* secrets/ssh: allow algorithm_signer to use the key's default algo
* add test for ed25519 key signing
* test: add role upgrade test case
* test: rename and add more test cases
* test: clean up tests cases, fix broken test case on expected error
* test: fix broken test case on expected error
* Ui/transform enable (#9647)
* Show Transform on engines list if enterprise
* Add box-radio component
* Add is-disabled styling for box-radio and fix tooltip styling when position: above
* Add KMIP and Transform to possible features on has feature helper
* Sidebranch: Transform Secret Engine Initial setup (#9625)
* WIP // list transforms, console.logs and all
* setup LIST transformations ajax request and draft out options-for-backend options
* change from plural to singluar and add transform to secret-edit
* create two transform edit components
* modify transform model with new attrs
* add adapterFor to connect transform adapter to transform-edit-form component
* setup Allowed roles searchSelect component to search over new transform/role adapter and model.
* clean up for PR
* clean up linting errors
* restructure adapter call, now it works.
* remove console
* setup template model for SearchSelect component
* add props to form field and search select for styling
Co-authored-by: Chelsea Shaw <chelshaw.dev@gmail.com>
* Ui/transform language fixes (#9666)
* Update casing and wording on Transform list route. Use generic list item for transformations
* Add back js file for transformation-edit
* Set up transform for tabs
* Ui/create edit transformation fixes (#9668)
* add conditional for masking vs tweak source based on type, and update text for create transformation
* change order
* fix error with stringArray
* setup the edit/delete transformation view
* clean up toolbar links
* setup serializer to change response of mask character from keycode to character
* change styling of label and sub-text size, confirmed with design
* temp fix on templates vs template
* add clickable list item
* add space between template list
* setup styling and structure for the rest of the show transformation. TODO: turn into components.
* create transform-show-transformation component
* add attachCapabilities to transform model and update transform-transformation-itme list accordingly
* clean up liniting errors
* address pr comments
* remove leftover
* clean up
* Sidebranch: UI transform create and edit clean up (#9778)
* clean up some of the TODOs
* setup edit view with read only attributes for name and template
* setup initial selected for search select component
* fixes
* hide templates form field for now
* set selectLimit for search select component
* hide power select if the select limit is greater than or equal to the selectedOptions length
* clean up failing linting
* address pr comments
* Ui/fix list roles transformation (#9788)
* Update search-select to pass backend to query if exists
* Update role and template adapters
* cleanup
* Fix replace with static string
* Ui/transform cleanup 2 (#9789)
* amend encode/decode commands for now until design gets back with more details
* restrict character count on masking input field
* clean up selectLimit
* show backend instead of transform in cli copy command
* Show KMIP un-selectable if enterprise but no ADP module (#9780)
* New component transform-edit-base
* Duplicate RoleEdit as TransformEditBase and swap in all transform components
* Roll back role-edit changes
* Update to transform edit base
* Remove extraeneous set backend type on transform components
* formatting
* Revert search-select changes
* Update template/templates data on transformation (#9838)
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
* Bring over PSIRT-37 changes from ENT
* Add additional allowed headers
* Already had this one
* Change to string slice comma separated parsing
* Add allowed_sts_header_values to read output
* Only validate AWS related request headers
* one per line
* Import ordering
* Update test
* Add X-Amz-Credential
* Reorder imports
* Update documentation for MySQL Secrets Engine
Update documentation for MySQL Database Secrets Engine to reflect changes introduced with https://github.com/hashicorp/vault/pull/9181
* Empty Commit to re-trigger tests
Co-authored-by: Lauren Voswinkel <lvoswinkel@hashicorp.com>
* Conditionally overwrite TLS parameters in MySQL DSN
Overwrite MySQL TLS configuration in MySQL DSN only if have `tls_ca` or `tls_certificate_key` set
Current logic always overwrites it
* Add test for MySQL DSN with a valid TLS parameter in query string
* TOB-018 remediation
* Make key derivation an optional config flag, off by default, for backwards compatibility
* Fix unit tests
* Address some feedback
* Set config on unit test
* Fix another test failure
* One more conf fail
* Switch one of the test cases to not use a derive dkey
* wip
* comments
* add packagespec build system
- The majority of changes in this commit are files generated
by packagespec (everything in the packages-oss.lock directory).
* add .yamllint
* update to packagespec@fd54aea4
* ci: bust packagespec cache
- Change to packagespec results in package IDs that can use
git tag refs, not just commit refs.
* update to packagepsec@5fc121d0
- This busts all caches, because of a change to the way we
no longer traverse from tag refs to commit refs, due to
the potential confusion this can cause.
- See fd54aea482
for the original change to packagespec necessitating this.
* update to packagespec@5e6c87b6
- This completes the change to allowing git tag refs
to be used for source IDs, begun in f130b940a8fbe3e9398225b08ea1d63420bef7b6
* update to packagespec@4d3c9e8b
- This busts cache, needed to apply previous change.
* remove RELEASE_BUILD_WORKFLOW_NAME
* update packagespec, add watch-ci target
* fix package names (do not refer to EDITION)
* remove EDITION input from packages-oss.yml
* bump package cache, update packagespec
* update packagespec, add 'aliases' target
* update packagespec; less output noise
* ci: give release bundle file a better name
- When performing a release build, this will include the build ID
as part of the name, making it easier to distinguish from other
builds.
* ci: create aliases tarball artifact
* ci: cache package metadata files
* ci: add metadata artifact
* ci: bust circleci package cache
* Revert "ci: bust circleci package cache"
This reverts commit 1320d182613466f0999d63f5742db12ac17f8e92.
* ci: remove aliases artifact
* ci: use buildID not workflowName to id artifacts
* packages: add BUNDLE_NAME metadata
* do not cache package metadata with binaries
* ci: bump package cache
* ci: debugging
* ci: fix package cache; update packagespec
* ci: update packagespec to 10e7beb2
* ci: write package metadata and aliases
* ci: switch to .zip artifacts
* switch package bundle back to tar.gz (from zip)
- Because of the way zip works, the zip archive was over 2GB rather than under 750MB as with tar.gz.
* bump packagespec, adds list-staged-builds
* update packagespec
* add publish stub + general tidy up
* bump packagespec
* bump packagespec; add make publish-config
* Makefile: tidy up packagespec targets
* pass PRODUCT_REPO_ROOT to packagespec
* bump go to 1.14.6
* packages-oss.yml: use more explicit base image
* bump packagespec to b899b7c1
* bump packagespec to f040ce8f
* packages-oss.yml: pin base image to digest
- This digest is pointed to by debian:buster-20200720
- Using a specific digest ensures that builds use the same
base image in all contexts
* add release-repo; bump packagespec
* remove BUILD_TAGS and -tags flag
* bump packagespec to e444f742
* bump to go1.14.7
* ci: bump to go1.14.7