Commit graph

13163 commits

Author SHA1 Message Date
Lauren Voswinkel 15d4125e1b CHANGELOG++ 2020-08-17 09:53:16 -07:00
Scott Miller 5b003b06f8
Trail of bits 018 (#9674)
* TOB-018 remediation

* Make key derivation an optional config flag, off by default, for backwards compatibility

* Fix unit tests

* Address some feedback

* Set config on unit test

* Fix another test failure

* One more conf fail

* Switch one of the test cases to not use a derive dkey

* wip

* comments
2020-08-17 11:36:16 -05:00
Alexander Bezobchuk f873863263
Merge PR #9667: Rate Limit Backoff 2020-08-16 22:09:18 -04:00
Meggie ca65131543
Added upgrade guidance on mount -> path filters (#9712) 2020-08-12 10:54:56 -04:00
Sam Salisbury c7d5b13b70 Makefile: delete old stage/publish targets 2020-08-12 13:27:40 +01:00
Austin Gebauer 00a0d043be
docs: fix sentence in vault debug command (#9725) 2020-08-11 20:24:37 -07:00
Jim Kalafut 1cd3d553f1
Update reported version to 1.5.0 (#9708) 2020-08-11 20:23:07 -07:00
Jeff Escalante a28209ad6d
small change to make github star count display correctly (#9718) 2020-08-11 17:06:23 -04:00
Kyle MacDonald eb923f30b1
website: update favicon refs (#9713) 2020-08-11 13:56:25 -04:00
Josh Black 1d6a5ae058
Update go-metrics (#9704) 2020-08-11 10:19:16 -07:00
Sam Salisbury 25137a1702
ci/packagespec (#9653)
* add packagespec build system

- The majority of changes in this commit are files generated
  by packagespec (everything in the packages-oss.lock directory).

* add .yamllint

* update to packagespec@fd54aea4

* ci: bust packagespec cache

- Change to packagespec results in package IDs that can use
  git tag refs, not just commit refs.

* update to packagepsec@5fc121d0

- This busts all caches, because of a change to the way we
  no longer traverse from tag refs to commit refs, due to
  the potential confusion this can cause.
- See fd54aea482
  for the original change to packagespec necessitating this.

* update to packagespec@5e6c87b6

- This completes the change to allowing git tag refs
  to be used for source IDs, begun in f130b940a8fbe3e9398225b08ea1d63420bef7b6

* update to packagespec@4d3c9e8b

- This busts cache, needed to apply previous change.

* remove RELEASE_BUILD_WORKFLOW_NAME

* update packagespec, add watch-ci target

* fix package names (do not refer to EDITION)

* remove EDITION input from packages-oss.yml

* bump package cache, update packagespec

* update packagespec, add 'aliases' target

* update packagespec; less output noise

* ci: give release bundle file a better name

- When performing a release build, this will include the build ID
  as part of the name, making it easier to distinguish from other
  builds.

* ci: create aliases tarball artifact

* ci: cache package metadata files

* ci: add metadata artifact

* ci: bust circleci package cache

* Revert "ci: bust circleci package cache"

This reverts commit 1320d182613466f0999d63f5742db12ac17f8e92.

* ci: remove aliases artifact

* ci: use buildID not workflowName to id artifacts

* packages: add BUNDLE_NAME metadata

* do not cache package metadata with binaries

* ci: bump package cache

* ci: debugging

* ci: fix package cache; update packagespec

* ci: update packagespec to 10e7beb2

* ci: write package metadata and aliases

* ci: switch to .zip artifacts

* switch package bundle back to tar.gz (from zip)

- Because of the way zip works, the zip archive was over 2GB rather than under 750MB as with tar.gz.

* bump packagespec, adds list-staged-builds

* update packagespec

* add publish stub + general tidy up

* bump packagespec

* bump packagespec; add make publish-config

* Makefile: tidy up packagespec targets

* pass PRODUCT_REPO_ROOT to packagespec

* bump go to 1.14.6

* packages-oss.yml: use more explicit base image

* bump packagespec to b899b7c1

* bump packagespec to f040ce8f

* packages-oss.yml: pin base image to digest

- This digest is pointed to by debian:buster-20200720
- Using a specific digest ensures that builds use the same
  base image in all contexts

* add release-repo; bump packagespec

* remove BUILD_TAGS and -tags flag

* bump packagespec to e444f742

* bump to go1.14.7

* ci: bump to go1.14.7
2020-08-11 10:00:59 +01:00
Chris Hoffman 683db6821c
adding support for ed25519 public keys (#9703) 2020-08-10 22:14:17 -07:00
Chelsea Shaw 6de6f22929
Add -dr-token flag to shamir-modal-flow used on DR Operation token in replication (#9675) 2020-08-10 15:46:32 -05:00
Geoffrey Grosenbach 967d9b85da
Updates URLs to match new paths at Learn (#9679)
Previous URLs which included a track in the querystring now go to standard paths instead.
2020-08-10 13:40:09 -07:00
Chelsea Shaw 4f764ba02b
changelog++ 2020-08-10 13:50:52 -05:00
Chelsea Shaw bf38ce4701
Ui/wrap tool ttl (#9691)
* Update ttl picker in wrap tool
2020-08-10 13:17:54 -05:00
Sam Salisbury 4bf0ce85e0
update go-limiter to v0.3.0 (#9697) 2020-08-10 17:04:50 +01:00
ncabatoff 4134ef2e98
Ensure that perf standbys can perform seal migrations. (#9690) 2020-08-10 08:35:57 -04:00
Sam Salisbury ae3ab5ff28
bump to go1.14.7 (#9698) 2020-08-10 12:57:21 +01:00
Rodrigo D. L d0df8bfa21
adding new config flag disable_sentinel_trace (#9696) 2020-08-10 06:23:44 -04:00
Tom Proctor 494cdf5bcb
Add docs for OpenLDAP plugin's new AD schema (#9619) 2020-08-10 10:24:38 +01:00
Tom Proctor f0e0d3bc73
Update OpenLDAP secrets plugin 0.1.4 -> 0.1.5 (#9673)
* Update OpenLDAP secrets plugin 0.1.4 -> 0.1.5

* go mod vendor and tidy
2020-08-10 10:22:53 +01:00
James Hodgkinson 8173ce777e
fixing a spelling error (#9693)
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-08-09 06:17:02 -07:00
Calvin Leung Huang 40bf6c2a3c
changelog++ 2020-08-07 12:30:23 -07:00
Calvin Leung Huang 72c8118fb7
changelog++ 2020-08-07 12:29:35 -07:00
Calvin Leung Huang aeea72ea81
changelog++ 2020-08-07 12:29:05 -07:00
ncabatoff aa38af9457
changelog++ 2020-08-07 15:09:16 -04:00
ncabatoff 30b34855e3
changelog++ 2020-08-07 15:08:39 -04:00
Sam Salisbury e8ce55ea1c
remove terraform/aws; replace with readme (#9686)
* remove terraform/aws; replace with readme

* terraform readme: prettify link
2020-08-07 18:40:48 +01:00
Josh Black 78cbbba738
changelog++ 2020-08-07 10:13:53 -07:00
Mark Gritter 3a9619fb05
Add explanation of "keys" field. (#9676) 2020-08-07 12:11:11 -05:00
ncabatoff b01fda0e04
Add docs for CSR signing. (#8899) 2020-08-07 10:45:12 -04:00
ncabatoff b0a3972892
Use printf field widths instead of strings.Repeat. (#9681) 2020-08-07 08:54:23 -04:00
Tom Proctor 4ca978598f
Bundle couchbase database plugin with vault (#9664) 2020-08-07 11:01:04 +01:00
Austin Gebauer db9993335c
docs: fixes environment variable in azure secrets config API (#9678) 2020-08-06 17:11:18 -07:00
Zalary Young 5100624d5c
Merge PR #9628: add audit_non_hmac_request_keys to payload example for tune 2020-08-06 15:27:03 -04:00
Brian Kassouf 0ffdffde03
changelog++ 2020-08-06 10:50:41 -07:00
ncabatoff d0ff8df37d
changelog++ 2020-08-05 17:32:01 -04:00
Scott Miller 6cf859632a
Remove weird TTL special case documentation from cubbyhole (#9669) 2020-08-05 16:20:24 -05:00
aphorise c9fb408b60
Docs - /system/unseal Typo - Resolves: #9659 (#9660) 2020-08-05 08:33:47 -04:00
Jim Kalafut 9b3719d9ce
Update OpenLDAP docs (#9648)
Add link to API docs.
2020-07-31 17:25:27 -07:00
ncabatoff b6fd378ee8
Make manualStepDownCh a 1-buffered channel to ensure StepDown actually steps down in tests. (#9622) 2020-07-31 10:01:51 -04:00
Calvin Leung Huang fbe2a86693
pki: use revocationInfo.RevocationTimeUTC when revoking certs with ti… (#9609)
* pki: use revocationInfo.RevocationTimeUTC when revoking certs with tidy_revoked_certs set to true

* update comment

* tidy: use same time snapshot for OR comparison
2020-07-30 15:10:26 -07:00
Andy Assareh 76894f7dcb
curl command incorrect: ---header should be --header (#9643) 2020-07-30 14:55:42 -07:00
Austin Gebauer 837ec00859
docs: fix gcpkms steps for asymmetric decryption and asymmetric signing (#9638) 2020-07-30 10:50:23 -07:00
ncabatoff 1154b36b56
Log sanitized config at startup and when it changes. (#9637)
Co-authored-by: Aleksandr Bezobchuk <aleks.bezobchuk@gmail.com>
2020-07-30 13:15:00 -04:00
Chelsea Shaw 3792fea313
changelog ++ 2020-07-30 11:18:52 -05:00
Chelsea Shaw 4eb156f707
Ui/ember blueprint updates (#9627)
* Import layout in blueprint if generator used with --in flag

* Generated story works with hot reloading out of the box
2020-07-30 11:15:03 -05:00
Chelsea Shaw fb05f1efe8
Ui/ttl wrap (#9632)
* Use TtlPicker2 in wrap-ttl component
* Fix tests around wrap-ttl
2020-07-30 10:12:45 -05:00
Mark Gritter 51b6dfb097
Add new page documenting limits. (#9592)
* Add new page documenting limits.
* Add some identity metrics not previously documented.
* Updated limits based on compression experiments.
* Add Transit key rotation limits, and link to Transform size limit.
2020-07-29 16:18:04 -05:00