. Add readonly-form-field
* Add field div around ttl picker for correct spacing on form-field
* fix the breadcrumbs
* PLaceholder test for readonly form field
* create new helper to format time duration
* tooltip and formatting on static role
* more on static roles time stuff
* clean up
* clean up
* fixes on the test and addition of another helper test
* fix secrets machine test
* Add modal to connection creation flow
* fix issue with readonly form field test
* Add is-empty-object helper and tests
* Role error handling
* Remove Atlas option from connection list, add defaults to db role form
* clean up stuff though might have made it uglier
* clean up
* Add capabilities checks on connection actions
* Fix jsdocs on readonly-form-field
* Fix json editor height on form field
* Readonly form has notallowed cursor, readonly form field updates
* Add blank field rendering to info-table-row
* Start writing readonly form field tests
* Address some PR comments
* fix fallback action on search select
* cleanup per comments
* fix readonly form field test and lint
* Cleanup string helpers
* Replace renderBlank with alwaysRender logic
* re-humanize label on readonly form field
* Show defaultShown value on info-table-row if no value and always render
* Show default on role and connection show table
* Add changelog
Co-authored-by: Chelsea Shaw <chelshaw.dev@gmail.com>
* basic pool and start testing
* refactor a bit for testing
* workFunc, start/stop safety, testing
* cleanup function for worker quit, more tests
* redo public/private members
* improve tests, export types, switch uuid package
* fix loop capture bug, cleanup
* cleanup tests
* update worker pool file name, other improvements
* add job manager prototype
* remove remnants
* add functions to wait for job manager and worker pool to stop, other fixes
* test job manager functionality, fix bugs
* encapsulate how jobs are distributed to workers
* make worker job channel read only
* add job interface, more testing, fixes
* set name for dispatcher
* fix test races
* wire up expiration manager most of the way
* dispatcher and job manager constructors don't return errors
* logger now dependency injected
* make some members private, test fcn to get worker pool size
* make GetNumWorkers public
* Update helper/fairshare/jobmanager_test.go
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
* update fairsharing usage, add tests
* make workerpool private
* remove custom worker names
* concurrency improvements
* remove worker pool cleanup function
* remove cleanup func from job manager, remove non blocking stop from fairshare
* update job manager for new constructor
* stop job manager when expiration manager stopped
* unset env var after test
* stop fairshare when started in tests
* stop leaking job manager goroutine
* prototype channel for waking up to assign work
* fix typo/bug and add tests
* improve job manager wake up, fix test typo
* put channel drain back
* better start/pause test for job manager
* comment cleanup
* degrade possible noisy log
* remove closure, clean up context
* improve revocation context timer
* test: reduce number of revocation workers during many tests
* Update vault/expiration.go
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
* feedback tweaks
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
Just a suggestion on how to perhaps improve the language as I found myself re-reading the sentences due to the missing "either ... or ..." having been _told_ that it `can be run in two modes`.