Commit graph

17751 commits

Author SHA1 Message Date
Steven Clark e167798ea5
Add back paths to TestProperAuthing (#21855)
- Since the backport's for the OpenAPI list haven't occurred yet,
   we need both the existing path and the new path for when they do
   get backported.
2023-07-14 13:02:15 +00:00
hc-github-team-secure-vault-core 43feaf1379
Update TestProperAuthing test for backports (#21852)
Co-authored-by: Steve Clark <steven.clark@hashicorp.com>
2023-07-14 11:51:10 +00:00
hc-github-team-secure-vault-core 6ea01382b4
backport of commit ba52063705ac8a7842ee2818e785faad361277d3 (#21849)
Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
2023-07-14 10:22:54 +00:00
hc-github-team-secure-vault-core ca1d99d3a7
backport of commit 384cdd791c5a473374fe1a0f7cb9b9d3f972bcf7 (#21845)
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
2023-07-13 18:22:15 -07:00
hc-github-team-secure-vault-core a0dca58c44
backport of commit 0b0b15f968bb243b29544d6a7f2652137e07d632 (#21839)
Co-authored-by: Hamid Ghaf <83242695+hghaf099@users.noreply.github.com>
2023-07-13 15:26:01 -07:00
hc-github-team-secure-vault-core da49fe9db5
backport of commit 20675ccef0944571f17fd06969147fa476fc68ba (#21834)
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
2023-07-13 20:08:22 +00:00
hc-github-team-secure-vault-core a7232590e9
VAULT-12958 Add link to logs to the test failure summary in CI (#21736) (#21825)
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
2023-07-13 18:36:30 +00:00
hc-github-team-secure-vault-core 7b8c8e722c
backport of commit c2cbd5a578108d2447efc52f47f3bb7f7b69ee02 (#21819)
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2023-07-13 10:27:03 -07:00
hc-github-team-secure-vault-core e9ee08ec7d
backport of commit 2a05a48016150b4040067ae7b6dc8ab8ba8aa93a (#21816)
Co-authored-by: Rebecca Willett <47540675+rebwill@users.noreply.github.com>
2023-07-13 12:09:34 -04:00
hc-github-team-secure-vault-core ecec77f6f2
backport of commit 702c52148988fc6907b8ee6457accd1536a2c25f (#21781)
Co-authored-by: Mike Palmiotto <mike.palmiotto@hashicorp.com>
2023-07-13 11:23:53 -04:00
hc-github-team-secure-vault-core 6738b00b59
backport of commit 8d74143872101df6f845fe86e69faea276e9e0f4 (#21810)
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-07-13 13:24:09 +00:00
hc-github-team-secure-vault-core d2bbc42fcb
backport of commit bfa93fdeda1a998dc9c2a91c5c14424456b6d1d7 (#21782) (#21786)
* use shas instead of versions and fix milestones

* remove trailing space

Co-authored-by: miagilepner <mia.epner@hashicorp.com>
2023-07-13 15:19:21 +02:00
hc-github-team-secure-vault-core 1ebd61689d
backport of commit a98c0d9cbe9d7cc59fc17a0416e61469cd9d56ac (#21797)
Co-authored-by: Ryan Cragun <me@ryan.ec>
2023-07-12 20:40:35 +00:00
hc-github-team-secure-vault-core 59cbdcda39
[QT-589] Use the go module cache between CI and build (#21764) (#21790)
In order to reliably store Go test times in the Github Actions cache we
need to reduce our cache thrashing by not using more than 10gb over all
of our caches. This change reduces our cache usage significantly by
sharing Go module cache between our Go CI workflows and our build
workflows. We lose our per-builder cache which will result in a bit of
performance hit, but we'll enable better automatic rebalancing of our CI
workflows. Overall we should see a per branch reduction in cache sizes
from ~17gb to ~850mb.

Some preliminary investigation into this new strategy:

Prior build workflow strategy on a cache miss:
  Download modules: ~20s
  Build Vault: ~40s
  Upload cache: ~30s
  Total: ~1m30s

Prior build workflow strategy on a cache hit:
  Download and decompress modules and build cache: ~12s
  Build Vault: ~15s
  Total: ~28s

New build workflow strategy on a cache miss:
  Download modules: ~20
  Build Vault: ~40s
  Upload cache: ~6s
  Total: ~1m6s

New build workflow strategy on a cache hit:
  Download and decompress modules: ~3s
  Build Vault: ~40s
  Total: ~43s

Expected time if we used no Go caching:
  Download modules: ~20
  Build Vault: ~40s
  Total: ~1m

Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
2023-07-12 19:26:00 +00:00
Sarah Chavis 841507c314
Add note about user lockout defaults (#21744) (#21765) 2023-07-11 14:42:04 -07:00
hc-github-team-secure-vault-core e335f92e75
backport of commit 237b9f71409e99d24daae3ef196c02e34a908126 (#21660)
Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
2023-07-11 16:00:03 -04:00
hc-github-team-secure-vault-core e1eb178f1e
backport of commit a29ba45a3a59626bf97e08a48ccac2a5dbd60f96 (#21754)
Co-authored-by: miagilepner <mia.epner@hashicorp.com>
2023-07-11 15:25:44 +00:00
hc-github-team-secure-vault-core 34964e05a9
backport of commit a053c616ba01291fcd3186d77ea63e3b5e4218c4 (#21692)
Co-authored-by: Rebecca Willett <47540675+rebwill@users.noreply.github.com>
2023-07-11 15:08:58 +00:00
hc-github-team-secure-vault-core f87b781ebc
backport of commit a9778be3f2735ea242c5ea05a2a805fa18e7df4f (#21756)
Co-authored-by: Mike Palmiotto <mike.palmiotto@hashicorp.com>
2023-07-11 14:44:40 +00:00
hc-github-team-secure-vault-core 78dbddbd4f
backport of commit d1c943b25559c98998d0985e61739c5b21283c1f (#21740)
Co-authored-by: Max Winslow <43095669+maxiscoding28@users.noreply.github.com>
2023-07-10 17:29:58 -07:00
hc-github-team-secure-vault-core c4f8615678
backport of commit 3bf1299814af605b534a8c20b207790d3de21bcd (#21715)
Co-authored-by: Max Bowsher <maxbowsher@gmail.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
2023-07-10 21:34:10 +00:00
hc-github-team-secure-vault-core 48247cdec6
backport of commit 9ace8751ff0df06058043b92343ceab2121c2bbd (#21727)
Co-authored-by: divyaac <divya.chandrasekaran@hashicorp.com>
2023-07-10 12:52:42 -07:00
hc-github-team-secure-vault-core be5249a6dd
backport of commit ece2995ee1df24341ec1dd0fdcc2fdedc6737806 (#21731)
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
2023-07-10 18:09:52 +00:00
hc-github-team-secure-vault-core 5f6c3f4155
backport of commit b0fb3b14206c63c01041fe3f561b147a3d41de74 (#21720)
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-07-10 17:07:30 +00:00
hc-github-team-secure-vault-core d1210427d1
backport of commit 8c18f24b9da475c13f7908e609c5d4be24c773e6 (#21611) (#21615)
* combine into one checker

* combine and simplify ci checks

* add to test package list

* remove testing test

* only run deprecations check

* only run deprecations check

* remove unneeded repo check

* fix bash options

Co-authored-by: miagilepner <mia.epner@hashicorp.com>
2023-07-10 17:05:20 +02:00
hc-github-team-secure-vault-core 5772e81ae8
backport of commit e29842e49e807b574dccb8e87bc20947a6d21438 (#21712)
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-07-10 13:55:55 +00:00
hc-github-team-secure-vault-core f881304cc5
backport of commit 5919645a70a12e2675331e0a7ad43238c823738e (#21707)
Co-authored-by: miagilepner <mia.epner@hashicorp.com>
2023-07-10 10:58:05 +00:00
hc-github-team-secure-vault-core c215c2de27
backport of commit bce4b7a3e5a742326c5d7560bb00696db4fe8cc5 (#21699)
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-07-07 20:52:57 +00:00
hc-github-team-secure-vault-core 03e6898cfc
backport of commit d18242dae4192b11784e539ef862bcfaf654ec69 (#21698)
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
2023-07-07 20:35:32 +00:00
hc-github-team-secure-vault-core cfa1e9d363
backport of commit 87d37fecb775a5ae82d264f0fc08b613dd733c7c (#21688)
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
2023-07-07 19:56:05 +00:00
Sarah Chavis c569513e54
Manual backport of Client count doc updates (#21685) 2023-07-07 12:40:36 -07:00
hc-github-team-secure-vault-core 9d1592cc93
backport of commit 34d1d200ee5e5547779ee8424c52bb7cf4dcb772 (#21676)
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
2023-07-07 15:35:57 -04:00
hc-github-team-secure-vault-core 37dcc37e81
backport of commit 96fd024d15c4823ac73f08bb576d575d99537b15 (#21680)
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
2023-07-07 13:29:06 -06:00
hc-github-team-secure-vault-core ec7e69adc0
backport of commit 9c8a7422ade1b46f413274c5eb6d5306c9e3e563 (#21665)
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
2023-07-07 11:01:33 -07:00
hc-github-team-secure-vault-core 93d2fc099f
VAULT-17592 Extract failed Go test results across runners (#21625) (#21672)
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
2023-07-07 18:52:01 +01:00
hc-github-team-secure-vault-core f3f97c9658
backport of commit 95b44add74807bed971638928599b18d302a2ae2 (#21667)
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
2023-07-07 16:43:07 +00:00
hc-github-team-secure-vault-core 7a0badc115
backport of commit 072f0dd7c85be8d4e4390cf417900efce5e38d56 (#21656)
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-07-07 15:45:01 +00:00
hc-github-team-secure-vault-core d2b396bd2a
backport UI: PKI show missing info on generated cert (#21652)
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
2023-07-07 15:09:52 +00:00
hc-github-team-secure-vault-core 4c3c3ebb2a
Add remediation steps to the PKI health-check docs (#21643)
Co-authored-by: Steve Clark <steven.clark@hashicorp.com>
2023-07-06 16:53:26 -07:00
hc-github-team-secure-vault-core 820e38e259
backport of commit 304ecfc8e9d61536834e1e3904c3eee28411f6f8 (#21637)
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2023-07-06 15:35:25 -07:00
hc-github-team-secure-vault-core 1d9e560f0f
backport of commit 2f677665b37fcced51737cdef7abbebb4c719529 (#21527)
Co-authored-by: Max Bowsher <maxbowsher@gmail.com>
2023-07-06 20:01:33 +00:00
hc-github-team-secure-vault-core 2c4e40eaf6
backport of commit 8bb9cbbebaed39b290590f79a8857f5ba01fbf16 (#21627)
Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
2023-07-06 18:46:13 +01:00
hc-github-team-secure-vault-core a3334cb526
backport of commit 6acd2921c5d78382b0a554674cd4f7c81a9a126a (#21622)
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
2023-07-06 16:15:50 +00:00
hc-github-team-secure-vault-core 7e8c0a1cae
backport of commit 4c1a7b53d362ee733707de2fa3280596e35d7f03 (#21609)
Co-authored-by: Bianca Moreira <48203644+biazmoreira@users.noreply.github.com>
2023-07-06 12:05:43 +02:00
Ryan Cragun d1e9b99233
[QT-576] Optimize build workflow (#21486) (#21601)
Improve our build workflow execution time by using custom runners,
improved caching and conditional Web UI builds.

Runners
-------
We improve our build times[0] by using larger custom runners[1] when
building the UI and Vault.

Caching
-------
We improve Vault caching by keeping a cache for each build job. This
strategy has the following properties which should result in faster
build times when `go.sum` hasn't been changed from prior builds, or
when a pull request is retried or updated after a prior successful
build:

* Builds will restore cached Go modules and Go build cache according to
  the Go version, platform, architecture, go tags, and hash of `go.sum`
  that relates to each individual build workflow. This reduces the
  amount of time it will take to download the cache on hits and upload
  the cache on misses.
* Parallel build workflows won't clobber each others build cache. This
  results in much faster compile times after cache hits because the Go
  compiler can reuse the platform, architecture, and tag specific build
  cache that it created on prior runs.
* Older modules and build cache will not be uploaded when creating a new
  cache. This should result in lean cache sizes on an ongoing basis.
* On cache misses we will have to upload our compressed module and build
  cache. This will slightly extend the build time for pull requests that
  modify `go.sum`.

Web UI
------
We no longer build the web UI in every build workflow. Instead we separate
the UI building into its own workflow and cache the resulting assets.
The same UI assets are restored from cache during build worklows. This
strategy has the following properties:

* If the `ui` directory has not changed from prior builds we'll restore
  `http/web_ui` from cache and skip building the UI for no reason.
* We continue to use the built-in `yarn` caching functionality in
  `action/setup-node`. The default mode saves the `yarn` global cache.
  to improve UI build times if the cache has not been modified.

Changes
-------
* Add per platform/archicture Go module and build caching
* Move UI building into a separate job and cache the result
* Restore UI cache during build
* Pin workflows

Notes
-----
[0] https://hashicorp.atlassian.net/browse/QT-578
[1] https://github.com/hashicorp/vault/actions/runs/5415830307/jobs/9844829929

Signed-off-by: Ryan Cragun <me@ryan.ec>
2023-07-05 15:19:49 -06:00
hc-github-team-secure-vault-core 917aeabbcf
backport of commit 8925dc22a0996d08af81f9c9883a66d0c21a88f8 (#21598)
Co-authored-by: Max Bowsher <maxbowsher@gmail.com>
2023-07-05 19:59:26 +00:00
hc-github-team-secure-vault-core 946329b29d
backport of commit e0472d4059decd4a5801e027c34d38b80e038a32 (#21590)
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
2023-07-05 15:29:29 -04:00
hc-github-team-secure-vault-core df1fb2c868
backport of commit 5ce57dbd00b4d81602b07a82430365f770bf0870 (#21589)
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-07-05 18:46:58 +00:00
hc-github-team-secure-vault-core 7392a0f6ec
backport of commit 78a86b450830ecaf963480f17e5ec1c9c7ad2dfc (#21584)
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
2023-07-05 12:56:59 -05:00
hc-github-team-secure-vault-core 5a6be772eb
backport of commit 52baf01e5352968d623502a4f49dbda12a4dc322 (#21580)
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
2023-07-05 10:16:02 -06:00