* fix console formatting for help output
* fix again
* fix again
* fix, add to ignore
* fix, add to ignore
* add to ignore file
* fix formatting, no verify
* remove lib/story.md
* add changelog
* hold off updating ignore list for separate ticket
* fix test
The extra core setup is no longer needed in Vault Enterprise, and the
licensing code here has no effect here or in Vault Enterprise.
I pulled this commit into Vault Enterprise and it still compiled fine,
and all tests pass. (Though a few functions can be deleted there as
well after this is merged.)
When reading the config, we attempt to detect if the running Vault
instance has been changed from its Enterprise status on write.
Similarly, we should detect if the mount is a local mount instead. While
this isn't changeable at runtime, using sys/raw to side-load an invalid
config could be possible.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Sometimes the tests will modify the client to set a namespace; this
results in testhelpers sometimes trying to access sys/ endpoints with a
namespace, which usually don't work well.
Detect an unset namespaces, if present, before executing, and restore
afterwards so as not to affect the tests.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Log, don't err, on unified delta WAL write failure
When the PBPWF fails on the Active node of a PR Secondary cluster with a
read-only failure, there is no value in forwarding this request up to
the Active node of the PR Primary cluster: it does not have the local
revocation context necessary to write a Delta WAL entry for this
request, and would likely end up writing a cross-cluster revocation
entry (if it is enabled) or else erring completely.
Instead, log this error like we do when failing to write unified CRL
entries. Switch both to using Error instead of Debug for this type of
failure.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
When testing the Rollback Manager's one-time invocation in Enterprise,
it was noticed that due to the channel being closed, we'd always hit
this case and thus spam logs rather quickly with this message.
Switch to a boolean flip to log this once, as it is not executed in
parallel and thus doesn't need a sync.Once.
This only affected anyone calling the test core's
StopAutomaticRollbacks() helper.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Please see https://github.com/hashicorp/vault/pull/19319 for more details on how this will affect the generated OpenAPI schema.
____
### The following OperationID's will be generated for GitHub auth:
github-read-configuration
github-configure
github-log-in
github-read-teams
github-read-team-mapping
github-write-team-mapping
github-delete-team-mapping
github-read-users
github-read-user-mapping
github-write-user-mapping
github-delete-user-mapping
Please see #19319 for more details on how this will affect the generated OpenAPI schema.
___
The following OperationID's will be generated for Nomad plugin:
nomad-read-access-configuration
nomad-configure-access
nomad-delete-access-configuration
nomad-read-lease-configuration
nomad-configure-lease
nomad-delete-lease-configuration
nomad-generate-credentials
nomad-list-roles
nomad-read-role
nomad-write-role
nomad-delete-role
I was wondering why the default VaultAuth CR was not created. It was due the fact that I copy/pasted the snippet from the docs here, which has the wrong key.
* update index.mdx with correct installation doc ref
update index.mdx with installation doc ref to point to the right installation.mdx path
* Update installation ref
Update installation ref
* Update index ref without relative path
Update installation doc index ref without relative path
