Commit graph

16872 commits

Author SHA1 Message Date
AnPucel 65e5730c6c
PKI Responses Part 4 (#18612) 2023-03-14 15:00:37 -07:00
Violet Hynes 85f845c3e0
VAULT-12798 Correct removal behaviour when JWT is symlink (#18863)
* VAULT-12798 testing for jwt symlinks

* VAULT-12798 Add testing of jwt removal

* VAULT-12798 Update docs for clarity

* VAULT-12798 Small change, and changelog

* VAULT-12798 Lstat -> Stat

* VAULT-12798 remove forgotten comment

* VAULT-12798 small refactor, add new config item

* VAULT-12798 Require opt-in config for following symlinks for JWT deletion

* VAULT-12798 change changelog
2023-03-14 15:44:19 -04:00
Anton Averchenkov e19dc98016
Ignore special HTTP fields in response validation tests (#19530) 2023-03-14 13:21:20 -04:00
Angel Garbarino 42f5894be0
Remove oracle banner (#19532)
* remove oracle banner

* add back extra test coverage for other banner

* add description
2023-03-14 15:19:46 +00:00
John-Michael Faircloth 1553c310c4
Fix a possible data race with rollback manager and plugin reload (#19468)
* fix data race on plugin reload

* add changelog

* add comment for posterity

* revert comment and return assignment in router.go

* rework plugin continue on error tests to use compilePlugin

* fix race condition on route entry

* add test for plugin reload and rollback race detection

* add go doc for test
2023-03-14 09:36:37 -05:00
Peter Wilson f7f19aab3c
add comment to explain use of math/rand package in lifetime_watcher (#19533) 2023-03-14 13:17:26 +00:00
Rachel Culpepper b04ef55f78
change mul and div functions (#19495) 2023-03-13 14:52:55 -05:00
Ashlee M Boyer 788af4a90e
Remove .mdx extension from link (#19514) 2023-03-13 15:03:06 -04:00
Alexander Scheel ab3d6d61e0
Add support for importing RSA-PSS keys into Transit (#19519)
* Add support for importing RSA-PSS keys in Transit

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-13 17:03:01 +00:00
Tom Proctor 480c1dc85b
sdk: Fix fmt + add FieldType test (#19493)
* sdk: Fix fmt + add FieldType test

* Add test comment
2023-03-10 18:07:48 +00:00
Meggie be18d6cac3
Un-hiding link to 1.13 upgrade guide (#19505)
* Un-hiding link to 1.13 upgrade guide

* Removing draft notice
2023-03-10 11:30:19 -05:00
Robert 0315efba0c
Add info about gcp service account key encoding (#19496) 2023-03-10 09:13:37 -06:00
Yoko Hyakuna e392b6650f
Remove the note about Vault not supporting number Okta verify push number challenge (#19497) 2023-03-09 16:30:49 -08:00
Marc Boudreau f286ee5b3c
Fix failing TestHCPLinkConnected Test (#19474)
* replace use of os.Unsetenv in test with t.Setenv and remove t.Parallel from test that rely on env being modified.

* experiment with using fromJSON function

* revert previous experiment

* including double quotes in the output value for the string ubuntu-latest

* use go run to launch gofumpt
2023-03-09 13:46:54 -05:00
Violet Hynes 5da90d563b
VAULT-14215 Fix panic for non-TLS listeners during SIGHUP (#19483)
* VAULT-14215 Fix panic for non-TLS listeners during SIGHUP

* VAULT-14215 Changelog

* VAULT-14215 Godoc for test
2023-03-09 10:09:16 -05:00
valli_0x 8e9680223d
bug: correct sdk handling of the zero int64 value (#18729)
* bug: correct handling of the zero int64 value

* Update changelog/18729.txt

---------

Co-authored-by: valli_0x <personallune@mail.ru>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2023-03-09 11:25:45 +00:00
claire bontempo d16f0ef9d2
UI: fix delete for SSH engine config (#19448)
* fix delete not working for ssh config

* add test

* add changelog;
2023-03-08 11:37:53 -06:00
Angel Garbarino e29f005db0
UI/vault 12818/oracle banner sll (#19019)
* glimmerize alert-banner

* structure for the DocLink todo: css important remove

* styling done. kind of strange, but should help in future

* clean up

* test coverage

* changelog

* address pr comments

* clean up

* amended language on banner to match most recent change.

* add return

* clean up

* modify the banner title and shorten message

* update language
2023-03-08 09:29:21 -07:00
Max Winslow dbbdd33c63
Change headings to h2 (#19402) 2023-03-07 15:48:51 -08:00
Ashlee M Boyer b5eab9d3a0
Delete test-link-rewrites.yml (#19467) 2023-03-07 15:16:14 -08:00
David van der Spek 7e89f3818e
UI: OIDC callback bug. (#18521)
* don't error for other message events

Signed-off-by: David van der Spek <vanderspek.david@gmail.com>

* add changelog

Signed-off-by: David van der Spek <vanderspek.david@gmail.com>

* rename release note for changelog

Signed-off-by: David van der Spek <vanderspek.david@gmail.com>

---------

Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
2023-03-07 16:23:45 +00:00
Austin Gebauer 6e18136365
ldaputil: adds comment on available text/template functions (#19469) 2023-03-06 19:38:42 -08:00
Marc Boudreau 84238dee52
Introduce GitHub Actions CI Workflow (#19449)
* Migrate subset of CircleCI ci workflow to GitHub Actions

Runs test-go and test-go-remote-docker with a static splitting of test packages

* [skip actions] add comment to explain the purpose of test-generate-test-package-lists.sh and what to do if it fails

* change trigger to push

---------

Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
2023-03-06 16:57:55 -05:00
nsimons d91d2ceaf8
Fix cubbyhole and token revocation for legacy service tokens (#19416)
* Fix cubbyhole and revocation for legacy service tokens

Legacy service tokens generated in Vault 1.10+ with env var
VAULT_DISABLE_SERVER_SIDE_CONSISTENT_TOKENS=true are not assigned
a cubbyhole ID. The implication is that cubbyhole/ cannot be
used, nor can the tokens be revoked.

This commit assigns a cubbyhole ID to these tokens and adds
a new test case to see that cubbyhole and revocation works correctly.

* add changelog

* add godoc to test cases
2023-03-06 15:09:45 -05:00
Tony Wittinger 79c0619f14
Add OpenAPI-based (Beta) (#19462)
Updated with missing OpenAPI-based Go & .NET Client Libraries (Beta) context
2023-03-06 10:57:46 -08:00
Phil Renaud d09c716e4b
Link to the Nomad tutorial for Vault as OIDC provider (#19461) 2023-03-06 10:30:14 -08:00
Angel Garbarino be2454ec1b
Pass encodeBase64 param to transit-key-actions (#19429)
* fix and test coverage

* changelog
2023-03-06 11:28:49 -07:00
miagilepner ac36b31846
VAULT-13729 activity log test godocs (#19433)
* add godocs to activity log tests

* format

* add trailing periods
2023-03-06 13:08:22 +01:00
Yoko Hyakuna 40dc1d39d9
Add more context on the Release Notes landing page (#19456)
* Add little more verbiage on the Release Notes landing page

* Add missing comma
2023-03-03 14:39:39 -08:00
prabhat-hashi e5b982199f
Docs - update ldap page to add clarity around sAMAccountName (#19450)
* Docs - update ldap page to add clarity around sAMAccountName

Updated https://developer.hashicorp.com/vault/docs/secrets/ldap#active-directory-ad-1 to clarify customers configure username properly using username_template when sAMAccountName is involved.

* Docs -  edit on last update for ldap page

Fixed the link /vault/docs/concepts/username-templating
2023-03-03 10:09:13 -08:00
Max Winslow c44f94d7ff
update entity-alias doc fix (#19435) 2023-03-03 08:16:26 -08:00
Tony Wittinger 64b4ee234d
docs: updated key size in transit documentation (#19346) 2023-03-02 16:07:40 -08:00
claire bontempo a22bb9bfcc
UI: refactor to use pki/action model for importing a pem bundle (#19425)
* rename component test file

* rename component

* rename file again..

* rename component file and remove import from issuer adapter

* rename hbs file

* update to new component name, use pki/action

* update test selectors

* update tests

* update workflow test

* add useIssuer to adapter options
2023-03-02 15:38:39 -08:00
Jordan Reimer 87c9649515
Configure Ember Data ID Generation (#19428)
* adds initializer to configure ember data id generation

* updates comments

* adds changelog entry

* adds check for id to ember data identifier config
2023-03-02 13:59:35 -07:00
Tony Wittinger 35450e247e
Updated Changelog for 1.13 and point releases (#19424)
* Updated Changelog for 1.13 and point releases

Point releases: 1.10.11, 1.11.8, 1.12.4

* update link

* Update CHANGELOG.md

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

* Fixed missing enteries

* Update CHANGELOG.md

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

---------

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
2023-03-01 18:13:45 -08:00
Kianna 6e38bb4922
UI: Use specific date in clients activity test (#19419)
* Use specific date in clients activity test

* Remove add and subtracting months twice
2023-03-01 13:41:50 -08:00
akshya96 09057073ae
Vault Status Command Differs Depending on Format (#19361)
* vault-issue-9185

* removing new lines:

* removing new space

* fix grammar

* change field name
2023-03-01 12:57:53 -08:00
Alexander Scheel dabe38dcc1
Document RSA operations (#19377)
Also clarify hash function choices.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-01 13:35:35 -05:00
Mark Sailes 4c3c56dee4
Remove the Lambda SnapStart incompatibility notice. (#19394) 2023-03-01 18:13:18 +00:00
Kianna 7204439960
UI: VAULT-13782 VAULT-13794 pki ui improvements for phase two (#19312)
* VAULT-13782 move keys tab next to issuers

* VAULT-13794 move private_key_format to key paramter toggle

* Fix failing tests!

* Move format and private key format out

* Address feedback and fix not valid after spacing

* Add more spacing and code cleanup

* Remove engines stylesheet

* Remove class conditional logic
2023-03-01 07:29:35 -08:00
Malte S. Stretz 320f46ba8a
Add documentation for tls_max_version (#19398) 2023-03-01 14:45:04 +00:00
Max Winslow 109fbe06bb
change verbiage for lookup group and entity (#19406) 2023-02-28 12:40:38 -08:00
Jordan Reimer 07ce9ba30b
Identity manager secure context fallback (#19403)
* adds check for isSecureContext in identity-manager and falls back to incrementing ids

* adds uuid package to replace crypto.randomUUID

* adds test for okta number challenge nonce value validation
2023-02-28 12:26:10 -07:00
Austin Gebauer 10fe43701f
docs/ad: adds deprecation announcements and migration guide (#19388)
* docs/ad: adds deprecation announcements and migration guide

* fix table ending

* remove fully-qualified links

* Minor format fixes - migrationguide

* Update website/content/docs/secrets/ad/migration-guide.mdx

Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>

* Update website/content/docs/secrets/ad/migration-guide.mdx

Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>

---------

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>
2023-02-28 10:41:59 -08:00
Anton Averchenkov f19bcd79c5
Remove 'openldap' from gen_openapi.sh (#19401) 2023-02-28 13:24:11 -05:00
Alexander Scheel 2970b15a63
Add docs on FIPS Inside vs Seal Wrap (#19310)
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-28 10:22:17 -05:00
Alexander Scheel 76269dfab9
Fix PKI Synopsis, add Transit help text and casing fixes (#19395)
* Fix synopsis for PKI subcommand

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add transit command for synopsis, help text

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix nits around spacing

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-28 14:43:05 +00:00
Yoko Hyakuna cd7f7cc131
Vault 1.13.0 Release Notes (#19360)
* Adding Vault 1.13.0 Release Notes

* Add OpenAPI Go and .NET client libraries to the list

* Add the 'UI wizard removal' to the release note
2023-02-27 12:44:13 -08:00
Rowan Smith 4fd467a53b
approle naming syntax documentation (#19369)
Documentation does not currently detail the accepted naming scheme for approle roles, this aims to provide clarity based on customer feedback. https://github.com/hashicorp/vault/blob/main/sdk/framework/path.go#L16-L18 details the regex used.
2023-02-27 12:08:15 -08:00
Alexander Scheel 7182949029
Fix transit byok tool, add docs, tests (#19373)
* Fix Vault Transit BYOK helper argument parsing

This commit fixes the following issues with the importer:

 - More than two arguments were not supported, causing the CLI to error
   out and resulting in a failure to import RSA keys.
 - The @file notation support was not accepted for KEY, meaning
   unencrypted keys had to be manually specified on the CLI.
 - Parsing of additional argument data was done in a non-standard way.
 - Fix parsing of command line options and ensure only relevant
   options are included.

Additionally, some error messages and help text was clarified.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add missing documentation on Transit CLI to website

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add tests for Transit BYOK vault subcommand

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Appease CI

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-27 18:25:38 +00:00