Commit graph

16740 commits

Author SHA1 Message Date
Alexander Scheel 38de21468e
Add cluster_aia_path templating variable (#18493)
* Add cluster_aia_path templating variable

Per discussion with maxb, allow using a non-Vault distribution point
which may use an insecure transport for RFC 5280 compliance.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Address feedback from Max

Co-authored-by: Max Bowsher <maxbowsher@gmail.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Max Bowsher <maxbowsher@gmail.com>
2023-01-10 09:51:37 -05:00
Alexander Scheel 2ab775e60a
Add vault pki command website documentation (#18514)
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-01-10 09:39:41 -05:00
claire bontempo ccd4c3701d
UI: pki import issuer (#18634)
* create pki ca import component

* add serial number to cert parser

* convert to ts

* remove comments

* reset yarn.lock

* fixed yarn lock

* fix comment

* add declaration for base cert
2023-01-09 16:46:02 -08:00
Josh Black d3f822a938
Add new clients into the monthly breakdown (#18629)
* Add new clients into the monthly breakdown

* add changelog
2023-01-09 15:26:11 -08:00
Violet Hynes 8bcc08dccb
VAULT-12491 Add docs for group policy config (#18616)
* VAULT-12491 Add docs for group policy config

* VAULT-12491 typo

* VAULT-12491 typo

* VAULT-12491 Update language a bit

* VAULT-12491 Update language a bit

* VAULT-12491 Update language a bit
2023-01-09 12:50:16 -05:00
Mike Palmiotto 43a78c85f4
Mark deprecated builtins Removed (#18039)
* Remove logical database builtins

* Drop removed builtins from registry keys

* Update plugin prediction test

* Remove app-id builtin

* Add changelog
2023-01-09 09:16:35 -05:00
Chris Capurso 25d0afae23
VAULT-11830: Expand NodeStatusReporter with new fields (#18302)
* expand NodeStatusReporter with new fields

* only call IsRaftVoter if using raft storage

* add changelog entry

* fix listeners

* return LogLevel as enum

* update github.com/hashicorp/vault/vault/hcp_link/proto

* add changelog entry

* bump github.com/hashicorp/vault/vault/hcp_link/proto

* go mod tidy
2023-01-06 20:53:09 -05:00
Chris Capurso bb0c92afe7
VAULT-11829: Add cluster status handler (#18351)
* go get link proto @vault-11829-meta-get-cluster-status

* add HA status

* add HAEnabled method

* add raft config

* allocate HA nodes based on actual count

* add raft autopilot status

* add raft quorum warnings

* add ClusterID method

* add StorageType

* add ClusterID

* update github.com/hashicorp/vault/vault/hcp_link/proto

* add changelog entry

* fix raft config panic

* remove "Warning" quorum message prefix

* add error wrapping

* add Core.HAStateWithLock method

* reduce quorum warnings to single string

* fix HCP_API_HOST test env var check

* Revert "fix HCP_API_HOST test env var check"

This reverts commit 97c73c4798b77b84aea84f341f2c63c4d657914d.
2023-01-06 17:06:54 -05:00
claire bontempo 42e8551fba
extend overview route from issuers index (#18623) 2023-01-06 21:01:52 +00:00
Chris Capurso 82eaecd745
change quorum warning to a singular string (#18619) 2023-01-06 15:31:27 -05:00
Max Bowsher 5f8da0f6aa
Fix error in changelog template (#18572)
Too many newlines are stripped, which is responsible for the `FEATURES:`
heading in the current in-progress 1.13.0 changelog entry being
erroneously appended to the end of the last bullet point of the previous
`CHANGES:` section.
2023-01-06 14:32:22 +00:00
Chris Capurso de59e29bbc
VAULT-11829: Add GetClusterStatus rpc to meta capability (#18316)
* add GetClusterStatus rpc to meta capability

* consolidate HA-related info

* add storage type
2023-01-05 13:33:08 -05:00
Violet Hynes ae653a05a7
VAULT-12489 OSS Changes (#18607) 2023-01-05 13:00:55 -05:00
Christopher Swenson fae2935880
docs: Update PKCS#11 provider docs for XKS and RNG (#18597)
Better IV random generation is supported with XKS in the latest version
of the provider (0.1.3).
2023-01-05 09:42:52 -08:00
Josh Black c8a8c21cee
Account for mount counts when de-duplicating current and historical month data (#18598)
* Account for mount counts when de-duplicating current and historical month data

* add changelog
2023-01-05 09:34:05 -08:00
Chris Capurso e7787a94e0
VAULT-11827: Add new Link node level fields (#18203)
* add addition Link node-level status fields

* pin protoc to 3.21.9

* make proto

* change LogLevel to be a string

* add RaftStatus; IsActive -> Activetime

* use an enum for LogLevel
2023-01-05 11:16:48 -05:00
John-Michael Faircloth 58e2eb669b
docs: db plugin add link to lease docs (#18605) 2023-01-05 16:14:54 +00:00
Max Bowsher 7d87548f4f
Fix duplicate definition of path sys/internal/specs/openapi (#18553)
This was accidentally duplicated in #5687.

Remove the second definition, which was shadowed by the first, and move
the documentation that was part of the second to the surviving version.
2023-01-04 22:48:40 -05:00
Ikko Eltociear Ashimine 6927478ab9
Fix typo in mount.go (#18575)
heirarchy -> hierarchy
2023-01-04 21:52:42 -05:00
Prasanna Kumar 9143d2f186
Correct sample payload at Generate Secret (#18561)
Correct sample payload of Generate Service Account Key secrets section
2023-01-04 16:00:16 -05:00
mickael-hc 4d5fb0aa68
docs: clarify parameter constraints limitations when using globs (#18593) 2023-01-04 15:58:27 -05:00
claire bontempo ed2c7cdf86
ui: add input as event for text form field (#18563)
* add input as event for form field

* fix event typo, lowercase u
2023-01-04 12:36:03 -08:00
vinay-gopalan bbd8ac9bbf
Upgrade go.opentelemetry.io/otel from v0.20.0 to v1.11.2 (#18589) 2023-01-04 11:31:30 -08:00
Chelsea Shaw c5eacf789a
UI: PKI config via import (#18504) 2023-01-04 18:18:55 +00:00
Chris Capurso 0635d304de
only update SCADA metadata if status changes (#18585)
* only update SCADA metadata if status changes

* add changelog entry
2023-01-04 11:09:51 -05:00
Steven Clark cfd5b8a933
Resolve unrecognized parameter warnings on batch_input parameter in transit (#18299)
* Resolve unused warnings on batch_input parameter in transit

* Add cl

* Fix text in hmac batch_input parameter description
2023-01-04 09:15:48 -05:00
Florin Cătălin Țiucra-Popa 82dedd8773
Update integrated-storage.mdx (#18581)
* Update integrated-storage.mdx

The old paragraph "The recommended deployment is either 3 or 5 servers." should match the "Minimums & Scaling" purpose from below.
It also reaffirms that, in a PRODUCTION environment,  a number of 5 nodes are the minimum requirement.

A rewording is also necessary: "The recommended deployment consists in a minimum of 5 or more of servers that are odd in their total (5, 7, etc)."

* Update website/content/docs/internals/integrated-storage.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-01-04 13:43:05 +01:00
claire bontempo 04396e5f9c
UI/pki key workflow tests (#18496)
* wip tests

* fix links

* Revert "wip tests"

This reverts commit aed9bb9b8fffb1b4d52d9c27644033ff3d983fff.

* wip tests

* add policy generator

* add workflow tests for key

* change apostrophe -___-

* fix workflow tests

* add update to key form tests

* fix capability check for read

* finish tests

* fix flash messages;

* rename policy generator file, update tests
2023-01-03 18:00:29 -08:00
Max Bowsher c4e8e22963
Remove generic_mount_paths field (#18558)
PR #17926 already deleted the implementation of the
`generic_mount_paths` field so it needs to be removed from the declared
fields of the path too, so help and OpenAPI isn't misleading.
2023-01-03 19:14:29 -05:00
Theron Voran 49e97a09a6
secrets/kubernetes: updating to latest plugin (#18587)
go get github.com/hashicorp/vault-plugin-secrets-kubernetes@main
go mod tidy
2023-01-03 15:32:30 -08:00
claire bontempo 945be50d85
update date selectors to accommodate new year (#18586) 2023-01-03 15:14:46 -07:00
Violet Hynes 0b15ad18a2
VAULT-12095 Support multiple config files for Vault Agent (#18403)
* VAULT-12095 Code changes for multi-config

* VAULT-12095 typo

* VAULT-12095 make vault non-nil during update

* VAULT-12095 docs

* VAULT-12095 small refactor

* VAULT-12095 typos
2023-01-03 12:50:19 -05:00
Max Bowsher 4052c785ea
Remove unreachable code (#18576)
I happened to spot that the `TemplateError` type is never instantiated.
Therefore delete it, and code referencing it.
2023-01-03 09:02:01 -05:00
Robert 7858cc758f
secrets/gcp: add documentation for impersonated account support (#18519)
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2023-01-02 14:18:14 -06:00
Milena Zlaticanin d9b8fb6877
MongoDB - Fix write_concern param (#18546)
* fix writeconcern defaulting to majority

* add changelog

* restart CI tests

* fix tests

* add package
2022-12-23 17:14:41 -06:00
Mark Collao bee137334d
Update scan.hcl 2022-12-23 13:38:58 -06:00
Jaymala 929391b09b
Save release testing metadata only when tests are run (#18540)
Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
2022-12-23 14:06:42 -05:00
Austin Gebauer 1b82aa5997
auth/oidc: fix permissions for Azure 200+ group workflow (#18532)
* auth/oidc: fix permissions for Azure 200+ group workflow

* use autonumbering
2022-12-22 23:51:08 +00:00
Christopher Swenson 7a048b1097
Update XKS docs to use AWS CLI (#18536)
And add note about requiring the zero IV until `vault-pkcs11-provider`
is released.
2022-12-22 23:20:21 +00:00
Jaymala e740844789
Persist metadata post release tests (#18531)
Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
2022-12-22 22:20:05 +00:00
Christopher Swenson 7395249046
Add LICENSE back to pkcs7 (#18527)
This was not copied over when the this code was
copied in https://github.com/hashicorp/vault/pull/12340.

Also adds a stub for the `.copywrite.hcl` file (for when
Vault is onboarded to Copywrite) and adds the `pkcs7` and
`ui/node_modules` to the ignore pattern.
2022-12-22 09:54:43 -08:00
Mike Palmiotto 5932b34dad
Turn off undo logs for enos auto-upgrade scenario pre-v1.13 (#18526) 2022-12-22 12:37:05 -05:00
Chelsea Shaw 6b3995dc3c
UI: PKI Issuer details (#18495) 2022-12-21 16:30:24 +00:00
Alexander Scheel efd2799390
Add PKI base command (#18512)
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-12-21 10:01:57 -05:00
claire bontempo a76bbcfe84
ui: pki import key (#18454)
* Move text-file to addon

* create key import component

* build out import component

* add perform helper

* small text-file changes

* add file to import component

* revert text-filechanges

* Revert "small text-file changes"

This reverts commit dc4c4864a3165b48daa9d3dfc0c03d6bf073fd46.

* small text-file changes

* remove index from policy set file onchange arg

* Revert "remove index from policy set file onchange arg"

This reverts commit e80198e063f4886d242359da25bfb2a63a811171.

* Revert "small text-file changes"

This reverts commit bc3ebccc4cc658431729ea4d6ffff2c17d2fd4ba.

* finish key import

* update key adapter

* address comments

* remove validations from import and unnecessary store service

* add waitfor to key form

* fix prettier

* import changes from edit pki key pr

* add waitFor to concurrency task

* add adapter options to form save method

Co-authored-by: Chelsea Shaw <cshaw@hashicorp.com>
2022-12-20 21:46:25 -07:00
claire bontempo 424e7439dc
ui: add ability to edit pki key (#18490)
* add edit form

* refactor readonly field

* refactor conditional in key form

* remove model validations from edit form

* update namespace reminder opy
2022-12-20 23:23:55 +00:00
Jaymala c108edd903
Fix Artifactory search for fips and hsm editions (#18497)
* Fix Artifactory search for fips and hsm editions

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

* Fix artifactory search for packages too

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
2022-12-20 13:23:15 -05:00
claire bontempo 56442f673d
ui: refactor text file component (#18458)
* wip tests

* Move text-file to addon

* rename fileName to filename, initial cleanup of text-fil

* rename args, rename test selector

* fix eye-con, remove enterAsText from file object

* add tests

* move files back to original location

* rename files via git for git diff

* adjsut test

* Revert "wip tests"

This reverts commit 63716a1e647a0b01236d34322837456ef3e9db43.

* fix policy form input

* cleanup conditional

* add bottom margin

* add element id

* change arg name

* add text area input test

* add upload test to policy form

Co-authored-by: Chelsea Shaw <cshaw@hashicorp.com>
2022-12-19 23:54:59 +00:00
mickael-hc a8d8bf7c9d
update x/net (#18483) 2022-12-19 17:52:28 -05:00
akshya96 4126060d88
Prevent Brute Forcing: Create api endpoint to unlock users (#18279)
* code changes for unlock

* add test

* adding sys help

* adding sys help

* updating unlock user function

* edit test

* add changelog

* syshelp

* adding open api response definition

* removing response fields

* change path name
2022-12-19 14:24:42 -08:00