Commit graph

13850 commits

Author SHA1 Message Date
Austin Gebauer 437cb74c5a
Updates vault-plugin-secrets-gcp to v0.10.2 (#12379) 2021-08-19 16:33:34 -07:00
Pratyoy Mukhopadhyay 5fda05adee
[VAULT-3226] Use os.rename on windows os (#12377)
* [VAULT-3226] Use os.rename on windows os

* [VAULT-3226] Add changelog
2021-08-19 16:05:53 -07:00
Arnav Palnitkar 47d450a4b1
Handle api explorer routing error (#12354)
* Handle api explorer routing error

- For some reason when routing is done during async process, router transtionTo throws the TransitionAbortedError
- As a fix treat this particular error as success since it doesn't interfere in the routing
- Reference: https://github.com/emberjs/ember-test-helpers/issues/332

* Added changelog
2021-08-19 14:32:02 -07:00
Arnav Palnitkar 0b73135a8c
Fixed overflowing text of flash message container (#12357)
* Fixed overflowing text of flash message container

* Added changelog
2021-08-19 14:27:22 -07:00
Nick Cabatoff 124bc87381
Upgrade snappy to fix panic with identity/packer on Go 1.16+arm64. (#12371) 2021-08-19 15:51:06 -04:00
Nick Cabatoff 72499c3215
Check to make sure context isn't expired before doing a raft operation. (#12162) 2021-08-19 12:03:56 -04:00
Mike Green 16794711d5
Add agent approle method example (#12297) 2021-08-19 11:03:57 -04:00
Meggie 0328598798
Removing line about consul consistency (#12353) 2021-08-19 10:01:47 -04:00
Nick Cabatoff f7cb7a19b2
Add docs for metrics from #11472. (#12278) 2021-08-19 09:49:00 -04:00
Jason O'Donnell b55e1a31fc
creds/aws: Add support for DSA signature verification for EC2 (#12340)
* creds/aws: import pkcs7 verification package

* Add DSA support

* changelog

* Add DSA to correct verify function

* Remove unneeded tests

* Fix backend test

* Update builtin/credential/aws/pkcs7/README.md

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

* Update builtin/credential/aws/path_login.go

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
2021-08-19 09:16:31 -04:00
Calvin Leung Huang 05103627d3
dbplugin: fix error message in DeleteUser (#12351)
* dbplugin: fix error message in DeleteUser

* add changelog
2021-08-18 16:12:40 -07:00
Andrei Burd b868dac12c
Docs: k8s annotations for static_secret_render_interval (#12244)
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-08-18 13:41:16 -07:00
Chelsea Shaw 92739f494f
UI: Allow metrics view without config read (#12348)
* pass default value for defaultSpan on pricing metrics dates component

* Add changelog

* Add test for no config policy
2021-08-18 15:33:39 -05:00
John-Michael Faircloth 2b3da872b3
feature: OIDC provider scope API (#12266)
* initial commit

* add read and delete operations

* fix bug in delete and add list unit test

* func doc typo fix

* add existence check for assignment

* remove locking on the assignment resource

It is not needed at this time.

* convert Callbacks to Operations

- convert Callbacks to Operations
- add test case for update operations

* add CRUD operations and test cases

* remove use of oidcCache

* remove use of oidcCache

* add template validation and update tests

* refactor struct and var names

* harmonize test name conventions

* refactor struct and var names

* add changelog and refactor

- add changelog
- be more explicit in the case where we do not recieve a path field

* refactor

be more explicit in the case where a field is not provided

* remove extra period from changelog

* update scope path to be OIDC provider specific

* update assignment path

* update scope path

* removed unused name field

* removed unused name field

* update scope template description

* error when attempting to created scope with openid reserved name
2021-08-18 13:20:27 -05:00
Scott Miller 7fd2bdfa52
Fix a tokenization docs link fix (#12296)
* docs link typo

* Off by one relative dir
2021-08-18 13:44:25 -04:00
Clint 675e0c1383
Replace go-bindata-assetfs build dependency with native go:embed (#11208)
* copy over the webui

move web_ui to http

remove web ui files, add .gitkeep

updates, messing with gitkeep and ignoring web_ui

update ui scripts

gitkeep

ignore http/web_ui

Remove debugging

remove the jwt reference, that was from something else

restore old jwt plugin

move things around

Revert "move things around"

This reverts commit 2a35121850f5b6b82064ecf78ebee5246601c04f.

Update ui path handling to not need the web_ui name part

add desc

move the http.FS conversion internal to assetFS

update gitignore

remove bindata dep

clean up some comments

remove asset check script that's no longer needed

Update readme

remove more bindata things

restore asset check

update packagespec

update stub

stub the assetFS method and set uiBuiltIn to false for non-ui builds

update packagespec to build ui

* fail if assets aren't found

* tidy up vendor

* go mod tidy

* updating .circleci

* restore tools.go

* re-re-re-run make packages

* re-enable arm64

* Adding change log

* Removing a file

Co-authored-by: hamid ghaf <hamid@hashicorp.com>
2021-08-18 11:05:11 -04:00
Hridoy Roy 2554563268
(OSS Port) Restrict Quota Deletion to Primary Cluster [vault-2399] (#12339)
* oss part of vault 2399

* Update vault/quotas/quotas.go

Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>

* use OSS PR number as changelog entry as indicated by the changelog guide

Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2021-08-17 15:34:43 -07:00
John-Michael Faircloth 40fd60342a
feature: OIDC provider assignment API (#12198)
* initial commit

* add read and delete operations

* fix bug in delete and add list unit test

* func doc typo fix

* add existence check for assignment

* remove locking on the assignment resource

It is not needed at this time.

* convert Callbacks to Operations

- convert Callbacks to Operations
- add test case for update operations

* remove use of oidcCache

* refactor struct and var names

* harmonize test name conventions

* add changelog and refactor

- add changelog
- be more explicit in the case where we do not recieve a path field

* remove extra period from changelog

* update assignment path

* removed unused name field
2021-08-17 15:55:06 -05:00
Jason O'Donnell 5e86a34e3e
api: return parse errors if any for storage endpoints (#12338)
* logical/list: return parseErr if any

* changelog

* Add parseErr to other API endpoints

* Update 12338.txt
2021-08-17 13:19:39 -04:00
John-Michael Faircloth 30f470915f
docs: draft update guide for identity token roles (#12337) 2021-08-17 11:27:32 -05:00
Loann Le 4e3b66a2d7
Vault Documentation: Added Glossary (#12324)
* added glossary

* Update website/content/docs/glossary.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Update website/content/docs/glossary.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* modified secrets and barrier content based on feedback

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-08-16 13:08:44 -07:00
claire bontempo 5c7403e56f
UI/StatText Component (#12295)
* creates stattext component

* creates .scss file

* creates storybook

* fixes typo

* fixes readme

* adds changelog

* finishes tests
2021-08-16 11:55:12 -07:00
Jim Kalafut 75b3dec8be
Add draft upgrade guide (#12332) 2021-08-16 10:58:09 -07:00
akshya96 9defbb47e7
Vault 2176 snapshot config issue (#12317)
* removing redirect line from handler.go

* adding changelog entry

* adding changes
2021-08-16 10:12:00 -07:00
Meggie 868315d1bb
changelog++
Security updates for 1.8.0
2021-08-16 11:40:54 -04:00
Lars Lehtonen 3bb1c68996
vault: fix dropped test errors (#12242)
* vault: fix dropped test error

* vault/activity: fix dropped test error
2021-08-16 09:52:08 -04:00
Yoko Hyakuna 7cfbc0350d
[Docs] Add code example (#12302)
* Experiment adding code example

* Add Go code snippet

* Minor updates to the brief description

* Add a note to reference 'Code Example'

* Fix the title

* Add a callout note up front
2021-08-12 12:53:15 -07:00
Calvin Leung Huang d0adf67771
dep: update database-couchbase plugin to v0.4.1 (#12301)
* dep: update database-couchbase plugin to v0.4.1

* add CL entry
2021-08-12 11:54:19 -07:00
Jim Kalafut af57e56f09
Add AWS EC2 Auth known issue (#12316) 2021-08-12 10:45:32 -07:00
Pratyoy Mukhopadhyay 691a43030d
[VAULT-2822] Sort client count response (#12308) 2021-08-12 09:35:15 -07:00
Calvin Leung Huang d47db89b8b
database/cassandra: pin bitnami/cassandra docker image to 3.11 in test (#12311)
* database/cassandra: pin bitnami/cassandra docker image to 3.11 in test

* Update plugins/database/cassandra/connection_producer_test.go

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-08-11 19:11:12 -07:00
vinay-gopalan cf6932f5d5
[Docs] Add documentation for username_template feature in AWS Secrets Engine (#12310)
* add username_template docs

* remove backticks

* update default template to be readable

* undo markdown block

* add md block to render indents
2021-08-11 14:51:00 -07:00
Andrei Burd 63de67d891
Agent template static secrets docs update (#12307)
* Agent template static secrets docs update

static_secret_render_interval mention

* Update website/content/docs/agent/template.mdx

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
2021-08-11 12:30:37 -04:00
hghaf099 f885d97774
VAULT-2285 adding capability to accept comma separated entries for au… (#12126)
* VAULT-2285 adding capability to accept comma separated entries for auth enable/tune

* Adding changelog

* Adding logic to detect invalid input parameter for auth enable config

* Updating tune.mdx

* Updating secret enable/tune for comma separated parameters

* Adding further parameter checks for auth/secret tests
Fixing changelog
using builtin type for a switch statement
Fixing a possible panic scenario

* Changing a function name, using deep.Equal instead of what reflect package provides

* Fixing auth/secret enable/tune mdx files

* One more mdx file fix

* Only when users provide a single comma separated string in a curl command, split the entries by commas

* Fixing API docs for auth/mount enable/tune for comma separated entries

* updating docs, removing an unnecessary switch case
2021-08-09 15:37:03 -04:00
Meggie b43f9c10cc
Master -> Main on CL links (#12286) 2021-08-09 12:57:19 -04:00
vinay-gopalan 23770cc2a7
Update genUsername to cap STS usernames at 32 chars (#12185)
* update genUsername to cap STS usernames at 64 chars

* add changelog

* refactor tests into t.Run block

* patch: remove warningExpected bool and include expected string

* patch: revert sts to cap at 32 chars and add assume_role case in genUsername

* update changelog

* update genUsername to return error if username generated exceeds length limits

* update changelog

* add conditional default username template to provide custom STS usernames

* update changelog

* include test for failing STS length case

* update comments for more clarity
2021-08-09 09:40:47 -07:00
Theron Voran 3455adc885
docs: vault-k8s and cert-manager (#12281)
Adding an example of configuring vault-k8s to use cert-manager for
managing the webhook certs.

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
2021-08-06 17:56:15 -07:00
Austin Gebauer bf086e8dc6
auth/oidc: documents redirect URI for UI login with form_post response_mode (#12273) 2021-08-05 15:13:33 -07:00
Meggie 54e987085c
changelog++
1.9.0 preview
2021-08-05 14:06:22 -04:00
Meggie e0746e6751
Updating latest to 1.8.1 on website (#12271) 2021-08-05 12:43:51 -04:00
Nick Cabatoff 311e68f60c
update CL (#12269) 2021-08-05 12:07:05 -04:00
Meggie ccc91a5241
changelog++ 2021-08-05 11:54:12 -04:00
Austin Gebauer 53373f78ed
Updates vault-plugin-auth-jwt to v0.10.1 (#12265) 2021-08-04 13:13:02 -07:00
Loann Le 7ef0c4bde9
replaced changelog link (#12259) 2021-08-04 12:07:22 -07:00
Calvin Leung Huang 4546318eb7
changelog: remove 12251 entry (#12256) 2021-08-04 11:11:21 -07:00
John-Michael Faircloth 0d94a6530f
identity: allow creating a role with a non-existent key (#12251)
* identity: allow creating a role with a non-existent key

* remove whitespace

* add changelog
2021-08-04 11:01:13 -07:00
Meggie df1ad39083
Updating SDK version for 1.9 dev (#12246) 2021-08-04 11:47:06 -04:00
Meggie 6a32c01c8a
Updating go version to 1.16.6 for security fix (#12245)
* Updating go version to 1.16.6 for security fix

* Changelog
2021-08-04 11:30:43 -04:00
Mike Green 65c449063b
Add link to Learn's usage tutorial (#11199)
* Add link to Learn's usage tutorial

* Update website/content/docs/commands/operator/usage.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2021-08-03 16:19:09 -07:00
Jim Kalafut 0c678f14a0
Add link to plugin upgrade instructions (#12043) 2021-08-03 15:58:17 -07:00