* added exec and env_template config/parsing
* add tests
* we can reuse ctconfig here
* do not create a non-nil map
* check defaults
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* first go of exec server
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* convert to list
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* convert to list
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* sig test
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add failing example
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* refactor for config changes
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add test for invalid signal
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* account for auth token changes
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* only start the runner once we have a token
* tests in diff branch
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* fix rename
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Update command/agent/exec/exec.go
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* apply suggestions from code review
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* cleanup
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* remove unnecessary lock
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* refactor to use enum
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* dont block
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* handle default
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* make more explicit
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* cleanup
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* remove unused
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* remove unused file
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* remove test app
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* apply suggestions from code review
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* update comment
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add changelog
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* new channel for exec server token
* wire to run with vault agent
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* watch for child process to exit on its own
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* block before returning
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
---------
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* added exec and env_template config/parsing
* add tests
* we can reuse ctconfig here
* do not create a non-nil map
* check defaults
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* first go of exec server
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* convert to list
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* convert to list
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* sig test
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add failing example
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* refactor for config changes
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add test for invalid signal
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* account for auth token changes
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* only start the runner once we have a token
* tests in diff branch
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* fix rename
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Update command/agent/exec/exec.go
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* apply suggestions from code review
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* cleanup
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* remove unnecessary lock
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* refactor to use enum
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* dont block
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* handle default
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* make more explicit
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* cleanup
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* remove unused
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* remove unused file
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* remove test app
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* apply suggestions from code review
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* update comment
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add changelog
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* watch for child process to exit on its own
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
---------
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* upgrade go-jose library to v3
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
* chore: fix unnecessary import alias
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
* upgrade go-jose library to v2 in vault
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
---------
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
* added exec and env_template config/parsing
* add tests
* we can reuse ctconfig here
* do not create a non-nil map
* check defaults
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* convert to list
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* convert to list
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* sig test
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add failing example
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add test for invalid signal
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Update command/agent/config/config.go
* use latest consul-template
* fix build
* fix test
* fix test fixtures
* make fmt
* test docs
* rename file
* env var -> environment variable
* default to SIGTERM
* empty line
* explicit naming
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* clean typo
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* replace $ HOME with /home/username in examples
* remove empty line
---------
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <anton.averchenkov@hashicorp.com>
* VAULT-12940 test for templating user agent
* VAULT-12940 User agent work so far
* VAULT-12940 Vault Agent uses Vault Agent specific User-Agent header when issuing requests
* VAULT-12940 Clean-up and godocs
* VAULT-12940 changelog
* VAULT-12940 Fix test checking headers
* VAULT-12940 Fix test checking headers
* VAULT-12940 Fix test checking headers
* VAULT-12940 Fix test checking headers
* VAULT-12940 copy/paste typos
* VAULT-12940 improve comments, use make(http.Header)
* VAULT-12940 small typos and clean-up
* ensure we supply the node type when it's for a voter
* bumped autopilot version back to v0.2.0 and ran go mod tidy
* changed condition in knownservers and added some comments
* Export GetRaftBackend
* Updated tests for autopilot (related to dead server cleanup)
* Export Raft NewDelegate
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* deprecation check
* adding script
* add execute permission to script
* revert changes
* adding the script back
* added working script for local and GHA
* give execute permissions
* updating revgrep
* adding changes to script, tools
* run go mod tidy
* removing default ref
* make bootstrap
* adding to makefile
* Migrate subset of CircleCI ci workflow to GitHub Actions
Runs test-go and test-go-remote-docker with a static splitting of test packages
* [skip actions] add comment to explain the purpose of test-generate-test-package-lists.sh and what to do if it fails
* change trigger to push
---------
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
The [WebSockets spec](https://www.rfc-editor.org/rfc/rfc6455) states
that text messages must be valid UTF-8 encoded strings, which protobuf
messages virtually never are. This now correctly sends the protobuf events
as binary messages.
We change the format to correspond to CloudEvents, as originally intended,
and remove a redundant timestamp and newline.
We also bump the eventlogger to fix a race condition that this code triggers.
* fix: upgrade vault-plugin-secrets-mongodbatlas to v0.9.1
* add changelog
* Update changelog/19111.txt
Co-authored-by: Max Coulombe <109547106+maxcoulombe@users.noreply.github.com>
* use correct plugin type in changelog
---------
Co-authored-by: Max Coulombe <109547106+maxcoulombe@users.noreply.github.com>
Also updates the event receieved to include a timestamp.
Websockets support both JSON and protobuf binary formats.
This can be used by either `wscat` or the new
`vault events subscribe`:
e.g.,
```sh
$ wscat -H "X-Vault-Token: $(vault print token)" --connect ws://127.0.0.1:8200/v1/sys/events/subscribe/abc?json=true
{"event":{"id":"5c5c8c83-bf43-7da5-fe88-fc3cac814b2e", "note":"testing"}, "eventType":"abc", "timestamp":"2023-02-07T18:40:50.598408Z"}
...
```
and
```sh
$ vault events subscribe abc
{"event":{"id":"5c5c8c83-bf43-7da5-fe88-fc3cac814b2e", "note":"testing"}, "eventType":"abc", "timestamp":"2023-02-07T18:40:50.598408Z"}
...
```
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Raymond Ho