Commit Graph

13163 Commits

Author SHA1 Message Date
Brian Kassouf 1bc410783d OSS/ENT Drift 2021-03-01 10:51:04 -08:00
Scott Miller 1e1f7eff46
Documentation for barrier autorotation (#11027)
* Documentation for barrier autorotation

* changelog

* 1.7 upgrade notes
2021-03-01 10:45:22 -06:00
Brian Kassouf a112161f60
expiration: Add a few metrics to measure revoke queue lengths (#10955)
* expiration: Add a few metrics to measure revoke queue lengths

* Update the metric names

* Add appropriate cluster labels

* Add metrics to docs

* Update jobmanager.go
2021-02-26 16:00:39 -08:00
Michael Golowka 302cc4870e
Add Username Templating Concepts page (#10935) 2021-02-26 16:04:12 -07:00
Meggie de8c06eb31
Update latest to 1.6.3 (#11010) 2021-02-26 17:08:27 -05:00
Tom Proctor 45d9efd0c2
Add notice about MongoDB Atlas whitelist deprecation (#10967) 2021-02-26 20:38:27 +00:00
Scott Miller a7b372b447
Two minor changes not reflected OSS side (#11020) 2021-02-26 14:23:56 -06:00
Angel Garbarino 016ed8dd5e
PKI flaky test (#11017)
* undo skip

* add back settled
2021-02-26 12:01:31 -07:00
Jim Kalafut 1785b1bd00
Replace deprecated terms in AWS Auth (#10997)
* Replace deprecated terms in AWS Auth

This PR is part of an effort to remove non-inclusive language throughout
Vault. The AWS Auth backend uses the "whitelist" and "blacklist" term
extensively, and these are the focus of the PR:

* Add new API endpoints that use the preferred terminology, while
  deprecating the old endpoints. These endpoints offer identical
  functionality and are basically aliases. This is the only functional
  change in the PR except for terms in error messages.
* Replace "whitelist" -> "access list", "blacklist" -> "deny list" in
  variable names, comments, etc.

Note that storage locations were *not* changed at this time, as that is
a more complex process involving versioning that we may tackle in a future
revision. We have reduced the occurrences of non-inclusive language,
however.

Reviewers should be sure to "Ignore Whitespace" in diffs, especially for
the tests, which were basically indented one level as part of looping
over the tests with both the old and new names.
2021-02-25 23:23:34 -08:00
Chelsea Shaw 9b3f5c2386
UI/db tests (#11013)
* Add tests for connection create and edit

* Cleanup old tests, add role create form test

* Fix linter/selector
2021-02-25 18:41:04 -06:00
Brian Kassouf 878d768839
changelog++ 2021-02-25 16:07:38 -08:00
Brian Kassouf 987de2e0f1
changelog++ 2021-02-25 16:04:31 -08:00
Lauren Voswinkel 075898cf73
Add IAM tagging support for iam_user roles in AWS secret engine (#10953)
* Added support for iam_tags for AWS secret roles

This change allows iam_users generated by the secrets engine
to add custom tags in the form of key-value pairs to users
that are created.
2021-02-25 16:03:24 -08:00
Angel Garbarino efd3677c58
UI: fix KMIP bug and test (#11011)
* fix KMIP test that was failing and clean modal on configuration page.

* add changelog

* remove uncessary unload

* remove async
2021-02-25 15:13:00 -07:00
swayne275 fe9e6e3d89
Make fairsharing stop function async (#11012)
* stop fairsharing layer async

* update function doc
2021-02-25 14:33:02 -07:00
Scott Miller b13b27f37e
OSS side barrier encryption tracking and automatic rotation (#11007)
* Automatic barrier key rotation, OSS portion

* Fix build issues

* Vendored version

* Add missing encs field, not sure where this got lost.
2021-02-25 14:27:25 -06:00
Michael Golowka 00c1acf0e1
Vendor OpenLDAP v0.4.0 (#10996) 2021-02-25 13:00:00 -07:00
Michael Golowka eb891db72d
Vendor Couchbase DB plugin v0.3.0 (#10995) 2021-02-25 12:59:45 -07:00
Meggie 0f659e67ac
changelog++
1.6.3
2021-02-25 13:32:45 -05:00
Ace Eldeib 9584c989ca
don't panic on connection errors in DefaultRetryPolicy (#11002)
fixes #11001
2021-02-25 13:16:17 -05:00
Nick Cabatoff 507d70a07f
Document changelog fragment format. (#11004) 2021-02-25 11:38:29 -05:00
Nick Cabatoff 6d2eb44c14
InfluxDB has released a 2.x series of docker images, which is breaking our tests. Use the 1.8 image instead. (#11005) 2021-02-25 10:50:14 -05:00
Nick Cabatoff c9ae15bd95
Make metrics access unauthenticated when in dev mode. (#10992) 2021-02-24 14:04:23 -05:00
Meggie 9d2e2b1d09
Update 10689.txt
@vishalnayak , just FYI, this needs to be "release-note:bug" and not "changelog:bug"
2021-02-24 13:29:09 -05:00
Angel Garbarino 1394187eb2
UI Add test and clean up for DBSE (#10993)
* clean up

* add test
2021-02-24 11:23:58 -07:00
Michel Vocks 0273647f97
Update vault/api version (#10965)
* Update vault/api version

* go mod vendor
2021-02-24 18:19:05 +01:00
Vishal Nayak 565568f7fa
Bool pointer flag (#10988)
* Bool pointer flag

* Add default handling

* Support Hidden and EnvVar

* Adjust error handling

* Add test steps; Fix hidden
2021-02-24 10:45:03 -05:00
Nick Cabatoff c1ddfbb538
OSS parts of the new client controlled consistency feature (#10974) 2021-02-24 06:58:10 -05:00
Jason O'Donnell 5502d43f6e
agent: add caching encryption package (#10986)
* agent: add caching encryption package

* Fix documentation

* Add GetKey, GetPersistentKey

* Remove chan from interface

* Add error to interface

* Fix tests
2021-02-23 19:48:39 -05:00
Angel Garbarino af2b9af24e
UI: Add the wizard to the database secret engine (#10982)
* wizard setup

* cleanup

* add changelog

* fix names from save to create role and create database

* fix missing progress bar
2021-02-23 13:52:39 -07:00
Jim Kalafut e60cc11f33
Add configurable exponential backoff to Agent auto-auth (#10964) 2021-02-23 12:04:21 -08:00
Hridoy Roy 0574f5aac7
Changelog: Agent Retry Stanza (#10981)
* changelog for retry stanza

* changelog for retry stanza

* changelog for retry stanza
2021-02-23 09:04:02 -08:00
Chelsea Shaw 92fd820de2
UI: Show error when connection roles fail to update on role create (#10980)
* Show error  when connection roles fail to update on role create

* Clean up errors for role, remove bad state setting after transition

* Add changelog
2021-02-23 10:47:02 -06:00
Clint b0b121753a
update docs related to OCI alias changes (#10952)
* update docs related to OCI alias changes

* covert CHANGELOG update to a changelog/ entry
2021-02-23 10:08:15 -06:00
Angel Garbarino f9b9c8368a
UI: Small tickets/ bug fixes for DBSE (#10976)
* small fix 1

* error handling

* empty state and catch conditional on displayArray empty

* add link to connection from role view
2021-02-23 08:59:30 -07:00
Jim Kalafut 4b1557e6ab
Minor update to Secrets engine overview docs (#10977)
The reference to API calls and link to code isn't a good fit here.

Reverts eb3e34d
2021-02-23 07:17:44 -08:00
Jason O'Donnell 458061d43b
agent: route templating server through cache (#10927)
* agent: route templating server through cache

* Remove TemplateRetry, fix unix path

* Remove mtls comment, remove redundant tls enable

* Fix test

* Refactor vault address logic

* Fix cert/key for mtls

* Update command/agent/template/template_test.go

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update command/agent/template/template_test.go

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update command/agent/template/template_test.go

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update command/agent/template/template_test.go

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update command/agent/template/template_test.go

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update command/agent/template/template_test.go

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Reject mtls listeners

* changelog

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-02-23 09:36:11 -05:00
Michele Degges b54bc22f9e
Upgrading packagespec to 0.2.1 (#10954) 2021-02-23 14:30:25 +00:00
Hridoy Roy 0c17cb5a79
upgrade consul template (#10973) 2021-02-22 14:24:27 -08:00
swayne275 38a647c6e5
remove noisy log, simplify job interface (#10975) 2021-02-22 15:00:24 -07:00
Austin Gebauer f33fda0d87
Adds method for rotating a policy without a persist (#10941) 2021-02-22 11:09:13 -08:00
Josh Black bc44d19bbe
Add ParseCapacityString (#10956) 2021-02-22 10:44:55 -08:00
Brian Kassouf 34a7fc0286
replication: Don't write request coutners on DR Secondary nodes (#10936) 2021-02-22 09:04:41 -08:00
Clint f998f96451
Add documentation for upcoming Terraform Cloud secret engine (#10823)
* add side navigation for Terraform Cloud Secret Engine

* terraform cloud engine docs

* add api-docs for terraform cloud secret engine

* fix some typos and improve wording, now with less management

* fix capitalization

* change text->shell-session

* clarify rotating user roles returns an error
2021-02-22 10:57:52 -06:00
Chelsea Shaw f89968a12b
UI/add usage metrics description (#10951)
* Add description to metrics usage page

* Add changelog
2021-02-22 09:35:15 -06:00
Jim Kalafut 7e54bc15c2
Add TOTP support to Okta Auth (#10942) 2021-02-21 21:18:17 -08:00
Clint 2aff402279
Bundle new Vault plugin: Terraform secrets (#10931)
* Bundle Terraform secrets engine

* update go.mod/sum

* vendor update

* add changelog entry

* add secrets terraform
2021-02-19 16:38:56 -06:00
Austin Gebauer 0017b78919
Adds API docs for max_age role parameter of JWT/OIDC auth method (#10916) 2021-02-19 13:39:58 -08:00
Chelsea Shaw 889d82aca5
UI/Database Secrets Engine cleanup (#10949)
* Update role toolbar, serialization for special mongo values

* Only show defaultShown if no value on info table row

* Remove root_rotation_statements from mongo connection fields

* Wrap this.router in try/catch if in then statement

* Add changelog
2021-02-19 14:04:51 -06:00
Brian Kassouf 6f3d179635
helper/metricsutil: Prevent potential Ticker leak (#10913) 2021-02-18 20:31:53 -08:00