* Can see list of roles, templates, and alphabets when you click on corresponding tab inside a transform secrets engine
* Cannot click on items in list other than transformations
* Can create a new transform role from the empty state or toolbar
* Creating a role redirects to the view of that role
* Breadcrumb links on transform roles work
* Role create form handles error
* Add new Database v5 interface with gRPC client & server
This is primarily for making password policies available to the DB engine, however since there are a number of other problems with the current interface this is getting an overhaul to a more gRPC request/response approach for easier future compatibility.
This is the first in a series of PRs to add support for password policies in the combined database engine
* TLS Cert Authentication example updates
- Updated the Cert Auth example description to clarify which CA
should issue the certificate.
- Removed `-ca-cert` parameter from examples as this caused
confusion. Is this the auth CA or the CA of the listener?
* Return CA parameter to examples, add Note
- Returned CA parameter to login examples
- Added note above examples to explain which CA is being used in CLI
- Updated examples in API doc to use httpS
- Added note above login example to explain wich CA is being used
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
* first cherry pick
* fix cli clipboard copy text for masking vs fpe
* dynamically setup copy commands for cli copy button
* add backend to cli clipboard text
* add capabilities cherry pick
* setup modal
* handle error response in Modal
* pass in type to info table row so can handle array specific
* remove todo
* Add date/time argument type.
* Add an argument to select which time formats are valid.
* Increase minimum date for epoch timestamps to avoid ambiguity.
* secrets/ssh: allow algorithm_signer to use the key's default algo
* add test for ed25519 key signing
* test: add role upgrade test case
* test: rename and add more test cases
* test: clean up tests cases, fix broken test case on expected error
* test: fix broken test case on expected error
* Ui/transform enable (#9647)
* Show Transform on engines list if enterprise
* Add box-radio component
* Add is-disabled styling for box-radio and fix tooltip styling when position: above
* Add KMIP and Transform to possible features on has feature helper
* Sidebranch: Transform Secret Engine Initial setup (#9625)
* WIP // list transforms, console.logs and all
* setup LIST transformations ajax request and draft out options-for-backend options
* change from plural to singluar and add transform to secret-edit
* create two transform edit components
* modify transform model with new attrs
* add adapterFor to connect transform adapter to transform-edit-form component
* setup Allowed roles searchSelect component to search over new transform/role adapter and model.
* clean up for PR
* clean up linting errors
* restructure adapter call, now it works.
* remove console
* setup template model for SearchSelect component
* add props to form field and search select for styling
Co-authored-by: Chelsea Shaw <chelshaw.dev@gmail.com>
* Ui/transform language fixes (#9666)
* Update casing and wording on Transform list route. Use generic list item for transformations
* Add back js file for transformation-edit
* Set up transform for tabs
* Ui/create edit transformation fixes (#9668)
* add conditional for masking vs tweak source based on type, and update text for create transformation
* change order
* fix error with stringArray
* setup the edit/delete transformation view
* clean up toolbar links
* setup serializer to change response of mask character from keycode to character
* change styling of label and sub-text size, confirmed with design
* temp fix on templates vs template
* add clickable list item
* add space between template list
* setup styling and structure for the rest of the show transformation. TODO: turn into components.
* create transform-show-transformation component
* add attachCapabilities to transform model and update transform-transformation-itme list accordingly
* clean up liniting errors
* address pr comments
* remove leftover
* clean up
* Sidebranch: UI transform create and edit clean up (#9778)
* clean up some of the TODOs
* setup edit view with read only attributes for name and template
* setup initial selected for search select component
* fixes
* hide templates form field for now
* set selectLimit for search select component
* hide power select if the select limit is greater than or equal to the selectedOptions length
* clean up failing linting
* address pr comments
* Ui/fix list roles transformation (#9788)
* Update search-select to pass backend to query if exists
* Update role and template adapters
* cleanup
* Fix replace with static string
* Ui/transform cleanup 2 (#9789)
* amend encode/decode commands for now until design gets back with more details
* restrict character count on masking input field
* clean up selectLimit
* show backend instead of transform in cli copy command
* Show KMIP un-selectable if enterprise but no ADP module (#9780)
* New component transform-edit-base
* Duplicate RoleEdit as TransformEditBase and swap in all transform components
* Roll back role-edit changes
* Update to transform edit base
* Remove extraeneous set backend type on transform components
* formatting
* Revert search-select changes
* Update template/templates data on transformation (#9838)
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
* Bring over PSIRT-37 changes from ENT
* Add additional allowed headers
* Already had this one
* Change to string slice comma separated parsing
* Add allowed_sts_header_values to read output
* Only validate AWS related request headers
* one per line
* Import ordering
* Update test
* Add X-Amz-Credential
* Reorder imports
* Update documentation for MySQL Secrets Engine
Update documentation for MySQL Database Secrets Engine to reflect changes introduced with https://github.com/hashicorp/vault/pull/9181
* Empty Commit to re-trigger tests
Co-authored-by: Lauren Voswinkel <lvoswinkel@hashicorp.com>
* Conditionally overwrite TLS parameters in MySQL DSN
Overwrite MySQL TLS configuration in MySQL DSN only if have `tls_ca` or `tls_certificate_key` set
Current logic always overwrites it
* Add test for MySQL DSN with a valid TLS parameter in query string