Commit graph

15980 commits

Author SHA1 Message Date
Alex Cahn 9542cffa65
Updating the VIP..again (#17375)
* Updating the VIP..again

* Update website/content/docs/partnerships.mdx

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
2022-09-30 17:02:34 -07:00
Tony Wittinger 4d6ee9de61
Updated CHANGELOG.md
Updated the changelog with 1.9.10, 1.10.7, 1.11.4, and 1.12.0-rc1 changes
2022-09-30 16:39:12 -07:00
Angel Garbarino 4cfd47d5fb
Fix small TtlPIcker2 bug (#17376)
* fix

* add changelog

* wrong file name for changelog

* update from what core responded with re: type duration
2022-09-30 18:28:27 -04:00
Jordan Reimer 25f4cfac6b
removes hcp link ui changelog entry (#17373) 2022-09-30 12:10:13 -06:00
Tom Proctor 4bd5af87f4
Plugins: Fix file permissions check to always use the correct path (#17340)
* Add failing test for when command != plugin name
* wrapFactoryCheckPerms uses pluginCatalog.Get to fetch the correct command
* Use filepath.Rel for consistency with plugin read API handler
2022-09-30 10:33:31 +01:00
Peter Wilson 42ba1384ff
Added flag and env var which will disable client redirection (#17352)
* Added flag and env var which will disable client redirection

* Added changelog

* Docs fix for unsaved file, and test single request made

* Updated test for case when redirect is enabled, updated docs based on suggestions
2022-09-30 09:29:37 +01:00
vinay-gopalan c88d53c708
fix: remove premature GRPC client connection close from vault (#17321) 2022-09-29 14:11:34 -07:00
Mike Palmiotto ff793895c9
build: Update VAULT_BUILD_DATE to use product-metadata job output (#17366)
* Temporarily continue on error retruned from Enos destroy

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
Co-authored-by: Jaymala Sinha <jaymala@hashicorp.com>
2022-09-29 16:55:44 -04:00
Mike Palmiotto 0078822d1d
core: Parse VAULT_ALLOW_PENDING_REMOVAL_MOUNTS as bool (#17319)
* core: Parse VAULT_ALLOW_PENDING_REMOVAL_MOUNTS as bool

* docs: Update VAULT_ALLOW_PENDING_REMOVAL_MOUNTS doc
2022-09-29 14:35:52 -04:00
Loann Le e27204c57b
updated table for 1.12 release (#17362) 2022-09-29 10:47:58 -07:00
Tom Proctor 12ca81bc9b
cli/api: Update plugin listing to always include version info in the response (#17347) 2022-09-29 18:22:33 +01:00
Angel Garbarino e9c2332ee5
PKI role create view (#17263)
* dynamically render the secretlistheader in the parent route.

* start getting form setup even without openAPi working

* add in create and cancel

* making openAPI work

* add default openAPI params

* wip for new component with two radio options a ttl and input

* handle createRecord on pki-roles-form

* remove tooltips and cleanup

* move formfieldgroupsloop back to non addon

* cleanup

* move secretListHeader

* broadcast from radioSelectTtlOrString to parent

* cleanup

* cleanup from pr comments

* more cleanup

* addressing Jordans comments

* use formFieldGroupsLoop move into addon.

* cleanup
2022-09-28 15:11:13 -07:00
Jordan Reimer e5fea11a8d
adds title to modal background test selector -- fixes add secondary replication test (#17354) 2022-09-28 15:56:46 -06:00
Peter Wilson e307450c63
fix: upgrade vault-plugin-secrets-kv to v0.13.1 (#17339)
* fix: upgrade vault-plugin-secrets-kv to v0.13.1

* Added changelog

* Update changelog/17339.txt

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2022-09-28 18:36:10 +01:00
mickael-hc e885ccfd8c
fix formatting for note in audit section (#17335) 2022-09-28 10:17:36 -07:00
Nick Cabatoff 3950abde9e
Fix incorrect Go version for next 1.12.0 2022-09-28 09:53:29 -04:00
Steven Clark 1f459a2df6
PKI: Fix managed key signatures when using specified signature_bits (#17328)
* PKI: Fix managed key signatures when using specified signature_bits

 - When calling sign-intermediate and other apis with signature_bits
   value overridden with a backing managed key we did not use that
   value as tests for the private key type were not working.

* Add cl
2022-09-28 09:08:23 -04:00
akshya96 542570c289
Return errInvalidCredentials when wrong credentials is provided for existent users (#17104)
* adding errInvalidCredentials

* fixing tests

* add changelog

* fixing fmt errors

* test if routeErr is seen externally and fixing error comment

* adding fmt changes

* adding comments
2022-09-27 16:49:14 -07:00
Alexander Scheel ccdd55529c
Remove delta indicator on main CRL (#17334)
When adding delta CRL support, we unconditionally added the delta
indicator extension to the main CRL. We shouldn't have done this, and
instead only added it conditionally when we were building delta CRLs.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-09-27 17:44:38 -04:00
Alexander Scheel f463b3d3e8
Increase sleep to fix CI cert auth test failure (#17332)
The periodic function only runs every 50ms, so waiting 60ms means we
might not be done fetching the CRL on slower CI systems or with high
test parallelism.

Tested with:

> untilfail -parallel=-9 ../../../cert.test -test.run=TestCRLFetch -test.count=1 -test.v

And shown to reliably fail before, fixed after.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-09-27 17:44:27 -04:00
Steven Clark c746befced
Update docs for new test/sign params for managed key api and GCP parameters (#17323)
* Update docs for new test/sign params for managed key api

 - The existing test/sign managed key api now has two new api params
   allowing an operator to specify to use RSA PSS signatures (use_pss)
   and to specify the hashing algorithm to use (hash_algorithm)

* Remove duplicate GCP signing algo entry

* Formatting nits and mention the key_ring for GCP needs to exist prior to usage

* Add some additional GCP environment vars
2022-09-27 16:17:44 -04:00
mickael-hc feddc21019
docs: clarify json types and workaround (#17318)
* docs: clarify json types and workaround

* Apply suggestions from code review

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-09-27 15:35:41 -04:00
Tom Proctor 6bad04908a
Plugin versioning changelog entries (#17322) 2022-09-27 16:24:21 +01:00
Violet Hynes 5bc85b08ef
VAULT-8144 Improve docs around exec (#17316)
* VAULT-8144 Improve docs around exec

* VAULT-8144 Add justification
2022-09-26 14:39:49 -04:00
Alexander Scheel 3eaa4b0d75
Write explicit -help output to stdout (#17308)
* Write explicit -help output to stdout

Per the consensus of most programs, and mirroring the GNU Coding
Standards for CLI design, when users request -help explicitly via the
CLI, this should be written to stdout to allow paging of output. stderr
is fine when an invalid usage triggers the help text however.

In our case, mitchellh/cli helpfully adds a HelpWriter that we
previously set to stderr explicitly. This writer is only called to print
user-requested help text; it is not called on error cases (e.g., bad
usage triggering additional help text to the user).

Thus it should safely be settable to stdout, enabling pagers without
additional redirects.

Notably, we do have to set ErrorWriter as it defaults to initializing to
the value of HelpWriter, which we want to set to stdout now, which is
less useful.

See also: https://www.gnu.org/prep/standards/html_node/_002d_002dhelp.html
Resolves: #17004

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-09-26 12:15:48 -04:00
Violet Hynes 5bcd0c31cb
VAULT-6938 Remove license from being cache exempt (#17265)
* VAULT-6938 Remove license from being cache exempt

* VAULT-6938 Add changelog

* VAULT-6938 Typo in changelog name

* Update changelog/17265.txt

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2022-09-26 10:26:07 -04:00
Josh Brand 6703c1e673
Enos: Add missing tags and use az_finder for AZs to Autopilot scenario (#17309) 2022-09-23 16:19:16 -04:00
Christopher Swenson 9d0e4986c2
Builtin plugins cannot be overridden in mounts (#17304)
Builtin plugins cannot be overridden in mounts

Before versioning, plugins with the same names as builtins (e.g., "kv")
could be registered, but trying to mount them would always use the
builtin versions.

With versioning, we still allow registering plugins with the same name
as a builtin. However, if the user tries to mount a versioned plugin
with the same name as a builtin, and specifies the non-builtin version
be used, we return an error.

Otherwise the user would see a confusing situation where the one or
both of the Version and RunningVersion would say they were using
the user-requested version, but in reality were using the builtin
version.

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2022-09-23 13:14:37 -07:00
Tom Proctor c778f2d822
Plugins: Handle plugins that may be registered with a slash in their name (#17301) 2022-09-23 20:00:10 +01:00
Milena Zlaticanin 89aa236bc5
docs/api-docs for Redis (#17029)
* docs/api-docs for Redis

* update doc

* add navigation to the docs

* Update website/content/api-docs/secret/databases/redis.mdx

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>

* Update website/content/docs/secrets/databases/redis.mdx

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>

* update setup list and lang tag for shell code blocks

* update language tag

* update based on suggestions

* update docs to include tls params

* add plugin to the plugin portal doc

* add -

* update api-docs-nav-data.json

* update field name

* Update website/content/docs/secrets/databases/redis.mdx

Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>

* Update website/content/docs/secrets/databases/redis.mdx

Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>

* Update website/content/docs/secrets/databases/redis.mdx

Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>

* Update website/content/docs/secrets/databases/redis.mdx

Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>

* Update website/content/api-docs/secret/databases/redis.mdx

Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>

* update docs

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
2022-09-23 10:25:43 -05:00
Chris Capurso 073018e372
fix namespace patch not found error message (#17242)
* fix namespace patch not found error message

* handle 404 in namespace patch cmd
2022-09-23 10:41:11 -04:00
Jordan Reimer efe5193a59
HCP Link Status Parsing and Modal Update (#17279)
* updates hcp link status parsing for new format and updates to modal view

* fixes missing wormhole in tests

* fixes transit backend tests

* reverts adding wormhole to LinkStatus for testing and instead adds it to impacted tests
2022-09-23 08:18:20 -06:00
Alexander Scheel 0c76168d3d
Add note about issuer naming and CRLs (#17298)
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-09-23 10:04:54 -04:00
Alexander Scheel 3015689848
Update tlsutil to v0.1.2 for ecdsa algo naming (#17282)
* Update tlsutil in sdk

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update tlsutil in API

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update tlsutil to v0.1.2 for ecdsa algo naming

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-09-23 08:28:40 -04:00
Tom Proctor e21995fa27
Plugins: Update running version everywhere running sha256 is set (#17292) 2022-09-23 11:19:38 +01:00
Tom Proctor afccbcb15e
CLI: Add version info to auth/secrets list -detailed (#17293) 2022-09-23 10:40:42 +01:00
Tom Proctor c77f009759
Plugins: Allow explicitly specifying the builtin version of a plugin (#17289) 2022-09-22 23:15:46 +01:00
claire bontempo b0499a7cdb
render ss tooltip conditionally (#17288) 2022-09-22 18:02:24 -04:00
Violet Hynes 2b8d8a3c6a
VAULT-8630 Fix goroutine leak from RLQ initialize (#17281)
* VAULT-8630 Fix goroutine leak from RLQ initialize

* VAULT-8630 Changelog

* VAULT-8630 additional nil check
2022-09-22 15:59:53 -04:00
Tom Proctor 7d09d5a653
CLI: Tune plugin version for auth/secret mounts (#17277)
* Add -plugin-version flag to vault auth/secrets tune
* CLI tests for auth/secrets tune
* CLI test for plugin register
* Plugin catalog listing bug where plugins of different type with the same name could be double counted
* Use constant for -plugin-version flag name
2022-09-22 20:55:46 +01:00
Rachel Culpepper b17ea8c6bd
Add managed key docs for gcp (#17280)
* add managed key docs for gcp

* fix algorithm parameter

* add missing bracket
2022-09-22 14:44:21 -05:00
Robert 254608f579
Add test for multihost connection strings with Postgres (#16912)
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2022-09-22 14:00:56 -05:00
Austin Gebauer a6139cd5b2
Fixes multiplexed plugin initialization after manual plugin reload (#17248)
* Fixes initialize not called after v5 plugin reload

* use request context instead of core activeContext
2022-09-22 10:16:21 -07:00
Hridoy Roy 5477fd86fa
Activity new clients for current month docs (#16472)
* docs draft

* docs complete

* change json for legibility

* change json for legibility

* namespace and mount attribution should exist outside new clients stanza

* address feedback

* Update website/content/docs/concepts/client-count/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* remove version from doc

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-09-22 10:00:18 -07:00
Rachel Culpepper 1c69e690aa
Transform BYOK Documentation (#17121)
* add api docs for transform byok endpoints

* add byok description to transform index page

* fix merge conflicts

* remove import_version for FPE

* text edits and add note about convergent tokenization

* add note for convergent tokenization
2022-09-22 10:56:12 -05:00
Bryce Kalow dfc3ad015a
website: content updates for developer (#17035)
* Chore (dev portal): update learn nav data links  (#15515)

* Update docs-nav-data.json

* Update docs-nav-data.json

* website: fixes internal redirects (#15750)

* chore: remove duplicate overview item (#15805)

* Use `badge` for `<sup>` tags in nav data JSON files (#15928)

* Replacing <sup> tags with badge

* Adding type and color to badges

* fix broken links in vault docs (#15976)

* website: Update old learn links to redirect locations (#16047)

* update previews to render developer UI

* update redirects

* adjust content so it is backwards compat

Co-authored-by: HashiBot <62622282+hashibot-web@users.noreply.github.com>
Co-authored-by: Kendall Strautman <36613477+kendallstrautman@users.noreply.github.com>
Co-authored-by: Ashlee M Boyer <43934258+ashleemboyer@users.noreply.github.com>
2022-09-22 08:11:04 -07:00
Yoan Blanc fa8f7c793f
fix: PGP subkeys support (#16224)
* fix: PGP subkeys support

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>

* fix: bump ProtonMail/go-crypto

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>

* fix: bump ProtonMail/go-crypto

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2022-09-22 09:12:41 -04:00
Tom Proctor f920640db7
Plugins: Auto version selection for auth/secrets + tune version (#17167) 2022-09-22 13:53:52 +01:00
Milena Zlaticanin 6593466b3e
secret/database/redis: upgrade plugin to v0.1.0 (#17270) 2022-09-21 19:39:50 -05:00
Christopher Swenson 895f2c9f3d
Change usages of RunningSha to RunningSha256 (#17266)
Some PRs got crossed and somehow these were missed in the
build checks for #17182.
2022-09-21 13:32:00 -07:00