* alphabetize utils
* add util to add namespace key
* finish filtering
* add fake data for filtering
* address comments
* add empty state for no new client counts, when filtered by namespace
* fix mirage clients linting
* re-add namespaces to month object
* clean up filtering
* add tests and refactor accordingly
* fix tooltip bug and chart new month client chart not rendering
* filter out undefined
* optional method chaining
* add filter and fix ticks for line chart
* fix axes domains
* fix average calculation
* Add server information as well as ability to collect metrics from DR secondary
* Update debug docs
Adding additional information around ability to gather metrics from DR secondary
* Fix broken link in updated doc
* Create 15316.txt
Create changelog entry
* Fix Formatting
* Update website/content/docs/commands/debug.mdx
Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
* Update changelog/15316.txt
Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
* Trigger Build
Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
This requires bumping https://github.com/mitchellh/go-testing-interface.
For this new version, we have to create a wrapper to convert
the stdlib `testing.TB` interface to the
`mitchellh/go-testing-interface` `T` interface, since it uses
`Parallel()` now, which is not supported by `testing.TB`. This had to be
added to a new package, `benchhelpers`, to avoid a circular dependency
in `testhelpers`.
We also have to *unbump* https://github.com/armon/go-metrics since
updating it breaks our usage of
https://github.com/google/go-metrics-stackdriver
I verified that the new `pkiCert` template function works with agent
injection using annotations like:
```yaml
vault.hashicorp.com/agent-inject-secret-sample.crt: "pki/issue/example-dot-com"
vault.hashicorp.com/agent-inject-template-sample.crt: |
{{ pkiCert "pki/issue/example-dot-com" "common_name=foo.example.com" "ttl=1h" }}
```
* base sys/license/status mock times based on current timestamp
* add missing trailing commas
* license specific test selector
Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
For some reason, GOPATH is being overridden in the `go mod download`
step after the latest machine image update in #15215.
This causes all of the modules to be downloaded to the
`/home/circleci/.go_workspace` cache instead of `/home/circleci/go` like
we require for the build (which will otherwise fail since we build with
`GOPROXY=off`).
Without this fix, the build will start to fail once the existing cache
is no longer used (after the root `go.mod`) is updated.
* setup
* add new clients to attribution
* refactor serializers, move to util folder
* cleanup export csv generator
* fix isDateRange getter
* remove new chart from partial/current month
* fix export modal text
* update version history text
* update variable naming, remove new client data from current/partial month
* add filtering by namespace to month over month charts
* remove filtering for namespace by month, need to change serializer
* add checks
* update horizontal bar chart test
* update tests
* cleanup
* address comments
* fix flakey test
* add new counts to export
Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
* Allow callers to choose the entropy source for the random endpoints
* Put source in the URL for sys as well
* changelog
* docs
* Fix unit tests, and add coverage
* refactor to use a single common implementation
* Update documentation
* one more tweak
* more cleanup
* Readd lost test expected code
* fmt
* Upgrade CircleCI machine image
* setting the path for ci-verify
* create GOPATH/bin
This is because CI failed with
cp: cannot create regular file '/home/circleci/go/bin/': Not a directory
* Update .circleci/config/jobs/pre-flight-checks.yml
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
* updating config.yml
* source BASH_ENV
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
* WIP: output policy
* Outputs example policy HCL for given request
* Simplify conditional
* Add PATCH capability
* Use OpenAPI spec and regex patterns to determine if path is sudo
* Add test for isSudoPath
* Add changelog
* Fix broken CLI tests
* Add output-policy to client cloning code
* Smaller fixes from PR comments
* Clone client instead of saving and restoring custom values
* Fix test
* Address comments
* Don't unset output-policy flag on KV requests otherwise the preflight request will fail and not populate LastOutputPolicyError
* Print errors saved in buffer from preflight KV requests
* Unescape characters in request URL
* Rename methods and properties to improve readability
* Put KV-specificness at front of KV-specific error
* Simplify logic by doing more direct returns of strings and errors
* Use precompiled regexes and move OpenAPI call to tests
* Remove commented out code
* Remove legacy MFA paths
* Remove unnecessary use of client
* Move sudo paths map to plugin helper
* Remove unused error return
* Add explanatory comment
* Remove need to pass in address
* Make {name} regex less greedy
* Use method and path instead of info from retryablerequest
* Add test for IsSudoPaths, use more idiomatic naming
* Use precompiled regexes and move OpenAPI call to tests (#15170)
* Use precompiled regexes and move OpenAPI call to tests
* Remove commented out code
* Remove legacy MFA paths
* Remove unnecessary use of client
* Move sudo paths map to plugin helper
* Remove unused error return
* Add explanatory comment
* Remove need to pass in address
* Make {name} regex less greedy
* Use method and path instead of info from retryablerequest
* Add test for IsSudoPaths, use more idiomatic naming
* Make stderr writing more obvious, fix nil pointer deref
VAULT-5827 Don't prepare SQL queries before executing them
We don't support proper prepared statements, i.e., preparing once and
executing many times since we do our own templating. So preparing our
queries does not really accomplish anything, and can have severe
performance impacts (see
https://github.com/hashicorp/vault-plugin-database-snowflake/issues/13
for example).
This behavior seems to have been copy-pasted for many years but not for
any particular reason that we have been able to find. First use was in
https://github.com/hashicorp/vault/pull/15
So here we switch to new methods suffixed with `Direct` to indicate
that they don't `Prepare` before running `Exec`, and switch everything
here to use those. We maintain the older methods with the existing
behavior (with `Prepare`) for backwards compatibility.
* fixes issues in key-edit component
* adds capabilities checks for keys and providers
* adds distribute component to key and provider edit
* adds wizard steps for kmse
* fix raft tls key rotation panic when rotation time in past
* add changelog entry
* push out next raft TLS rotation time in case close to elapsing
* consolidate tls key rotation duration calculation
* reduce raft getNextRotationTime padding to 10 seconds
* move tls rotation ticker reset to where its duration is calculated