Commit graph

14654 commits

Author SHA1 Message Date
Carlos Cisneros, Jr fbd0cf82d9
Update index.mdx (#10873)
* Update index.mdx

Fixed typo in Setup section of the Secrets Engine documentation.

* Update index.mdx

Remove line 112.
2021-12-17 16:09:38 -08:00
Kaue Doretto Grecchi 2cc4ec2487
add entity-alias parameter description (#13339)
This page is missing the `entity-alias` parameter description, available in the `vault token create --help` command
2021-12-17 15:23:47 -08:00
divyapola5 e8a8853fcc
Replace '-' with ':' when listing certificate serial numbers (#13468)
* CLI changes for new mount tune config parameter allowed_managed_keys

* Correct allowed_managed_keys description in auth and secrets

* Documentation update for secrets and removed changes for auth

* Add changelog and remove documentation changes for auth

* removed changelog

* Correct the field description

* Replace - with : when listing certificate serials
2021-12-17 13:33:05 -06:00
Kevin Wang 044a83400a
feat(website): versioned-docs (#13123)
* chore: `react-docs-page`

* feat: data loader

* chore: bump `next-mdx-remote`

* chore: `showVersionSelect`

* chore: bump react docs page

* chore: bump react docs page
2021-12-17 12:58:05 -05:00
Jordan Reimer 5c2a08de6d
Ember Upgrade to 3.24 (#13443)
* Update browserslist

* Add browserslistrc

* ember-cli-update --to 3.26, fix conflicts

* Run codemodes that start with ember-*

* More codemods - before cp*

* More codemods (curly data-test-*)

* WIP ember-basic-dropdown template errors

* updates ember-basic-dropdown and related deps to fix build issues

* updates basic dropdown instances to new version API

* updates more deps -- ember-template-lint is working again

* runs no-implicit-this codemod

* creates and runs no-quoteless-attributes codemod

* runs angle brackets codemod

* updates lint:hbs globs to only touch hbs files

* removes yield only templates

* creates and runs deprecated args transform

* supresses lint error for invokeAction on LinkTo component

* resolves remaining ambiguous path lint errors

* resolves simple-unless lint errors

* adds warnings for deprecated tagName arg on LinkTo components

* adds warnings for remaining curly component invocation

* updates global template lint rules

* resolves remaining template lint errors

* disables some ember specfic lint rules that target pre octane patterns

* js lint fix run

* resolves remaining js lint errors

* fixes test run

* adds npm-run-all dep

* fixes test attribute issues

* fixes console acceptance tests

* fixes tests

* adds yield only wizard/tutorial-active template

* fixes more tests

* attempts to fix more flaky tests

* removes commented out settled in transit test

* updates deprecations workflow and adds initializer to filter by version

* updates flaky policies acl old test

* updates to flaky transit test

* bumps ember deps down to LTS version

* runs linters after main merge

* fixes client count tests after bad merge conflict fixes

* fixes client count history test

* more updates to lint config

* another round of hbs lint fixes after extending stylistic rule

* updates lint-staged commands

* removes indent eslint rule since it seems to break things

* fixes bad attribute in transform-edit-form template

* test fixes

* fixes enterprise tests

* adds changelog

* removes deprecated ember-concurrency-test-waiters dep and adds @ember/test-waiters

* flaky test fix

Co-authored-by: hashishaw <cshaw@hashicorp.com>
2021-12-16 20:44:29 -07:00
Meggie 5e316537f2
Splitting backport-asst GH action (#13461)
This way we can have an OSS action, and an ENT action. We'll be able to
keep the backport-assistant workflows the same on OSS and ENT for normal
PRs, and have a separate labeling system on OSS for docs backports.

We should delete the backport-docs.yml file on ENT.
2021-12-16 18:49:59 -05:00
Scott Miller baec515677
Move KmsLibrary code to the ent side of config parsing (#13463)
* Move KmsLibrary code to the ent side of config parsing

* Normalize config.go

* Nope, needs to be result
2021-12-16 14:57:18 -06:00
Jason O'Donnell 1966264bcd
auth/gcp: update to v0.11.3 (#13457)
* update gcp auth

* go mod tidy
2021-12-16 15:46:34 -05:00
Noel Quiles 72385597b6
chore: Disable alert banner (#13458) 2021-12-16 13:10:59 -05:00
Noel Quiles 9a9608a11d
website: Update text (#13441) 2021-12-16 12:35:55 -05:00
John-Michael Faircloth a6c217a917
auth/github: document organization id param (#13449) 2021-12-16 09:41:20 -06:00
Pratyoy Mukhopadhyay a9301012fc
Update docs with new images (#13454)
* Update docs with new images

* Update website/content/docs/concepts/identity.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Remove extraneous Github mention

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-15 20:10:05 -08:00
Kevin Wang fafeb3717f
feat: add backport.yml (#13163)
* feat: add `backport.yml`

* feat: check releases over labels for latest

* chore: Do not automerge for non `stable-website`

* chore: Do not automerge to not `stable-website`

* Update .github/workflows/backport.yml

Co-authored-by: Meggie <meggie@hashicorp.com>

Co-authored-by: Meggie <meggie@hashicorp.com>
2021-12-15 18:16:35 -05:00
Vinny Mannello 62ecf23c2c
EscapeLDAPValue - catch trailing escape character (#13452)
* [VAULT-4018] - EscapeLDAPValue catch trailing escape character
2021-12-15 13:17:07 -08:00
Jason Peng 0bd6f5392c
Update openshift.mdx (#13372)
Consul Openshift is supported since Consul 1.9 as per https://www.hashicorp.com/blog/introducing-openshift-support-for-consul-on-kubernetes. Please verify.
2021-12-15 13:07:30 -08:00
Michele Degges ce163e36bb
Fix for main: Add vault revision to --version cmd (#13428) 2021-12-15 11:38:20 -08:00
Alex Carpenter 927f46d5d7
Homepage redesign (#13159)
* homepage setup

* [Homepage] `<IoHomeHero />` component (#13160)

* init <Hero /> component

* adds loading animation

* updates variable naming

* makes index optional

* Update hero-pattern.svg

* prefix with IoHome

* updates usage

* [Homepage] `<IoHomePreFooter />` component (#13182)

* adds <IoHomePreFooter />

* adds interfaces

* [Homepage] `<IoHomeHero />` component (#13160)

* init <Hero /> component

* adds loading animation

* updates variable naming

* makes index optional

* Update hero-pattern.svg

* prefix with IoHome

* updates usage

* adds <IoHomePreFooter />

* adds interfaces

* adds key

* [Homepage] `<IoHomeCallToAction />` component (#13164)

* adding brand to cta

* cleanup homepage

* [Homepage] `<IoHomeVideo />` component (#13161)

* init <Video /> component

* adjusts sizing and border radius

* responsive styling

* fix hover svg gitter

* adjust play icon sizing

* include temp thumbnail

* dialog implementation

* conditionally display person and show helpers

* rename component

* updates dialog naming

* add homepage styling

* simplify background color

* page level styling

* [Homepage] `<IoHomeCaseStudies />` (#13190)

* adds <IoHomeCaseStudies />

* adds interface

* animate gradient

* update min-heights

* Homepage `<IoHomeCard />` component (#13151)

* init <Card /> component

* fixes heading color

* adds product logos and hover styles

* update naming

* simplifies inset spacing

* use ternary and add key

* removes repo link

* removes need for camelCase package

* adds keys

* adds in practice cards

* adds in practice background

* use case cards

* update min col sizing

* adds feature component (#13203)

* fixes card hover bug

* [Homepage] connect homepage to dato content (#13227)

* connect homepage to dato

* Check for internal link

* fix return types

* adds youtube video

* hook up meta tags and chunk cards

* removes chunking

* fix ts return

* fix prop naming

* fix return type

* mobile sizing adjustments

* [Homepage] Usecase pages (#13240)

* init usecase page

* updates use case call to action

* card container component

* themeing

* convert to using strictly props

* responsive spacing

* reworking sections component

* adds callout and hero patterns

* adds priority

* makes feature link optional

* [Homepage] connect use case template to dato (#13295)

* Start connecting to dato

* Fix spacing when no video is present

* Remove log

* adds images

* hook up cards

* pass eyebrow and products

* Delete index.tsx

* Use card container on homepage

* use react video player

* [Homepage] fix mobile video (#13309)

* Removing attributes

* update url

* spacing adjustments

* Allow previewing draft content (#13312)

* fix heading width

* fix feature max width

* adjust in practice padding

* increase icon sizing

* adjust icon alignment

* update eyebrow

* update hero pattern

* update usecase hero pattern

* add hover scale

* [Homepage] populate use case dropdown from use case pages (#13325)

* create standard layout

* removes unused subnav data

* removes static use case pages

* removes use cases style

* bump subnav and use hashicorp vault logo

* fixes use cases paths

* removes hashistack menu

* removes subnav top border

* conditionally render video callout avatar

* hook up data and conditionals

* update components to work with other products

* extract in practice section for reuse

* use Products type

* fix type error

* rework cta logic

* removes type

* updates accent method

* fix button prop

* refactor customer case study

* refactor case studies component

* cleanup margin

* refactor data props

* Spacing updates and introduce intro component

* adds intro interface

* Delete style.css

* fix intro description color

* add revalidate code to homepage

* bump subnav

* make stats optional

* adjust border radius based on customer story

* cleanup temp files

* redirect /home to homepage

* reorder resources

* fix: move heading and description

* fix: logo alignment

* fix: section background color

* feat: optional tutorial and docs links

* fix: removes case studies background

* formatting

* feat: sort use cases in nav

* fix: card overflow (#13429)

* fix: adjust overflow method

* fix: padding on desktop

* fix: scroll padding-right on mobile

* remove debugger

* increase last item width

* card container overflow method (#13434)

* use flex

* formatting

* add comment
2021-12-15 10:32:45 -05:00
Pete Bohman ccc1098ea3
Add allowed_uri_sans_template (#10249)
* Add allowed_uri_sans_template

Enables identity templating for the allowed_uri_sans field in PKI cert roles.

Implemented as suggested in #8509

* changelog++

* Update docs with URI SAN templating
2021-12-15 09:18:28 -06:00
Yoko Hyakuna cbdea53dd7
Add paths filter doc (#13435)
* Add paths filter doc

* Add a description about the screenshot

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Remove extra sentense

* Update the diagram

* Update the diagram

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-14 17:19:31 -08:00
John-Michael Faircloth a2da7b17f8
github auth: use org id to verify creds (#13332)
* github auth: use org id to verify creds

* add check for required org param; add test case

* update UTs

* add nil check for org

* add changelog

* fix typo in ut

* set org ID if it is unset; add more ut coverage

* add optional organization_id

* move client instantiation

* refactor parse URL; add UT for setting org ID

* fix comment in UT

* add nil check

* don't update org name on change; return warning

* refactor verifyCredentials

* error when unable to fetch org ID on config write; add warnings

* fix bug in log message

* update UT and small refactor

* update comments and log msg

* use getter for org ID
2021-12-14 16:37:19 -06:00
Victor Rodriguez 1136381637
Add no-op method setupManagedKeyRegistry(). (#13433) 2021-12-14 16:00:17 -05:00
Kyle Penfound 854da08e45
crt main fix for ecr tag (#13425) 2021-12-14 15:53:02 -05:00
Sai Hemanth Bheemreddy 73160cd074
Add vault-api module (#13048) 2021-12-14 13:32:26 -05:00
Nick Cabatoff 6f99a410be
Bump yarn cache key version so that it uses the new disk layout we've adopted for using cimg/go. (#13420) 2021-12-14 12:43:52 -05:00
Meggie c0b962ecfa
Main go version bump (#13408)
* Go 1.17.2 -> 1.17.5
* Switching to cimg
2021-12-14 11:11:13 -05:00
Mark Lewis 7ee982cb31
Update raftautosnapshots.mdx (#13412) 2021-12-14 08:29:03 -05:00
Pratyoy Mukhopadhyay c6bb8f2767
Add docs about path param restrictions (#13413)
* Add docs about path param restrictions

* Update website/content/api-docs/auth/userpass.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update with review suggestion

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-13 17:02:39 -08:00
Steven Clark 0bb0996072
Fix logging statement using formatting args (#13407) 2021-12-13 15:28:35 -05:00
Alexander Scheel 31ff2be589
Add universal default key_bits value for PKI endpoints (#13080)
* Allow universal default for key_bits

This allows the key_bits field to take a universal default value, 0,
which, depending on key_type, gets adjusted appropriately into a
specific default value (rsa->2048, ec->256, ignored under ed25519).

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Handle universal default key size in certutil

Also move RSA < 2048 error message into certutil directly, instead of in
ca_util/path_roles.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add missing RSA key sizes to pki/backend_test.go

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Switch to returning updated values

When determining the default, don't pass in pointer types, but instead
return the newly updated value.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Re-add fix for ed25519 from #13254

Ed25519 internally specifies a hash length; by changing the default from
256 to 0, we fail validation in ValidateSignatureLength(...) unless we
specify the key algorithm.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2021-12-13 15:26:42 -05:00
Jason O'Donnell 9674a75a4d
auth/azure: add note about debug env (#13405)
* auth/azure: add note about debug env

* Update azure.mdx

* Update azure.mdx
2021-12-13 14:16:45 -05:00
Ben Ash fc51516ee0
Docs: fix invalid link in the kubernetes auth api doc. (#13399)
* Clean up whitespace
2021-12-13 12:02:52 -05:00
Ben Ash 6ec3367648
Support clearing an identity alias' custom_metadata (#13395)
* Support clearing an identity alias' custom_metadata

Previously, an update to an entity alias supported updating the
custom_metadata as long as the update was not empty, which makes it
impossible to clear the metadata values completely.

Fixes:
- empty custom_metadata parameters are honoured on entity alias update
- update related tests
- drop dependency on mapstructure
- reformat with gofumpt
2021-12-10 18:07:47 -05:00
Chelsea Shaw fe718e99d4
UI/fix client count partial (#13396)
* Initial fix

* Add fallback zero values

* Add changelog

* Fix client count current test
2021-12-10 16:14:57 -06:00
Meggie 5fef269e03
changelog++
Working on a new workflow for generating the preview so I thought I'd leave a note that it's still coming.
2021-12-10 17:08:18 -05:00
Meggie 7c70c4ebf1
Some changelog tidying for 1.10 preview (#13385)
* Some changelog tidying for 1.10 preview

* PR accounted for by different CL entry
2021-12-10 16:23:20 -05:00
Chelsea Shaw ab2ee75701
Fix managed namespace test (#13394)
* Fix managed namespace test

* Remove log
2021-12-10 15:17:54 -06:00
Steven Clark 834f0bd8ee
Fix test validating convergent encryption behaviour across key types (#13371)
- The test was attempting to test the convergent encryption behaviour
  with several key types but the common function never used the passed
  in key type. So we ran the test with the default aes256-gcm96 only.
2021-12-10 12:55:50 -05:00
John-Michael Faircloth 04ce02057a
auth/jwt: update changelog for pkce improvement (#13392) 2021-12-10 11:15:22 -06:00
divyapola5 3488948ccd
CLI changes for new mount tune config parameter allowed_managed_keys (#13255)
* CLI changes for new mount tune config parameter allowed_managed_keys

* Correct allowed_managed_keys description in auth and secrets

* Documentation update for secrets and removed changes for auth

* Add changelog and remove documentation changes for auth

* removed changelog

* Correct the field description
2021-12-10 11:08:28 -06:00
Nick Cabatoff fed74de3fe
Remove another use gopsutil/host. (#13390) 2021-12-10 09:59:52 -05:00
Nick Cabatoff f729dfc18f
Use os.Hostname instead of a dependency that doesn't work on OpenBSD. (#13389) 2021-12-10 08:57:15 -05:00
Meggie 61f1536f3b
Updating website for 1.9.1 (#13378) 2021-12-09 14:51:32 -08:00
Brandon Romano 0726d9445e
Update alert banner (#13375) 2021-12-09 12:09:17 -05:00
Meggie e918ab2034
changelog++ 2021-12-09 12:07:59 -05:00
John-Michael Faircloth 7f78f3357f
auth/jwt: Update plugin to v0.11.3 (#13365)
* auth/jwt: Update plugin to v0.11.3

* add changelog
2021-12-09 07:44:52 -06:00
hghaf099 65845c7531
VAULT-1564 report in-flight requests (#13024)
* VAULT-1564 report in-flight requests

* adding a changelog

* Changing some variable names and fixing comments

* minor style change

* adding unauthenticated support for in-flight-req

* adding documentation for the listener.profiling stanza

* adding an atomic counter for the inflight requests
addressing comments

* addressing comments

* logging completed requests

* fixing a test

* providing log_requests_info as a config option to determine at which level requests should be logged

* removing a member and a method from the StatusHeaderResponseWriter struct

* adding api docks

* revert changes in NewHTTPResponseWriter

* Fix logging invalid log_requests_info value

* Addressing comments

* Fixing a test

* use an tomic value for logRequestsInfo, and moving the CreateClientID function to Core

* fixing go.sum

* minor refactoring

* protecting InFlightRequests from data race

* another try on fixing a data race

* another try to fix a data race

* addressing comments

* fixing couple of tests

* changing log_requests_info to log_requests_level

* minor style change

* fixing a test

* removing the lock in InFlightRequests

* use single-argument form for interface assertion

* adding doc for the new configuration paramter

* adding the new doc to the nav data file

* minor fix
2021-12-08 17:34:42 -05:00
Pratyoy Mukhopadhyay c97c8687f4
[VAULT-3252] Add entity-alias behavior change to docs (#13370)
* Add entity-alias behavior change to docs

* Add upgrade note about entity-alias mapping change

* Rename 1.7-9 upgrade pages, shuffle upgrade note position

* Update website/content/partials/entity-alias-mapping.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* Add incorrect policy issue to the docs

* Add example about entity-alias restriction

Co-authored-by: Meggie <meggie@hashicorp.com>
2021-12-08 13:52:51 -08:00
Steven Clark f158382f56
Warn user supplying nonce values in FIPS mode for transit encryption requests (#13366)
* Warn user supplying nonce values in FIPS mode for transit encryption requests

 - Send back a warning within the response if an end-user supplies nonce
   values that we use within the various transit encrypt apis.
 - We do not send a warning if an end-user supplies a nonce value but we
   don't use it.
 - Affected api methods are encrypt, rewrap and datakey
 - The warning is only sent when we are operating in FIPS mode.
2021-12-08 14:37:25 -05:00
Theron Voran bfa008d78f
agent/cache: differentiate open log messages (#13362)
Changes the error output for the second open of the persistent cache
file, to differentiate it from the c.UI.Error message for the initial
open of the cache file, just to make it easier to tell where a problem
occurred.
2021-12-08 10:32:49 -08:00
Matt Schultz 85f5cfc356
Adds support for SHA-3 to transit (#13367)
* Adding support for SHA3 in the transit backend.

* Adds SHA-3 tests for transit sign/verify path. Adds SHA-3 tests for logical system tools path hash functionality. Updates documentation to include SHA-3 algorithms in system tools path hashing.

* Adds changelog entry.

Co-authored-by: robison jacka <robison@packetized.io>
2021-12-08 12:29:33 -06:00