* Respond with cache size on config write
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Respond with key policy on write
This includes creating a key, but also trimming or rotating an
existing key.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Correctly handle locking around policy formatting
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Validate that responses are non-empty
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* pki: add subject key identifier to read key response
This will be helpful for the Terraform Vault Provider to detect
migration of pre-1.11 exported keys (from CA generation) into post-1.11
Vault.
* add changelog
* Update builtin/logical/pki/path_fetch_keys.go
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* check for managed key first
* Validate the SKID matches on root CAs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Validate SKID matches on int CAs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix formatting of tests
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* VAULT-15547 First pass at agent/proxy decoupling
* VAULT-15547 Fix some imports
* VAULT-15547 cases instead of string.Title
* VAULT-15547 changelog
* VAULT-15547 Fix some imports
* VAULT-15547 some more dependency updates
* VAULT-15547 More dependency paths
* VAULT-15547 godocs for tests
* VAULT-15547 godocs for tests
* VAULT-15547 test package updates
* VAULT-15547 test packages
* VAULT-15547 add proxy to test packages
* VAULT-15547 gitignore
* VAULT-15547 address comments
* VAULT-15547 Some typos and small fixes
* core/server: add support to write pprof files to the filesystem via SIGUSR2
* changelog
* Fix filepath join
* Use core logger
* Simplify logic
* Break on error
* initial WIP glimmerize the controller
* wip got the filter engine type by supported backends working
* got filter by engine type working
* wip need to refactor but working ish for name
* wip working state with both filters, does not work if both fiters are set
* fixed when you have two selected filters, but broken for multiples of the same type with different names
* remove repeated engineTypes in filter list
* add disabled to power select
* fix bug of glimmer for the concurrency task.
* wording fix
* remove linkableItem and the nested contextual compnents to help with loading speed.
* add changelog
* fix some tests
* add test coverage
* Update 20481.txt
update changelog text
* test fixes 🤞
* test fix?
* address a pr comment and save
* address pr comment
* import rsa and ecdsa public keys
* allow import_version to update public keys - wip
* allow import_version to update public keys
* move check key fields into func
* put private/public keys in same switch cases
* fix method in UpdateKeyVersion
* move asymmetrics keys switch to its own method - WIP
* test import public and update it with private counterpart
* test import public keys
* use public_key to encrypt if RSAKey is not present and failed to decrypt
if key version does not have a private key
* move key to KeyEntry parsing from Policy to KeyEntry method
* move extracting of key from input fields into helper function
* change back policy Import signature to keep backwards compatibility and
add new method to import private or public keys
* test import with imported public rsa and ecdsa keys
* descriptions and error messages
* error messages, remove comments and unused code
* changelog
* documentation - wip
* suggested changes - error messages/typos and unwrap public key passed
* fix unwrap key error
* fail if both key fields have been set
* fix in extractKeyFromFields, passing a PolicyRequest wouldn't not work
* checks for read, sign and verify endpoints so they don't return errors when a private key was not imported and tests
* handle panic on "export key" endpoint if imported key is public
* fmt
* remove 'isPrivateKey' argument from 'UpdateKeyVersion' and
'parseFromKey' methods
also: rename 'UpdateKeyVersion' method to 'ImportPrivateKeyForVersion' and 'IsPublicKeyImported' to 'IsPrivateKeyMissing'
* delete 'RSAPublicKey' when private key is imported
* path_export: return public_key for ecdsa and rsa when there's no private key imported
* allow signed data validation with pss algorithm
* remove NOTE comment
* fix typo in EC public key export where empty derBytes was being used
* export rsa public key in pkcs8 format instead of pkcs1 and improve test
* change logic on how check for is private key missing is calculated
---------
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
By reversing the logic and adding a `REMOVE_SYMBOLS` environment
variable that, when set, will remove symbols.
This has been requested to re-enable Dynatrace support, which
requires symbols are intact.
Sadly this increases the size (on my mac) from 192,609,682 bytes
to 236,696,722 bytes (+23% increase).
I confirmed that this adds symbols back, and that `dlv` will load
the Vault binary.
* Add Helios Design System Components (#19278)
* adds hds dependency
* updates reset import path
* sets minifyCSS advanced option to false
* Remove node-sass (#19376)
* removes node-sass and fixes sass compilation
* fixes active tab li class
* Sidebar Navigation Components (#19446)
* links ember-shared-components addon and imports styles
* adds sidebar frame and nav components
* updates HcNav component name to HcAppFrame and adds sidebar UserMenu component
* adds tests for sidebar components
* fixes tests
* updates user menu styling
* fixes typos in nav cluster component
* changes padding value in sidebar stylesheet to use variable
* Replace and remove old nav components with new ones (#19447)
* links ember-shared-components addon and imports styles
* adds sidebar frame and nav components
* updates activeCluster on auth service and adds activeSession prop for sidebar visibility
* replaces old nav components with new ones in templates
* fixes sidebar visibility issue and updates user menu label class
* removes NavHeader usage
* adds clients index route to redirect to dashboard
* removes unused HcAppFrame footer block and reduces page header top margin
* Nav component cleanup (#19681)
* removes nav-header components
* removes navbar styling
* removes status-menu component and styles
* removes cluster and auth info components
* removes menu-sidebar component and styling
* fixes tests
* Console Panel Updates (#19741)
* updates console panel styling
* adds test for opening and closing the console panel
* updates console panel background color to use hds token
* adds right margin to console panel input
* updates link-status banner styling
* updates hc nav components to new API
* Namespace Picker Updates (#19753)
* updates namespace-picker
* updates namespace picker menu styling
* adds bottom margin to env banner
* updates class order on namespace picker link
* restores manage namespaces refresh icon
* removes manage namespaces nav icon
* removes home link component (#20027)
* Auth and Error View Updates (#19749)
* adds vault logo to auth page
* updates top level error template
* updates loading substate handling and moves policies link from access to cluster nav (#20033)
* moves console panel to bottom of viewport (#20183)
* HDS Sidebar Nav Components (#20197)
* updates nav components to hds
* upgrades project yarn version to 3.5
* fixes issues in app frame component
* updates sidenav actions to use icon button component
* Sidebar navigation acceptance tests (#20270)
* adds sidebar navigation acceptance tests and fixes other test failures
* console panel styling tweaks
* bumps addon version
* remove and ignore yarn install-state file
* fixes auth service and console tests
* moves classes from deleted files after bulma merge
* fixes sass syntax errors blocking build
* cleans up dart sass deprecation warnings
* adds changelog entry
* hides namespace picker when sidebar nav panel is minimized
* style tweaks
* fixes sidebar nav tests
* bumps hds addon to latest version and removes style override
* updates modify-passthrough-response helper
* updates sidebar nav tests
* mfa-setup test fix attempt
* fixes cluster mfa setup test
* remove deprecated yarn ignore-optional flag from makefile
* removes another instance of yarn ignore-optional and updates ui readme
* removes unsupported yarn verbose flag from ci-helper
* hides nav headings when user does not have access to any sub links
* removes unused optional deps and moves lint-staged to dev deps
* updates has-permission helper and permissions service tests
* fixes issue with console panel not filling container width
* Add missing tidy-status state values
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add docs on auto-tidy reading
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add missing tidy status field revocation_queue_safety_buffer
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Include pause_duration in tidy-status docs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add date of last auto-tidy operation to status
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add additional existing keys response field
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update tests for validating existing keys
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update docs for import to include new fields
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update website/content/api-docs/secret/pki.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Step one: remove bulma (#19587)
* remove bulma and get app running
* add back in each statments from bulma variables
* remove space
* address pr comments
* add back copyright headedr
* Step two: add back and organize relevant Bulma classes (#19664)
* VAULT-14566 copy/paste bulma css for classes that it defines and we do not.
* add three new helper files and move helpers.scss to a new directory called helper-classes
* rename utils/colors to color_variables
* integrate all bulma sizing into previous utils/spacing doc, address obvious duplicates and rename to spacing_variables.
* small class name issues
* clean up
* comment clean up
* Step three: add Bulma classes to relevant component styles (#19683)
* add in bulma classes used in global-flash component
* add in bulma classes used in the modal component
* remaining bulma classes that can integrate into the vault css
* remove replication-header.scss and replace with helper.
* add bulma tabs classes to tabs component scss file
* remove ui-wizard style
* only do bulma explicit classes for now
* add in breadcrumb styling from bulma
* integrate bulma into css
* remove unecessary tabs bulma styling
* remove non-relevant bulma classes
* remove non relevant bulma css
* Step three cont. Bulma classes to component files (#19691)
* return box-label to as before now that you have those bulma classes
* missing modal bulma classes
* add bulma class to box component
* missed some bulma box classes
* remove scss unecessary
* add in bulma classes to icon component.
* move up icon
* missed modal class
* clean up
* size vars to icon
* Step four: address core directory files (#19719)
* move some basic helpers over to typography helper.
* rename helpers to other
* moveing generic classes to other relevant scss files.
* rename generic to link
* clean up
* clean up
* address core/box
* remove hero because the class is not used anywhere.
* add in level bulma css
* welp forgot a file.
* add in missing bulma classes into core/menu
* UI/step four core files 2 (#19754)
* address issue with input border and box shadow
* remove the is-white class, it was being used very poorly, replaced with exisiting helpers.
* organizing the forms and button core files
* small amount of clean up
* hot mess of colors dealing with just danger for now
* removed moved over bulma classes
* use helper for this one off
* clean up
* wip on the buttons
* fix select select:: after
* clean up select from bulma-classes.
* clean up
* clean up
* small fix
* Cleaning up the last of the core files (welp there's still more) (#19779)
* one missing thing for level core.
* replace no-underline and link-item with helper text-decoration-none
* core/menu double check
* handle core/message
* create and add to bulma classes for core/columns
* add in bulma-classes columns and column... not fun to qa later.
* remove core/notification
* core/progress bar
* revert the hbs changes
* fix over revert
* Core files cont. Focus on core/form (#19794)
* create input and textarea core files, move charts
* remove input and textarea classes from bulma classes
* remove input-hint component file, never a component
* fix the mess that is help-text:
* help and is-help and sub-text are a mess...
* fix switch alignment issues
* deal with file-name
* clean file out of bulma-classes
* create layout helper and move out some remaining button classes
* deal with core/title
* is-marginless move to helper
* helper layout add to core
* clean up
* remove core/tables
* test
* Revert "test"
This reverts commit e695dedfe933d71320cd7eeee33f6b21a8d54b37.
* Core files continued (#19896)
* test
* combine input and textarea
* clean up navbar brannd
* clean up the single instance delete class used on the modal and match with flight icon
* add back autocomplete to component
* create core/file
* alphabetize file css blocks
* core/checkboxes create and address
* combine b-checkboxes classes and remove from core the utils
* address duplicate helper
* Core files continued (#19930)
* clean up helper and remove duplicate class
* more clean up of the other helper
* fix pagination, hot mess
* add radio to checkbox styling
* tag to tags rename singular
* container core file
* finally... changing forms to one element, field
* finally remove bulma-classes
* cleanup
* comment cleanup
* add comment about pagination
* Consolidating our size variables with Bulma's (#19951)
* remove bulma-size variables that are duplicates of our own
* remove unused is-size-xx and duplicate font weights
* remove duplicate class
* ahh this is madness
* remove column-gap var
* remove duplicate sizing of
* clean up breakpoints
* replace border-radius:2px for var so folks know the common border-radius
* replace header-height with new spacing var
* replace body-size and console-size vars with other sizing vars
* clean up final of size vars
* radius override things blah fixed
* last size var
* add back
* Finish size var clean up (#19970)
* remove size-small, etc.
* fix size-small things
* remove label unused classes
* move out font-family utils
* Update Color Vars (remove bulma color vars and overrides) (#20031)
* remove bulma_variables file
* remove duplicate helper
* replace hardcoded with color vars when appropriate
* broaden font-family utils
* add back box-link-hover-shadow
* welp
* fix pagination coloring
* Small fixes post var and core file work (#20035)
* fix auth-login splash container
* fix some splash page issues
* fix status menu
* fix menu-list regression
* fix regression on button text-decoration
* fix tag regression
* fix regression on select select
* fix regression on field field
* regression on textarea
* button focus state regression
* fix inputs
* fix is-outlined buttons
* Remove bulma switch (#20065)
* remove bulma/switch
* fix disbled style
* Bulma removal: starting the clean up process (#20066)
* remove unused class name
* add todo
* wip shamir-modal-flow usage of file styling
* final fix
* fix message type message-body css
* better match
* fix a.active on popup-menu-content
* VAULT-14625 fix
* blah overrides overrides and oh another override
* fix breadcrumb link
* fixes
* fix readonly state and hover on inputs.scss
* fix button style issue
* fix modal title spacing issue
* clean up
* fix switch
* fix checkbox issue and pr comment
* fix issue with tabs
* pr comment
* Bulma clean up cont. (#20119)
* gotta use rem on page container... it makes a difference, can't switch to px
* missing helper for background color
* fix textarea with icon
* can't seem to replace rem with px ;/
* fix table issues
* clean up columns.scss file
* fix
* fix rem vs px issues
* address some todos
* fix todo on help is-danger
* best effort for sizing var clean up
* reomve duplicate
* clearify
* welp forgot a word
* address sr-only class definition
* move to helper
* replaced single use class with helper and cleaned up flexbox
* move to make more sense
* move around layout and container
* color things
* things
* Cleanup 🧹 (#20196)
* remove carry over classes from bulma
* clean up title.scss
* clean up title is-5 has-top-padding-m and box.scss
* clean up breadcrumbs, buttons, c&r, columns
* clean up core files
* clean up cont looking at component files
* clean up remaining component files
* fix pagination
* pr comments, thank you
* add in merge color helper
* Remove out of scope changes (#20218)
* remove out of scope changes
* fix test
* add changelog
* remove scope creep
* fix scope creep cont
* qa fixes
* Fixes found while QA'ing Secret Engines (#20264)
* fix active tab issue for both secret and auth mounts
* use helper instead of :not last on content margin which causes problems
* fix missing disabled on b-checkbox
* quick fix
* deal with body-size issue
* fix order of other helper
* small fixes from qa
* update comments on the core files and change desktop font size from px back to rem
* missed 16px replaced with 1rem
* address chelseas comments
* fixes that jordan noticed
* remove unstable flexbox test
* test fix
* rename other to general
* address claires qa comments
* add in missing helper must have missed in earlier merge
* fix button
* small small small fix
* Add enable_aia_url_templating to read issuer
This field was elided from read issuer responses, though the value
otherwise persisted correctly.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add comprehensive test for patching issuers
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add missing OpenAPI scheme definition
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* define ent paths in OSS codebase with common handler
* fixup! define ent paths in OSS codebase with common handler
* add missing path
* retain existing behaviour for replication/status path
* remove commented out path
* Add additional fields to LIST issuers for Web UI
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add infrastructure for warnings on CRL rebuilds
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add warning on issuer missing KU for CRL Signing
When an entire issuer equivalency class is missing CRL signing usage
(but otherwise has key material present), we should add a warning so
operators can either correct this issuer or create an equivalent version
with KU specified.
Resolves: https://github.com/hashicorp/vault/issues/20137
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add tests for issuer warnings
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix return order of CRL builders
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* remove intercepting helpText
* add subtext directly to StringList input component
* update tests and add coverage for new openapi-attrs util
* update test
* add warning validation to input
* lol is this right i dont know go
* literally no idea what im doing
* add Description to display attrs struct
* update struct comment
* add descriptions to remaining go fields
* add missing comma
* remaining commas..."
* add description to display attrs
* update tests
* update tests
* add changelog;
* Update ui/app/utils/openapi-to-attrs.js
* update tests following backend changes
* clearly name variable
* format files
* no longer need to test for modified tooltip since coming from backend now
* Return OCSP errors on cert auth login failures
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Switch to immediately returning the first match
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
In the Kubernetes Auth Code Example, the indentation for the `auth` import is off, causing it to not be indented the same amount as the previous `vault` import. This change ensures that both imports use the same indentation.
