Tom Proctor
c77f009759
Plugins: Allow explicitly specifying the builtin version of a plugin ( #17289 )
2022-09-22 23:15:46 +01:00
claire bontempo
b0499a7cdb
render ss tooltip conditionally ( #17288 )
2022-09-22 18:02:24 -04:00
Violet Hynes
2b8d8a3c6a
VAULT-8630 Fix goroutine leak from RLQ initialize ( #17281 )
...
* VAULT-8630 Fix goroutine leak from RLQ initialize
* VAULT-8630 Changelog
* VAULT-8630 additional nil check
2022-09-22 15:59:53 -04:00
Tom Proctor
7d09d5a653
CLI: Tune plugin version for auth/secret mounts ( #17277 )
...
* Add -plugin-version flag to vault auth/secrets tune
* CLI tests for auth/secrets tune
* CLI test for plugin register
* Plugin catalog listing bug where plugins of different type with the same name could be double counted
* Use constant for -plugin-version flag name
2022-09-22 20:55:46 +01:00
Rachel Culpepper
b17ea8c6bd
Add managed key docs for gcp ( #17280 )
...
* add managed key docs for gcp
* fix algorithm parameter
* add missing bracket
2022-09-22 14:44:21 -05:00
Robert
254608f579
Add test for multihost connection strings with Postgres ( #16912 )
...
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2022-09-22 14:00:56 -05:00
Austin Gebauer
a6139cd5b2
Fixes multiplexed plugin initialization after manual plugin reload ( #17248 )
...
* Fixes initialize not called after v5 plugin reload
* use request context instead of core activeContext
2022-09-22 10:16:21 -07:00
Hridoy Roy
5477fd86fa
Activity new clients for current month docs ( #16472 )
...
* docs draft
* docs complete
* change json for legibility
* change json for legibility
* namespace and mount attribution should exist outside new clients stanza
* address feedback
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* Update website/content/docs/concepts/client-count/index.mdx
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
* remove version from doc
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-09-22 10:00:18 -07:00
Rachel Culpepper
1c69e690aa
Transform BYOK Documentation ( #17121 )
...
* add api docs for transform byok endpoints
* add byok description to transform index page
* fix merge conflicts
* remove import_version for FPE
* text edits and add note about convergent tokenization
* add note for convergent tokenization
2022-09-22 10:56:12 -05:00
Bryce Kalow
dfc3ad015a
website: content updates for developer ( #17035 )
...
* Chore (dev portal): update learn nav data links (#15515 )
* Update docs-nav-data.json
* Update docs-nav-data.json
* website: fixes internal redirects (#15750 )
* chore: remove duplicate overview item (#15805 )
* Use `badge` for `<sup>` tags in nav data JSON files (#15928 )
* Replacing <sup> tags with badge
* Adding type and color to badges
* fix broken links in vault docs (#15976 )
* website: Update old learn links to redirect locations (#16047 )
* update previews to render developer UI
* update redirects
* adjust content so it is backwards compat
Co-authored-by: HashiBot <62622282+hashibot-web@users.noreply.github.com>
Co-authored-by: Kendall Strautman <36613477+kendallstrautman@users.noreply.github.com>
Co-authored-by: Ashlee M Boyer <43934258+ashleemboyer@users.noreply.github.com>
2022-09-22 08:11:04 -07:00
Yoan Blanc
fa8f7c793f
fix: PGP subkeys support ( #16224 )
...
* fix: PGP subkeys support
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
* fix: bump ProtonMail/go-crypto
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
* fix: bump ProtonMail/go-crypto
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2022-09-22 09:12:41 -04:00
Tom Proctor
f920640db7
Plugins: Auto version selection for auth/secrets + tune version ( #17167 )
2022-09-22 13:53:52 +01:00
Milena Zlaticanin
6593466b3e
secret/database/redis: upgrade plugin to v0.1.0 ( #17270 )
2022-09-21 19:39:50 -05:00
Christopher Swenson
895f2c9f3d
Change usages of RunningSha to RunningSha256 ( #17266 )
...
Some PRs got crossed and somehow these were missed in the
build checks for #17182 .
2022-09-21 13:32:00 -07:00
Tom Proctor
4e51491f7a
Upgrade vault-plugin-auth-alicloud to v0.13.0 ( #17251 )
2022-09-21 21:05:18 +01:00
Tom Proctor
b0a580de47
CLI: Fix erroneous warning when reading from stdin ( #17252 )
2022-09-21 21:04:49 +01:00
Christopher Swenson
2c8e88ab67
Check if plugin version matches running version ( #17182 )
...
Check if plugin version matches running version
When registering a plugin, we check if the request version matches the
self-reported version from the plugin. If these do not match, we log a
warning.
This uncovered a few missing pieces for getting the database version
code fully working.
We added an environment variable that helps us unit test the running
version behavior as well, but only for approle, postgresql, and consul
plugins.
Return 400 on plugin not found or version mismatch
Populate the running SHA256 of plugins in the mount and auth tables (#17217 )
2022-09-21 12:25:04 -07:00
Mike Palmiotto
dc3beb428e
docs: Update agent autoauth sinks examples ( #17229 )
2022-09-21 14:19:16 -04:00
DevOps Rob
6495522ab7
adding boundary and waypoint plugins to portal ( #17259 )
2022-09-21 14:05:17 -04:00
Austin Gebauer
65b851bc2c
Fixes concurrent map writes in GRPC plugin server setup ( #17247 )
...
* Fixes concurrent map writes in GRPC plugin server setup
* move lock closer to critical section
2022-09-21 11:04:20 -07:00
Kit Haines
45cb910d0b
Try to bring versions of gofumpt to be the same (so running make bootstrap doesn't change version of gofumpt needed for make fmt) ( #17254 )
2022-09-21 12:57:34 -04:00
Yoko Hyakuna
9164d04262
Remove extra spaces in the table ( #17257 )
2022-09-21 08:42:51 -07:00
Mike Palmiotto
9ced47be66
agent: Fix missing file suffix in config test ( #17245 )
2022-09-21 11:30:04 -04:00
Kit Haines
2d58591feb
Fix non-atomic read of atomic value fix ( #17255 )
...
* Always load to access certCount
* Test-reads of the atomic value.
2022-09-21 11:24:34 -04:00
Angel Garbarino
aef402a30f
PKI Keys List View ( #17239 )
...
* setup
* cleanup
* cleanup
2022-09-21 08:41:44 -06:00
Bernd Straehle
3623271601
vault-plugin-secrets-apigee ( #17249 )
2022-09-21 09:08:25 -04:00
Angel Garbarino
17898e5588
PKI Certificates List View ( #17236 )
...
* setup
* cleanup
* cleanup
* cleanup
* remove filtering for now:
2022-09-20 17:22:37 -06:00
Mark Collao
cca25103f6
Merge branch 'main' of github.com:hashicorp/vault
2022-09-20 16:33:25 -05:00
Mark Collao
c0d7ad6d5d
update changelog
2022-09-20 16:32:37 -05:00
Alexander Scheel
ad3a093b40
Prevent PSS with Go-incompatible CAs, CSRs, Private Keys ( #17223 )
...
* Fix interoperability concerns with PSS
When Go parses a certificate with rsaPSS OID, it will accept this
certificate but not parse the SubjectPublicKeyInfo, leaving the
PublicKeyAlgorithm and PublicKey fields blank, but otherwise not erring.
The same behavior occurs with rsaPSS OID CSRs.
On the other hand, when Go parses rsaPSS OID PKCS8 private keys, these
keys will fail to parse completely.
Thus, detect and fail on any empty PublicKey certs and CSRs, warning the
user that we cannot parse these correctly and thus refuse to operate.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Run more PKI tests in parallel
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add notes about PSS shortcomings to considerations
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-09-20 17:30:58 -04:00
Steven Clark
0856fa11a3
Fix fmt error ( #17241 )
2022-09-20 13:33:01 -07:00
Steven Clark
a231f68549
Update Vault on main to pull in SDK 1.13 version bump ( #17240 )
2022-09-20 16:08:06 -04:00
Steven Clark
e5319bcc3c
Bump version in SDK to 1.13 for next major release ( #17233 )
2022-09-20 15:40:06 -04:00
Jordan Reimer
a89586a3cb
adds enhanced checks for hcp link status timestamp and error message and uses HCP abbreviation in messaging ( #17235 )
2022-09-20 12:57:32 -06:00
Kit Haines
f2adbb3e47
Basics of Cert-Count Non-Locking Telemetry ( #16676 )
...
Basics of Cert-Count Telemetry, changelog, "best attempt" slice to capture (and test for) duplicates, Move sorting of possibleDoubleCountedRevokedSerials to after compare of entries. Add values to counter when still initializing.
Set lists to nil after use, Fix atomic2 import, Delay reporting metrics until after deduplication has completed,
The test works now, Move string slice to helper function; Add backendUUID to gauge name.
2022-09-20 10:32:20 -07:00
Angel Garbarino
2e197fcfcd
PKI Issuer List view ( #17210 )
...
* initial setup for issuers toolbar and some slight changes to roles model after discussion with design.
* wip
* wip ... :/
* finalizes serializer and linkedblock iteration of is_default
* clean up
* fix
* forgot this bit
* pr comments amendments:
* small PR comment changes
2022-09-20 09:25:57 -06:00
Nick Cabatoff
559754d580
Break grabLockOrStop into two pieces to facilitate investigating deadlocks ( #17187 )
...
Break grabLockOrStop into two pieces to facilitate investigating deadlocks. Without this change, the "grab" goroutine looks the same regardless of who was calling grabLockOrStop, so there's no way to identify one of the deadlock parties.
2022-09-20 11:03:16 -04:00
Steven Clark
ba096f9dfa
update vault auth submodules to api/v1.8.0 ( #17228 )
2022-09-20 10:51:51 -04:00
Steven Clark
bd27bdba5a
update vault to api/v1.8.0 ( #17227 )
2022-09-20 10:31:08 -04:00
Steven Clark
b7c4c80a5c
update api to use sdk/v0.6.0 ( #17224 )
2022-09-20 10:11:29 -04:00
Nick Cabatoff
d8101f82ee
Handle when pluginCatalog.Get returns (nil,nil) during cred backend creation ( #17204 )
2022-09-20 08:57:08 -04:00
Nick Cabatoff
c7f4d79684
We don't need to test LifetimeWatcher's behaviour with database leases specifically. ( #17208 )
2022-09-20 08:23:51 -04:00
Tom Proctor
f5655ae857
Plugins: Consistently use plugin_version ( #17171 )
...
* Delete Sha field, rename RunningSha -> RunningSha256
* Rename version -> plugin_version
2022-09-20 12:35:50 +01:00
Tom Proctor
abfeb59646
Upgrade vault-plugin-auth-centrify to v0.13.0 ( #17195 )
2022-09-20 06:05:50 -04:00
vinay-gopalan
c548ea39be
Re-initialize v5 backend after a plugin crash ( #17140 )
2022-09-19 16:48:45 -07:00
Christopher Swenson
5a8a896b5a
fix: upgrade vault-plugin-database-elasticsearch to v0.12.0 ( #17203 )
2022-09-19 14:46:23 -07:00
Christopher Swenson
4ad2dcbfe3
fix: upgrade vault-plugin-database-couchbase to v0.8.0 ( #17205 )
2022-09-19 14:12:33 -07:00
claire bontempo
e89745178b
UI: Add 'disable' to CRL config ( #17153 )
...
* add disable to crl attrs
* add changelog
* change styling per design
* update tests and fix default setting of buildCrl
* cleanup + refactor
2022-09-19 14:03:50 -07:00
Robert
b8afefbc6a
secrets/ad: update plugin to v0.14.0 ( #17214 )
2022-09-19 16:03:17 -05:00
Steven Clark
dae2ef535b
Update protos to match update of protobuf go library ( #17215 )
2022-09-19 16:45:44 -04:00