Commit graph

14844 commits

Author SHA1 Message Date
Jordan Reimer 75c8672970
OIDC Logout Bug (#14545)
* fixes issue with token auth selected after logging out from oidc or jwt methods

* adds changelog entry

* reverts backendType var name change in auth-form authenticate method
2022-03-18 09:40:17 -06:00
Jordan Reimer 6b76f8f8a7
updates link-to usages to remove deprecated patterns (#14571) 2022-03-18 09:38:54 -06:00
Yoko Hyakuna f374938d31
Fix broken links referencing to API docs (#14565)
* Fix all '/api/' to '/api-docs/'

* Minor fixes

* Undo some of the unintentional changes
2022-03-17 18:14:48 -07:00
Angel Garbarino 08ea5f6d0a
Ember deprecations cont. (#14557)
* fix issue

* remove unused helpers

* some renaming for clarification on the format-duration

* fix some things
2022-03-17 16:41:41 -06:00
Pratyoy Mukhopadhyay 9aafd29540
Add mount move concepts page, update api docs (#14544)
* Add mount move concepts page, update api docs

* some renaming and link fixing

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/mount-migration.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-03-17 14:06:35 -07:00
Rachel Culpepper d246f6746d
Update docs for change to kms_key (#14515)
* update for change to kms_key

* fix indentation

* add ARN as option

* remove ARN

* update kms_key description
2022-03-17 14:43:03 -05:00
Loann Le 1ef5e40d6c
New server side consistent token faq for vault 1.10 (#14550)
* new ssct faq page

* provide links to faq

* provided lik to login mfa tutorial
2022-03-17 12:08:27 -07:00
Loann Le a588b06978
added note (#14556) 2022-03-17 10:31:32 -07:00
Jim Kalafut 9733e8b858
Rename master key -> root key in docs (#14542) 2022-03-16 22:01:38 -07:00
Jason O'Donnell 219df7087c
identity/token: fix duplicate keys in well-known (#14543)
* identity/token: fix duplicate kids in well-known

* Remove unused check

* changelog

* use map-based approach to dedup key IDs

* improve changelog description

* move jwks closer to usage; specify capacity

Co-authored-by: Austin Gebauer <agebauer@hashicorp.com>
2022-03-16 18:48:10 -07:00
Angel Garbarino 993f30618e
Addressing various Ember depreciations required for 4.0 (#14532)
* remove Ember Logger

* remove jquery

* prevent setting ember string methods on string

* remove reopen class

* Revert "remove reopen class"

This reverts commit d6a48f148617694cf7b0fc95feb30771ef982c59.

* redo

* clean up

* fix test

* Update ui/app/styles/components/tabs.scss

Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>

* fix test

* test clean up

* clean up cont.

Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
2022-03-16 18:36:48 -06:00
Loann Le 01570eaa3a
agent injector doc for 1-10 (#14548) 2022-03-16 17:09:04 -07:00
Loann Le 80c56225dc
new vault docs (#14546) 2022-03-16 16:29:56 -07:00
Benjamin Chrobot 267e202624
docs: add missing k8s verb (#12374) 2022-03-16 14:24:19 -05:00
Chelsea Shaw 214d9e3a90
Update gitignore (#14536) 2022-03-16 13:56:51 -05:00
claire bontempo a003d9875e
UI/d3 DOM cleanup hover issue (#14493)
* fix duplicate rendering of chart elements

* organize SVG char elements into groups, give data-test attrs

* update tests

* tweak mirage

* add fake client counting start date

* fix test

* add waitUntil

* adds changelog

* add second waituntil
2022-03-16 13:36:41 -05:00
Hridoy Roy 0dfabe7ade
Server Side Consistency Docs (#14392)
* partial docs

* remove unnecessary docs link

* move SSCT upgrade notes to 1.10 instead of 0.10

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* docs updates

* Update website/content/docs/configuration/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-03-16 10:20:12 -07:00
Chelsea Shaw ecd4c1e514
UI/fix kv data cache (#14489)
* KV fetches recent version on every page, no longer disallow new version without metadata access

* Don't flash no read permissions warning

* Send noMetadataVersion on destroy if version is undefined

* test coverage

* add changelog, fix tests

* Fix failing test
2022-03-16 11:00:08 -05:00
Lars Lehtonen 50a9dedbcb
vault/external_tests/raft: fix dropped test error (#14519) 2022-03-16 09:32:57 -06:00
Zach Stone b43ed904f2
Update mholt/archiver to v3.5.1 (#11584)
* Update mholt/archiver to v3.5.0

* Bump archiver to 3.5.1

* Vendor dependencies

* Use newer go

* go mod tidy

* Remove vendor

* Rm vendor

* Revert api and sdk sums

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2022-03-16 09:42:21 -05:00
Chelsea Shaw a5a6d99d11
UI: Parse OpenAPI response correctly if schema includes $ref (#14508)
* Parse OpenAPI response correctly if schema includes

* Add changelog

* small cleanup
2022-03-16 09:24:07 -05:00
Nick Cabatoff 9e18350cf4
Handle the empty mount accessor case. (#14507) 2022-03-16 09:28:05 -04:00
mickael-hc ada3d31dd1
update security model (#14482)
compromised clients are not part of vault's threat model
2022-03-15 16:27:41 -04:00
Hridoy Roy 1558387af4
port of semgrep fixes oss (#14488) 2022-03-15 13:17:55 -07:00
Alexander Scheel ff62a34487
Update more PKI documentation (#14490)
* Update description of certificate fetch API

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify /config/crl and /config/url PKI are empty

GET-ing these URLs will return 404 until such time as a config is posted
to them, even though (in the case of CRL), default values will be used.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify usage of /pki/crl/rotate

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update documentation around PKI key_bits

This unifies the description of key_bits to match the API description
(which is consistent across all usages).

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix indented field descriptions in PKI paths

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify documentation around serial_number

Note that this field has no impact on the actual Serial Number field and
only an attribute in the requested certificate's Subject.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix spelling of localdomain

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-03-15 14:37:26 -04:00
Pratyoy Mukhopadhyay d222981cec
Fixes from mount move testing (#14492)
* Add validation, fix docs

* add changelog

* fmt fix

* Update vault/logical_system.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Update vault/logical_system.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Update vault/logical_system_test.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Update vault/logical_system_test.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
2022-03-15 11:11:23 -07:00
Alexander Scheel f6712ca417
Introduce fips build tag (#14495)
Unlike fips_140_3, fips will be a (FIPS) version-agnostic build tag.
The listener support will remain in 140-3 only, but the IsFIPS() check
should apply regardless of FIPS version.

We add two FIPS-only build files which validate the constraints of FIPS
builds here: fips must be specified with either fips_140_2 or fips_140_3
build tags, and fips and cgo must also be specified together.
Additionally, using only a version-specific FIPS build tag without the
version-agnostic FIPS tag should be a failure.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-03-15 13:04:21 -04:00
swayne275 6ae9c76970
only check Contains if IP address (#14487)
* only check Contains if IP address

* fix typo

* add bug fix changelog
2022-03-15 09:55:50 -06:00
Jason O'Donnell dd4a3b339e
auth/ldap: add username_as_alias config flag (#14324) 2022-03-15 10:21:40 -04:00
hghaf099 361646ab26
add MFA validation support to vault login command (#14425)
* add MFA validation support to vault login command

* correctly report new totp code availability period
2022-03-14 15:54:41 -04:00
Alexander Scheel d9c1314552
Fix description of StringSliceVar options (#14439)
These options must be specified multiple times in order to be properly
parsed. However, the present description suggests that a comma-separated
list would work as well, however this isn't the case and results in a
slice containing a single string (with all comma-separated values) in
the API request. Clarify the argument help text to make this clearer.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-03-14 14:11:49 -04:00
Vinny Mannello 2290ca5e83
[VAULT-5003] Use net/http client in Sys().RaftSnapshotRestore (#14269)
Use net/http client when body could be too big for retryablehttp client
2022-03-14 10:13:33 -07:00
Michele Degges 528a6847a4
Temporarily turn nvd sec scanning off (#14466) 2022-03-14 10:06:06 -07:00
Victor Rodriguez e78cca413d
Document the managed key PKCS#11 parameter key_id. (#14476) 2022-03-14 12:08:14 -04:00
Anton Averchenkov c425078008
Change OpenAPI code generator to extract request objects (#14217) 2022-03-11 19:00:26 -05:00
claire bontempo ce0c872478
UI/Hide empty masked PKI row values (#14400)
* fix empty masked inputs displaying

* Revert "fix empty masked inputs displaying"

This reverts commit 8b297df7cf971bce32d73c07fea2b1b8112c2f4b.

* fix empty masked inputs displaying

* fix info banner conditional

* add test coverage

* adds changelog

* fixes tests

* change other canParse conditional
2022-03-11 13:55:01 -08:00
claire bontempo 8844895745
fix flaky clients current test (#14471) 2022-03-11 13:52:02 -08:00
swayne275 ec4d013047
add tip for how to force a secrets engine disable (#14363)
* add tip for how to force a secrets engine disable

* add warning to force disable secrets instructions

* clean up wording

* add force secrets engine disable info to api doc

* Update website/content/api-docs/system/mounts.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/mounts.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/mounts.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/mounts.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/mounts.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/commands/secrets/disable.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/commands/secrets/disable.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* feedback updates

* impl taoism feedback

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-03-11 11:43:59 -07:00
Peter Sonnek c3dea33e92
added add_basic_constraints parameter to PKI API docs (#14457)
* added add_basic_constraints parameter to PKI API docs

Added add_basic_constraints parameter to PKI API docs for Generate Intermediate. 

Copied description from ba533d006f/builtin/logical/pki/path_intermediate.go (L34-L37)
2022-03-11 10:52:26 -05:00
Guillaume 6178f4e060
Added Enigma Vault secret plugin. Designed to be simple but complete, a good starting point for plugin developers (#14389) 2022-03-11 08:33:48 -05:00
Nick Cabatoff 57c6064863
Update error codes that are retried. (#14447) 2022-03-10 15:09:45 -05:00
Peter-Gess 5497f5e8d2
Fixing typo from "fo" to "of" (#14445) 2022-03-10 11:56:28 -08:00
Nick Cabatoff 6fc5a5d165
Add a place for us to link to external plugin examples/guides. (#14414) 2022-03-10 14:29:29 -05:00
Jim Kalafut c2f4dbc83a
Revert "Remove docs changes from CODEOWNERS" (#14442)
It was determined that it would be better to have these changes alert
the docs team. Additional guidance is in place to not approve docs+code
PRs ahead of code review.

This reverts commit 6d16840f605c1b58ce0b572274edf96c6d0e0b7f.
2022-03-10 11:21:35 -08:00
Jordan Reimer b49f77fa91
updates mfa-form to show push methods with placeholder for multi method enforcements (#14430) 2022-03-10 07:59:22 -07:00
Chelsea Shaw c6318713ee
UI/add managed ns redirect prefix (#14422)
* The UI redirects to properly prefixed namespace if some other namespace is passed instead, with tests

* Fix ordering

* Add changelog
2022-03-10 08:26:33 -06:00
Alvin Huang 40e24f3688
rename Dockerfile build-arg VERSION to PRODUCT_VERSION (#14369) 2022-03-10 12:59:30 +00:00
Austin Gebauer d016b67915
identity/oidc: prevent key rotation on performance secondary clusters (#14426) 2022-03-09 15:41:02 -08:00
naseemkullah 0667cb8b76
Update index.mdx (#14161) 2022-03-09 14:15:05 -08:00
VAL 94fcca09e3
Remove unneeded comments (#14423) 2022-03-09 11:37:18 -08:00