Commit graph

13197 commits

Author SHA1 Message Date
Calvin Leung Huang 058532406b
mod: update secrets-gcp to latest (#10558) 2020-12-14 11:42:53 -08:00
Josh Black a7aac342bd
Only set the namespace if the env var isn't present (#1519) (#10556) 2020-12-14 11:40:48 -08:00
Mark Gritter 1edcee0bb3
Changelog for enterprise fix. (#10560) 2020-12-14 12:43:38 -06:00
Austin Gebauer 747d49150b
Updates the OIDC/JWT auth plugin (#10546) 2020-12-14 10:07:07 -08:00
Kyle MacDonald acd0cd037c
website: redirect raft snapshot url to automated storage snapshots (#10553) 2020-12-14 12:48:58 -05:00
Brian Kassouf 275ca323e8
core: Record the time a node became active (#10489)
* core: Record the time a node became active

* Update vault/core.go

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* Add omitempty field

* Update vendor

* Added CL entry and fixed test

* Fix test

* Fix command package tests

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2020-12-11 16:50:19 -08:00
Calvin Leung Huang f137c945d7
ha: update godoc on grabLockOrStop (#10547) 2020-12-11 16:04:00 -08:00
Michael Golowka f6a746f1f5
Match influxdb changelog with correct PR (#10535) 2020-12-11 15:50:07 -07:00
Clint 4d81e3be4d
Improve consistency in error messages (#10537)
* Improve consistency in error messages

* add changelog entry
2020-12-11 15:21:53 -06:00
Michael Golowka 1911e92dca
Add template helper library (#10500) 2020-12-11 13:23:08 -07:00
Michael Golowka 7f7581d9b6
Updated changelog for #10477 (#10518) 2020-12-11 12:59:30 -07:00
Jamie Finnigan 6ae858d721
enable GitHub code scanning workflow (#10526) 2020-12-10 15:34:34 -08:00
Scott Miller e177818fb3
Changelog updates for transform fixes (ENT) (#10528) 2020-12-10 13:59:30 -06:00
Nick Cabatoff a73e834fda
Fail build if go mod vendor changes anything. (#10524) 2020-12-10 10:09:21 -05:00
Nick Cabatoff 5497446d4f changelog/10456.txt 2020-12-10 06:55:24 -05:00
Seth Bunce a6a437a1ce
fix deadlock on core state lock (#10456)
* fix race that can cause deadlock on core state lock

The bug is in the grabLockOrStop function. For specific concurrent
executions the grabLockOrStop function can return stopped=true when
the lock is still held. A comment in grabLockOrStop indicates that the
function is only used when the stateLock is held, but grabLockOrStop is
being used to acquire the stateLock. If there are concurrent goroutines
using grabLockOrStop then some concurrent executions result in
stopped=true being returned when the lock is acquired.

The fix is to add a lock and some state around which the parent and
child goroutine in the grabLockOrStop function can coordinate so that
the different concurrent executions can be handled.

This change includes a non-deterministic unit test which reliably
reproduces the problem before the fix.

* use rand instead of time for random test stopCh close

Using time.Now().UnixNano()%2 ends up being system dependent because
different operating systems and hardware have different clock
resolution. A lower resolution will return the same unix time for a
longer period of time.

It is better to avoid this issue by using a random number generator.
This change uses the rand package default random number generator. It's
generally good to avoid using the default random number generator,
because it creates extra lock contention. For a test it should be fine.
2020-12-10 06:50:11 -05:00
Nick Cabatoff 6c5183abda
Fix link to autosnap api docs. (#10521) 2020-12-09 16:19:15 -05:00
danielehc 98f516aa58
Add details on Consul token ttl (#10470)
* Add details on Consul token ttl

* Update website/pages/docs/secrets/consul/index.mdx

Co-authored-by: Kent 'picat' Gruber <kent@hashicorp.com>

Co-authored-by: Kent 'picat' Gruber <kent@hashicorp.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-12-09 08:20:21 -05:00
Nick Cabatoff b425be1a93
Fix race with test that mutates KeyRotateGracePeriod: make the global be a Core field instead. (#10512) 2020-12-08 13:57:44 -05:00
Nick Cabatoff 84d566db9e
Be consistent with how we report init status. (#10498)
Also make half-joined raft peers consider storage to be initialized, whether or not they're sealed.
2020-12-08 13:55:34 -05:00
Kloppi313 64b4487d8e
No 'v' in version HTML anchor (#10491)
* No 'v' in version HTML anchor

The footer version output links to https://www.github.com/hashicorp/vault/blob/master/CHANGELOG.md#v160 (in Version 1.6.0) but you reach the anchor with https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#160 (without 'v' before the version number)

* Removed 'v' from URL version anchor

* Create 10491.txt

Co-authored-by: Chelsea Shaw <chelshaw.dev@gmail.com>
2020-12-08 11:21:48 -06:00
Michael Golowka 7269d32e50
InfluxDB - Check for errors in the response too (#10384) 2020-12-07 16:18:59 -07:00
Kyle Rarey 6fec9f68e3
Correct key length in Transit storage limits (#10422)
The AES256-GCM96 key was mis-labeled as AES128 under Transit storage limits. Corrected the table.

Co-authored-by: Mark Gritter <mgritter@hashicorp.com>
2020-12-07 11:43:24 -06:00
Mike Wickett 6a6f1d67c8
website: fix broken link to api docs (#10501) 2020-12-04 11:55:20 -08:00
Hridoy Roy 0ada870a52
Only use entropy augmentation for root token creation [VAULT-670] (#10487)
* Only use entropy augmentation for root token creation

* changelog

* change wording of changelog entry
2020-12-04 09:44:04 -08:00
Angel Garbarino 081db3a240
Ember-cli upgrade from ~3.8 to ~3.20 (#9972)
* Update ember-cli to ~3.20

* Remove bad optional-feature

* Remove ember-fetch dep

* re-install ember-fetch

* update model fragments pr

* update ember model fragments correct package name

* update ember composable helpers to solve array helper error

* update ember-concurrency

* add back engine dependencies, automatically removed during ember-cli-upgrade

* make author-form-options component js file otherwise error

* for now comment out withTestWaiter

* add eslint-node and fix if not with unless in templates

* fix linting for tab index of false is now -1 and add type button to all buttons without types

* fix href errors for linting, likely have to come back and fix

* using eslint fix flag to fix all this.gets

* ember modules codemode removed files that had module twice, will fix in next commit

* finish codemode ember-data-codemod needed to rename const model

* more this.get removal codemode did not work

* cont. removal of this.get

* stop mixin rules until figure out how to reconfig them all

* smaller eslint ignores

* get codemode

* testing app small fixes to bring it back after all the changes

* small changes to eslint

* test removal of getProperties

* fix issue with baseKey because value could be unknown needed to add a question mark in nested get

* smaller linting fixes

* get nested fixes

* small linting error fixes

* small linting changes

* working through more small linting changes

* another round of linting modifications

* liniting fixes

* ember module codemod

* quinit dom codemod

* angle bracket codemod

* discovered that components must have js files

* ran all codemods this is all that's left

* small changes to fix get needs two object, should not have been using get.

* fix issue with one input in form field

* fun times with set and onChange from oninput

* fix issue with model not being passed through on secret-edit-display

* fix issue with yarn run test not working, revert without npm run all

* linting and small fix when loading without a selectAuthBackend

* fix failing test with ui-wizard issue

* fix test failure due to model not being asked for correctly with new changes, probably run into this more.

* fix issue with component helper and at props specific to wizard

* rename log to clilog due to conflict with new eslint rule

* small changes for test failures

* component helper at fixes

* Revert to old component style something with new one broke this and can't figure it out for now

* small fishy smelling test fixes will revisit

* small test changes

* more small test changes, appears upgrade treats spaces differently

* comment out code and test that no longer seems relevant but confirm

* clean run on component test though still some potential timing issues on ui-console test

* fixing one auth test issue and timing issue on enable-test

* small mods

* fix this conditional check from upgrade

* linting fixes after master merge

* package updates using yarn upgrade-interactive

* update libraries that did not effect any of the test failures.

* update ember truth helpers library

* settling tests

* Fix ui-panel control group output

* fix features selection test failures

* Fix auth tests (x-vault-token)

* fix shared test

* fix issue with data null on backend

* Revert "Fix auth tests (x-vault-token)"

This reverts commit 89cb174b2f1998efa56d9604d14131415ae65d6f.

* Fix auth tests (x-vault-token) without updating this.set

* Update redirect-to tests

* fix wrapped token test

* skip some flaky test

* fix issue with href and a tags vs buttons

* fix linting

* updates to get tests running (#10409)

* yarn isntall

* increasing resource_class

* whoops

* trying large

* back to xlarge

* Fix param issue on transform item routes

* test fixes

* settle on policies (old) test

* fix browserstack test warning and skips of test confirmed worked

* Fix redirect-to test

* skips

* fix transformation test and skip some kmip

* Skip tests

* Add meep marker to remaining failing tests

* Skip test with failing component

* rever skip on secret-create test

* Skip piece of test that fails due to navigation-input

* fix settings test where can and skip in others after confirming

* fix circle ci test failures

* ssh role settle

* Fix navigate-input and add settled to test

* Remove extra import

* secret cubbyhole and alicloud

* Add settled to gcpkms test

* settles on redirect to test

* Bump browserstack test resource to large

* Update browserstack resource size to xlarge

* update todos

* add back in withTestWaiter

* try and fix credentials conditional action added comment instead

* Update volatile computed properies to get functions

* this step was never reached and we never defined secretType anywhere so I removed

* add settled to policy old test

* Fix navigate-input on policies and leases

* replace ssh test with no var hoping that helps and add settled to other failing tests, unskip console tests

* kmip, transit, role test remove a skip and add in settled

* fix hover copy button, had to remove some testing functionality

* Remove private router service

* remove skip on control ssh and ui panel, fix search select by restructuring how to read the error

* final bit of working through skipped test

* Replace clearNonGlobalModels by linking directly to namespace with href-to

* Remove unused var

* Fix role-ssh id bug by updating form-field-from-model to form-field-group-loop

* Fix transit create id would not update

* Update option toggle selector for ssh-role

* Fix ssh selector

* cleanup pt1

* small clean up

* cleanup part2

* Fix computed on pricing-metrics-form

* small cleanup based on chelseas comments.

Co-authored-by: Chelsea Shaw <chelshaw.dev@gmail.com>
Co-authored-by: Sarah Thompson <sthompson@hashicorp.com>
2020-12-03 16:00:22 -07:00
Jason O'Donnell 8d8b7f287f
docs: fix auth/k8s broken link (#10495) 2020-12-03 16:24:37 -05:00
Brian Kassouf 264f12e72a
Telemetry consul transaction (#10486)
* Update consul.go

* Update telemetry.mdx
2020-12-03 11:19:08 -08:00
Caius Durling c1fa14e00c
Fix typo in print token synopsis text (#10320)
Co-authored-by: swayne275 <swayne@hashicorp.com>
2020-12-03 10:59:09 -07:00
Nick Cabatoff 22f5d10a93
Saving and restoring the go cache was an experiment to reduce build times, but it worked too inconsistently. (#10493) 2020-12-03 10:59:47 -05:00
Nick Cabatoff 6bb8c00131
Name environments after their use case rather than their size. We need fewer resources for remote-docker because all the heavy work happens in the remote-docker VMs which we can't configure. Use a different env for race tests which are more resoure hungry. (#10492) 2020-12-03 10:57:21 -05:00
Michel Vocks ab72fa06ee
Add AllowedHeader and fix AllowedOrigins in the API (#10482)
* Add AllowedHeader and fix AllowedOrigins in the API

* Update changelog entry

* Fix wrong response conversion
2020-12-03 14:31:25 +01:00
Jaskanwal Pawar 8a5a456fdb
Fix typo about environment variable in docs (#10259)
The CLI appears to read from `VAULT_CACERT` instead of `VAULT_CA_CERT` as the docs currently say. Basing this off code [here](a8566c4f89/api/client.go (L30)) and personal observation
2020-12-02 16:09:00 -07:00
swayne275 88eaf5f4c3
Fix Racy Activity Log Tests (#10484)
* fix racy activity log tests and move testing utilities elsewhere

* remove TODO

* move SetEnable out of activity log

* clarify not waiting on waitgroup

* remove todo
2020-12-02 13:48:13 -07:00
Mike Green f6138a98d1
clarify secret revoke during mount disable (#10483) 2020-12-02 12:55:47 -05:00
Michel Vocks f71203c439
Fix license caching issue (#10424)
* Fix license caching issue

* Add changelog entry
2020-12-02 18:21:14 +01:00
Michael Golowka cc7efd393d
MySQL - Fix username generation length bug (#10433) 2020-12-01 15:24:51 -07:00
Tom Proctor bb726296b6
Add changelog for #10416 (#10473) 2020-12-01 16:08:19 +00:00
Hridoy Roy 1a1cbabd9d
changelog for vault 849 (#10435) 2020-11-30 10:28:32 -08:00
Hridoy Roy 241aa3771f
changelog with go changelog (#10434) 2020-11-30 09:24:24 -08:00
Scott Miller 32cb144d0d
Update HCL dependency to fix ParseACLPolicy error on invalid syntax (#10156) 2020-11-30 09:17:33 -06:00
Josh Black bbd78e56b5
Add changelog entry for ent PR 1519 (#10454) 2020-11-25 14:25:03 -08:00
Austin Gebauer a50cf45b23
corrects a typo in the azure secrets docs (#10455) 2020-11-25 12:26:04 -08:00
Nick Cabatoff 818f8aeff2
Fix test failures of the form "bad start timestamp. expected: 1606313752 got: 1606313753". Also re-enable a test that probably shouldn't be skipped, and delete a test that's meant for ent (see also https://github.com/hashicorp/vault-enterprise/pull/1613) (#10452) 2020-11-25 13:49:47 -05:00
Nick Cabatoff d8e7d2e2b8
Use a lock to address race. (#10447) 2020-11-25 12:24:28 -05:00
Nick Cabatoff 6a377a3df3
Add helper used in ent. (#10445) 2020-11-25 08:27:45 -05:00
Jeff Mitchell fa18497643 Revert "changelog++"
This reverts commit a988e51fdb8f117a5a1e5a681c72bfdf1f58dad4.

That commit accidentally removed all history prior to 0.7. This
reinstates that history.
2020-11-24 12:43:33 -05:00
Mark Gritter 123b30631d
Added documentation for vault operator usage. (#10432)
Co-authored-by: swayne275 <swayne@hashicorp.com>
2020-11-23 20:10:48 -06:00
Josh Black b8ba047b35
Allow Vault Agent to run as a Windows service (#10231) 2020-11-23 14:24:32 -08:00
Mark Gritter ab2e28bf55
"vault operator usage" CLI for client count reporting (#10365)
* Working draft of CLI command.
* Sort order, robustness checking.
* Text edits and check of queries_available.
* Added changelog.
2020-11-23 14:57:35 -06:00