* initial upgrade running ember-cli-update --to 3.28
* bumps node-sass version
* fragments bump
* fixes overriding errors prop on policy model causing issues
* bumps some addon versions related to Ember Global deprecation warning on build
* bumps back ember-test-selectors version for now
* removes ember-promise-helpers addon and creates await helper
* upgrades ember-template-lint and adds prettier plugin
* Ember 3.28 Upgrade Lint Fixes (#14890)
* fixes js lint errors
* fixes hbs lint errors
* allow multiple node versions for now to get tests runinng
* fixes tests
* Upgrade ember-test-selectors (#14937)
* updates ember-test-selectors, ember-cli-page-object and ember-cli-string-helpers
* adds attributeBindings to classic components with data-test property
* glimmerizes toolbar-link component and removes data-test args
* glimmerizes toolbar-secret-link and secret-link components and removes data-test and class args
* glimmerizes linked-block component
* glimmerizes toggle-button component
* updates toggle-button test
* fixes remaining test selector issues
* comments out test assertions related to cp-validations bug
* adds todo to comment
* Model Validations (#14991)
* adds model-validations decorator and validators util
* converts key-mixin to decorator
* updates models to use validations decorator instead of ember-cp-validations
* updates invocation of model validations
* removes ember-cp-validations
* reverts secret-v2 model updates
* adds initials to TODO comment
* flight-icons (#14993)
* flight-icons
* basic dropdown
* UI/merge main (#14997)
* Vault documentation: changing references from learn to tutorial (#14844)
* changed learn to tutorial references
* changed learn to tutorial
* Update website/content/docs/plugins/plugin-portal.mdx
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* Update website/content/docs/platform/aws/run.mdx
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* UI/Only show form values if have read access (#14794)
* only show value in edit form if has read capabilities
* revert messing with form
* delete secret data from secret
* add check for selected version
* remove added line
* add changelog
* modified text (#14854)
* fixed a link issue (#14850)
* docs: add known issue to 1.10 release notes (#14859)
* Vault 3999 Change permissions for directory/archive created by debug command (#14846)
* adding debug changes from ent
* adding changelog
* Vault 3992 ToB Config and Plugins Permissions (#14817)
* updating changes from ent PR
* adding changelog
* fixing err
* fixing semgrep error
* updated references from learn to tutorial (#14866)
* updated references from learn to tutorial (#14867)
* changed reference from learn to tutorial (#14868)
* Fix handling of default zero SignatureBits value with Any key type in PKI Secrets Engine (#14875)
* Correctly handle minimums, default SignatureBits
When using KeyType = "any" on a role (whether explicitly or implicitly
via a sign-verbatim like operation), we need to update the value of
SignatureBits from its new value 0 to a per-key-type default value. This
will allow sign operations on these paths to function correctly, having
the correctly inferred default signature bit length.
Additionally, this allows the computed default value for key type to be
used for minimum size validation in the RSA/ECDSA paths. We additionally
enforce the 2048-minimum in this case as well.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix defaults and validation of "any" KeyType
When certutil is given the placeholder any keytype, it attempts to
validate and update the default zero value. However, in lacking a
default value for SignatureBits, it cannot update the value from the
zero value, thus causing validation to fail.
Add more awareness to the placeholder "any" value to certutil.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add role-based regression tests for key bits
This adds regression tests for Key Type, Key Bits, and Signature Bits
parameters on the role. We test several values, including the "any"
value to ensure it correctly restricts key sizes.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add sign-verbatim test for key type
This ensures that we test sign-verbatim against a variety of key types.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Subtle docs change for allow_store_key (#14889)
* Subtle docs change for allow_store_key
* errant space
* Adds Vault version prerelease and metadata to logical.PluginEnvironment (#14851)
* docs: fix formatting on plugin upgrade page (#14874)
* docs: fix formatting on plugin upgrade page
* fix more formatting issues
* Update CC docs (#14714)
* Update CC docs
* Add sample response
* Address review feedback
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Meggie <meggie@hashicorp.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Minor edits
* Update partial month API
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
* Docs improvements for Managed Keys (#14756)
* Add more color around managed keys in their concepts page, and create additional links between
the various docs pages related to them.
* Typos
* sdk/useragent: plugin version string consistent with Vault version string (#14912)
* clean up (#14911)
* website: fix usages of img tag (#14910)
* fix usages of img tag and integrate dev-portal workflows
* Adjust Makefile
* remove mount_accessor from the docs (#14927)
* Add extra test coverage to PKI (#14767)
* Add PKI test for delete role
- Create a role, validate that defaults are what we expect
and delete the role, verifying it is gone on subsequent read
attempts.
* Add PKI test for crl/rotate command
- Missing a unit test that validates the crl/rotate command works. The test validates the rotate command was successful
by checking if we have a different/new update time on the CRL.
* Rework PKI TestBackend_PathFetchValidRaw test to not write directly to storage
- Rework the existing test to not write directly to storage as we might change that in the future.
- Add tests that validate the ca_chain behaviour of not returning the root authority cert
* PR Feedback
* Additional PR feedback
* Use WriteWithContext in auth helpers (#14775)
* Add ability to pass certificate PEM bytes to vault/api (#14753)
* Respect increment value in grace period calculations (api/LifetimeWatcher) (#14836)
* Mount flag syntax to mitigate confusion from KV-v2 path discrepancies (#14807)
* Add explanation to help text and flag usage text
* KV get with new mount flag
* Clearer naming
* KV Put, Patch, Metadata Get + corresponding tests
* KV Delete, Destroy, Rollback, Undelete, MetadataDelete, MetadataPatch, MetadataPut
* Update KV-v2 docs to use mount flag syntax
* Add changelog
* Run make fmt
* Clarify deprecation message in help string
* Address style comments
* Update vault-plugin-auth-gcp to newest pseudo-version (#14923)
* docs: added hello-vault-spring repo link to developer-qs.mdx. (#14928)
* Update developer-qs.mdx
docs: added link to Java / Spring Boot sample app repo in developer quick start.
* removed space.
* trigger ci
Co-authored-by: taoism4504 <loann@hashicorp.com>
* OIDC Login Bug (#14916)
* fixes issue logging in with oidc from listed auth path tab
* adds changelog entry
* adds more tests for oidc auth workflow
* updates oidc auth method test to use non-standard path
* Fix handling of SignatureBits for ECDSA issuers (#14943)
When adding SignatureBits control logic, we incorrectly allowed
specification of SignatureBits in the case of an ECDSA issuer. As noted
in the original request, NIST and Mozilla (and others) are fairly
prescriptive in the choice of signatures (matching the size of the
NIST P-curve), and we shouldn't usually use a smaller (or worse, larger
and truncate!) hash.
Ignore the configuration of signature bits and always use autodetection
for ECDSA like ed25519.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Bug Fix and Glimmerize secret-edit component (#14941)
* inital glimmerize
* wip
* wip
* wip
* fix maybeQueryRecord
* fix
* fix
* fix test
* cleanup
* add changelog
* clean up
* Agent error log level is mismatched (#14424)
* [VAULT-1618] Agent error log level is mismatched
`logLevelToStringPtr` translates `go-hclog`'s `ERROR` to `"ERROR"` for
Consul Template's runner, but that expects `ERR` and is quite strict
about it.
This will address https://github.com/hashicorp/vault-k8s/issues/223
after it is set as the default image in `vault-k8s`.
I didn't find a simple way to test this other than starting up a full
server and agent and letting them run, which is unfortunately fairly
slow.
I confirmed that this addresses the original issue by modifying the helm
chart with the values in this commit and patching the log level to `err`.
* VAULT-1618 Add changelog/14424.txt
* VAULT-1618 Update changelog/14424.txt based on @kalafut suggestion
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
* VAULT-1618 Move cancel and server stop into defer in tests
* VAULT-1618 Triggering CircleCI tests
* VAULT-1618 Replace ioutil with os functions for agent template tests
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
* UI/Add months to activity serializer (#14942)
* add mock monthly data to mirage handler
* add months to serializer for activity response
* change selectors
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* clean up serializer
* please stop being flakey <3
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* Revert the WithContext changes to vault tests (#14947)
* adding env var (#14958)
* Fix dead link for JWT supported algorithms (#14953)
* Don't clone OutputCurlString value (#14968)
* Don't clone OutputCurlString value, add flag to docs
* Add changelog
* Ensure initialMmapSize is 0 on Windows (#14977)
* ensure initialMmapSize is 0 on windows
* add changelog
* Vault 3992 documentation changes (#14918)
* doc changes
* adding config changes
* adding chnages to plugins
* using include
* making doc changes
* adding newline
* aws auth displayName (#14954)
* set displayName to include RoleSessionName
* Add Windows error (#14982)
* Warnings indicating ignored and replaced parameters (#14962)
* Warnings indicating ignored and replaced parameters
* Avoid additional var creation
* Add warnings only if the response is non-nil
* Return the response even when error is non-nil
* Fix tests
* Rearrange comments
* Print warning in the log
* Fix another test
* Add CL
* Fix edit capabilities call in auth method (#14966)
* Fix edit capabilities call in auth method
- Capabilities call was not getting triggered correctly as apiPath
method was missing the correct context.
* Added changelog
* make linting fix
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Scott Miller <smiller@hashicorp.com>
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
Co-authored-by: VAL <val@hashicorp.com>
Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
Co-authored-by: mryan-hashi <88851444+mryan-hashi@users.noreply.github.com>
Co-authored-by: taoism4504 <loann@hashicorp.com>
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
Co-authored-by: Christopher Swenson <swenson@swenson.io>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Jose Estrada <jose.estrada@tradeshift.com>
Co-authored-by: Arnav Palnitkar <arnav@hashicorp.com>
* skips kmip tests with concurrency issues for now
* changelog
* skips another test
* Remove ModelWrap Component (#15001)
* removes ModelWrap component which was not working in Ember 3.28
* removes kmip test skips
* updates role controller class name
* adds annotations to model-validations file
* pr feedback
* lint fixes after main merge
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Scott Miller <smiller@hashicorp.com>
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
Co-authored-by: VAL <val@hashicorp.com>
Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
Co-authored-by: mryan-hashi <88851444+mryan-hashi@users.noreply.github.com>
Co-authored-by: taoism4504 <loann@hashicorp.com>
Co-authored-by: Christopher Swenson <swenson@swenson.io>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Jose Estrada <jose.estrada@tradeshift.com>
Co-authored-by: Arnav Palnitkar <arnav@hashicorp.com>
* Update browserslist
* Add browserslistrc
* ember-cli-update --to 3.26, fix conflicts
* Run codemodes that start with ember-*
* More codemods - before cp*
* More codemods (curly data-test-*)
* WIP ember-basic-dropdown template errors
* updates ember-basic-dropdown and related deps to fix build issues
* updates basic dropdown instances to new version API
* updates more deps -- ember-template-lint is working again
* runs no-implicit-this codemod
* creates and runs no-quoteless-attributes codemod
* runs angle brackets codemod
* updates lint:hbs globs to only touch hbs files
* removes yield only templates
* creates and runs deprecated args transform
* supresses lint error for invokeAction on LinkTo component
* resolves remaining ambiguous path lint errors
* resolves simple-unless lint errors
* adds warnings for deprecated tagName arg on LinkTo components
* adds warnings for remaining curly component invocation
* updates global template lint rules
* resolves remaining template lint errors
* disables some ember specfic lint rules that target pre octane patterns
* js lint fix run
* resolves remaining js lint errors
* fixes test run
* adds npm-run-all dep
* fixes test attribute issues
* fixes console acceptance tests
* fixes tests
* adds yield only wizard/tutorial-active template
* fixes more tests
* attempts to fix more flaky tests
* removes commented out settled in transit test
* updates deprecations workflow and adds initializer to filter by version
* updates flaky policies acl old test
* updates to flaky transit test
* bumps ember deps down to LTS version
* runs linters after main merge
* fixes client count tests after bad merge conflict fixes
* fixes client count history test
* more updates to lint config
* another round of hbs lint fixes after extending stylistic rule
* updates lint-staged commands
* removes indent eslint rule since it seems to break things
* fixes bad attribute in transform-edit-form template
* test fixes
* fixes enterprise tests
* adds changelog
* removes deprecated ember-concurrency-test-waiters dep and adds @ember/test-waiters
* flaky test fix
Co-authored-by: hashishaw <cshaw@hashicorp.com>
* adds ember-flight-icons dependecy
* adds inline-json-import babel plugin
* adds flight icon styling
* updates Icon component to support flight icons
* updates Icon component usages to new api and updates name values to flight icon set when available
* fixes tests
* updates icon story with flight mappings and fixes issue with flight icons not rendering in storybook
* adds changelog
* fixes typo in sign action glyph name in transit-key model
* adds comments to icon-map
* updates Icon component to use only supported flight icon sizes
* adds icon transform codemod
* updates icon transform formatting to handle edge case
* runs icon transform on templates
* updates Icon usage in toolbar-filter md and story
* updates tests
* fix by returning apiPath from the model
* remove unused service
* be more specific of when setting dynamicApiPath
* new acceptance test for auth list
* remove unused policy
* udpate comment
* enable auth method item configuration in go code
* properly parse and list generated items
* make sure we only set name on attrs if a label comes from openAPI
* correctly construct paths object for method index route
* set sensitive property on password for userpass
* remove debugger statements
* pass method model to list route template to use paths on model for tabs
* update tab generation in generated item list, undo enabling userpass users
* enable openapi generated itams for certs and userpass, update ldap to no longer have action on list endpoint
* add editType to DisplayAttributes, pull tokenutil fields into field group
* show sensitive message for sensitive fields displayed in fieldGroupShow component
* grab sensitive and editType fields from displayAttrs in openapi-to-attrs util
* make sure we don't ask for paths for secret backends since that isn't setup yet
* fix styling of sensitive text for fieldGroupShow component
* update openapi-to-attrs util test to no longer include label by default, change debugger to console.err in path-help, remove dynamic ui auth methods from tab count test
* properly log errors to the console
* capitalize This value is sensitive...
* get rid of extra padding on bottom of fieldgroupshow
* make auth methods clickable and use new confirm ux
* Update sdk/framework/path.go
Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>
* Update sdk/framework/path.go
Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>
* add whitespace
* return intErr instead of err
* uncomment out helpUrl because we need it
* remove extra box class
* use const instead of let
* remove extra conditional since we already split the pathName later on
* ensure we request the correct url when listing generated items
* use const
* link to list and show pages
* remove dead code
* show nested item name instead of id
* add comments
* show tooltip for text-file inputs
* fix storybook
* remove extra filter
* add TODOs
* add comments
* comment out unused variables but leave them in function signature
* only link to auth methods that can be fully managed in the ui
* clean up comments
* only render tooltip if there is helpText
* rename id authMethodPath
* remove optionsForQuery since we don't need it
* add indentation
* standardize ConfirmMessage and show model name instead of id when editing
* standardize ConfirmMessage and show model name instead of id when editing
* add comments
* post to the correct updateUrl so we can edit users and groups
* use pop instead of slice
* add TODO for finding a better way to store ids
* ensure ids are handled the same way on list and show pages; fix editing and deleting
* add comment about difference between list and show urls
* use model.id instead of name since we do not need it
* remove dead code
* ensure list pages have page headers
* standardize using authMethodPath instead of method and remove dead code
* i love indentation
* remove more dead code
* use new Confirm
* show correct flash message when deleting an item
* update flash message for creating and updating
* use plus icon for creating group/user instead of an arrow