Commit graph

16550 commits

Author SHA1 Message Date
Christopher Swenson 7395249046
Add LICENSE back to pkcs7 (#18527)
This was not copied over when the this code was
copied in https://github.com/hashicorp/vault/pull/12340.

Also adds a stub for the `.copywrite.hcl` file (for when
Vault is onboarded to Copywrite) and adds the `pkcs7` and
`ui/node_modules` to the ignore pattern.
2022-12-22 09:54:43 -08:00
Mike Palmiotto 5932b34dad
Turn off undo logs for enos auto-upgrade scenario pre-v1.13 (#18526) 2022-12-22 12:37:05 -05:00
Chelsea Shaw 6b3995dc3c
UI: PKI Issuer details (#18495) 2022-12-21 16:30:24 +00:00
Alexander Scheel efd2799390
Add PKI base command (#18512)
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-12-21 10:01:57 -05:00
claire bontempo a76bbcfe84
ui: pki import key (#18454)
* Move text-file to addon

* create key import component

* build out import component

* add perform helper

* small text-file changes

* add file to import component

* revert text-filechanges

* Revert "small text-file changes"

This reverts commit dc4c4864a3165b48daa9d3dfc0c03d6bf073fd46.

* small text-file changes

* remove index from policy set file onchange arg

* Revert "remove index from policy set file onchange arg"

This reverts commit e80198e063f4886d242359da25bfb2a63a811171.

* Revert "small text-file changes"

This reverts commit bc3ebccc4cc658431729ea4d6ffff2c17d2fd4ba.

* finish key import

* update key adapter

* address comments

* remove validations from import and unnecessary store service

* add waitfor to key form

* fix prettier

* import changes from edit pki key pr

* add waitFor to concurrency task

* add adapter options to form save method

Co-authored-by: Chelsea Shaw <cshaw@hashicorp.com>
2022-12-20 21:46:25 -07:00
claire bontempo 424e7439dc
ui: add ability to edit pki key (#18490)
* add edit form

* refactor readonly field

* refactor conditional in key form

* remove model validations from edit form

* update namespace reminder opy
2022-12-20 23:23:55 +00:00
Jaymala c108edd903
Fix Artifactory search for fips and hsm editions (#18497)
* Fix Artifactory search for fips and hsm editions

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

* Fix artifactory search for packages too

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
2022-12-20 13:23:15 -05:00
claire bontempo 56442f673d
ui: refactor text file component (#18458)
* wip tests

* Move text-file to addon

* rename fileName to filename, initial cleanup of text-fil

* rename args, rename test selector

* fix eye-con, remove enterAsText from file object

* add tests

* move files back to original location

* rename files via git for git diff

* adjsut test

* Revert "wip tests"

This reverts commit 63716a1e647a0b01236d34322837456ef3e9db43.

* fix policy form input

* cleanup conditional

* add bottom margin

* add element id

* change arg name

* add text area input test

* add upload test to policy form

Co-authored-by: Chelsea Shaw <cshaw@hashicorp.com>
2022-12-19 23:54:59 +00:00
mickael-hc a8d8bf7c9d
update x/net (#18483) 2022-12-19 17:52:28 -05:00
akshya96 4126060d88
Prevent Brute Forcing: Create api endpoint to unlock users (#18279)
* code changes for unlock

* add test

* adding sys help

* adding sys help

* updating unlock user function

* edit test

* add changelog

* syshelp

* adding open api response definition

* removing response fields

* change path name
2022-12-19 14:24:42 -08:00
Alexander Scheel 3ccbddab0e
Add issuer reference info on JSON endpoint (#18482)
* Add issuer reference info on JSON endpoint

This endpoint is unauthenticated and shouldn't contain sensitive
information. However, listing the issuers (LIST /issuers) already
returns both the issuer ID and the issuer name (if any) so this
information is safe to return here.

When fetching /pki/issuer/default/json, it would be nice to know exactly
which issuer ID and name it corresponds to, without having to fetch the
authenticated endpoint as well.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-12-19 21:39:01 +00:00
Jaymala f86eaf2f98
Fix autopilot scenario race condition (#18469)
* Verify that upgraded nodes are unsealed before autopilot verification tests

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

* Fix failing autopilot verification test

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
2022-12-19 15:44:38 -05:00
Ellie c16e9df88c
docs: highlight paragraph about path in kv secrets engines docs (#18413) 2022-12-19 13:52:22 -06:00
Luis (LT) Carbonell c1a4a1150f
Add GitHub action to check for a milestone (#18406)
* Add GitHub action to check for a milestone

* Update comment

* Cleanup

* Add config

* move config to own directory
2022-12-19 12:38:41 -06:00
Jagger 1fd715f2cb
Fix typo (#18459)
If there are other typo related changes in flight, this fix can be included there.
2022-12-19 18:30:19 +00:00
Josh Black cd7d6d5761
De-duplicate namespaces when historical and current month data are mixed (#18452)
* De-duplicate namespaces when historical and current month data are mixed

* add changelog
2022-12-16 16:02:42 -08:00
Chelsea Shaw ec601025cb
Fix mount backend type-form enterprise test (#18457) 2022-12-16 23:32:08 +00:00
claire bontempo db1d3bc519
ui: add capabilities to pki key model (#18412)
* add capabilities to pki key model

* move key list from route into component

* rename test file

* rename test file

* add tests

* pass capabilities directly to key list componente

* add test for key list component

* rename test files

* remove href assertion
2022-12-16 22:13:59 +00:00
Hamid Ghaf f5720dd83b
Adding an Enos test for undo logs (#17675)
* Adding an Enos test for undo logs

* fixing a typo

* feedback

* fixing typo

* running make fmt

* removing a dependency

* var name change

* fixing a variable

* fix builder

* fix product version

* adding required fields

* feedback

* add artifcat bundle back

* fmt check

* point to correct instance

* minor fix

* feedback

* feedback
2022-12-16 16:51:34 -05:00
Chelsea Shaw 71b146a0d2
UI: glimmerize mount backend form (#18335) 2022-12-16 21:26:43 +00:00
Jaymala 360eaeb865
Fix the checkout sha for enos-run workflow (#18445)
- enos-run workflow will checkout the `main` branch by default, which would pass incorrect metadata to the workflow
so we use the `revision` passed by the calling workflow to checkout the sha and get the relavant metadata`

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
2022-12-16 15:19:10 -05:00
claire bontempo db801b9f03
UI/fix policy template doclinks (#18443)
* wip tests

* fix links

* Revert "wip tests"

This reverts commit aed9bb9b8fffb1b4d52d9c27644033ff3d983fff.
2022-12-16 11:09:21 -08:00
Yoko Hyakuna fc79152c48
Update the notes about Consul Connect CA issue (#18444) 2022-12-16 10:52:42 -08:00
Scott Miller 53e73ceba2
Use a cleaner worker pattern (#18422) 2022-12-16 11:35:24 -06:00
davidadeleon 51b1b6d446
Approle: Fix CIDR validation for /32 masks on Token Bound CIDRs (#18145)
* Fix CIDR validation for /32 masks

* run go fmt

* add changelog
2022-12-16 12:09:05 -05:00
John-Michael Faircloth 74f5a44684
docs: update azure docs to reflect new managed identity support (#18357)
* docs: update azure docs to reflect new managed identity support

* update links and formatting

* update wording

* update resource_id description

* fix formatting; add section on token limitations

* fix link and formatting
2022-12-16 09:40:59 -06:00
Ryan Cragun ebbbcf7e5e
test: normalize job and steps between build and release test workflows (#18425)
Signed-off-by: Ryan Cragun <me@ryan.ec>
2022-12-15 16:10:49 -07:00
claire bontempo caf8f83cd4
UI: download generated pki key (#18381)
* rename download service file

* rename file again

* add download-file service to engine

* refactor download button to use service

* refactor download service

* finish refactor download service, make arg  order consistent: filename, content, extension

* add download button to key details

* fix flaky test?
2022-12-15 22:57:20 +00:00
Chelsea Shaw 19decbd95d
UI: PKI Sign Certificate (#18343) 2022-12-15 22:42:18 +00:00
divyaac cb3f47065f
Added default endpoint info. Added note about backwards compabitibility (#17972)
* Added default endpoint info. Added note about backwards compabitibility

* Change wording

* Added note to router
2022-12-15 13:01:56 -08:00
claire bontempo 5b1071982f
ui: fix flaky oid auth test (#18417)
* add waitUntil

* add timeout
2022-12-15 20:54:18 +00:00
divyaac f8ad8bc5a5
OSS PR for Config Changes PR (#18418)
* OSS PR for Config Changes PR

* Edited tests

* typo

* Added changelog

* Remove changelog
2022-12-15 12:19:19 -08:00
Ryan Cragun 3051100e0a
test: pass build artifact name to release testing workflow (#18411)
Signed-off-by: Ryan Cragun <me@ryan.ec>
2022-12-15 11:47:14 -07:00
Scott Miller ffca8af4ff
Capture cryptosec responsibilities in CODEOWNERS (#18338)
* Capture cryptosec responsibilities in CODEOWNERS

* ->vault-crypto

* moooore
2022-12-15 12:11:43 -06:00
Nick Cabatoff 429916c135
Prevent panics in expiration invalidation, and make some changes for testing (#18401) 2022-12-15 18:09:36 +00:00
Mike Palmiotto 9d5f021792
Fix SHA1 patch for Go 1.19.4; patch test (#18405)
Bad news: the hot patch we were using breaks in Go 1.19.4: 6109c07ec4

Good news: we can now patch with an environment variable at runtime.

Co-authored-by: Christopher Swenson <christopher.swenson@hashicorp.com>
2022-12-15 12:52:45 -05:00
Turan Asikoglu 8c8a17f83b
[Doc] Fix minor inconsistencies with vault Helm chart (#18306)
* Fix minor inconsistencies with vault Helm chart

* extraSecretEnvironmentVars not a multiline string

* Trigger CCI
2022-12-15 11:59:09 -05:00
Sarah Thompson 8940880efd
Revert "Create test-reusable.yml" (#18371)
This reverts commit 131bf240293b0de1c22394b555b3e9878720738f.
2022-12-15 16:01:15 +00:00
Mike Palmiotto 55e9555ec4
Bump go version to 1.19.4 (#18393) 2022-12-15 10:55:58 -05:00
Mike Palmiotto 28d99481d3
Fix race in fsm.db (#18386)
We need to take a read lock when reading any of the FSM fields. Expose a
new fsm.Stats to handle a racy read and make sure we're consistently using
the f.db read lock wrappers.
2022-12-15 10:04:27 -05:00
claire bontempo d91e69d183
UI: update host to new doc link location (developer.hashicorp.com/) (#18374)
* change host for doc link

* add todo to LearnLink

* add changelog
2022-12-14 23:25:16 +00:00
Mike Palmiotto 5715cc9e54
Fix ci-config for go-version bumps (#18382)
The removal of the phony $(OUT) target was preventing `make ci-config`
from recognizing changes to .go-version, since it is not an explicit file target.
Reintroduce this change to get parity with ENT and fix go version bumps.
2022-12-14 16:35:03 -05:00
Alexander Scheel 3a5b48afe4
Correctly handle issuer tidying in auto-tidy config (#18347)
* Correctly handle issuer tidying in auto-tidy config

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add missing parameters to auto-tidy docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-12-14 15:35:21 -05:00
Christopher Swenson 53e49f1a39
Add a workaround to allow SHA-1 signatures in certs to work for Vault <= 1.11 (#18016) 2022-12-14 12:00:08 -08:00
Mike Palmiotto cb3406b1eb
plugins: Handle mount/enable for shadowed builtins (#17879)
* Allow mounting external plugins with same name/type as deprecated builtins
* Add some go tests for deprecation status handling
* Move timestamp storage to post-unseal
* Add upgrade-aware deprecation shutdown and tests
2022-12-14 13:06:33 -05:00
Chelsea Shaw 23a156122f
UI: PKI stub configure page (#18349) 2022-12-14 17:57:03 +00:00
Jason O'Donnell fccc90ce75
docs/policies: update denied_parameters description (#18366) 2022-12-14 16:51:02 +00:00
Chelsea Shaw 6d80ecdbdf
UI: Update database to connection name on role (#18350)
* Update database to connection name on role

* Add changelog
2022-12-14 10:23:59 -06:00
Mike Palmiotto 809a04c8b4
core: Make shutdownDoneCh atomic (#18358)
When issuing a core.Shutdown(), it is common to background the shutdown
request. This allows Vault to continue cleaning up, mainly to release
the stateLock. This allows the shutdown to complete, but is inherently
racy, so the core.shutdownDoneCh needs to be made atomic.
2022-12-14 15:59:11 +00:00
Sarah Thompson 55b21f2012
Create test-reusable.yml 2022-12-14 15:27:56 +00:00