* add line chart test
* add empty state option to line chart
* add empty state test
* add tooltip coverage
* add test files
* add monthly usage tests
* finish tests
* tidying
* address comments, add average test
* finish tests broken from calendar
* Months after current are disabled, regardless of endTimeFromResponse
* move tracked values to getters for consistency
* months for widget are calculated in getter and then rendered
* Styling for current month is mix of hover and readonly
* Fix tests
* Add changelog
* Reset display year to endTimeFromResponse on toggle calendar
* update resetDisplayYear and naming
* Add test for displayYear when opened
* Option to show radio button in form field
- For possible value, now we can render either dropdown or radio buttons
- Drop down will be used for larger data set, whereas radio buttons should
be used when we have only couple of options (example totp mfa)
- Added test for radio button functionality
- Added missing test for ttl without toggle
* Dasherize radio button ids
* Fix tests
* date formatters test
* add mirage to client history test
* use mirage for client tests
* update assertions
* convert to using pretender
* finish client history tests
* remove pretender, use mirage
* re-add flaky test
* add todos
* finish tests
* update month response
* update plot count
* Update to ttl component
- Allow the ttl component to work without displaying toggle
- Used in mfa method totp form
* Added tooltip if toggle is not present
- Fixed MFA delete message
* Fixed unsupported revocation statements field display for DB roles
* Fixed linting
* Added changelog
* Fixed conditional to filter for only elasticsearch database and changed format of text in changelog
* Fixed conditional and added comment for bug fix
* glimmerize and add documentation to component
* fix test
* add component test:
* clean up
* address pr comments
* fix?
* replace drop with task
* replace test selector
* adds mirage factories for mfa methods and login enforcement
* adds mirage handler for mfa config endpoints
* adds mirage identity manager for uuids
* updates mfa test to use renamed mfaLogin mirage handler
* updates mfa login workflow for push methods (#15214)
* MFA Login Enforcement Model (#15244)
* adds mfa login enforcement model, adapter and serializer
* updates mfa methods to hasMany realtionship and transforms property names
* updates login enforcement adapter to use urlForQuery over buildURL
* Model for mfa method (#15218)
* Model for mfa method
* Added adapter and serializer for mfa method
- Updated mfa method model
- Basic route to handle list view
- Added MFA to access nav
* Show landing page if methods are not configured
* Updated adapter,serializer
- Backend is adding new endpoint to list all the mfa methods
* Updated landing page
- Added MFA diagram
- Created helper to resolve full path for assets like images
* Remove ember assign
* Fixed failing test
* MFA method and enforcement list view (#15353)
* MFA method and enforcement list view
- Added new route for list views
- List mfa methods along with id, type and icon
- Added client side pagination to list views
* Throw error if method id is not present
* MFA Login Enforcement Form (#15410)
* adds mfa login enforcement form and header components and radio card component
* skips login enforcement form tests for now
* adds jsdoc annotations for mfa-login-enforcement-header component
* adds error handling when fetching identity targets in login enforcement form component
* updates radio-card label elements
* MFA Login Enforcement Create and Edit routes (#15422)
* adds mfa login enforcement form and header components and radio card component
* skips login enforcement form tests for now
* updates to login enforcement form to fix issues hydrating methods and targets from model when editing
* updates to mfa-config mirage handler and login enforcement handler
* fixes issue with login enforcement serializer normalizeItems method throwing error on save
* updates to mfa route structure
* adds login enforcement create and edit routes
* MFA Login Enforcement Read Views (#15462)
* adds login enforcement read views
* skip mfa-method-list-item test for now
* MFA method form (#15432)
* MFA method form
- Updated model for form attributes
- Form for editing, creating mfa methods
* Added comments
* Update model for mfa method
* Refactor buildURL in mfa method adapter
* Update adapter to handle mfa create
* Fixed adapter to handle create mfa response
* Sidebranch: MFA end user setup (#15273)
* initial setup of components and route
* fix navbar
* replace parent component with controller
* use auth service to return entity id
* adapter and some error handling:
* clean up adapter and handle warning
* wip
* use library for qrCode generation
* clear warning and QR code display fix
* flow for restart setup
* add documentation
* clean up
* fix warning issue
* handle root user
* remove comment
* update copy
* fix margin
* address comment
* MFA Guided Setup Route (#15479)
* adds mfa method create route with type selection workflow
* updates mfa method create route links to use DocLink component
* MFA Guided Setup Config View (#15486)
* adds mfa guided setup config view
* resets type query param on mfa method create route exit
* hide next button if type is not selected in mfa method create route
* updates to sure correct state when changing mfa method type in guided setup
* Enforcement view at MFA method level (#15485)
- List enforcements for each mfa method
- Delete MFA method if no enforcements are present
- Moved method, enforcement list item component to mfa folder
* MFA Login Enforcement Validations (#15498)
* adds model and form validations for mfa login enforcements
* updates mfa login enforcement validation messages
* updates validation message for mfa login enforcement targets
* adds transition action to configure mfa button on landing page
* unset enforcement on preference change in mfa guided setup workflow
* Added validations for mfa method model (#15506)
* UI/mfa breadcrumbs and small fixes (#15499)
* add active class when on index
* breadcrumbs
* remove box-shadow to match designs
* fix refresh load mfa-method
* breadcrumb create
* add an empty state the enforcements list view
* change to beforeModel
* UI/mfa small bugs (#15522)
* remove pagintion and fix on methods list view
* fix enforcements
* Fix label for value on radio-card (#15542)
* MFA Login Enforcement Component Tests (#15539)
* adds tests for mfa-login-enforcement-header component
* adds tests for mfa-login-enforcement-form component
* Remove default values from mfa method model (#15540)
- use passcode had a default value, as a result it was being sent
with all the mfa method types during save and edit flows..
* UI/mfa small cleanup (#15549)
* data-test-mleh -> data-test-mfa
* Only one label per radio card
* Remove unnecessary async
* Simplify boolean logic
* Make mutation clear
* Revert "data-test-mleh -> data-test-mfa"
This reverts commit 31430df7bb42580a976d082667cb6ed1f09c3944.
* updates mfa login enforcement form to only display auth method types for current mounts as targets (#15547)
* remove token type (#15548)
* remove token type
* conditional param
* removes type from mfa method payload and fixes bug transitioning to method route on save success
* removes punctuation from mfa form error message string match
* updates qr-code component invocation to angle bracket
* Re-trigger CI jobs with empty commit
Co-authored-by: Arnav Palnitkar <arnav@hashicorp.com>
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Michele Degges <mdeggies@gmail.com>
* Handle client count timezone
- Backend convert the timezone to UTC, to mitigate it's impact sending
start and end date other than 1. Chose 10 and 20 randomly.
* Added changelog
* Remove reference to stored license
- Stored license was deprecated in 1.8 and from 1.11 all licenses will be
auto loaded.
* Added changelog
* Remove test for stored license
* Add defensive check in serializer
* No default provider on create, add subText to service_account_file field
* Show empty state if no provider selected -- sorry for all the conditionals
* Button and distribution title styling on key edit
* Fix key distribute empty state permissions
* Don't try to fetch distribution if provider is permissionError
* Use search-select component for provider on distribute component
* Show distribution form errors on page rather than popup
* Add id, label, subtext to input-search for search-select fallback
* Remove created field from provider, default to querying for keys unless capabilities is false
* Fix link to provider from key-edit
* Search select label styling and add subText to fallback
* Refetch model after key rotate
* Create distribution method is task so we can load and disable button
* Move keymgmt to cloud group on mount options
* Key actions are tasks, fix tab active class
* Add isRunning attr to confirm-action which disables confirm button and replaces text with loader
* Fix provider active tab class
* Handle control groups on distribution
* Correctly handle error message on key-edit
* Show loading state on distribute, reload key after distribute
* Clear old validation errors if valid
* Fix tests
* Fix delete url
* Add changelog
* Address PR comments
* kick circle-ci
* Format go file breaking fmt
* Rename old changelog
* Remove resolved TODO
* remove manipulations of data ranges;
* fix bar aligntment
* consume empty months existing on response
* revert grey bar transformation
* up one more line..
* remove attr
* TTL Picker convers to largest unit when value is number
* Initial value for transit auto-rotation period is 30d
* Add auto-rotation check to transit test
* Add changelog
* Add clarifying comment
* Fix OIDC callback query params
- Value of namespace was getting stripped from the state query param
- Used native URL search param api to fetch the values
* Add changelog
* Remove unnecessary check for url encoding
* Extract ns value and pass as namespace param
* Update changelog
* Fix unknown type parameter during CA generation
When generating a new PKI CA from the Web UI, the UI incorrectly sends
the type parameter in the POST body. The server will now warn on unknown
parameters, resulting in the UI surfacing that up to the caller. Since
the type is part of the URL, we don't need to duplicate it in the POST
body, so elide it.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update ui/app/adapters/pki-ca-certificate.js
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* ui/pki: Remove test for warning to re-generate root
With the multiple issuer feature merged from #15277, we can now allow
multiple root generations to occur in the mount. Remove the test for the
warning.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix test for empty CA chain
With Vault 1.11's #15277, we'll now always render the CAChain field on
response.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix formatting in role-ssh.js
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix version-history serializer and update mirage to reflect real API
* add missing periods
* fix tests
Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
* Hide MonthlyUsage if only one month of data
* Display stat text instead of chart if data passed to running-total includes only one month
* Update clients mirage to return single month if end and start time are the same
* Update clients mirage to work with filtering
* Add comments
* More padding
* Address comments
* Refactor mirage month data to be oldest to newest
* Use stat text which automatically formats number
* alphabetize utils
* add util to add namespace key
* finish filtering
* add fake data for filtering
* address comments
* add empty state for no new client counts, when filtered by namespace
* fix mirage clients linting
* re-add namespaces to month object
* clean up filtering
* add tests and refactor accordingly
* fix tooltip bug and chart new month client chart not rendering
* filter out undefined
* optional method chaining
* add filter and fix ticks for line chart
* fix axes domains
* fix average calculation
* base sys/license/status mock times based on current timestamp
* add missing trailing commas
* license specific test selector
Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
* setup
* add new clients to attribution
* refactor serializers, move to util folder
* cleanup export csv generator
* fix isDateRange getter
* remove new chart from partial/current month
* fix export modal text
* update version history text
* update variable naming, remove new client data from current/partial month
* add filtering by namespace to month over month charts
* remove filtering for namespace by month, need to change serializer
* add checks
* update horizontal bar chart test
* update tests
* cleanup
* address comments
* fix flakey test
* add new counts to export
Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
* fixes issues in key-edit component
* adds capabilities checks for keys and providers
* adds distribute component to key and provider edit
* adds wizard steps for kmse
* handle current warning
* handle history
* match the two flows
* clean up
* Refactor to account for chart indicator (#15121)
* refactor for charts
* revert handler changes
* clarify variable
* add 1.10 to version history
* woops add key
* handle mock query end date
* update current template
* add date
* fix tests
* fix fake version response
* address comments, cleanup
* change word
* add TODO
* revert selector
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
* KMSE: Key Model / Adapter / Serializer setup (#13638)
* First pass model
* KMS key adapter (create/update), serializer, model
* Add last rotated and provider to key
* KeyEdit secret-edit component, and more key model stuff
* add formatDate param support to infotablerow
* Add keymgmt key to routes and options-for-backend
* Rename keymgmt-key to keymgmt/key
* Add test, cleanup
* Add mirage handler for kms
* Address PR comments
* KMS Providers (#13797)
* adds pagination-controls component
* adds kms provider model, adapter and serializer
* adds kms provider-edit component
* updates secrets routes to handle itemType query param for kms
* updates kms key adapter to query by provider
* adds tests for provider-edit component
* refactors kms provider adapter to account for dynamic path
* adds model-validations-helper util
* removes keymgmt from supported-secret-backends
* fixes issue generating url for fetching keys for a provider
* updates modelType method on secret-edit route to accept options object as arg rather than transition
* adds additional checks to ensure queryParams are defined in options object for modelType method
* UI/keymgmt distribute key (#13840)
* Add distribution details on key page, and empty states if no permissions
* Allow search-select component to return object so parent can tell when new item was created
* Add stringarray transform
* Distribute component first pass
* Refactor distribute component for use with internal object rather than ember-data model
* Specific permission denied errors on key edit
* Allow inline errors on search-select component
* Style updates for form errors
* Styling and error messages on distribute component
* Allow block template on inline alert so we can add doc links
* Add distribute action, flash messages, cleanup
* Cleanup & Add tests
* More cleanup
* Address PR comments
* Move disable operations logic to commponent class
* KMSE Enable/Config (#14835)
* adds keymgmt secrets engine as supported backend
* adds comment to check on keymgmt as member of adp module
* updates kms provider to use model-validations decorator
* fixes lint errors and tests
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* clean up activity serailizer
* fix line chart so only plot months with data
* cleanup monthly serializer
* account for empty months in vertical bar chart
* tidy version upgrade info
* fix version history model typo
* extract const into helper
* add upgrade indicator to line chart
* fix tests
* add todos
* update /monthly endpoint
* change object key names to match API
* update serializers
* add optional no data mesage for horizontal chart
* add split chart option for attribution component
* wire up filtering namespaces and auth methods
* update clients current tests
* update todos and address comments
* fix attribution test
* initial upgrade running ember-cli-update --to 3.28
* bumps node-sass version
* fragments bump
* fixes overriding errors prop on policy model causing issues
* bumps some addon versions related to Ember Global deprecation warning on build
* bumps back ember-test-selectors version for now
* removes ember-promise-helpers addon and creates await helper
* upgrades ember-template-lint and adds prettier plugin
* Ember 3.28 Upgrade Lint Fixes (#14890)
* fixes js lint errors
* fixes hbs lint errors
* allow multiple node versions for now to get tests runinng
* fixes tests
* Upgrade ember-test-selectors (#14937)
* updates ember-test-selectors, ember-cli-page-object and ember-cli-string-helpers
* adds attributeBindings to classic components with data-test property
* glimmerizes toolbar-link component and removes data-test args
* glimmerizes toolbar-secret-link and secret-link components and removes data-test and class args
* glimmerizes linked-block component
* glimmerizes toggle-button component
* updates toggle-button test
* fixes remaining test selector issues
* comments out test assertions related to cp-validations bug
* adds todo to comment
* Model Validations (#14991)
* adds model-validations decorator and validators util
* converts key-mixin to decorator
* updates models to use validations decorator instead of ember-cp-validations
* updates invocation of model validations
* removes ember-cp-validations
* reverts secret-v2 model updates
* adds initials to TODO comment
* flight-icons (#14993)
* flight-icons
* basic dropdown
* UI/merge main (#14997)
* Vault documentation: changing references from learn to tutorial (#14844)
* changed learn to tutorial references
* changed learn to tutorial
* Update website/content/docs/plugins/plugin-portal.mdx
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* Update website/content/docs/platform/aws/run.mdx
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* UI/Only show form values if have read access (#14794)
* only show value in edit form if has read capabilities
* revert messing with form
* delete secret data from secret
* add check for selected version
* remove added line
* add changelog
* modified text (#14854)
* fixed a link issue (#14850)
* docs: add known issue to 1.10 release notes (#14859)
* Vault 3999 Change permissions for directory/archive created by debug command (#14846)
* adding debug changes from ent
* adding changelog
* Vault 3992 ToB Config and Plugins Permissions (#14817)
* updating changes from ent PR
* adding changelog
* fixing err
* fixing semgrep error
* updated references from learn to tutorial (#14866)
* updated references from learn to tutorial (#14867)
* changed reference from learn to tutorial (#14868)
* Fix handling of default zero SignatureBits value with Any key type in PKI Secrets Engine (#14875)
* Correctly handle minimums, default SignatureBits
When using KeyType = "any" on a role (whether explicitly or implicitly
via a sign-verbatim like operation), we need to update the value of
SignatureBits from its new value 0 to a per-key-type default value. This
will allow sign operations on these paths to function correctly, having
the correctly inferred default signature bit length.
Additionally, this allows the computed default value for key type to be
used for minimum size validation in the RSA/ECDSA paths. We additionally
enforce the 2048-minimum in this case as well.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix defaults and validation of "any" KeyType
When certutil is given the placeholder any keytype, it attempts to
validate and update the default zero value. However, in lacking a
default value for SignatureBits, it cannot update the value from the
zero value, thus causing validation to fail.
Add more awareness to the placeholder "any" value to certutil.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add role-based regression tests for key bits
This adds regression tests for Key Type, Key Bits, and Signature Bits
parameters on the role. We test several values, including the "any"
value to ensure it correctly restricts key sizes.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add sign-verbatim test for key type
This ensures that we test sign-verbatim against a variety of key types.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Subtle docs change for allow_store_key (#14889)
* Subtle docs change for allow_store_key
* errant space
* Adds Vault version prerelease and metadata to logical.PluginEnvironment (#14851)
* docs: fix formatting on plugin upgrade page (#14874)
* docs: fix formatting on plugin upgrade page
* fix more formatting issues
* Update CC docs (#14714)
* Update CC docs
* Add sample response
* Address review feedback
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Meggie <meggie@hashicorp.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Minor edits
* Update partial month API
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
* Docs improvements for Managed Keys (#14756)
* Add more color around managed keys in their concepts page, and create additional links between
the various docs pages related to them.
* Typos
* sdk/useragent: plugin version string consistent with Vault version string (#14912)
* clean up (#14911)
* website: fix usages of img tag (#14910)
* fix usages of img tag and integrate dev-portal workflows
* Adjust Makefile
* remove mount_accessor from the docs (#14927)
* Add extra test coverage to PKI (#14767)
* Add PKI test for delete role
- Create a role, validate that defaults are what we expect
and delete the role, verifying it is gone on subsequent read
attempts.
* Add PKI test for crl/rotate command
- Missing a unit test that validates the crl/rotate command works. The test validates the rotate command was successful
by checking if we have a different/new update time on the CRL.
* Rework PKI TestBackend_PathFetchValidRaw test to not write directly to storage
- Rework the existing test to not write directly to storage as we might change that in the future.
- Add tests that validate the ca_chain behaviour of not returning the root authority cert
* PR Feedback
* Additional PR feedback
* Use WriteWithContext in auth helpers (#14775)
* Add ability to pass certificate PEM bytes to vault/api (#14753)
* Respect increment value in grace period calculations (api/LifetimeWatcher) (#14836)
* Mount flag syntax to mitigate confusion from KV-v2 path discrepancies (#14807)
* Add explanation to help text and flag usage text
* KV get with new mount flag
* Clearer naming
* KV Put, Patch, Metadata Get + corresponding tests
* KV Delete, Destroy, Rollback, Undelete, MetadataDelete, MetadataPatch, MetadataPut
* Update KV-v2 docs to use mount flag syntax
* Add changelog
* Run make fmt
* Clarify deprecation message in help string
* Address style comments
* Update vault-plugin-auth-gcp to newest pseudo-version (#14923)
* docs: added hello-vault-spring repo link to developer-qs.mdx. (#14928)
* Update developer-qs.mdx
docs: added link to Java / Spring Boot sample app repo in developer quick start.
* removed space.
* trigger ci
Co-authored-by: taoism4504 <loann@hashicorp.com>
* OIDC Login Bug (#14916)
* fixes issue logging in with oidc from listed auth path tab
* adds changelog entry
* adds more tests for oidc auth workflow
* updates oidc auth method test to use non-standard path
* Fix handling of SignatureBits for ECDSA issuers (#14943)
When adding SignatureBits control logic, we incorrectly allowed
specification of SignatureBits in the case of an ECDSA issuer. As noted
in the original request, NIST and Mozilla (and others) are fairly
prescriptive in the choice of signatures (matching the size of the
NIST P-curve), and we shouldn't usually use a smaller (or worse, larger
and truncate!) hash.
Ignore the configuration of signature bits and always use autodetection
for ECDSA like ed25519.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Bug Fix and Glimmerize secret-edit component (#14941)
* inital glimmerize
* wip
* wip
* wip
* fix maybeQueryRecord
* fix
* fix
* fix test
* cleanup
* add changelog
* clean up
* Agent error log level is mismatched (#14424)
* [VAULT-1618] Agent error log level is mismatched
`logLevelToStringPtr` translates `go-hclog`'s `ERROR` to `"ERROR"` for
Consul Template's runner, but that expects `ERR` and is quite strict
about it.
This will address https://github.com/hashicorp/vault-k8s/issues/223
after it is set as the default image in `vault-k8s`.
I didn't find a simple way to test this other than starting up a full
server and agent and letting them run, which is unfortunately fairly
slow.
I confirmed that this addresses the original issue by modifying the helm
chart with the values in this commit and patching the log level to `err`.
* VAULT-1618 Add changelog/14424.txt
* VAULT-1618 Update changelog/14424.txt based on @kalafut suggestion
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
* VAULT-1618 Move cancel and server stop into defer in tests
* VAULT-1618 Triggering CircleCI tests
* VAULT-1618 Replace ioutil with os functions for agent template tests
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
* UI/Add months to activity serializer (#14942)
* add mock monthly data to mirage handler
* add months to serializer for activity response
* change selectors
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* clean up serializer
* please stop being flakey <3
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* Revert the WithContext changes to vault tests (#14947)
* adding env var (#14958)
* Fix dead link for JWT supported algorithms (#14953)
* Don't clone OutputCurlString value (#14968)
* Don't clone OutputCurlString value, add flag to docs
* Add changelog
* Ensure initialMmapSize is 0 on Windows (#14977)
* ensure initialMmapSize is 0 on windows
* add changelog
* Vault 3992 documentation changes (#14918)
* doc changes
* adding config changes
* adding chnages to plugins
* using include
* making doc changes
* adding newline
* aws auth displayName (#14954)
* set displayName to include RoleSessionName
* Add Windows error (#14982)
* Warnings indicating ignored and replaced parameters (#14962)
* Warnings indicating ignored and replaced parameters
* Avoid additional var creation
* Add warnings only if the response is non-nil
* Return the response even when error is non-nil
* Fix tests
* Rearrange comments
* Print warning in the log
* Fix another test
* Add CL
* Fix edit capabilities call in auth method (#14966)
* Fix edit capabilities call in auth method
- Capabilities call was not getting triggered correctly as apiPath
method was missing the correct context.
* Added changelog
* make linting fix
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Scott Miller <smiller@hashicorp.com>
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
Co-authored-by: VAL <val@hashicorp.com>
Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
Co-authored-by: mryan-hashi <88851444+mryan-hashi@users.noreply.github.com>
Co-authored-by: taoism4504 <loann@hashicorp.com>
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
Co-authored-by: Christopher Swenson <swenson@swenson.io>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Jose Estrada <jose.estrada@tradeshift.com>
Co-authored-by: Arnav Palnitkar <arnav@hashicorp.com>
* skips kmip tests with concurrency issues for now
* changelog
* skips another test
* Remove ModelWrap Component (#15001)
* removes ModelWrap component which was not working in Ember 3.28
* removes kmip test skips
* updates role controller class name
* adds annotations to model-validations file
* pr feedback
* lint fixes after main merge
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Scott Miller <smiller@hashicorp.com>
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
Co-authored-by: VAL <val@hashicorp.com>
Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
Co-authored-by: mryan-hashi <88851444+mryan-hashi@users.noreply.github.com>
Co-authored-by: taoism4504 <loann@hashicorp.com>
Co-authored-by: Christopher Swenson <swenson@swenson.io>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Jose Estrada <jose.estrada@tradeshift.com>
Co-authored-by: Arnav Palnitkar <arnav@hashicorp.com>
* Fix edit capabilities call in auth method
- Capabilities call was not getting triggered correctly as apiPath
method was missing the correct context.
* Added changelog
* add mock monthly data to mirage handler
* add months to serializer for activity response
* change selectors
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* clean up serializer
* please stop being flakey <3
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* fixes issue logging in with oidc from listed auth path tab
* adds changelog entry
* adds more tests for oidc auth workflow
* updates oidc auth method test to use non-standard path
* only show value in edit form if has read capabilities
* revert messing with form
* delete secret data from secret
* add check for selected version
* remove added line
* add changelog
* fixes issue with token auth selected after logging out from oidc or jwt methods
* adds changelog entry
* reverts backendType var name change in auth-form authenticate method
* remove Ember Logger
* remove jquery
* prevent setting ember string methods on string
* remove reopen class
* Revert "remove reopen class"
This reverts commit d6a48f148617694cf7b0fc95feb30771ef982c59.
* redo
* clean up
* fix test
* Update ui/app/styles/components/tabs.scss
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* fix test
* test clean up
* clean up cont.
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* fix duplicate rendering of chart elements
* organize SVG char elements into groups, give data-test attrs
* update tests
* tweak mirage
* add fake client counting start date
* fix test
* add waitUntil
* adds changelog
* add second waituntil
* KV fetches recent version on every page, no longer disallow new version without metadata access
* Don't flash no read permissions warning
* Send noMetadataVersion on destroy if version is undefined
* test coverage
* add changelog, fix tests
* Fix failing test
* fix no data empty states
* add comment
* handle error in component
* adds tests for empty state template
* tidy and fix tests
* Empty state for current tab (#14319)
* update ci.hcl to remove 1.6.x and add in 1.10.x (#14310)
* Fix autoseal health check race by passing metrics sink in CoreConfig (#14196)
* Add empty state for current tab, config off, no read permissions on config
Co-authored-by: Hridoy Roy <roy@hashicorp.com>
Co-authored-by: Scott Miller <smiller@hashicorp.com>
* update selector
* fix test
* remove helper
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Hridoy Roy <roy@hashicorp.com>
Co-authored-by: Scott Miller <smiller@hashicorp.com>
* Add UI feature allowing database role credential rotation
* Only show the 'rotate credentials' option for static roles
* rotate role path uses id for permissions
* Add rotate credentials button to show page on static role
* Mirage handlers for role for simple testing
* Add changelog
* lint rules
* fix lint
Co-authored-by: Bartek Marczak <bartek.marczak@gmail.com>
* adds development workflow to mirage config
* adds mirage handler and factory for mfa workflow
* adds mfa handling to auth service and cluster adapter
* moves auth success logic from form to controller
* adds mfa form component
* shows delayed auth message for all methods
* adds new code delay to mfa form
* adds error views
* fixes merge conflict
* adds integration tests for mfa-form component
* fixes auth tests
* updates mfa response handling to align with backend
* updates mfa-form to handle multiple methods and constraints
* adds noDefault arg to Select component
* updates mirage mfa handler to align with backend and adds generator for various mfa scenarios
* adds tests
* flaky test fix attempt
* reverts test fix attempt
* adds changelog entry
* updates comments for todo items
* removes faker from mfa mirage factory and handler
* adds number to word helper
* fixes tests
* Update repository links to point to main
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix broken link in relatedtools.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* adds development workflow to mirage config
* adds mirage handler and factory for mfa workflow
* adds mfa handling to auth service and cluster adapter
* moves auth success logic from form to controller
* adds mfa form component
* shows delayed auth message for all methods
* adds new code delay to mfa form
* adds error views
* fixes merge conflict
* adds integration tests for mfa-form component
* fixes auth tests
* updates mfa response handling to align with backend
* updates mfa-form to handle multiple methods and constraints
* adds noDefault arg to Select component
* updates mirage mfa handler to align with backend and adds generator for various mfa scenarios
* adds tests
* flaky test fix attempt
* reverts test fix attempt
* adds changelog entry
* updates comments for todo items
* removes faker from mfa mirage factory and handler
* adds number to word helper
* fixes tests
* Revert "Merge branch 'main' into ui/mfa"
This reverts commit 8ee6a6aaa1b6c9ec16b985c10d91c3806819ec40, reversing
changes made to 2428dd6cca07bb41cda3f453619646ca3a88bfd0.
* format-ttl helper fix from main
* Add filter for auth mounts on history tab
* Fix normalizeResponse if enabled not a key on data
* Add auth filter to current tab, update clear filter behavior
* Fix failing tests
* save billing start in local storage
* customize enterprise vs oss copy
* change stored date from requested to response date
* delete license date from local storage when navigating away from parent route
* initial reshuffle to use outlet and remove dashboard and index replace with higher level parent clients
* loading
* clean up
* test clean up
* clean up
* adds date picker if no license start date found
* handle permissions denied for license endpoint
* handle permissions errors if no license start date
* change empty state copy for OSS
* fix tests and empty state view
* update nav links
* remove ternary
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* simplify hbs boolean
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* organize history file
* organize current file
* rerun tests
* fix conditional to show attribution chart
* match main
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* first tooltip for next year disabled
* workable for left tooltip
* styling
* make dry
* forgot this one
* remove right tooltip
* clean up
* bug fix
* add bullets when two error messages in one
* fix to isAfter on range comparisons
* remove
* update message per design
* only warning for startTime
* fix for firefox
* Add format-ttl helper
* Add autoRotateInterval to model and serializer for transit key
* Add goSafeTimeString to object returned from TtlPicker2 component
* Add auto rotate interval to transit key components
* clean up unit calculator on ttl-picker, with tests
* Fix tests, cleanup
* Add changelog
* updates data with response returned after dates queried
* alphabetize todo
* clarify comments
* change dashboard.js to history.js
* separate clients route, add history and config
* add loading to config template
* Add failsafes for no data
* remove commented code
* update all LinkTos with new routes, remove params
* return response if no data
* fix tests
* cleanup
* fixes template with namespace filter
* fixes tests with namespace filter merged
* fix namespace array mapping
* add version history to test object
Co-authored-by: hashishaw <cshaw@hashicorp.com>
* updates regex-validator component to optionally show pattern input and adds capture groups support
* adds form-field-label component
* adds autocomplete-input component
* updates kv-object-editor component to yield block for value and glimmerizes
* updates transform template model
* adds transform-advanced-templating component
* updates form-field with child component changes
* updates transform template serializer to handle differences in regex named capture groups
* fixes regex-validator test
* adds changelog entry
* updates for pr review feedback
* reverts kv-object-editor guidFor removal
* Switch parse-pki-cert from node-forge to PKI.js
This replaces the implementation of parse-pki-cert to use PKI.js rather
than node-forge for two reasons:
- PKI.js uses Web Crypto rather than maintaining a built-in
implementation of several algorithms.
- node-forge presently lacks support for ECDSA and Ed25519
certificates.
Related: #13680
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add dependency on PKI.js
$ yarn add -D asn1js pvutils pkijs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Remove dependency on node-forge
$ yarn remove node-forge
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* add timestamp to attribution
* create usage stat component
* updates stat text boxes
* remove flex-header css
* remove comment
* add empty state if no data
* update monthly serializer
* remove empty state - unnecessary
* change tab to 'history'
* add usage stats to history view
* change css styling for upcased grey subtitle
* correctly exports namespace and auth data
* close modal on download
* test making a service?
* fix monthly attrs
* update csv content format
* remove component and make downloadCsv a service
* update function name
* wip//add warning labels, fixing up current and history tabs
* wip//clean up serializer fix with real data
* fix link styling:
* add conditionals for no data, add warning for 1.9 counting changes
* naming comment
* fix tooltip formatting
* fix number format and consolidate actions
* remove outdated test
* add revokeObjectURL and rename variable
* fix errors and empty state views when no activity data at all
* fix end time error
* fix comment
* return truncating to serializer
* PR review cleanup
* return new object
* setup
* handle current billing period
* handle billing period selection
* clean up
* clean up
* turn serializer to class
* change to classes
* placeholding, handles timezone issues for this.startTime
* put in depen
* fixing timezone issues for endTime
* clean up
* move formating on Get to the adapter. Still need to return formating from Get on serializer
* fix current billing period
* move all inside queryRecord to hit serilaizer
* move to serializer
* clean up
* calendar clean up
* clean up
* fix styling
* small fixes
* small fixes
Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
* add timestamp to attribution
* create usage stat component
* updates stat text boxes
* remove flex-header css
* remove comment
* add empty state if no data
* update monthly serializer
* remove empty state - unnecessary
* adds serializer
* removes all 1.11 related work to monthly/new client counting
* move from new-init-activity to activity
* merge setup changes add monthly model/adapter
* delete new-init-activity files
* add graph to current month view
* Accept both -f and --force in the web terminal
This aligns the behavior of the web terminal with the `vault write ...`
command to make it a bit more user friendly.
* Add changelog
* Use === instead of ==
* fire off network for query with Start time from license and return endDate and display
* startDate
* comment change
* saving wip
* change from startDate to startTime
* comment cleanup
* Address comments
* fixing small comments
* distinguish between single month and range attribution views, add export csv modal and action
* adds activity handler for mirage testing with client count work against new API
* adds class for grey subtitle in modal
* akes data detail titles dynamic
* fix passing of glyph type
* clarify mirage responses
* cleanup todos
* Fix info-table-row not rendering if alwaysRender=false and only block content present
* use defaultFields for form and nonOperationFields for adapter
* WIP: Move info table row template to addon component dir
* Refactor InfoTableRow to glimmer component
* Add changelog
* passthrough attributes, change @data-test-x to data-test-x on InfoTableRow invocations
* UI/total client usage (#13359)
* blah
* setup
* clean up
* rename history to dashboard
* clean up
* Styling fixes (#13369)
* styling
* clean up
* UI/ horizontal bar chart component (#13361)
* horizontal bar chart component
* adds horizontal chart to dashboard file
* add export class
* yarn install d3 array
* yarn install d3 array
* adds data subtext to chart
* update naming to plural charts"
* updates css grid to 6 columns"
* UI/tooltip (#13397)
* working state
* stuff
* adds month tick marks and sort of y-axis, but y scale still messed up
* moves y scale so zero shows again
* fixes translating constants
* format numbers y axis
* actually fixes viewbox
* styling for x and y axis plus gridlines
* clean up
* separates grid types based on content
Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
* Styling and legend component (#13430)
* styling
* cleanup
* UI/ Double horizontal bar charts (#13398)
* add descriptions and styling to side by side charts
* add border below horizontal charts
* starts legend styling
* center legend
* add to do
* add hover actions/event listeners
* UI/merge main (#13436)
* Rename master key to root key (#13324)
* See what it looks like to replace "master key" with "root key". There are two places that would require more challenging code changes: the storage path `core/master`, and its contents (the JSON-serialized EncodedKeyringtructure.)
* Restore accidentally deleted line
* Add changelog
* Update root->recovery
* Fix test
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* Fix typo (#13355)
* Add kms_library configuration stanza (#13352)
- Add the kms_library configuration stanza to Vault's command/server
- Provide validation of keys and general configuration.
- Add initial kms_library configuration documentation
- Attempt at startup to verify we can read the configured HSM Library
- Hook in KmsLibrary config into the Validate to detect typo/unused keys
* modifed note (#13351)
* Incorporate Ember Flight Icons (#12976)
* adds ember-flight-icons dependecy
* adds inline-json-import babel plugin
* adds flight icon styling
* updates Icon component to support flight icons
* updates Icon component usages to new api and updates name values to flight icon set when available
* fixes tests
* updates icon story with flight mappings and fixes issue with flight icons not rendering in storybook
* adds changelog
* fixes typo in sign action glyph name in transit-key model
* adds comments to icon-map
* updates Icon component to use only supported flight icon sizes
* adds icon transform codemod
* updates icon transform formatting to handle edge case
* runs icon transform on templates
* updates Icon usage in toolbar-filter md and story
* updates tests
* docs: winsvc update recommendations (#13280)
* docs: update custom database sample code (#13211)
* clarify more sink options (#12586)
* Update @hashicorp/react-hashi-stack-menu (#13354)
* Docs to clarify k8s auth options with short-lived tokens (#13275)
* Rework 1.21 content into one heading and add note at top
* Add notes about extended k8s token duration
* Add example of ClusterRoleBinding for using client JWTs
* Adds support for SHA-3 to transit (#13367)
* Adding support for SHA3 in the transit backend.
* Adds SHA-3 tests for transit sign/verify path. Adds SHA-3 tests for logical system tools path hash functionality. Updates documentation to include SHA-3 algorithms in system tools path hashing.
* Adds changelog entry.
Co-authored-by: robison jacka <robison@packetized.io>
* agent/cache: differentiate open log messages (#13362)
Changes the error output for the second open of the persistent cache
file, to differentiate it from the c.UI.Error message for the initial
open of the cache file, just to make it easier to tell where a problem
occurred.
* Warn user supplying nonce values in FIPS mode for transit encryption requests (#13366)
* Warn user supplying nonce values in FIPS mode for transit encryption requests
- Send back a warning within the response if an end-user supplies nonce
values that we use within the various transit encrypt apis.
- We do not send a warning if an end-user supplies a nonce value but we
don't use it.
- Affected api methods are encrypt, rewrap and datakey
- The warning is only sent when we are operating in FIPS mode.
* [VAULT-3252] Add entity-alias behavior change to docs (#13370)
* Add entity-alias behavior change to docs
* Add upgrade note about entity-alias mapping change
* Rename 1.7-9 upgrade pages, shuffle upgrade note position
* Update website/content/partials/entity-alias-mapping.mdx
Co-authored-by: Meggie <meggie@hashicorp.com>
* Add incorrect policy issue to the docs
* Add example about entity-alias restriction
Co-authored-by: Meggie <meggie@hashicorp.com>
* VAULT-1564 report in-flight requests (#13024)
* VAULT-1564 report in-flight requests
* adding a changelog
* Changing some variable names and fixing comments
* minor style change
* adding unauthenticated support for in-flight-req
* adding documentation for the listener.profiling stanza
* adding an atomic counter for the inflight requests
addressing comments
* addressing comments
* logging completed requests
* fixing a test
* providing log_requests_info as a config option to determine at which level requests should be logged
* removing a member and a method from the StatusHeaderResponseWriter struct
* adding api docks
* revert changes in NewHTTPResponseWriter
* Fix logging invalid log_requests_info value
* Addressing comments
* Fixing a test
* use an tomic value for logRequestsInfo, and moving the CreateClientID function to Core
* fixing go.sum
* minor refactoring
* protecting InFlightRequests from data race
* another try on fixing a data race
* another try to fix a data race
* addressing comments
* fixing couple of tests
* changing log_requests_info to log_requests_level
* minor style change
* fixing a test
* removing the lock in InFlightRequests
* use single-argument form for interface assertion
* adding doc for the new configuration paramter
* adding the new doc to the nav data file
* minor fix
* auth/jwt: Update plugin to v0.11.3 (#13365)
* auth/jwt: Update plugin to v0.11.3
* add changelog
* changelog++
* Update alert banner (#13375)
* Updating website for 1.9.1 (#13378)
* Use os.Hostname instead of a dependency that doesn't work on OpenBSD. (#13389)
* Remove another use gopsutil/host. (#13390)
* CLI changes for new mount tune config parameter allowed_managed_keys (#13255)
* CLI changes for new mount tune config parameter allowed_managed_keys
* Correct allowed_managed_keys description in auth and secrets
* Documentation update for secrets and removed changes for auth
* Add changelog and remove documentation changes for auth
* removed changelog
* Correct the field description
* auth/jwt: update changelog for pkce improvement (#13392)
* Fix test validating convergent encryption behaviour across key types (#13371)
- The test was attempting to test the convergent encryption behaviour
with several key types but the common function never used the passed
in key type. So we ran the test with the default aes256-gcm96 only.
* Fix managed namespace test (#13394)
* Fix managed namespace test
* Remove log
* Some changelog tidying for 1.10 preview (#13385)
* Some changelog tidying for 1.10 preview
* PR accounted for by different CL entry
* changelog++
Working on a new workflow for generating the preview so I thought I'd leave a note that it's still coming.
* UI/fix client count partial (#13396)
* Initial fix
* Add fallback zero values
* Add changelog
* Fix client count current test
* Support clearing an identity alias' custom_metadata (#13395)
* Support clearing an identity alias' custom_metadata
Previously, an update to an entity alias supported updating the
custom_metadata as long as the update was not empty, which makes it
impossible to clear the metadata values completely.
Fixes:
- empty custom_metadata parameters are honoured on entity alias update
- update related tests
- drop dependency on mapstructure
- reformat with gofumpt
* Docs: fix invalid link in the kubernetes auth api doc. (#13399)
* Clean up whitespace
* auth/azure: add note about debug env (#13405)
* auth/azure: add note about debug env
* Update azure.mdx
* Update azure.mdx
* Add universal default key_bits value for PKI endpoints (#13080)
* Allow universal default for key_bits
This allows the key_bits field to take a universal default value, 0,
which, depending on key_type, gets adjusted appropriately into a
specific default value (rsa->2048, ec->256, ignored under ed25519).
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Handle universal default key size in certutil
Also move RSA < 2048 error message into certutil directly, instead of in
ca_util/path_roles.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add missing RSA key sizes to pki/backend_test.go
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Switch to returning updated values
When determining the default, don't pass in pointer types, but instead
return the newly updated value.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Re-add fix for ed25519 from #13254
Ed25519 internally specifies a hash length; by changing the default from
256 to 0, we fail validation in ValidateSignatureLength(...) unless we
specify the key algorithm.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix logging statement using formatting args (#13407)
* Add docs about path param restrictions (#13413)
* Add docs about path param restrictions
* Update website/content/api-docs/auth/userpass.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update with review suggestion
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update raftautosnapshots.mdx (#13412)
* Main go version bump (#13408)
* Go 1.17.2 -> 1.17.5
* Switching to cimg
* Bump yarn cache key version so that it uses the new disk layout we've adopted for using cimg/go. (#13420)
* Add vault-api module (#13048)
* crt main fix for ecr tag (#13425)
* Add no-op method setupManagedKeyRegistry(). (#13433)
* github auth: use org id to verify creds (#13332)
* github auth: use org id to verify creds
* add check for required org param; add test case
* update UTs
* add nil check for org
* add changelog
* fix typo in ut
* set org ID if it is unset; add more ut coverage
* add optional organization_id
* move client instantiation
* refactor parse URL; add UT for setting org ID
* fix comment in UT
* add nil check
* don't update org name on change; return warning
* refactor verifyCredentials
* error when unable to fetch org ID on config write; add warnings
* fix bug in log message
* update UT and small refactor
* update comments and log msg
* use getter for org ID
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Harsimran Singh Maan <maan.harry@gmail.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
Co-authored-by: Mike Green <772413+mikegreen@users.noreply.github.com>
Co-authored-by: Noel Quiles <3746694+EnMod@users.noreply.github.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>
Co-authored-by: robison jacka <robison@packetized.io>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Pratyoy Mukhopadhyay <35388175+pmmukh@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
Co-authored-by: hghaf099 <83242695+hghaf099@users.noreply.github.com>
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
Co-authored-by: Brandon Romano <brandon@hashicorp.com>
Co-authored-by: divyapola5 <87338962+divyapola5@users.noreply.github.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Mark Lewis <56076038+ml4@users.noreply.github.com>
Co-authored-by: Sai Hemanth Bheemreddy <35338241+SaiHemanthBR@users.noreply.github.com>
Co-authored-by: Kyle Penfound <kpenfound11@gmail.com>
Co-authored-by: Victor Rodriguez <vrizo@hashicorp.com>
* UI/chart legend (#13437)
* fixes axes lines blend
* add pixel conversions to variable css file
* reorganizes css file
* adds legend
* fixes scales and makes room for legend
* fixes grid for dual charts
* made grid responsive
* fixes legend styling
* fixes legend, removes ticks and fixes scale
* adjusts tooltip target
* un-comment mouse events
* remove console log
* UI/ Client counts range (running total component) (#13477)
* grid for stacked charts
* pass in data as arg from parent
* pull out vertical bar chart component
* refactor to use vertical bar chart component
* remove any chart handling stuff from parent
* rename variables
* refactor horizontal bar chart into separate component
* move descriptions to inside template (not passed in)
* constructs attribution copy
* add sample response to mirage config
* change indenting
* rename to MonthlyUsage
* change name to running totals
* rename variable
* finishes line chart
* pull constants to util
* cleanup add todos
* fix formatNumbers return"
* comments and cleanup
* adds tooltip to line chart
* make cover area larger
* fixes tooltip styling
* adds tooltip styling"
* adds tooltip modal to horizontal chart
* finishes tooltip for horizontal chart
* remove click event arg
* merges main and fixes conflicts
* bumps yarn.lock
* linting fix
* clean up go files and changelog
* more clean up
* remove changelog
* fix
* update component documentation for jsdocs
* removing test to see if that helps with browserstack
* remove new packages to test dep failure
* add ember-modal-dialog
* add ember-tether
* add ember-tether
* fixes mirage config file - merge conflict issue
* remove general spacing variable
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Harsimran Singh Maan <maan.harry@gmail.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
Co-authored-by: Mike Green <772413+mikegreen@users.noreply.github.com>
Co-authored-by: Noel Quiles <3746694+EnMod@users.noreply.github.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>
Co-authored-by: robison jacka <robison@packetized.io>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Pratyoy Mukhopadhyay <35388175+pmmukh@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
Co-authored-by: hghaf099 <83242695+hghaf099@users.noreply.github.com>
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
Co-authored-by: Brandon Romano <brandon@hashicorp.com>
Co-authored-by: divyapola5 <87338962+divyapola5@users.noreply.github.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Mark Lewis <56076038+ml4@users.noreply.github.com>
Co-authored-by: Sai Hemanth Bheemreddy <35338241+SaiHemanthBR@users.noreply.github.com>
Co-authored-by: Kyle Penfound <kpenfound11@gmail.com>
Co-authored-by: Victor Rodriguez <vrizo@hashicorp.com>
* Update browserslist
* Add browserslistrc
* ember-cli-update --to 3.26, fix conflicts
* Run codemodes that start with ember-*
* More codemods - before cp*
* More codemods (curly data-test-*)
* WIP ember-basic-dropdown template errors
* updates ember-basic-dropdown and related deps to fix build issues
* updates basic dropdown instances to new version API
* updates more deps -- ember-template-lint is working again
* runs no-implicit-this codemod
* creates and runs no-quoteless-attributes codemod
* runs angle brackets codemod
* updates lint:hbs globs to only touch hbs files
* removes yield only templates
* creates and runs deprecated args transform
* supresses lint error for invokeAction on LinkTo component
* resolves remaining ambiguous path lint errors
* resolves simple-unless lint errors
* adds warnings for deprecated tagName arg on LinkTo components
* adds warnings for remaining curly component invocation
* updates global template lint rules
* resolves remaining template lint errors
* disables some ember specfic lint rules that target pre octane patterns
* js lint fix run
* resolves remaining js lint errors
* fixes test run
* adds npm-run-all dep
* fixes test attribute issues
* fixes console acceptance tests
* fixes tests
* adds yield only wizard/tutorial-active template
* fixes more tests
* attempts to fix more flaky tests
* removes commented out settled in transit test
* updates deprecations workflow and adds initializer to filter by version
* updates flaky policies acl old test
* updates to flaky transit test
* bumps ember deps down to LTS version
* runs linters after main merge
* fixes client count tests after bad merge conflict fixes
* fixes client count history test
* more updates to lint config
* another round of hbs lint fixes after extending stylistic rule
* updates lint-staged commands
* removes indent eslint rule since it seems to break things
* fixes bad attribute in transform-edit-form template
* test fixes
* fixes enterprise tests
* adds changelog
* removes deprecated ember-concurrency-test-waiters dep and adds @ember/test-waiters
* flaky test fix
Co-authored-by: hashishaw <cshaw@hashicorp.com>
* adds ember-flight-icons dependecy
* adds inline-json-import babel plugin
* adds flight icon styling
* updates Icon component to support flight icons
* updates Icon component usages to new api and updates name values to flight icon set when available
* fixes tests
* updates icon story with flight mappings and fixes issue with flight icons not rendering in storybook
* adds changelog
* fixes typo in sign action glyph name in transit-key model
* adds comments to icon-map
* updates Icon component to use only supported flight icon sizes
* adds icon transform codemod
* updates icon transform formatting to handle edge case
* runs icon transform on templates
* updates Icon usage in toolbar-filter md and story
* updates tests
* staying with jsondiff
* routing setup
* send compare against data to component after using new adapater method to return the version data.
* functionality
* fix issue on route transition not calling model hook
* formatting
* update version
* changelog
* glimmerize the json-editor component
* catch up
* passing tracked property from child to parent
* pull out of jsonEditor
* fix issue with message
* icon
* fix some issues with right selection
* changes and convert to component
* integration test
* tests
* fixes
* cleanup
* cleanup 2
* fixes
* fix test by spread attributes
* remove log
* remove
* Add client side pagination to namespaces
* Update namespace list after delete operation
* Added changelog
* Added tests
* Clean up
* Added comment for test
* Try ember run loop
* Run test only in enterprise
* Fixed test
* converts secret-v2-version model to native class -- fixes issues with cached values for deleted prop
* adds changelog entry
* adds disabled state to ToolbarLink component and disables create new version action when users cannot read metadata
* updates secret-edit acceptance test
* add catch for node-forge error handling
* update comment
* adds changelog
* alphabetize attrs and add canParse attr
* show alert banner if unable to parse metadata
* add test to check info banner renders
* fixes issue with oidc auth method when MetaMask chrome extenstion is used
* adds changelog entry
* updates auth-jwt integration tests
* fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order
* Add message while adding Oracle db connection
- Since UI currently doesn't have support for custom plugin names,
inform user to use the default plugin name for oracle
* Updated warning message
* Updated message
* updates secret list header to display badge for all versions
* adds changelog entry
* updates secret list header to only show badge for kv and generic engine types
* adds secret-engine mirage factory
* adds test helper for pushing serialized mirage data into store and returning ember data models
* adds secret engine type version badge display test
* updates mirage application serializer to return singular type key
* small bar chart attr fix
* truncates and adds ellipsis of label is long
* adds tooltip for long labels
* updates storybook
* adds changelog
* only calculate overflow if query selectors grab elements
* moves tooltip pointer to left
* Sync selected namespace between bar chart and search component
- When user selects the namespace from chart, update the selected
value in search select component
- Clear out the namespace selection when new date is queried
* On bar chart selection, replace search select with custom html
* chane form field to angle bracket syntax
* computes tuneAttrs depending on auth method type
* make all attrs linkable
* delete token_type for token auth methods before save
* adds changelog
* adds copy to unsupported auth methods
* adds doc link to copy
* adds test for linkable auth method list
* alphabetize DB plugin types
* adds changelog
* add postgres to database plugins
* add statement fields
* adds tests for postgres db
* add delete confirm modal to db connection
* fixes text for confirmation modal - transform
* editing tests for delete modal
* fixes tests, oracle must be last DB tested
* adds test for modal and updates old modal tests
* Add cluster name to oidc-provider path
* Move oidc-provider route up on router
* Return base url for changelog if no version
* OIDC Provider check on targetRouteName instead of transitionToTargetRoute
* restore dynamic provider segment on route
* Fix redirect after auth issue
* handle permission denied
* adds helper so only rows with values display
* adds changelog
* add argument to is-empty-value helper to check for default
* adds test to helper for added named argument
* Add new route w/ controller oidc-provider
* oidc-provider controller has params, template has success message (temporary), model requests correct endpoint
* Move oidc-provider route to under identity
* Do not redirect after poll if on oidc-provider page
* WIP provider -- beforeModel handles prompt, logout, redirect
* Auth service fetch method rejects with fetch response if status >= 300
* New component OidcConsentBlock
* Fix redirect to/from auth with cluster name, show error and consent form if applicable
* Show error and consent form on template
* Add component test, update docs
* Test for oidc-consent-block component
* Add changelog
* fix tests
* Add authorize to end of router path
* Remove unused tests
* Update changelog with feature name
* Add descriptions for OidcConsentBlock component
* glimmerize token-expire-warning and don't override yield if on oidc-provider route
* remove text on token-expire-warning
* Fix null transition.to on cluster redirect
* Hide nav links if oidc-provider route
* fix delete issue when no read on metadata
* show create button
* fix navigation on metadata
* dont show search unless its version 2
* need to query because can't be certain the model will have loaded
* fix issue with no read metadata and create new version
* cleanup the delete reload issues
* cleanup modal refresh issues
* extra conditional on delete
* test coverage
* add more test coverage
* some pr comments but also fix soft delete
* test cleanup
* fix soft delete issue
* creates serializer and moves available plugin types constant to util
* adds if block catch if no plugin_type, renames util file
* updates imports
* adds changelog
* fixes rendering of default attrs
* checks that plugin exists
* Added support for Oracle db connection
* Added changelog
* Fixed test
* Added test for role setting
* Skip full acceptance test in case of oracle db
* Fix db role test
* Update changelog
* Fix db role fields after rebase
* Added missing test
* displays empty state if database is not supported in the UI
* adds elasticsearch db plugin
* adds changelog
* updates elasticsearch attrs
* move tls_server_name to pluginConfig group
* move role setting fields to util
* updates comments and refactors using util function
* adds tests for elasticsearch
* fixes indentation
* when local host needs https
* adds line at bottom of hbs file
* update azure instructions
Update instructions in regards to azure AD Authentication and OIDC
* Initial pass of ed25519
* Fix typos on marshal function
* test wip
* typo
* fix tests
* missef changelog
* fix mismatch between signature and algo
* added test coverage for ed25519
* remove pkcs1 since does not exist for ed25519
* add ed25519 support to getsigner
* pull request feedback
Signed-off-by: Anner J. Bonilla <abonilla@hoyosintegrity.com>
* typo on key
Signed-off-by: Anner J. Bonilla <abonilla@hoyosintegrity.com>
* cast mistake
Signed-off-by: Anner J. Bonilla <abonilla@hoyosintegrity.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
* installs node-forge
* correctly displays and formats cert metadata
* removes labels
* uses helper in hbs file
* adds named arg to helper
* pki-ca-cert displays common name, issue & expiry date
* alphabetizes some attrs
* adds test for date helper
* get credentials card test and setup
* call getcrednetials card and remove path test error
* configuration
* metadata search box
* changelog
* checking if it is noReadAccess
* try removing test
* blah
* a test
* blah
* stuff
* attempting a clean up to solve issue
* Another attempt
* test1
* test2
* test3
* test4
* test5
* test6
* test7
* finally?
* clean up
* Added namespace search to client count
- Used existing search select component for namespace search
* Added changelog
* Added download csv component
- generate namespaces data in csv format
- Show root in top 10 namespaces
- Changed active direct tokens to non-entity tokens
* Added test for checking graph render
* Added documentation for the download csv component
* Client count updates
- Added Current month tab which leverages partial monthly activity api
- Refactored Vault usage to Monthly history
- New client count history component based on StatText and BarChart component
- Restrict bar chart to showcase only top 10 namespaces
- Removed config route, as config and history component will be rendered based on query param
- Updated all metrics reference to clients
- Removed old tests and added integration test for current month
* Fixed navbar permission
- Added changelog
* Updated the model for current month data
* Fixed current month tests
* Fixed indentation and chart label
* add permissions and conditional
* stuff
* following the default setting to zero
* wip
* handle no permissions to mount sys
* maybe closer
* closer but configuration page not updating correctly with serializer issues
* wip but figured out configuration page and model
* clean up
* add test coverage
* clean up
* remove meep
* refactor
* clean test
* fix conditional on seralizer delete
* fix test
* test fixes
* fix test
* test fix
* more test stuff
* condense
* creates bar chart component
* WIP//starts styling
* fixes width of bars
* WIP//barchart
* uses d3 max method instead of Math.max
* stacks data
* adds y axis
* fixes styling and spacing
* adds spacing between bars
* styling DONE
* adds legend
* adds tooltip
* tweaks styling adds pointer cursor to rects
* fixes tooltip placement
* moves starget from bar to whole area
* finishes hover selection styling
* cleans up
* cleans up a tiny bit
* stopping point
* adjusts tooltip placemnt
* WIP//clean up time
* sort of not broken
* unbroken, ish
* tooltip position fixed
* truncates text and adds tooltip
* changes tooltip width depending on content
* unbroken
* finishes initial refactor/cleanup
* finishes documentation
* passes in map legend to component
* more tidying
* add export option
* adds grid to header for export button option
* updates comments
* fix variable name change
* moves dataset formatting to parent
* removes unused code"
* adds assertions and empty state if no data
* cleans up comments adds assertion to check for map legend
* adds storybook
* adds changelog
* deletes dummy parent:
* restores index.hbs
* uses scss variables instead
* exchanges more variables
* remove unused variable in storybook
* writes basic test
* removes pauseTest()
* Override loading behavior which breaks query params passed to API calls
* Only show loading state if transition is not queryparams only
* Add changelog
* Skip loader if testing
* initial setup
* form field editType kv is very helpful
* setting up things
* setup two routes for metadata
* routing
* clean up routing
* meh router changes not my favorite but its working
* show metadata
* add controller for backendCrumb mixin
* setting up edit metadata and trimming SecretEditMetadata component
* add edit metadata save functionality
* create new version work
* setup model and formfieldgroups for added config data.
* add config network request to secret-engine
* fix validations on config
* add config rows
* breaking up secret edit
* add validation for metadata on create
* stuff, but broken now on metadata tab
* fix metadata route error
* permissions
* saving small text changes
* permissions
* cleanup
* some test fixes and convert secret create or update to glimmer
* all these changes fix secret create kv test
* remove alert banners per design request
* fix error for array instead of object in jsonEditor
* add changelog
* styling
* turn into glimmer component
* cleanup
* test failure fix
* add delete or
* clean up
* remove all hardcoded for api integration
* add helper and fix create mode on create new version
* address chelseas pr comments
* add jsdocs to helper
* fix test
* Client count config view
- Switched to toggle button from checkbox and updated the design
- Switched to ember octane
- Update ember concurrency dependency
* Fixed integration tests
* Added changelog
* Update switch label on toggle
* Code cleanup
* Fixed test
* Handle api explorer routing error
- For some reason when routing is done during async process, router transtionTo throws the TransitionAbortedError
- As a fix treat this particular error as success since it doesn't interfere in the routing
- Reference: https://github.com/emberjs/ember-test-helpers/issues/332
* Added changelog
* Add type param to secret show, handle CG in database role show
* If roleType is passed to credential, only make one creds API call
* Clean up db role adapter and serializer
* url param roleType passed to credentials call
* Role list capabilities check for static and dynamic separately
* Add changelog
* Consistent adapter response for single or double call
* Prioritize dynamic response if control group on role/creds
* Handle form validation for open api form
- Added required validator for all the default fields
* Fixed field group error and adedd comments
* Fixed acceptance tests
* Added changelog
* Fix validation in edit mode
- Handle read only inputs during edit mode
* Minor improvements
* Restrict validation only for userpass
* setup check when secret-v2 record is populated
* return network request of full paths
* modify/amend test
* remove console log
* fix test
* add changelog
* attempt to fix browserstack test issue
* remove find
* add trim
* another attempt
* initial setup
* initial validation setup for empty path object.
* removal console logs
* validation on keyup for kv
* in progress
* making some progress
* more progress
* closer
* done with create page now to fix edit page that I broke
* fix secret edit display on create
* test and final touches
* cleanup mountbackendform
* cleanup
* add changelog
* address pr comments
* address styling pr comment
* Displays Auth Method description on login page
* working on auth login form
* Keeps path name as LinkTo label adds description to paths
* removes commented and unused code
* removes trailing white space
* removes prettier package
* adds test for description
* removes extra white spaces
* adds changelog file
* replace last two partials
* cleanup
* modify test to cover new component
* only on ca role run new function
* help with inconsistent failure on enterprise test
* small changes to help with flaky test locally
* add js docs
* secret-list/item partial removed
* remove all partials and I'm sure break many things.
* changing props types and breaking more things
* cleanup
* fix options for backend
* fix transform list item test
* Update cluster status partial to component
* Added changelog
* Close menu when link is clicked
* Upgraded to glimmer components
* Fixed indentations
Added back activeCluster
Updated changelog
* Styling for empty-state and splash-page
* Update shamir-flow language and trigger onError on non-400 error
* Add license terminated screen to unseal
* Add changelog
* hash tools from partial to component
* initial setup of tools random, but issue remaining with bytes
* rewrap
* unwrap
* final two partials
* fix issues with actions on tool wrap
* fix hash
* changelog
* address pr comments
* fix onClear
* trigger run
* triggering test suite
* initial setup, modify toolbar header
* footer buttons setup
* setup first delete version delete method
* clean up
* handle destory all versions
* handle undelete
* conditional for modal and undelete
* remove delete from version area
* modelForData in permissions
* setup for soft delete and modify adpater to allow DELETE in additon to POST
* dropdown for soft delete
* stuck
* handle all soft deletes
* conditional for destroy all versions
* remove old functionality from secret-version-menu
* glimmerize secret-version-menu
* Updated secret version menu and version history
* Updated icons and columns in version history
* create new component
* clean up
* glimmerize secret delete menu
* fix undelete
* Fixed radio labels in version delete menu
* handle v1 delete
* refining
* handle errors with flash messages
* add changelog
* fix test
* add to test
* amend test
* address PR comments
* whoopies
* add urlEncoding
Co-authored-by: Arnav Palnitkar <arnav@hashicorp.com>
* initial setup
* add delay and modify message
* test
* changing to different style because unable to interrupt the yield of authentication
* cleanup
* more consitency in messssage placement
* fix test
* clean up test notification
* clean up
* remove click
* changelog
* Update 11442.txt
* revert changes so a message is delayed by not calling yield
* amend test
* remove padding-bottom as no longer needed with reposition of message location
* Add MySQL DB Support
* Add other versions of MySQL to database options
* Save incoming root_credentials_rotate_statements as root_rotation_statements for display
* Handle errors correctly on database connection form for edit
* Add tests for mysql database
* Add UI feature changelog