luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
15208 commits 1 branch 0 tags 214 MiB
Commit graph

15208 commits

This branch
This branch
All branches
Author SHA1 Message Date
Nick Cabatoff 34af6bab1e
Add a check for missing entity during local alias invalidation. (#14622) 2022-03-21 15:09:31 -04:00
Chelsea Shaw 6ca6b028f8
Run UI tests in backport/ui/ prefixed branches (#14618) 2022-03-21 13:11:20 -05:00
Jordan Reimer 6b54bd21ce
updates to logout auth method test to address failures in 1.8.x and 1.9.x versions (#14614) 2022-03-21 11:28:44 -06:00
Lars Lehtonen 431c40629c
command: fix dropped errors (#14609) 2022-03-21 11:26:38 -06:00
Victor Rodriguez d1558703dc
Double the timeout for requests in the dbplugin test helpers to avoid sporadic test failures. (#14610) 2022-03-21 11:08:05 -04:00
claire bontempo fbce5986c1
UI/Wrong sentinel error message for auth methods (#14551) 
* priortize adapter error over model error

* glimmerize message-error component

* message error tweaks

* fix glimmerize

* fix some tests

* change error handling for mount backend form

* throw API error for secret engine not mounting

* fix tests"

* fix tests

* cleanup error handling for secret engine mounts

* fix test selector

* add changelog

* STOP BEING FLAKY
 2022-03-18 16:47:42 -07:00
Angel Garbarino 2615668aad
Remove record.toJSON() (#14584) 
* fix

* test

* change back
 2022-03-18 17:08:54 -06:00
John-Michael Faircloth 3c2659b09d
oidc provider: add test case for clients sharing keys (#14555) 2022-03-18 16:21:21 -05:00
Jordan Reimer 5cbe62f416
removes test assertion for method removed from auth-jwt component (#14595) 2022-03-18 15:11:16 -06:00
Victor Rodriguez 717514c044
Use FieldData.GetOkError() to access required Transit parameters. (#14593) 
Instead of using the field FieldData.Raw, use method GetOkError() which does
type conversion but still allows to check whether a value for the parameter was
provided. Note that GetOkError() converts nil values to default or zero values,
so, for example, a nil plaintext value will result in the empty string being
encrypted.
 2022-03-18 16:10:38 -04:00
divyapola5 b354870c7c
Documentation changes in /sys/managed-keys (#14377) 
* update sample request in create managed keys

* Update documentation for curve param

* Add period at end of sentence

* Update key_bits documentation for aws and azure
 2022-03-18 14:51:24 -05:00
Hridoy Roy 7e0abe3c7e
Add Semgrep Rules to OSS (#14513) 
* add semgrep yml

* add semgrep ci job

* remove replication semgrep rule in oss

* fix makefile

* add semgrep to ci

* upwind triple if in ui.go semgrep refactoring
 2022-03-18 11:14:03 -07:00
Bryce Kalow 07044fd701
add api -> api-docs redirect (#14579) 2022-03-18 13:40:04 -04:00
Josh Black 92b97b19ed
sys/mfa/validate should forward (#14566) 2022-03-18 10:14:17 -07:00
Jordan Reimer 75c8672970
OIDC Logout Bug (#14545) 
* fixes issue with token auth selected after logging out from oidc or jwt methods

* adds changelog entry

* reverts backendType var name change in auth-form authenticate method
 2022-03-18 09:40:17 -06:00
Jordan Reimer 6b76f8f8a7
updates link-to usages to remove deprecated patterns (#14571) 2022-03-18 09:38:54 -06:00
Yoko Hyakuna f374938d31
Fix broken links referencing to API docs (#14565) 
* Fix all '/api/' to '/api-docs/'

* Minor fixes

* Undo some of the unintentional changes
 2022-03-17 18:14:48 -07:00
Angel Garbarino 08ea5f6d0a
Ember deprecations cont. (#14557) 
* fix issue

* remove unused helpers

* some renaming for clarification on the format-duration

* fix some things
 2022-03-17 16:41:41 -06:00
Pratyoy Mukhopadhyay 9aafd29540
Add mount move concepts page, update api docs (#14544) 
* Add mount move concepts page, update api docs

* some renaming and link fixing

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
 2022-03-17 14:06:35 -07:00
Rachel Culpepper d246f6746d
Update docs for change to kms_key (#14515) 
* update for change to kms_key

* fix indentation

* add ARN as option

* remove ARN

* update kms_key description
 2022-03-17 14:43:03 -05:00
Loann Le 1ef5e40d6c
New server side consistent token faq for vault 1.10 (#14550) 
* new ssct faq page

* provide links to faq

* provided lik to login mfa tutorial
 2022-03-17 12:08:27 -07:00
Loann Le a588b06978
added note (#14556) 2022-03-17 10:31:32 -07:00
Jim Kalafut 9733e8b858
Rename master key -> root key in docs (#14542) 2022-03-16 22:01:38 -07:00
Jason O'Donnell 219df7087c
identity/token: fix duplicate keys in well-known (#14543) 
* identity/token: fix duplicate kids in well-known

* Remove unused check

* changelog

* use map-based approach to dedup key IDs

* improve changelog description

* move jwks closer to usage; specify capacity

Co-authored-by: Austin Gebauer <agebauer@hashicorp.com>
 2022-03-16 18:48:10 -07:00
Angel Garbarino 993f30618e
Addressing various Ember depreciations required for 4.0 (#14532) 
* remove Ember Logger

* remove jquery

* prevent setting ember string methods on string

* remove reopen class

* Revert "remove reopen class"

This reverts commit d6a48f148617694cf7b0fc95feb30771ef982c59.

* redo

* clean up

* fix test

* Update ui/app/styles/components/tabs.scss

Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>

* fix test

* test clean up

* clean up cont.

Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
 2022-03-16 18:36:48 -06:00
Loann Le 01570eaa3a
agent injector doc for 1-10 (#14548) 2022-03-16 17:09:04 -07:00
Loann Le 80c56225dc
new vault docs (#14546) 2022-03-16 16:29:56 -07:00
Benjamin Chrobot 267e202624
docs: add missing k8s verb (#12374) 2022-03-16 14:24:19 -05:00
Chelsea Shaw 214d9e3a90
Update gitignore (#14536) 2022-03-16 13:56:51 -05:00
claire bontempo a003d9875e
UI/d3 DOM cleanup hover issue (#14493) 
* fix duplicate rendering of chart elements

* organize SVG char elements into groups, give data-test attrs

* update tests

* tweak mirage

* add fake client counting start date

* fix test

* add waitUntil

* adds changelog

* add second waituntil
 2022-03-16 13:36:41 -05:00
Hridoy Roy 0dfabe7ade
Server Side Consistency Docs (#14392) 
* partial docs

* remove unnecessary docs link

* move SSCT upgrade notes to 1.10 instead of 0.10

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* docs updates

* Update website/content/docs/configuration/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
 2022-03-16 10:20:12 -07:00
Chelsea Shaw ecd4c1e514
UI/fix kv data cache (#14489) 
* KV fetches recent version on every page, no longer disallow new version without metadata access

* Don't flash no read permissions warning

* Send noMetadataVersion on destroy if version is undefined

* test coverage

* add changelog, fix tests

* Fix failing test
 2022-03-16 11:00:08 -05:00
Lars Lehtonen 50a9dedbcb
vault/external_tests/raft: fix dropped test error (#14519) 2022-03-16 09:32:57 -06:00
Zach Stone b43ed904f2
Update mholt/archiver to v3.5.1 (#11584) 
* Update mholt/archiver to v3.5.0

* Bump archiver to 3.5.1

* Vendor dependencies

* Use newer go

* go mod tidy

* Remove vendor

* Rm vendor

* Revert api and sdk sums

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
 2022-03-16 09:42:21 -05:00
Chelsea Shaw a5a6d99d11
UI: Parse OpenAPI response correctly if schema includes $ref (#14508) 
* Parse OpenAPI response correctly if schema includes

* Add changelog

* small cleanup
 2022-03-16 09:24:07 -05:00
Nick Cabatoff 9e18350cf4
Handle the empty mount accessor case. (#14507) 2022-03-16 09:28:05 -04:00
mickael-hc ada3d31dd1
update security model (#14482) 
compromised clients are not part of vault's threat model
 2022-03-15 16:27:41 -04:00
Hridoy Roy 1558387af4
port of semgrep fixes oss (#14488) 2022-03-15 13:17:55 -07:00
Alexander Scheel ff62a34487
Update more PKI documentation (#14490) 
* Update description of certificate fetch API

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify /config/crl and /config/url PKI are empty

GET-ing these URLs will return 404 until such time as a config is posted
to them, even though (in the case of CRL), default values will be used.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify usage of /pki/crl/rotate

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update documentation around PKI key_bits

This unifies the description of key_bits to match the API description
(which is consistent across all usages).

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix indented field descriptions in PKI paths

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify documentation around serial_number

Note that this field has no impact on the actual Serial Number field and
only an attribute in the requested certificate's Subject.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix spelling of localdomain

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
 2022-03-15 14:37:26 -04:00
Pratyoy Mukhopadhyay d222981cec
Fixes from mount move testing (#14492) 
* Add validation, fix docs

* add changelog

* fmt fix

* Update vault/logical_system.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Update vault/logical_system.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Update vault/logical_system_test.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Update vault/logical_system_test.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
 2022-03-15 11:11:23 -07:00
Alexander Scheel f6712ca417
Introduce fips build tag (#14495) 
Unlike fips_140_3, fips will be a (FIPS) version-agnostic build tag.
The listener support will remain in 140-3 only, but the IsFIPS() check
should apply regardless of FIPS version.

We add two FIPS-only build files which validate the constraints of FIPS
builds here: fips must be specified with either fips_140_2 or fips_140_3
build tags, and fips and cgo must also be specified together.
Additionally, using only a version-specific FIPS build tag without the
version-agnostic FIPS tag should be a failure.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
 2022-03-15 13:04:21 -04:00
swayne275 6ae9c76970
only check Contains if IP address (#14487) 
* only check Contains if IP address

* fix typo

* add bug fix changelog
 2022-03-15 09:55:50 -06:00
Jason O'Donnell dd4a3b339e
auth/ldap: add username_as_alias config flag (#14324) 2022-03-15 10:21:40 -04:00
hghaf099 361646ab26
add MFA validation support to vault login command (#14425) 
* add MFA validation support to vault login command

* correctly report new totp code availability period
 2022-03-14 15:54:41 -04:00
Alexander Scheel d9c1314552
Fix description of StringSliceVar options (#14439) 
These options must be specified multiple times in order to be properly
parsed. However, the present description suggests that a comma-separated
list would work as well, however this isn't the case and results in a
slice containing a single string (with all comma-separated values) in
the API request. Clarify the argument help text to make this clearer.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
 2022-03-14 14:11:49 -04:00
Vinny Mannello 2290ca5e83
[VAULT-5003] Use net/http client in Sys().RaftSnapshotRestore (#14269) 
Use net/http client when body could be too big for retryablehttp client
 2022-03-14 10:13:33 -07:00
Michele Degges 528a6847a4
Temporarily turn nvd sec scanning off (#14466) 2022-03-14 10:06:06 -07:00
Victor Rodriguez e78cca413d
Document the managed key PKCS#11 parameter key_id. (#14476) 2022-03-14 12:08:14 -04:00
Anton Averchenkov c425078008
Change OpenAPI code generator to extract request objects (#14217) 2022-03-11 19:00:26 -05:00
claire bontempo ce0c872478
UI/Hide empty masked PKI row values (#14400) 
* fix empty masked inputs displaying

* Revert "fix empty masked inputs displaying"

This reverts commit 8b297df7cf971bce32d73c07fea2b1b8112c2f4b.

* fix empty masked inputs displaying

* fix info banner conditional

* add test coverage

* adds changelog

* fixes tests

* change other canParse conditional
 2022-03-11 13:55:01 -08:00