Commit graph

13859 commits

Author SHA1 Message Date
Hridoy Roy fff7dc7a40
Diagnose docs + changelog (#12159)
* save

* diagnose docs

* changelog

* changelog formatting
2021-07-26 08:45:12 -07:00
Nick Cabatoff f7ecb978a6
Use a mode when opening the db file that won't result in excessive perms. (#12160) 2021-07-23 13:43:50 -04:00
Angel Garbarino 5181d024f7
Add fallback font for masked-input (#12152)
* add fallback font for higher unicode coverage

* remove extra mixin and fix color issue that was not working on binary
2021-07-23 10:11:53 -06:00
Bryce Kalow d2fe8efa58
website: fix release notes link (#12145) 2021-07-23 09:54:11 -04:00
Arnav Palnitkar c71a6b6312
Update node to latest stable version (#12049)
* Update node to latest stable version

- v10 has reached EOL so upgrading node to v14 which is the latest
stable build

* Added changelog

* Resolve merge conflicts
2021-07-22 14:09:12 -07:00
Pratyoy Mukhopadhyay 11a3c3d72d
[VAULT-2807] Count entity tokens on use (#12153) 2021-07-22 14:01:49 -07:00
Mike Green ac37d0e5a9
Clarify sudo req'd for remount (#12139) 2021-07-22 16:09:26 -04:00
Jacob e579cf4ad1
docs/update replication seal table (#12147)
* Update replication.mdx 

Add separate secondary seal and recovery key columns to better distinguish what is updated in each scenario.

* Update replication.mdx, fix caps.
2021-07-22 15:41:36 -04:00
Nicholas Seemiller 87ff4bfac8
Create Kubernetes Namespace (#11902)
If you're setting up vault for the first time on a cluster, the namespace may not exist.

Add a step to create the namespace.
2021-07-22 15:41:22 -04:00
Nick Cabatoff 20a8bb3a49
changelog++ (#12144) 2021-07-21 16:35:47 -04:00
Romain Aviolat c76a4e8bd1
fix: typo in function documentation (#11852) 2021-07-21 13:21:45 -07:00
Tor E Hagemann de2ee46525
fix: print consul svc addr in debug log (#12115)
* fix: print consul svc addr in debug log

* fix: add small change log 12115.txt
2021-07-21 13:12:49 -07:00
Nick Cabatoff 9a26209a9d
Fix a couple of broken links to api docs. (#12143)
* Fix a couple of broken links to api docs.

* Qualify deprecation.
2021-07-21 13:09:32 -07:00
claire bontempo b05ffa88d5
Improve Secret Empty States (#12084)
* adds conditional to render 'minus plain' icon when key doesn't exist

* shows a hyphen when KV secret doesn't have a key and/or value

* fixes tests
2021-07-21 12:47:52 -07:00
Meggie 892545e41d
Document timeout setting for raft snapshots (#12140)
* Document timeout setting for raft snapshots

We don't usually put this kind of information in the documentation, but
we are aware that snapshots can be slow and I could see this message
saving someone a lot of time. Open to closing this PR though if we
definitely don't want this kind of documentation.

* Fixing link
2021-07-21 15:14:08 -04:00
John-Michael Faircloth 877b8166f2
docs: Update Database Capabilities to include username customization (#12130)
* Update Database Capabilities docs page to include username customization column

* fix elasticdb entry, yes for 1.8+
2021-07-21 13:24:22 -05:00
Jeff Mitchell 33ff878946
Move awsutil over to the go-secure-stdlib version (#12128)
Unlike the other libraries that were migrated, there are no usages of
this lib in any of our plugins, and the only other known usage was in
go-kms-wrapping, which has been updated. Aliasing it like the other libs
would still keep the aws-sdk-go dep in the sdk module because of the
function signatures. So I've simply removed it entirely here.
2021-07-20 20:42:00 -04:00
Nick Cabatoff 9db6e16a2a
Document bootstrap API. (#12132) 2021-07-20 18:24:49 -04:00
Calvin Leung Huang 185905d110
docs: remove username_template until after Vault 1.8 (#12129) 2021-07-20 11:46:09 -07:00
Lars Lehtonen a9153d7348
builtin/logical/database: fix dropped test errors (#12123) 2021-07-20 11:13:50 -07:00
Jeff Mitchell fb473a8b9b
Swap out stepwise for external repo version (#12089) 2021-07-20 13:20:23 -04:00
vinay-gopalan 859b60cafc
[VAULT-1969] Add support for custom IAM usernames based on templates (#12066)
* add ability to customize IAM usernames based on templates

* add changelog

* remove unnecessary logs

* patch: add test for readConfig

* patch: add default STS Template

* patch: remove unnecessary if cases

* patch: add regex checks in username test

* patch: update genUsername to return an error instead of warnings

* patch: separate tests for default and custom templates

* patch: return truncate warning from genUsername and trigger a 400 response on errors

* patch: truncate midString to 42 chars in default template

* docs: add new username_template field to aws docs
2021-07-20 09:48:29 -07:00
Chelsea Shaw 4a9669a1bc
UI/database cg read role (#12111)
* Add type param to secret show, handle CG in database role show

* If roleType is passed to credential, only make one creds API call

* Clean up db role adapter and serializer

* url param roleType passed to credentials call

* Role list capabilities check for static and dynamic separately

* Add changelog

* Consistent adapter response for single or double call

* Prioritize dynamic response if control group on role/creds
2021-07-20 11:28:44 -05:00
swayne275 ed361ee8da
Fix minor typo in Internals/Plugins documentation (#12113)
* fix minor plugin doc typo

* fix limits of of typo and related

* forgot to save on this typo fix
2021-07-20 07:21:24 -06:00
Nick Cabatoff e98b45fc79
Fix license expiration metric name in docs. (#12125) 2021-07-19 19:19:32 -04:00
Pratyoy Mukhopadhyay 3990446e46
Update some metric types, fix some wording (#12122) 2021-07-19 14:54:24 -07:00
Ben Ash e899e2adfa
Add ability to optionally clone an api.Client's headers (#12117) 2021-07-19 17:15:31 -04:00
Meggie 08de78aedd
Elaborating on telemetry persistence (#12119)
* Elaborating on telemetry persistence

Some users understand how an aggregator relates to Vault telemetry, and
some users are approaching this concept for the first time. Those newer
to the concepts benefit from some extra clarification that the metrics
sourced directly from Vault aren't stored anywhere.

Sources:
https://prometheus.io/docs/concepts/metric_types/
https://github.com/OpenObservability/OpenMetrics/blob/main/specification/OpenMetrics.md
https://docs.splunk.com/observability/metrics-and-metadata/metric-types.html

* Updated summary note
2021-07-19 16:12:29 -04:00
Austin Gebauer f7586e475d
changelog: update feature formatting for gcp and key management secrets (#12120) 2021-07-19 12:16:27 -07:00
Jason O'Donnell afc33ba7aa
Change changelog type for openldap bug fix (#12112) 2021-07-16 16:37:21 -04:00
Dave Shepherd f6770be254
Add AWS Cognito secrets engine to community section of the plugins website page (#11966) 2021-07-16 13:22:33 -07:00
Mike Green 20b84c4deb
Docs: Add link to more sentinel examples (#11931) 2021-07-16 16:20:41 -04:00
Josh Black 9052ed6466
Document bolt metrics (#12107) 2021-07-16 11:44:30 -07:00
Scott Miller 95008aab19
Upgrade packagespec to latest on main (#12074) 2021-07-16 11:33:05 -05:00
Nick Cabatoff 1a32ab0628
Add support for testing Azure storage backend in CI using Azurite. (#12057)
Also hack the pagination test until the upstream azurite bugfix (https://github.com/Azure/Azurite/issues/910)
makes it into an Azurite release.
2021-07-16 10:33:53 -04:00
Meggie 440cc1b830
Updating changelog link to main (#12110) 2021-07-16 09:39:51 -04:00
Tom Proctor 47457b1298
Add ServiceNow credential resolver docs (#11996)
* Add ServiceNow credential resolver docs

* Add information about using system CAs

* Add field mappings and troubleshooting tips
2021-07-16 10:53:14 +01:00
Jeff Mitchell f7147025dd
Migrate to sdk/internalshared libs in go-secure-stdlib (#12090)
* Swap sdk/helper libs to go-secure-stdlib

* Migrate to go-secure-stdlib reloadutil

* Migrate to go-secure-stdlib kv-builder

* Migrate to go-secure-stdlib gatedwriter
2021-07-15 20:17:31 -04:00
Scott Miller 555eb2ae0b
Add advice as a trace option to spot checks (#12105)
* Add advice as a trace option to spot checks

* typo

* Collect advice when forming the tree
2021-07-15 18:01:51 -05:00
Mike Green 53759228b0
Clarify token create policies behavior (#12106) 2021-07-15 18:13:58 -04:00
Scott Miller 3f01d92d3b
Suppress logging during a diagnose run (#12101)
* Suppress logging during a diagnose run

* remove debugging
2021-07-15 16:54:59 -05:00
Yahya 476b293a85
docs: fix heading number in SSH (#12029) 2021-07-15 14:25:45 -07:00
John-Michael Faircloth 3baff15c9d
mongodbatlas: update changelog for username customization (#12098) 2021-07-15 15:44:03 -05:00
Austin Gebauer d1c090fe63
secrets/database: fixes external plugin reconnect after shutdown for v4 and v5 interface (#12087)
* secrets/database: fixes external plugin shutdown reconnect for v5 interface

* adds changelog entry

* fixes handling of plugin shutdown for password generation on v4 interface
2021-07-15 13:41:04 -07:00
Jason O'Donnell 03788bdba2
secrets/ad: change improvement to feature in changelog (#12095)
* secrets/ad: change improvement to feature in changelog

* Update per feature requirements
2021-07-15 15:55:40 -04:00
claire bontempo 30f9bbd9f5
UI/Clarifies error message for exit test process (#12094)
* adds console log to elaborate on error message

* fixes browserstack failure
2021-07-15 12:54:42 -07:00
Angel Garbarino 288bc28127
Clarify KV 2 API docs (#12086)
* initial draft of changes

* address pr comments and add changelog

* remove changelog
2021-07-15 13:09:12 -06:00
Meggie c6e047d953
changelog++ 2021-07-15 13:59:53 -04:00
vinay-gopalan c20b5f1040
[VAULT-1986] Cap AWS Token TTL based on Default Lease TTL (#12026)
* fix: cap token TTL at login time based on default lease TTL

* add changelog file

* patch: update warning messages to not include 'at login'

* patch: remove default lease capping and test

* update changelog

* patch: revert warning message
2021-07-15 10:05:38 -07:00
Nick Cabatoff f027a1b1ff
Revert #12061 due to failures in TestLogical_RequestSizeLimit (#12093) 2021-07-15 12:55:09 -04:00