luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
17,511 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

639 Commits

Author SHA1 Message Date
Marc Boudreau 84238dee52
Introduce GitHub Actions CI Workflow (#19449) 
* Migrate subset of CircleCI ci workflow to GitHub Actions

Runs test-go and test-go-remote-docker with a static splitting of test packages

* [skip actions] add comment to explain the purpose of test-generate-test-package-lists.sh and what to do if it fails

* change trigger to push

---------

Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
 2023-03-06 16:57:55 -05:00
Nick Cabatoff 89f31aca48
Revert "updated raft-autopilot to v0.2.0 (#17848)" (#19353) 
This reverts commit 21cab77be8df948af147c11758f7fa0620ae8be6.
 2023-02-24 14:24:32 -05:00
Tom Proctor 5b52184766
Update x/net and x/crypto/ssh (#19282) 
* Update x/net and x/crypto/ssh in api and sdk

* go mod tidy in root go module
 2023-02-22 13:46:12 +00:00
Anton Averchenkov e5770359b5
Simplify gen_openapi.sh script (#19245) 
* Simplify gen_openapi.sh script

* Update scripts/gen_openapi.sh

Co-authored-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* use correct import

---------

Co-authored-by: Daniel Huckins <dhuckins@users.noreply.github.com>
 2023-02-17 14:48:05 -05:00
Christopher Swenson 404d7a57bb
events: WS protobuf messages should be binary (#19232) 
The [WebSockets spec](https://www.rfc-editor.org/rfc/rfc6455) states
that text messages must be valid UTF-8 encoded strings, which protobuf
messages virtually never are. This now correctly sends the protobuf events
as binary messages.

We change the format to correspond to CloudEvents, as originally intended,
and remove a redundant timestamp and newline.

We also bump the eventlogger to fix a race condition that this code triggers.
 2023-02-17 11:38:03 -08:00
Scott Miller ccab6ab676
Update go-kms-wrapping and it's gcpc wrapper to pick up google-cloud-go migration (#19219) 2023-02-16 11:21:25 -06:00
mickael-hc f144c8c239
bump dev depenendencies (#19140) 
reduces alert noise
 2023-02-13 10:31:43 -05:00
Austin Gebauer 1b4bbe2b5b
upgrade vault-plugin-database-mongodbatlas to v0.9.0 (#19153) 2023-02-11 00:57:18 +00:00
Tom Proctor eb1d58257c
Bump kv plugin v0.14.0->v0.14.2 (#19145) 2023-02-10 21:42:05 +00:00
Austin Gebauer 12871c1974
upgrade vault-plugin-secrets-alicloud to v0.14.1 (#19128) 2023-02-10 09:32:46 -08:00
Austin Gebauer cf5abe021f
upgrade vault-plugin-secrets-alicloud to v0.14.0 (#19118) 2023-02-10 09:13:04 -08:00
Hamid Ghaf 4822d4ab6d
replace existing zookeeper import with an actively maintained one (#19086) 
* replace existing zookeeper import with an actively maintained one

* remove empty lines
 2023-02-10 11:56:27 -05:00
Kuba Wieczorek db6cb78a22
Use new sdk and api versions (#19126) 2023-02-10 10:40:47 -05:00
kpcraig 5b5f575d1c
fix: upgrade vault-plugin-secrets-kubernetes to v0.3.0 (#19084) 
* fix: upgrade vault-plugin-secrets-kubernetes to v0.3.0

* add changelog
 2023-02-10 10:23:31 -05:00
kpcraig e83bb669e0
fix: upgrade vault-plugin-auth-kubernetes to v0.15.0 (#19094) 
* fix: upgrade vault-plugin-auth-kubernetes to v0.15.0

* add changelog
 2023-02-10 10:23:11 -05:00
Austin Gebauer 98b8f5e126
upgrade vault-plugin-database-redis to v0.2.0 (#19112) 2023-02-09 14:39:15 -08:00
John-Michael Faircloth 3d79a13976
fix: upgrade vault-plugin-secrets-mongodbatlas to v0.9.1 (#19111) 
* fix: upgrade vault-plugin-secrets-mongodbatlas to v0.9.1

* add changelog

* Update changelog/19111.txt

Co-authored-by: Max Coulombe <109547106+maxcoulombe@users.noreply.github.com>

* use correct plugin type in changelog

---------

Co-authored-by: Max Coulombe <109547106+maxcoulombe@users.noreply.github.com>
 2023-02-09 15:55:42 -06:00
Christopher Swenson 7d3d404ee2
events: Add websockets and command (#19057) 
Also updates the event receieved to include a timestamp.
Websockets support both JSON and protobuf binary formats.

This can be used by either `wscat` or the new
`vault events subscribe`:

e.g.,
```sh
$ wscat -H "X-Vault-Token: $(vault print token)" --connect ws://127.0.0.1:8200/v1/sys/events/subscribe/abc?json=true
{"event":{"id":"5c5c8c83-bf43-7da5-fe88-fc3cac814b2e", "note":"testing"}, "eventType":"abc", "timestamp":"2023-02-07T18:40:50.598408Z"}
...
```

and

```sh
$ vault events subscribe abc
{"event":{"id":"5c5c8c83-bf43-7da5-fe88-fc3cac814b2e", "note":"testing"}, "eventType":"abc", "timestamp":"2023-02-07T18:40:50.598408Z"}
...
```

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
 2023-02-09 13:18:58 -08:00
Christopher Swenson 7949d10177
fix: upgrade vault-plugin-auth-centrify to v0.14.0 (#19107) 2023-02-09 11:15:00 -08:00
Austin Gebauer 84c4c12dd9
upgrade vault-plugin-secrets-openldap to v0.10.0 (#19108) 2023-02-09 10:37:58 -08:00
Scott Miller 78522ed923
Update specific wrappers to v2.0.7 (#19101) 
* Update go-kms-wrapping to v2.0.7

* Update specific wrappers to v2.0.7

* Attempt to fix aead
 2023-02-09 12:19:50 -06:00
Tom Proctor b24e3cc6b0
Bump go-plugin version 1.4.5->1.4.8 (#19100) 2023-02-09 17:24:55 +00:00
Theron Voran 892ad3ebf0
auth/cf: update plugin to v0.14.0 (#19098) 2023-02-09 08:40:51 -08:00
Austin Gebauer 40063640fe
upgrade vault-plugin-secrets-azure to v0.15.0 (#19096) 
* upgrade vault-plugin-secrets-azure to v0.15.0

* adds changelog
 2023-02-08 23:54:02 +00:00
Christopher Swenson 8e24415a51
fix: upgrade vault-plugin-auth-oci to v0.13.1 (#19088) 2023-02-08 15:36:42 -08:00
vinay-gopalan 8927ab0911
upgrade vault-plugin-auth-azure to v0.13.0 (#19077) 2023-02-08 14:15:48 -08:00
Austin Gebauer e04a3d21a1
upgrade vault-plugin-auth-jwt to v0.15.0 (#19076) 
* upgrade vault-plugin-auth-jwt to v0.15.0

* adds changelog
 2023-02-08 12:29:48 -08:00
Max Coulombe d9a2f33b69
update vault-plugin-secrets-kv to v0.14.0 (#19056) 
* update vault-plugin-secrets-kv to v0.14.0

* + added changelog
 2023-02-08 09:48:46 -05:00
Theron Voran 79d87b415b
secrets/gcpkms: upgrade to v0.14.0 (#19063) 2023-02-07 18:30:53 -08:00
Robert d52149ed60
secrets/ad: update plugin version (#19061) 
* Update ad secrets plugin version
 2023-02-07 20:06:53 -06:00
Robert a595dbd072
secrets/terraform: update plugin version (#19059) 2023-02-07 20:04:03 -06:00
John-Michael Faircloth 85438435c4
fix: upgrade vault-plugin-auth-kerberos to v0.9.0 (#19060) 2023-02-07 17:07:09 -06:00
Max Coulombe f28e973a7d
fix: upgrade vault-plugin-database-elasticsearch to v0.13.0 (#19050) 2023-02-07 17:11:44 -05:00
Max Coulombe 788c4aff67
fix: upgrade vault-plugin-auth-gcp to v0.15.0 (#19049) 2023-02-07 16:12:32 -05:00
Max Coulombe 3bce13e5fc
upgrade vault-plugin-database-redis-elasticache to v0.2.0 (#19044) 
* fix: upgrade vault-plugin-database-redis-elasticache to v0.2.0

* + added cahngelog
 2023-02-07 16:11:52 -05:00
Max Coulombe 5e91770d51
fix: upgrade vault-plugin-secrets-gcp to v0.15.0 (#19018) 
* upgrade vault-plugin-secrets-gcp to v0.15.0
 2023-02-07 13:46:07 -05:00
kpcraig 5d1869d6fe
fix: upgrade vault-plugin-database-snowflake to v0.7.0 (#18985) 2023-02-07 10:24:46 -05:00
miagilepner c49d180bc8
VAULT-13169 Require go docs for all new test functions (#18971) 
* example for checking go doc tests

* add analyzer test and action

* get metadata step

* install revgrep

* fix for ci

* add revgrep to go.mod

* clarify how analysistest works
 2023-02-07 10:41:04 +01:00
John-Michael Faircloth d0bf019be5
fix: upgrade vault-plugin-secrets-mongodbatlas to v0.9.0 (#19012) 2023-02-06 16:54:18 -06:00
John-Michael Faircloth aacaddc3c4
fix: upgrade vault-plugin-auth-alicloud to v0.14.0 (#19005) 
* fix: upgrade vault-plugin-auth-alicloud to v0.14.0

* add changelog
 2023-02-06 16:15:26 -06:00
Nick Cabatoff 53afd2627b
Make API not depend on SDK (#18962) 2023-02-06 09:41:56 -05:00
Ben Ash e87e4f01d7
fix: upgrade vault-plugin-database-couchbase to v0.9.0 (#18999) 2023-02-03 23:17:44 +00:00
Chris Capurso 53390eaddf
Add ClusteName to GetClusterStatus response (#18950) 
* bump github.com/hashicorp/vault/vault/hcp_link/proto

* add ClusterName to GetClusterStatus response
 2023-02-02 09:27:55 -05:00
Rachel Culpepper c151d5fd58
Vault-11713: Add the ability for transit to use managed keys (#18844) 
* add the ability for transit to use managed keys

* add fields for rotate

* reorganize managed keys for better error messaging

* add aad for managed keys

* change encrypting key interface

* fix import error

* fix fmt errors

* move managed key rotation to a separate function

* fix fmt issue

* fix import error

* fix go.mod issue

* fix go.mod

* remove extra rotate param

* fix locking issue in rotation

* fix errors in policy tests

* move managed key params to fit existing policy functions

* fix sign and verify

* fix policy tests

* fix test error
 2023-01-27 13:39:58 -06:00
Alexander Scheel 2f5c7458b2
Update x/crypto + x/net (#18794) 
* Update golang.org/x/crypto version

go get -u golang.org/x/crypto && go mod tidy

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update golang.org/x/crypto version in api

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update golang.org/x/crypto version in sdk

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
 2023-01-23 19:11:04 +00:00
Anton Averchenkov 7097166b77
Update vault and api/auth submodules to use api/v1.8.3 (#18773) 2023-01-20 11:44:03 -05:00
Anton Averchenkov 74b591c2c3
Update api & vault to use sdk v0.7.0 (#18765) 2023-01-19 15:21:10 -05:00
Josh Black c9763996d4
Enable undo logs by default (#18692) 
* Enable undo logs by default

* add consul test

* update go.mod/sum

* add a better non-existent key
 2023-01-17 13:38:18 -08:00
Christopher Swenson b95beeb675
Add basic event bus broker stub (#18640) 
Creates a new `eventbus` package under `vault` with
an implementation of the `go-eventlogger` broker.

Also creates a stub of a common broker that will be accessible
in the core, and creates a simple event sending interface.
 2023-01-17 13:34:37 -08:00
Ben Ash 3ff530e001
auth/kubernetes: upgrade to v0.14.1 (#18716) 2023-01-13 19:00:18 -05:00
Ben Ash 02018f1d1d
Revert "auth/kubernetes: upgrade to v0.14.1 (#18711)" (#18715) 
This reverts commit ed244a9263255affa797fe032a5b103d7ae41891.
 2023-01-13 18:17:12 -05:00
Ben Ash 6bcd9f4458
auth/kubernetes: upgrade to v0.14.1 (#18711) 2023-01-13 17:15:35 -05:00
Chris Capurso 03b23a7970
VAULT-12548: Fix data races in Link status reporting (#18674) 
* pin hcp-scada-provider

* fix link reportStatus data race

* go get hcp-scada-provider@v0.2.1
 2023-01-12 15:10:34 -05:00
Mike Palmiotto 43a78c85f4
Mark deprecated builtins Removed (#18039) 
* Remove logical database builtins

* Drop removed builtins from registry keys

* Update plugin prediction test

* Remove app-id builtin

* Add changelog
 2023-01-09 09:16:35 -05:00
Chris Capurso bb0c92afe7
VAULT-11829: Add cluster status handler (#18351) 
* go get link proto @vault-11829-meta-get-cluster-status

* add HA status

* add HAEnabled method

* add raft config

* allocate HA nodes based on actual count

* add raft autopilot status

* add raft quorum warnings

* add ClusterID method

* add StorageType

* add ClusterID

* update github.com/hashicorp/vault/vault/hcp_link/proto

* add changelog entry

* fix raft config panic

* remove "Warning" quorum message prefix

* add error wrapping

* add Core.HAStateWithLock method

* reduce quorum warnings to single string

* fix HCP_API_HOST test env var check

* Revert "fix HCP_API_HOST test env var check"

This reverts commit 97c73c4798b77b84aea84f341f2c63c4d657914d.
 2023-01-06 17:06:54 -05:00
vinay-gopalan bbd8ac9bbf
Upgrade `go.opentelemetry.io/otel` from v0.20.0 to v1.11.2 (#18589) 2023-01-04 11:31:30 -08:00
Theron Voran 49e97a09a6
secrets/kubernetes: updating to latest plugin (#18587) 
go get github.com/hashicorp/vault-plugin-secrets-kubernetes@main
go mod tidy
 2023-01-03 15:32:30 -08:00
mickael-hc a8d8bf7c9d
update x/net (#18483) 2022-12-19 17:52:28 -05:00
Chris Capurso 42f36605c7
use meta and link_control from link proto (#18290) 2022-12-09 12:35:06 -05:00
Chris Capurso cf4b340e50
go mod tidy (#18276) 2022-12-08 15:41:29 -05:00
Chris Capurso 4dc5155c5f
Link OSS (#18228) 
* add Link config, init, and capabilities

* add node status proto

* bump protoc version to 3.21.9

* make proto

* adding link tests

* remove wrapped link

* add changelog entry

* update changelog entry
 2022-12-08 15:02:18 -05:00
Peter Wilson 21a8bcaa7b
Updated go-hclog to v1.4.0 to allow access to GetLevel. Refactored TranslateLoggerLevel (#18260) 2022-12-07 14:25:54 +00:00
John-Michael Faircloth 5c4e148ce2
auth/alicloud: update dependencies (#18021) 
* auth/alicloud: update dependencies

* add changelog
 2022-11-17 15:00:34 -06:00
Michael Anthony aa74bd7ed7
[QT-309] Resolve AWS config before testing ACC (#17949) 
* Check to resolve AWS config before testing ACC

* Adjust wording of error to be more clear
 2022-11-17 11:55:27 -07:00
vinay-gopalan adc8f9a20e
secrets/azure: update dependencies (#17964) 2022-11-16 13:57:07 -08:00
Max Coulombe ed1efc7f91
Updated secrets-gcp dependency (#17871) 
+ updated secrets-gcp dependency
+ added changelog
 2022-11-10 13:15:46 -05:00
Austin Gebauer 5e85624498
auth/azure: upgrades dependencies (#17857) 2022-11-09 10:24:51 -08:00
Max Coulombe 818693be89
Updated auth-gcp plugin (#17858) 
* updated auth-gcp plugin
+ added changelog
 2022-11-09 12:00:24 -05:00
Peter Wilson d2e0f771ef
updated raft-autopilot to v0.2.0 (#17848) 
* updated raft-autopilot to v0.2.0

* Add changelog
 2022-11-08 13:51:27 +00:00
Robert d807b5abba
secrets/aws: update dependencies (#17747) 
* Update AWS secrets deps
 2022-11-01 16:01:20 -05:00
Violet Hynes 6d9ea2862e
VAULT-8519 fix spurious "unknown or unsupported fields" warnings for JSON config (#17660) 
* VAULT-8519 add tests for HCL unknown field bug

* VAULT-8519 upversion hcl

* VAULT-8519 include correct comitts in tag

* VAULT-8519 Add changelog
 2022-10-27 10:28:03 -04:00
AnPucel ed1928ca61
Update vault to v1.8.1 (#17516) 
* Update vault to v1.8.1

* Updating api/auth to use new version of api
 2022-10-20 11:56:55 -07:00
Calvin Leung Huang 9e6256178e
database/snowflake: update plugin to v0.6.1 (#17593) 
* database/snowflake: update plugin to v0.6.1

* add changelog entry
 2022-10-18 15:49:37 -07:00
Christopher Swenson e36e0a59a8
Update httpguts for GO-2022-0236 fix (#17520) 
[`govulncheck`](https://go.dev/blog/vuln) reports that the `api` package
has a call chain that includes
`golang.org/x/net/http/httpguts.HeaderValuesContainsToken`, a vulnerable
function.
 2022-10-12 15:02:54 -07:00
Peter Wilson 138c516498
Update plugin consul template v0.29.5 (#17419) 
* Updated consul-template to v0.29.5
 2022-10-04 22:34:28 +01:00
Violet Hynes 6fddb953e9
VAULT-8631 Upgrade vault-plugin-secrets to v0.13.3, to enable synchronous KVV2 creation (#17406) 
* VAULT-8631 Upgrade vault-plugin-secrets to v0.13.2

* VAULT-8631 Update version, go mod tidy

* VAULT-8631 Add changelog
 2022-10-04 13:54:38 -04:00
Peter Wilson e307450c63
fix: upgrade vault-plugin-secrets-kv to v0.13.1 (#17339) 
* fix: upgrade vault-plugin-secrets-kv to v0.13.1

* Added changelog

* Update changelog/17339.txt

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
 2022-09-28 18:36:10 +01:00
Alexander Scheel 3015689848
Update tlsutil to v0.1.2 for ecdsa algo naming (#17282) 
* Update tlsutil in sdk

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update tlsutil in API

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update tlsutil to v0.1.2 for ecdsa algo naming

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
 2022-09-23 08:28:40 -04:00
Yoan Blanc fa8f7c793f
fix: PGP subkeys support (#16224) 
* fix: PGP subkeys support

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>

* fix: bump ProtonMail/go-crypto

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>

* fix: bump ProtonMail/go-crypto

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
 2022-09-22 09:12:41 -04:00
Milena Zlaticanin 6593466b3e
secret/database/redis: upgrade plugin to v0.1.0 (#17270) 2022-09-21 19:39:50 -05:00
Tom Proctor 4e51491f7a
Upgrade vault-plugin-auth-alicloud to v0.13.0 (#17251) 2022-09-21 21:05:18 +01:00
Kit Haines 45cb910d0b
Try to bring versions of gofumpt to be the same (so running make bootstrap doesn't change version of gofumpt needed for make fmt) (#17254) 2022-09-21 12:57:34 -04:00
Steven Clark a231f68549
Update Vault on main to pull in SDK 1.13 version bump (#17240) 2022-09-20 16:08:06 -04:00
Steven Clark bd27bdba5a
update vault to api/v1.8.0 (#17227) 2022-09-20 10:31:08 -04:00
Steven Clark b7c4c80a5c
update api to use sdk/v0.6.0 (#17224) 2022-09-20 10:11:29 -04:00
Tom Proctor abfeb59646
Upgrade vault-plugin-auth-centrify to v0.13.0 (#17195) 2022-09-20 06:05:50 -04:00
Christopher Swenson 5a8a896b5a
fix: upgrade vault-plugin-database-elasticsearch to v0.12.0 (#17203) 2022-09-19 14:46:23 -07:00
Christopher Swenson 4ad2dcbfe3
fix: upgrade vault-plugin-database-couchbase to v0.8.0 (#17205) 2022-09-19 14:12:33 -07:00
Robert b8afefbc6a
secrets/ad: update plugin to v0.14.0 (#17214) 2022-09-19 16:03:17 -05:00
Ben Ash d76dbeead1
fix: upgrade vault-plugin-auth-oci to v0.12.0 (#17212) 2022-09-19 13:34:44 -07:00
Milena Zlaticanin f115a3929f
secrets/mongodbatlas: upgrade plugin to v0.8.0 (#17211) 2022-09-19 15:13:36 -05:00
Tom Proctor f7fdb7b7d0
Upgrade vault-plugin-auth-cf to v0.13.0 (#17196) 2022-09-19 19:24:24 +01:00
Tom Proctor bc5ac79928
Upgrade vault-plugin-auth-azure to v0.12.0 (#17194) 2022-09-19 19:22:09 +01:00
Ben Ash adf9b7eca0
fix: upgrade vault-plugin-secrets-alicloud to v0.13.0 (#17201) 2022-09-19 10:39:36 -07:00
Christopher Swenson 17fd8ad465
fix: upgrade vault-plugin-database-mongodbatlas to v0.8.0 (#17200) 2022-09-19 10:16:20 -07:00
vinay-gopalan f0d3cbaa43
bump secrets/azure to v0.14.0 (#17180) 2022-09-19 10:02:57 -07:00
Ben Ash bc8ab07b28
fix: upgrade vault-plugin-secrets-gcpkms to v0.13.0 (#17199) 2022-09-19 12:56:56 -04:00
vinay-gopalan fdebc2c2c3
bump secrets/kv to v0.13.0 (#17175) 2022-09-19 09:40:52 -07:00
Steven Clark 7f3dd736c9
Update OSS dependencies to match newer versions that ENT is using (#17188) 2022-09-19 10:33:36 -04:00
Steven Clark 05a5928b8d
Update missing go-kms-wrapping v2 dep and address some ENT->OSS drift (#17178) 
* Update missing go-kms-wrapping v2 dep and address some ENT->OSS drift

* Bump go-kms-wrapping/wrappers/gcpckms/v2 to v2.0.1
 2022-09-19 10:23:40 -04:00