Commit Graph

471 Commits

Author SHA1 Message Date
Rachel Culpepper c151d5fd58
Vault-11713: Add the ability for transit to use managed keys (#18844)
* add the ability for transit to use managed keys

* add fields for rotate

* reorganize managed keys for better error messaging

* add aad for managed keys

* change encrypting key interface

* fix import error

* fix fmt errors

* move managed key rotation to a separate function

* fix fmt issue

* fix import error

* fix go.mod issue

* fix go.mod

* remove extra rotate param

* fix locking issue in rotation

* fix errors in policy tests

* move managed key params to fit existing policy functions

* fix sign and verify

* fix policy tests

* fix test error
2023-01-27 13:39:58 -06:00
Alexander Scheel 2f5c7458b2
Update x/crypto + x/net (#18794)
* Update golang.org/x/crypto version

go get -u golang.org/x/crypto && go mod tidy

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update golang.org/x/crypto version in api

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update golang.org/x/crypto version in sdk

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-01-23 19:11:04 +00:00
Josh Black c9763996d4
Enable undo logs by default (#18692)
* Enable undo logs by default

* add consul test

* update go.mod/sum

* add a better non-existent key
2023-01-17 13:38:18 -08:00
Christopher Swenson b95beeb675
Add basic event bus broker stub (#18640)
Creates a new `eventbus` package under `vault` with
an implementation of the `go-eventlogger` broker.

Also creates a stub of a common broker that will be accessible
in the core, and creates a simple event sending interface.
2023-01-17 13:34:37 -08:00
Ben Ash 3ff530e001
auth/kubernetes: upgrade to v0.14.1 (#18716) 2023-01-13 19:00:18 -05:00
Ben Ash 02018f1d1d
Revert "auth/kubernetes: upgrade to v0.14.1 (#18711)" (#18715)
This reverts commit ed244a9263255affa797fe032a5b103d7ae41891.
2023-01-13 18:17:12 -05:00
Ben Ash 6bcd9f4458
auth/kubernetes: upgrade to v0.14.1 (#18711) 2023-01-13 17:15:35 -05:00
Chris Capurso 03b23a7970
VAULT-12548: Fix data races in Link status reporting (#18674)
* pin hcp-scada-provider

* fix link reportStatus data race

* go get hcp-scada-provider@v0.2.1
2023-01-12 15:10:34 -05:00
Mike Palmiotto 43a78c85f4
Mark deprecated builtins Removed (#18039)
* Remove logical database builtins

* Drop removed builtins from registry keys

* Update plugin prediction test

* Remove app-id builtin

* Add changelog
2023-01-09 09:16:35 -05:00
Chris Capurso 25d0afae23
VAULT-11830: Expand NodeStatusReporter with new fields (#18302)
* expand NodeStatusReporter with new fields

* only call IsRaftVoter if using raft storage

* add changelog entry

* fix listeners

* return LogLevel as enum

* update github.com/hashicorp/vault/vault/hcp_link/proto

* add changelog entry

* bump github.com/hashicorp/vault/vault/hcp_link/proto

* go mod tidy
2023-01-06 20:53:09 -05:00
Chris Capurso bb0c92afe7
VAULT-11829: Add cluster status handler (#18351)
* go get link proto @vault-11829-meta-get-cluster-status

* add HA status

* add HAEnabled method

* add raft config

* allocate HA nodes based on actual count

* add raft autopilot status

* add raft quorum warnings

* add ClusterID method

* add StorageType

* add ClusterID

* update github.com/hashicorp/vault/vault/hcp_link/proto

* add changelog entry

* fix raft config panic

* remove "Warning" quorum message prefix

* add error wrapping

* add Core.HAStateWithLock method

* reduce quorum warnings to single string

* fix HCP_API_HOST test env var check

* Revert "fix HCP_API_HOST test env var check"

This reverts commit 97c73c4798b77b84aea84f341f2c63c4d657914d.
2023-01-06 17:06:54 -05:00
vinay-gopalan bbd8ac9bbf
Upgrade `go.opentelemetry.io/otel` from v0.20.0 to v1.11.2 (#18589) 2023-01-04 11:31:30 -08:00
Theron Voran 49e97a09a6
secrets/kubernetes: updating to latest plugin (#18587)
go get github.com/hashicorp/vault-plugin-secrets-kubernetes@main
go mod tidy
2023-01-03 15:32:30 -08:00
mickael-hc a8d8bf7c9d
update x/net (#18483) 2022-12-19 17:52:28 -05:00
Chris Capurso 42f36605c7
use meta and link_control from link proto (#18290) 2022-12-09 12:35:06 -05:00
Chris Capurso 4dc5155c5f
Link OSS (#18228)
* add Link config, init, and capabilities

* add node status proto

* bump protoc version to 3.21.9

* make proto

* adding link tests

* remove wrapped link

* add changelog entry

* update changelog entry
2022-12-08 15:02:18 -05:00
Peter Wilson 21a8bcaa7b
Updated go-hclog to v1.4.0 to allow access to GetLevel. Refactored TranslateLoggerLevel (#18260) 2022-12-07 14:25:54 +00:00
John-Michael Faircloth 5c4e148ce2
auth/alicloud: update dependencies (#18021)
* auth/alicloud: update dependencies

* add changelog
2022-11-17 15:00:34 -06:00
vinay-gopalan adc8f9a20e
secrets/azure: update dependencies (#17964) 2022-11-16 13:57:07 -08:00
Max Coulombe ed1efc7f91
Updated secrets-gcp dependency (#17871)
+ updated secrets-gcp dependency
+ added changelog
2022-11-10 13:15:46 -05:00
Austin Gebauer 5e85624498
auth/azure: upgrades dependencies (#17857) 2022-11-09 10:24:51 -08:00
Max Coulombe 818693be89
Updated auth-gcp plugin (#17858)
* updated auth-gcp plugin
+ added changelog
2022-11-09 12:00:24 -05:00
Peter Wilson d2e0f771ef
updated raft-autopilot to v0.2.0 (#17848)
* updated raft-autopilot to v0.2.0

* Add changelog
2022-11-08 13:51:27 +00:00
Robert d807b5abba
secrets/aws: update dependencies (#17747)
* Update AWS secrets deps
2022-11-01 16:01:20 -05:00
Violet Hynes 6d9ea2862e
VAULT-8519 fix spurious "unknown or unsupported fields" warnings for JSON config (#17660)
* VAULT-8519 add tests for HCL unknown field bug

* VAULT-8519 upversion hcl

* VAULT-8519 include correct comitts in tag

* VAULT-8519 Add changelog
2022-10-27 10:28:03 -04:00
Calvin Leung Huang 9e6256178e
database/snowflake: update plugin to v0.6.1 (#17593)
* database/snowflake: update plugin to v0.6.1

* add changelog entry
2022-10-18 15:49:37 -07:00
Christopher Swenson e36e0a59a8
Update httpguts for GO-2022-0236 fix (#17520)
[`govulncheck`](https://go.dev/blog/vuln) reports that the `api` package
has a call chain that includes
`golang.org/x/net/http/httpguts.HeaderValuesContainsToken`, a vulnerable
function.
2022-10-12 15:02:54 -07:00
Peter Wilson 138c516498
Update plugin consul template v0.29.5 (#17419)
* Updated consul-template to v0.29.5
2022-10-04 22:34:28 +01:00
Violet Hynes 6fddb953e9
VAULT-8631 Upgrade vault-plugin-secrets to v0.13.3, to enable synchronous KVV2 creation (#17406)
* VAULT-8631 Upgrade vault-plugin-secrets to v0.13.2

* VAULT-8631 Update version, go mod tidy

* VAULT-8631 Add changelog
2022-10-04 13:54:38 -04:00
Peter Wilson e307450c63
fix: upgrade vault-plugin-secrets-kv to v0.13.1 (#17339)
* fix: upgrade vault-plugin-secrets-kv to v0.13.1

* Added changelog

* Update changelog/17339.txt

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2022-09-28 18:36:10 +01:00
Alexander Scheel 3015689848
Update tlsutil to v0.1.2 for ecdsa algo naming (#17282)
* Update tlsutil in sdk

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update tlsutil in API

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update tlsutil to v0.1.2 for ecdsa algo naming

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-09-23 08:28:40 -04:00
Yoan Blanc fa8f7c793f
fix: PGP subkeys support (#16224)
* fix: PGP subkeys support

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>

* fix: bump ProtonMail/go-crypto

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>

* fix: bump ProtonMail/go-crypto

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2022-09-22 09:12:41 -04:00
Milena Zlaticanin 6593466b3e
secret/database/redis: upgrade plugin to v0.1.0 (#17270) 2022-09-21 19:39:50 -05:00
Tom Proctor 4e51491f7a
Upgrade vault-plugin-auth-alicloud to v0.13.0 (#17251) 2022-09-21 21:05:18 +01:00
Kit Haines 45cb910d0b
Try to bring versions of gofumpt to be the same (so running make bootstrap doesn't change version of gofumpt needed for make fmt) (#17254) 2022-09-21 12:57:34 -04:00
Tom Proctor abfeb59646
Upgrade vault-plugin-auth-centrify to v0.13.0 (#17195) 2022-09-20 06:05:50 -04:00
Christopher Swenson 5a8a896b5a
fix: upgrade vault-plugin-database-elasticsearch to v0.12.0 (#17203) 2022-09-19 14:46:23 -07:00
Christopher Swenson 4ad2dcbfe3
fix: upgrade vault-plugin-database-couchbase to v0.8.0 (#17205) 2022-09-19 14:12:33 -07:00
Robert b8afefbc6a
secrets/ad: update plugin to v0.14.0 (#17214) 2022-09-19 16:03:17 -05:00
Ben Ash d76dbeead1
fix: upgrade vault-plugin-auth-oci to v0.12.0 (#17212) 2022-09-19 13:34:44 -07:00
Milena Zlaticanin f115a3929f
secrets/mongodbatlas: upgrade plugin to v0.8.0 (#17211) 2022-09-19 15:13:36 -05:00
Tom Proctor f7fdb7b7d0
Upgrade vault-plugin-auth-cf to v0.13.0 (#17196) 2022-09-19 19:24:24 +01:00
Tom Proctor bc5ac79928
Upgrade vault-plugin-auth-azure to v0.12.0 (#17194) 2022-09-19 19:22:09 +01:00
Ben Ash adf9b7eca0
fix: upgrade vault-plugin-secrets-alicloud to v0.13.0 (#17201) 2022-09-19 10:39:36 -07:00
Christopher Swenson 17fd8ad465
fix: upgrade vault-plugin-database-mongodbatlas to v0.8.0 (#17200) 2022-09-19 10:16:20 -07:00
vinay-gopalan f0d3cbaa43
bump secrets/azure to v0.14.0 (#17180) 2022-09-19 10:02:57 -07:00
Ben Ash bc8ab07b28
fix: upgrade vault-plugin-secrets-gcpkms to v0.13.0 (#17199) 2022-09-19 12:56:56 -04:00
vinay-gopalan fdebc2c2c3
bump secrets/kv to v0.13.0 (#17175) 2022-09-19 09:40:52 -07:00
Steven Clark 7f3dd736c9
Update OSS dependencies to match newer versions that ENT is using (#17188) 2022-09-19 10:33:36 -04:00
Steven Clark 05a5928b8d
Update missing go-kms-wrapping v2 dep and address some ENT->OSS drift (#17178)
* Update missing go-kms-wrapping v2 dep and address some ENT->OSS drift

* Bump go-kms-wrapping/wrappers/gcpckms/v2 to v2.0.1
2022-09-19 10:23:40 -04:00