* Add issuer reference info on JSON endpoint
This endpoint is unauthenticated and shouldn't contain sensitive
information. However, listing the issuers (LIST /issuers) already
returns both the issuer ID and the issuer name (if any) so this
information is safe to return here.
When fetching /pki/issuer/default/json, it would be nice to know exactly
which issuer ID and name it corresponds to, without having to fetch the
authenticated endpoint as well.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* add capabilities to pki key model
* move key list from route into component
* rename test file
* rename test file
* add tests
* pass capabilities directly to key list componente
* add test for key list component
* rename test files
* remove href assertion
* Adding an Enos test for undo logs
* fixing a typo
* feedback
* fixing typo
* running make fmt
* removing a dependency
* var name change
* fixing a variable
* fix builder
* fix product version
* adding required fields
* feedback
* add artifcat bundle back
* fmt check
* point to correct instance
* minor fix
* feedback
* feedback
- enos-run workflow will checkout the `main` branch by default, which would pass incorrect metadata to the workflow
so we use the `revision` passed by the calling workflow to checkout the sha and get the relavant metadata`
Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
* rename download service file
* rename file again
* add download-file service to engine
* refactor download button to use service
* refactor download service
* finish refactor download service, make arg order consistent: filename, content, extension
* add download button to key details
* fix flaky test?
Bad news: the hot patch we were using breaks in Go 1.19.4: 6109c07ec4
Good news: we can now patch with an environment variable at runtime.
Co-authored-by: Christopher Swenson <christopher.swenson@hashicorp.com>
We need to take a read lock when reading any of the FSM fields. Expose a
new fsm.Stats to handle a racy read and make sure we're consistently using
the f.db read lock wrappers.
The removal of the phony $(OUT) target was preventing `make ci-config`
from recognizing changes to .go-version, since it is not an explicit file target.
Reintroduce this change to get parity with ENT and fix go version bumps.
* Allow mounting external plugins with same name/type as deprecated builtins
* Add some go tests for deprecation status handling
* Move timestamp storage to post-unseal
* Add upgrade-aware deprecation shutdown and tests
When issuing a core.Shutdown(), it is common to background the shutdown
request. This allows Vault to continue cleaning up, mainly to release
the stateLock. This allows the shutdown to complete, but is inherently
racy, so the core.shutdownDoneCh needs to be made atomic.
* Return the partial success code override for all batch error types
* changelog
* docs
* Lost the actual override logic. :)
* And don't hardcode 400
* gate on success
* Initial worker pool
* Run postUnsealFuncs in parallel
* Use the old logic for P=1
* changelog
* Use a CPU count relative worker pool
* Update vault/core.go
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* Done must be called once per postUnsealFunc
* Defer is overkill
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Alexander Scheel