Commit graph

13768 commits

Author SHA1 Message Date
Danny Hermes a4bb9baf48
Typo fix: period rotation -> periodic rotation (#12011) 2021-07-08 10:45:49 -04:00
Lars Lehtonen 0196f43cbe
builtin/logical/pki: fix dropped test errors (#12013) 2021-07-08 10:14:38 -04:00
claire bontempo 08d117ae5b
Adds transform secrets engine to feature (#12003)
* adds transform secrets engine to features list
2021-07-07 16:14:54 -07:00
Angel Garbarino c56069990a
UI KV validation fix (#12010)
* fix validation

* clean up
2021-07-07 13:48:32 -06:00
Pratyoy Mukhopadhyay adbaad17db
[VAULT-708] Zero out request counter on preSeal (#11970)
* [VAULT-708] Zero out request counter on preSeal

* [VAULT-708] Added changelog entry

* [VAULT-708] Add comment clarifying request counter zeroing
2021-07-07 14:03:39 -05:00
Josh Black 3e8d8dda6b
Update vault-plugin-secrets-kv to 0.9.0 (#12007) 2021-07-07 11:48:00 -07:00
hghaf099 fedc31e905
Diagnose warns if HTTPS is not used for ha-storage-tls-consul [VAULT-2773] (#11967)
* Diagnose warns if HTTPS is not used for ha-storage-tls-consul

* Skipping TLS verification if https is not used in ha storage tls consul

* Adding diagnose skip message for consul service registration
2021-07-07 14:35:25 -04:00
claire bontempo 9df804e8d7
updates transit icons to keys (#12000) 2021-07-07 11:26:28 -07:00
Angel Garbarino 5fe59a685b
Reverting fix on KV 2 for duplicate paths (#12008)
* revert changes

* changelog

* add test coverage for max versions
2021-07-07 11:50:00 -06:00
Jason O'Donnell 0bc339a2f8
docs: add SSL connection example to oracle (#12006)
* docs: add SSL connection example to oracle

* Fix link

* Add quotes to path
2021-07-07 12:47:49 -04:00
Nick Cabatoff e49f125fe5
Return a more meaningful error when trying to use a partially-replicated token. (#11993) 2021-07-07 08:43:58 -04:00
Pratyoy Mukhopadhyay a8b62bd93e
[VAULT-1981] Add OSS changes (#11999) 2021-07-06 17:12:24 -05:00
swayne275 6664846a65
Vault-2713: Retry Irrevocable Lease Revocation Periodically (#11977)
* prototype function to retry irrevocable lease revocation, clean up comment

* setup irrevocable lease revoke retry on expiration manager creation

* reduce expiration lag to 1 hour, use core context and timeout on retry attempts

* add lease namespace to revocation call

* start irrevocable revocation attempts in setupExpiration

* grab reference to channel to avoid race test failures
2021-07-06 15:05:04 -06:00
MilenaHC 4430a11bc5
Update SnowflakeDB plugin to v0.2.0 (#11997)
* update snowflake database plugin to v0.2.0

* add changelog

* update api-docs
2021-07-06 13:23:03 -05:00
Jason O'Donnell 5a3bf9b506
docs: fix link rendering for Oracle (#11994)
* docs: fix link rendering for Oracle

* Fix render
2021-07-06 13:25:36 -04:00
Nick Cabatoff a2dcb131ee
vault delete should allow the same output options as vault write,… (#11992)
* `vault delete` and `vault kv delete` should allow the same output options as `vault write`, as delete operations can similarly return data.  This is needed if you want to use control groups with deletion.
2021-07-06 10:36:07 -04:00
John-Michael Faircloth 1da8bb0a25
MongoDB Atlas: Add username customization docs (#11943)
* MongoDB Atlas: Add username customization docs

* add changelog

* remove changelog; it was added to the relevant go.mod update PR
2021-07-06 08:24:23 -05:00
John-Michael Faircloth aa6afd50f6
Update mongodb atlas plugin version (#11956)
* Update mongodb atlas plugin version

* go.mod was missing mongodbatlas plugin

* add changelog

* update build-go-dev circle ci job GOPROXY

* Revert "update build-go-dev circle ci job GOPROXY"

This reverts commit 0e6f339c779dac65ecb036735199f72d3d9e6a4a.

* ci: more complete go mod cache

* ci: doc use of go list ./... to populate mod cache

Co-authored-by: Sam Salisbury <samsalisbury@gmail.com>
2021-07-06 08:24:10 -05:00
Lars Lehtonen 159272db7f
builtin/credential/approle: fix dropped test errors (#11990) 2021-07-05 11:00:12 -04:00
Sam Salisbury 8201b42651
fix vault version string injection (#11981)
- Now we are not vendoring, the path needed to reflect that.
2021-07-05 15:10:41 +01:00
John-Michael Faircloth 9832517d27
[ldap] auth method fix request_timeout (#11975)
* [ldap] auth method fix request_timeout

* add changelog

* Update sdk/helper/ldaputil/config_test.go

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

* Update sdk/helper/ldaputil/config_test.go

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

* Update changelog/11975.txt

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
2021-07-01 13:33:01 -05:00
Mike Green 7878db7c2c
Add link to newish learn upgrade guide (#11748) 2021-07-01 08:12:57 -07:00
Pratyoy Mukhopadhyay c7e6a07939
Augment lease revocation metrics (#11954)
* [VAULT-1982] Add metric for irrevocable leases

* [VAULT-1982] Add metric for tracking worker count per queue

* [VAULT-1982] Update external docs

* [VAULT-1982] Add nil check on metrics sink

* [VAULT-1982] Update metric name, fix access patterns

* [VAULT-1982] Add locking when marking leases as irrevocable

* [VAULT-1982] Remove workers per mount metric

* [vault-1982] Misc review fixes

* [VAULT-1982] minor refactor

* [VAULT-1982] Add/update some comments
2021-06-30 14:37:36 -07:00
swayne275 fd517e6114
remove trailing / on leases API endpoint (#11959) 2021-06-30 13:02:26 -06:00
swayne275 f882c31856
update oss files with changes from ent PR #1928 (#11965) 2021-06-29 15:02:30 -06:00
Nick Cabatoff 7ad3f74e07
Add overlooked 1.7 agent cache eventual consistency options. (#11964) 2021-06-29 15:36:10 -04:00
Austin Gebauer b34e24fa64
docs: AWS KMS updates for key management secrets engine (#11958) 2021-06-29 10:31:25 -07:00
MilenaHC 02d45f3a66
Update ElasticSearch DB plugin to v0.8.0 (#11957)
* update elasticsearch database plugin to v0.8.0

* add changelog

* update api-docs
2021-06-29 08:07:00 -05:00
Lars Lehtonen 27679e4fda
fix dropped errors in external_tests (#11947)
* vault/external_tests/token: fix dropped test error

* vault/external_tests/identity: fix dropped test errors
2021-06-29 09:04:26 -04:00
swayne275 67bc4fdabd
Require special privileges to list irrevocable leases (#11888)
* add leases path to sudo required set

* update TestSystemBackend_RootPaths with new special privilege paths

* note that list-leases requires sudo

* minor typo fixes
2021-06-28 16:51:47 -06:00
Sam Salisbury e7bbd110ad
ci: update go_test to match one from ent (#11951) 2021-06-28 16:07:00 +01:00
Theron Voran 52f78f1d54
Adding changelog for #11502 (#11944) 2021-06-25 15:41:08 -07:00
Hridoy Roy f3895f7cce
oss part of license diagnose (#11939) 2021-06-25 14:18:34 -07:00
swayne275 597c3d1296
Vault-1983: Use fairsharing to distribute workers between queues (#11789)
* prelim fairshare prototype, untested and prototype status

* add tests for new fairshare infra - this likely fails tests for being racy

* probably fix races for code and test

* one more lock to fix for races

* fairsharing queue work distribution, tests, fixes, etc

* comment, shorten wait time

* typos and comments

* fix inverted worker count logic

* Update helper/fairshare/jobmanager.go

typo

* Update helper/fairshare/jobmanager.go

clarify comment

* move back to round robin between queues

* improvements from self review

* add job manager stress test
2021-06-25 14:06:49 -06:00
Jason O'Donnell b2c9b3c344
plugins/ad: Add rotate-role endpoint (#11942)
* plugins/ad: add rotate-role

* Add doc

* changelog

* Add note about rotate-role in overview
2021-06-25 14:00:03 -04:00
Sam Salisbury d4fa62e979
ci: cache go modules (#11935) 2021-06-25 17:17:05 +01:00
Theron Voran 5c5a57626e
docs: vault-helm add license update steps (#11911)
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-06-25 08:49:48 -07:00
Kendall Strautman 2b71472d37
chore: upgrade react-head and deps (#11938) 2021-06-25 11:38:17 -04:00
hghaf099 6d7dbc85b5
diagnose: Add seal transit tls check (#11922)
* diagnose: Add seal transit tls check

* Fixing the path to the config file and the path to the cert files

* Addressing comment

* Addressing seal transit tls check comments
2021-06-24 18:30:42 -04:00
Jason O'Donnell b2b25be0ce
agent/template: add static_secret_render_interval configurable (#11934)
* agent/template: add default_lease_duration config

* go mod tidy

* Add changelog

* Fix panic

* Add documentation

* Change to static_secret_render_interval

* Update doc

* Update command/agent/template/template.go

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update changelog/11934.txt

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/agent/template-config.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-06-24 15:40:31 -04:00
Hridoy Roy a8cc5e4557
TLS Verification Bugfixes (#11910)
* tls verification bugfix

* tls verification bugfix

* allow diagnose fail to report status when there are also warnings

* allow diagnose fail to report status when there are also warnings

* Update vault/diagnose/helpers_test.go

Co-authored-by: swayne275 <swayne275@gmail.com>

* comments

Co-authored-by: swayne275 <swayne275@gmail.com>
2021-06-24 10:43:49 -07:00
mr-miles 9e031b5766
Mongo doesnt allow periods in usernames (#11872)
* mongo doesnt allow periods in usernames

* Update mongodb.mdx

Update template in docs

* Move replace to the end

* Adding a test for dot replacement

* Create 11872.txt
2021-06-24 13:26:31 -04:00
Marc Boudreau 3c35a25d36
Fix for Issue 11863 - Panic when creating/updating approle role with token_type (#11864)
* initializing resp variable with aa *logical.Response before using it to add warning for default-service or default-batch token type.  Also adding guard around code that sets resp to a new logical.Response further on in the function.

* adding changelog entry

* renaming changelog file to match PR number
2021-06-24 13:03:41 -04:00
Hridoy Roy e2614979f7
Diagnose Storage Panic Bugfixes (#11923)
* partial

* fix raft panics and ensure checks are skipped if storage isnt initialized

* cleanup directories

* newline

* typo in nil check

* another nil check
2021-06-24 09:56:38 -07:00
Mike Wickett 6b5d1ab4dc
update content param for improved attribution (#11929) 2021-06-24 11:12:37 -04:00
hghaf099 4495b932d8
Fix diagnose panic when configuration file does not exist (#11932)
* Fix diagnose panic when configuration file does not exist

* Addressing comments

* Update command/operator_diagnose.go

Co-authored-by: Hridoy Roy <roy@hashicorp.com>

Co-authored-by: Hridoy Roy <roy@hashicorp.com>
2021-06-23 18:35:52 -04:00
Nick Cabatoff ccae681628
Remove fragile link to docs from code. (#11928) 2021-06-23 15:43:44 -04:00
Zachary Shilton c15945cfc9
website: bump use-cases to latest (#11930)
* website: bump use-cases to latest

* chore: bump use-cases to stable release
2021-06-23 15:20:05 -04:00
Austin Gebauer 920b75540e
docs: corrects json and issuer for identity tokens (#11924) 2021-06-23 09:04:23 -07:00
Zachary Shilton 1ae5953e27
website: upgrade code block (#11903) 2021-06-22 17:39:02 -04:00