Commit graph

17250 commits

Author SHA1 Message Date
Chelsea Shaw 898bc50a76
UI: Stabilize KV secret tests (#20491) 2023-05-04 05:02:07 +00:00
Alexander Scheel c50de2ec0c
Add DNS wildcard tests to ACME test suite (#20486)
* Refactor setting local addresses

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Validate wildcard domains in ACME test suite

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add locking to DNS resolver

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Better removal semantics for records

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-05-03 20:23:44 +00:00
Kianna 650743e18f
UI: PKI error handling + some small bugs! (#20478) 2023-05-03 13:00:46 -07:00
Anton Averchenkov 3ff2b011ab
Clarify deprecation comments for RawRequest* functions (#20497) 2023-05-03 19:47:54 +00:00
claire bontempo f0ea1f5ed8
UI: update setting version service for sidebar frame test (#20496)
* refactor sidebar test

* swap out setFeatures

* make version test glimmery
2023-05-03 19:03:28 +00:00
Anton Averchenkov 11c92e9565
Move TestWalkSecretsTree to the correct file. (#20493) 2023-05-03 18:24:23 +00:00
Hamid Ghaf 148263084d
adding support for four cluster docker based test scenario (#20492) 2023-05-03 10:49:45 -07:00
Alexander Scheel d8c5456f8a
Add dns resolver to PKI Binary Cluster (#20485)
* Export DockerAPI for use by other consumers

As usage of DockerCluster gets more advanced, some users may want to
interact with the container nodes of the cluster. While, if you already
have a DockerAPI instance lying around you can reuse that safely, for
use cases where an existing e.g., docker/testhelpers's runner instance
is not available, reusing the existing cluster's DockerAPI is easiest.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add ability to exec commands without runner

When modifying DockerTestCluster's containers manually, we might not
have a Runner instance; instead, expose the ability to run commands via
a DockerAPI instance directly, as they're awfully convenient.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add DNS resolver into ACME tests

This updates the pkiext_binary tests to use an adjacent DNS resolver,
allowing these tests to eventually be extended to solve DNS challenges,
as modifying the /etc/hosts file does not allow this.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix loading DNS resolver onto network

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix bug with DNS configuration validation

Both conditionals here were inverted: address being empty means a bad
specification was given, and the parse being nil means that it was not a
valid IP address.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix specifying TXT records, allow removing records

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-05-03 17:32:39 +00:00
Anton Averchenkov b4bec9bd30
Improve addPrefixToKVPath helper (#20488) 2023-05-03 17:10:55 +00:00
Chelsea Shaw 973555cb9c
UI: Handle edge cases for PKI import results (#20474) 2023-05-03 12:02:39 -05:00
claire bontempo 5768ae4f9b
UI: add enterprise only pki/config/crl parameters to edit configuration form (#20479)
* update version service

* render enterprise groups

* render enterprise params

* move group headers to within loop

* cleanup template

* update form tests

* change version service references to hasFeature to hasControlGroups getter

* add params to details view

* update version service test
2023-05-03 09:48:08 -07:00
Nick Cabatoff 3eb5fb3eb7
Use newer version of backport-assistant (#20484) 2023-05-03 12:40:01 -04:00
Steven Clark aa3c61c85b
In ACME responses only return Type, Value fields (#20480)
- Do not serialize the entire internal object, instead return
   just the Type and Value fields back to the caller.
 - Also within authorization responses, return the base domain
   on wildcard queries, dropping the *. as the RFC requests.
 - Update tests to reflect/test this logic.
2023-05-03 09:53:33 -04:00
Jordan Reimer c84d267c61
Sidebar Navigation (#19296)
* Add Helios Design System Components (#19278)

* adds hds dependency

* updates reset import path

* sets minifyCSS advanced option to false

* Remove node-sass (#19376)

* removes node-sass and fixes sass compilation

* fixes active tab li class

* Sidebar Navigation Components (#19446)

* links ember-shared-components addon and imports styles

* adds sidebar frame and nav components

* updates HcNav component name to HcAppFrame and adds sidebar UserMenu component

* adds tests for sidebar components

* fixes tests

* updates user menu styling

* fixes typos in nav cluster component

* changes padding value in sidebar stylesheet to use variable

* Replace and remove old nav components with new ones (#19447)

* links ember-shared-components addon and imports styles

* adds sidebar frame and nav components

* updates activeCluster on auth service and adds activeSession prop for sidebar visibility

* replaces old nav components with new ones in templates

* fixes sidebar visibility issue and updates user menu label class

* removes NavHeader usage

* adds clients index route to redirect to dashboard

* removes unused HcAppFrame footer block and reduces page header top margin

* Nav component cleanup (#19681)

* removes nav-header components

* removes navbar styling

* removes status-menu component and styles

* removes cluster and auth info components

* removes menu-sidebar component and styling

* fixes tests

* Console Panel Updates (#19741)

* updates console panel styling

* adds test for opening and closing the console panel

* updates console panel background color to use hds token

* adds right margin to console panel input

* updates link-status banner styling

* updates hc nav components to new API

* Namespace Picker Updates (#19753)

* updates namespace-picker

* updates namespace picker menu styling

* adds bottom margin to env banner

* updates class order on namespace picker link

* restores manage namespaces refresh icon

* removes manage namespaces nav icon

* removes home link component (#20027)

* Auth and Error View Updates (#19749)

* adds vault logo to auth page

* updates top level error template

* updates loading substate handling and moves policies link from access to cluster nav (#20033)

* moves console panel to bottom of viewport (#20183)

* HDS Sidebar Nav Components (#20197)

* updates nav components to hds

* upgrades project yarn version to 3.5

* fixes issues in app frame component

* updates sidenav actions to use icon button component

* Sidebar navigation acceptance tests (#20270)

* adds sidebar navigation acceptance tests and fixes other test failures

* console panel styling tweaks

* bumps addon version

* remove and ignore yarn install-state file

* fixes auth service and console tests

* moves classes from deleted files after bulma merge

* fixes sass syntax errors blocking build

* cleans up dart sass deprecation warnings

* adds changelog entry

* hides namespace picker when sidebar nav panel is minimized

* style tweaks

* fixes sidebar nav tests

* bumps hds addon to latest version and removes style override

* updates modify-passthrough-response helper

* updates sidebar nav tests

* mfa-setup test fix attempt

* fixes cluster mfa setup test

* remove deprecated yarn ignore-optional flag from makefile

* removes another instance of yarn ignore-optional and updates ui readme

* removes unsupported yarn verbose flag from ci-helper

* hides nav headings when user does not have access to any sub links

* removes unused optional deps and moves lint-staged to dev deps

* updates has-permission helper and permissions service tests

* fixes issue with console panel not filling container width
2023-05-02 19:36:15 -06:00
claire bontempo 00e43b88b4
fix typo (#20473) 2023-05-02 19:29:14 +00:00
Anton Averchenkov 8e19338ef5
Add walkSecretsTree helper function (#20464) 2023-05-02 15:23:43 -04:00
Yoko Hyakuna a56e4ca96a
Fix the title header - What is Vault (#20465) 2023-05-02 11:29:36 -07:00
Mike Palmiotto 410735e88c
Capture loop var in TestClientDisabledRedirects (#20466) 2023-05-02 17:53:30 +00:00
marcin-kulik fda0a731fc
Update installation.mdx (#17954) 2023-05-02 13:34:42 -04:00
Steven Clark 480f97a601
Skip OcspHigherLevel test failures if we trigger redirection bug (#20461)
- We have a known issue that is difficult to address in released versions of Vault that OCSP GET requests can contain consecutive / characters which the Golang HTTP mux will force a redirection.
  - Instead of failing various PRs and runs with this known issue, check to see if we are about to trigger it and if so skip the test. We have already at this point tested the POST version of the API.
2023-05-02 14:44:09 +00:00
miagilepner b6d768d36f
Fix testonly flag in Makefile (#20457) 2023-05-02 14:46:13 +02:00
Chelsea Shaw 61e72c2e56
Fix keyup trigger on masked input (#20454) 2023-05-01 22:15:41 +00:00
Steven Clark 504aaf5fe5
Update ACME order status on order fetch (#20451)
- When someone is fetching the order to get it's status, compute if we
   need to bump the status to Ready like we do in finalize handler
 - Add a wait state to the ACME docker test suite to deal with a race
   condition
2023-05-01 16:18:18 -04:00
Nick Cabatoff 120830681e
Don't run build workflow on draft PRs. (#20443) 2023-05-01 13:52:41 -04:00
Chelsea Shaw 59ff9c2eea
UI: glimmerize masked input (#20431)
* Glimmerize masked-input

* Update secret-create-or-update to change masked-input value

* Use maskedInput for ssh configure privateKey

* Add download button to masked input and v2 secrets. Resolves #6364

* Add changelog
2023-05-01 16:43:05 +00:00
Steven Clark 3ca73ad07e
Refactor ACME PKI binary tests to run against a single Vault Cluster (#20419)
* Initial refactoring of ACME PKI binary tests
 - Rework test suite to use a single Vault cluster with
   different mounts.
 - Refactor convenience methods to write PKI tests.

* Add ACME test cases for mixed IP and DNS, along with IP only identifier requests

* Parallelize the Vault PKI test suite
2023-05-01 16:01:24 +00:00
Jonathan Frappier 3c6e130ca2
Add HCP tabs, apply Vale suggestions, fix heading case (#20361)
* Add HCP tabs, apply Vale suggestions, fix heading case

* Apply feedback

* Apply PM feedback

* Update website/content/docs/secrets/databases/oracle.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/secrets/databases/oracle.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/secrets/databases/oracle.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

---------

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-05-01 11:56:16 -04:00
Nick Cabatoff 9eee5f3438
CI tests should run on release branches as well as main (#20444) 2023-05-01 15:42:03 +00:00
Josh Black 1d307d48b6
Clarify origin of ID parameter for path filter creation (#20415)
* Clarify origin of ID parameter for path filter creation

* add additional note

* add additional info
2023-05-01 08:34:03 -07:00
Alexander Scheel 32a7f8250a
Update to tidy status and docs (#20442)
* Add missing tidy-status state values

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add docs on auto-tidy reading

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add missing tidy status field revocation_queue_safety_buffer

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Include pause_duration in tidy-status docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add date of last auto-tidy operation to status

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-05-01 14:26:29 +00:00
Chelsea Shaw b743ada5ab
UI: fix secret with % in path (#20430)
* Use encode/decode uri component instead of route-recognizer. Fixes #11616

* Remove route-recognizer explicit dependency

* Add changelog
2023-05-01 09:18:45 -05:00
Alexander Scheel 91481143af
Show existing keys, issuers on PKI import (#20441)
* Add additional existing keys response field

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update tests for validating existing keys

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update docs for import to include new fields

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update website/content/api-docs/secret/pki.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-05-01 14:07:31 +00:00
miagilepner 4cd982554e
VAULT-15840: Allow updates of only entity-alias custom-metadata (#20368)
* allow updates of only custom metadata

* add changelog
2023-05-01 12:42:30 +02:00
Ryan Cragun 190783a87f
release testing: always save the metadata (#20402)
Signed-off-by: Ryan Cragun <me@ryan.ec>
2023-04-28 15:15:03 -06:00
Yoko Hyakuna ad96cf88e8
Update the command output example (#20427) 2023-04-28 13:46:20 -07:00
Nick Cabatoff e0093a2791
Simple perf replication test using docker containers (#20393) 2023-04-28 19:43:30 +00:00
Alexander Scheel 7781b037da
Validate identifiers against role when creating order (#20410)
* Validate identifiers against role when creating order

Perform some initial validation against the order's requested
identifiers during creation; this gives a client a heads up that their
request might be rejected by the server before they have to solve
challenges for these, only to find out during CSR submission time that
there is no way to request the specified certificate.

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add unit tests and switch errors to ErrRejectedIdentifier

 - Change the error messages from validating identifiers against the
   role to ErrRejectedIdentifier errors if they do occur
 - Add unit tests to validate that we validate against the various
   roles somewhat okay.

* go doc

* Fix typo in test godoc

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-04-28 19:21:26 +00:00
Nick Cabatoff f19f537a4f
Add support for restarting docker nodes, and for providing args (#20409) 2023-04-28 14:03:14 -04:00
Jason Peng 2a954ef072
Updated the HA Upgrade Instructions (#20206)
* Update index.mdx

Updated instructions for Vault Upgrade HA

* Create vault-ha-upgrade.mdx

Moved HA Vault upgrade instruction to a new page and added a Note for disabling automated upgrade procedure

* Add the new vault-ha-upgrade page to the side menu

* Format and wording edits

* Remove extra paracentesis

* Fix a typo

* Change the title appears on the navigation

---------

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-04-28 10:54:53 -07:00
Thy Ton 94d8fb8029
update release-note from feature to improvement (#20414) 2023-04-28 09:33:09 -07:00
Kianna 8cc9866f10
UI: VAULT-8429 Update query and serializer so that it includes parsedCertificate (#20246)
Co-authored-by: Kianna Quach <kianna.quach@hashicorp.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
2023-04-28 08:05:12 -07:00
Peter Wilson a592e3a023
Fix panic when Vault enters recovery mode, added test (#20418)
* Fix panic when Vault enters recovery mode, added test

* Added changelog
2023-04-28 12:41:19 +00:00
Tom Proctor 767dc6283f
docs: Set uniform supported Kubernetes versions for all integrations (#20010) 2023-04-28 10:33:37 +01:00
Chet Lemon 4a9e8f2f9d
Pipe MountPoint to audit logs (#20411)
* MountPoint piped to audit logs
---------
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2023-04-27 15:29:24 -07:00
John-Michael Faircloth 11632b57bc
secrets/aws: fix acc test for sts (#20408) 2023-04-27 21:40:45 +00:00
Alexander Scheel 364a639cca
Integrate acme config enable/disable into tests (#20407)
* Add default ACME configuration, invalidate on write

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add enforcment of ACME enabled

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Validate requested role against ACME config

Co-authored-by: kitography <khaines@mit.edu>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add validation of issuer restrictions with ACME

Co-authored-by: kitography <khaines@mit.edu>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add validation around allowed config lenghts

Co-authored-by: kitography <khaines@mit.edu>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Prune later deemed unnecessary config options

Co-authored-by: kitography <khaines@mit.edu>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* make fmt

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: kitography <khaines@mit.edu>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-04-27 20:31:13 +00:00
Angel Garbarino dcff8c2a07
Remove the Bulma CSS Framework (#19878)
* Step one: remove bulma (#19587)

* remove bulma and get app running

* add back in each statments from bulma variables

* remove space

* address pr comments

* add back copyright headedr

* Step two: add back and organize relevant Bulma classes (#19664)

* VAULT-14566 copy/paste bulma css for classes that it defines and we do not.

* add three new helper files and move helpers.scss to a new directory called helper-classes

* rename utils/colors to color_variables

* integrate all bulma sizing into previous utils/spacing doc, address obvious duplicates and rename to spacing_variables.

* small class name issues

* clean up

* comment clean up

* Step three: add Bulma classes to relevant component styles (#19683)

* add in bulma classes used in global-flash component

* add in bulma classes used in the modal component

* remaining bulma classes that can integrate into the vault css

* remove replication-header.scss and replace with helper.

* add bulma tabs classes to tabs component scss file

* remove ui-wizard style

* only do bulma explicit classes for now

* add in breadcrumb styling from bulma

* integrate bulma into css

* remove unecessary tabs bulma styling

* remove non-relevant bulma classes

* remove non relevant bulma css

* Step three cont. Bulma classes to component files (#19691)

* return box-label to as before now that you have those bulma classes

* missing modal bulma classes

* add bulma class to box component

* missed some bulma box classes

* remove scss unecessary

* add in bulma classes to icon component.

* move up icon

* missed modal class

* clean up

* size vars to icon

* Step four: address core directory files (#19719)

* move some basic helpers over to typography helper.

* rename helpers to other

* moveing generic classes to other relevant scss files.

* rename generic to link

* clean up

* clean up

* address core/box

* remove hero because the class is not used anywhere.

* add in level bulma css

* welp forgot a file.

* add in missing bulma classes into core/menu

* UI/step four core files 2 (#19754)

* address issue with input border and box shadow

* remove the is-white class, it was being used very poorly, replaced with exisiting helpers.

* organizing the forms and button core files

* small amount of clean up

* hot mess of colors dealing with just danger for now

* removed moved over bulma classes

* use helper for this one off

* clean up

* wip on the buttons

* fix select select:: after

* clean up select from bulma-classes.

* clean up

* clean up

* small fix

* Cleaning up the last of the core files (welp there's still more) (#19779)

* one missing thing for level core.

* replace no-underline and link-item with helper text-decoration-none

* core/menu double check

* handle core/message

* create and add to bulma classes for core/columns

* add in bulma-classes columns and column... not fun to qa later.

* remove core/notification

* core/progress bar

* revert the hbs changes

* fix over revert

* Core files cont. Focus on core/form (#19794)

* create input and textarea core files, move charts

* remove input and textarea classes from bulma classes

* remove input-hint component file, never a component

* fix the mess that is help-text:

* help and is-help and sub-text are a mess...

* fix switch alignment issues

* deal with file-name

* clean file out of bulma-classes

* create layout helper and move out some remaining button classes

* deal with core/title

* is-marginless move to helper

* helper layout add to core

* clean up

* remove core/tables

* test

* Revert "test"

This reverts commit e695dedfe933d71320cd7eeee33f6b21a8d54b37.

* Core files continued (#19896)

* test

* combine input and textarea

* clean up navbar brannd

* clean up the single instance delete class used on the modal and match with flight icon

* add back autocomplete to component

* create core/file

* alphabetize file css blocks

* core/checkboxes create and address

* combine b-checkboxes classes and remove from core the utils

* address duplicate helper

* Core files continued (#19930)

* clean up helper and remove duplicate class

* more clean up of the other helper

* fix pagination, hot mess

* add radio to checkbox styling

* tag to tags rename singular

* container core file

* finally... changing forms to one element, field

* finally remove bulma-classes

* cleanup

* comment cleanup

* add comment about pagination

* Consolidating our size variables with Bulma's (#19951)

* remove bulma-size variables that are duplicates of our own

* remove unused is-size-xx and duplicate font weights

* remove duplicate class

* ahh this is madness

* remove column-gap var

* remove  duplicate sizing of

* clean up breakpoints

* replace border-radius:2px for var so folks know the common border-radius

* replace header-height with new spacing var

* replace body-size and console-size vars with other sizing vars

* clean up final of size vars

* radius override things blah fixed

* last size var

* add back

* Finish size var clean up (#19970)

* remove size-small, etc.

* fix size-small things

* remove label unused classes

* move out font-family utils

* Update Color Vars (remove bulma color vars and overrides) (#20031)

* remove bulma_variables file

* remove duplicate helper

* replace hardcoded with color vars when appropriate

* broaden font-family utils

* add back box-link-hover-shadow

* welp

* fix pagination coloring

* Small fixes post var and core file work (#20035)

* fix auth-login splash container

* fix some splash page issues

* fix status menu

* fix menu-list regression

* fix regression on button text-decoration

* fix tag regression

* fix regression on select select

* fix regression on field field

* regression on textarea

* button focus state regression

* fix inputs

* fix is-outlined buttons

* Remove bulma switch (#20065)

* remove bulma/switch

* fix disbled style

* Bulma removal: starting the clean up process (#20066)

* remove unused class name

* add todo

* wip shamir-modal-flow usage of file styling

* final fix

* fix message type message-body css

* better match

* fix a.active on popup-menu-content

* VAULT-14625 fix

* blah overrides overrides and oh another override

* fix breadcrumb link

* fixes

* fix readonly state and hover on inputs.scss

* fix button style issue

* fix modal title spacing issue

* clean up

* fix switch

* fix checkbox issue and pr comment

* fix issue with tabs

* pr comment

* Bulma clean up cont. (#20119)

* gotta use rem on page container... it makes a difference, can't switch to px

* missing helper for background color

* fix textarea with icon

* can't seem to replace rem with px ;/

* fix table issues

* clean up columns.scss file

* fix

* fix rem vs px issues

* address some todos

* fix todo on help is-danger

* best effort for sizing var clean up

* reomve duplicate

* clearify

* welp forgot a word

* address sr-only class definition

* move to helper

* replaced single use class with helper and cleaned up flexbox

* move to make more sense

* move around layout and container

* color things

* things

* Cleanup 🧹 (#20196)

* remove carry over classes from bulma

* clean up title.scss

* clean up title is-5 has-top-padding-m and box.scss

* clean up breadcrumbs, buttons, c&r, columns

* clean up core files

* clean up cont looking at component files

* clean up remaining component files

* fix pagination

* pr comments, thank you

* add in merge color helper

* Remove out of scope changes (#20218)

* remove out of scope changes

* fix test

* add changelog

* remove scope creep

* fix scope creep cont

* qa fixes

* Fixes found while QA'ing Secret Engines (#20264)

* fix active tab issue for both secret and auth mounts

* use helper instead of :not last on content margin which causes problems

* fix missing disabled on b-checkbox

* quick fix

* deal with body-size issue

* fix order of other helper

* small fixes from qa

* update comments on the core files and change desktop font size from px back to rem

* missed 16px replaced with 1rem

* address chelseas comments

* fixes that jordan noticed

* remove unstable flexbox test

* test fix

* rename other to general

* address claires qa comments

* add in missing helper must have missed in earlier merge

* fix button

* small small small fix
2023-04-27 14:23:17 -06:00
Ben Ash 2f63318cea
api-docs/pki: common_name is no longer required. (#20403) 2023-04-27 16:11:49 -04:00
Steven Clark 8f4fb42439
Add PKI ACME IP SANS test case (#20398)
* Add PKI ACME IP SANS test case

 - Leveraging the new Vault docker based tests along with nginx and
   the Go ACME library, verify that Vault can properly perform ACME
   validations for IP identifiers

* Formatting
2023-04-27 16:05:23 -04:00
Alexander Scheel e42fd09b47
Add custom DNS resolver to ACME configuration (#20400)
* Handle caching of ACME config

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add DNS resolvers to ACME configuration

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add custom DNS resolver to challenge verification

This required plumbing through the config, reloading it when necessary,
and creating a custom net.Resolver instance.

Not immediately clear is how we'd go about building a custom DNS
validation mechanism that supported multiple resolvers. Likely we'd need
to rely on meikg/dns and handle the resolution separately for each
container and use a custom Dialer that assumes the address is already
pre-resolved.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Improvements to Docker harness

 - Expose additional service information, allowing callers to figure out
   both the local address and the network-specific address of the
   service container, and
 - Allow modifying permissions on uploaded container files.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add infrastructure to run Bind9 in a container for tests

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Validate DNS-01 challenge works

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-04-27 15:30:29 -04:00