Commit Graph

16911 Commits

Author SHA1 Message Date
Raymond Ho 96e966e9ef
VAULT-13614 Support SCRAM-SHA-256 encrypted passwords for PostgreSQL (#19616) 2023-03-21 12:12:53 -07:00
mickael-hc 427b4dbd49
security model updates (#19656) 2023-03-21 11:14:00 -07:00
Kuba Wieczorek 641f42f767
Add a GHA job running Go tests with race detection enabled to the CI … (#19561)
* Add a GHA job running Go tests with race detection enabled to the CI workflow

* Incorporate logic from test-go-race into the test-go testing matrix

* Make test-go testing matrix job names more meaningful

* Fix some a bug in script's logic

* Experiment: bump wait time in the failing TestLoginMFASinglePhase test to see if that makes a difference

* Lower the wait time in TestLoginMFASinglePhase

* Change the wait time in TestLoginMFASinglePhase to 15

* Add more detail to test-go testing matrix job names

* Test whether we already have access to larger runners

* Run Go tests with enabled data race detection from a separate job than the standard suite of tests

* Tweak runner sizes for OSS

* Try rebalancing test buckets

* Change instance type for larger ENT runners

* Undo rebalancing of test buckets as it changed nothing

* Change instance type for larger OSS runners

* Change the way we generate names for matrix jobs

* Consolidate the Go build tags variables, update them to use comma as a separator and fix the if statement in test-go

* Fix a typo
2023-03-21 14:13:40 -04:00
Chris Capurso 12cf80fafd
user Platform from host info for node status OS (#19611) 2023-03-21 09:53:31 -04:00
claire bontempo 566a29ee23
UI/update auth form to fetchRoles after a namespace is inputted, prior to OIDC auth (#19541)
* re-fetch roles if there is a namespace

* remove redundant conditional

* reorder oidc auth operations

* add test

* test cleanup

* add changelog
2023-03-21 07:51:15 -06:00
Rowan Smith c29f5e718a
docs / Update 1.13.0 Known Issues (#19601)
* Update 1.13.0.mdx

add a note to known issues

* Update website/content/docs/release-notes/1.13.0.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

---------

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-03-20 18:14:41 -07:00
Mike Palmiotto d6a1cc63ac
activitylog: Fix pq.Get trace logger output (#19650) 2023-03-20 19:35:40 -04:00
Steven Clark ae4b02e6c4
Fix for PKI.TestStandby_Operations test to work in ENT (#19647)
* Fix for PKI.TestStandby_Operations test to work in ENT

 - Remove wait call to testhelpers.WaitForActiveNodeAndStandbys and
   leverage testhelpers.WaitForStandbyNode instead.

* Use InmemBackendSetup for a proper HA backend in ENT
2023-03-20 21:11:56 +00:00
Daniel Huckins 058710d33d
Add `-mount` flag to kv list command (#19378)
* add flag

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* handle kv paths

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* scaffold test

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* need metadata for list paths

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add (broken) test

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* fix test

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* update docs

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add changelog

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* format

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add godoc

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add test case for mount only

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* handle case of no unnamed arg

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add non-mount behavior

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add more detail to comment

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add v1 tests

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

---------

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
2023-03-20 16:26:21 -04:00
Rowan Smith c581f90c05
Update deregister.mdx (#19573)
adding `-version=` parameter to docs
2023-03-20 12:08:20 -07:00
Austin Gebauer 66e26d2735
secrets/ldap: upgrades plugin to v0.10.1 (#19640)
* secrets/ldap: upgrades plugin to v0.10.1

* adds changelog
2023-03-20 11:29:09 -07:00
Tom Proctor 7fd394fc76
Docs: Implementing the plugin version interface (#19606) 2023-03-20 17:43:31 +00:00
Anton Averchenkov 4d10063cbd
openapi: Fix logic for labeling unauthenticated/sudo paths (#19600) 2023-03-20 13:25:09 -04:00
Alexander Scheel 1fe1c756ab
Add known issue text for PKI revocation (#19632)
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-20 12:24:05 -04:00
Alexander Scheel 411705d723
More wrapped errors - PKI, SSH, Transit (#19631)
* Add missing wrapped errors in PKI

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add missing wrapped errors in SSH

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add missing wrapped errors in Transit

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-20 16:00:49 +00:00
Steven Clark 2217731266
Forward PKI revocation requests received by standby nodes to active node (#19624)
* Forward PKI revocation requests received by standby nodes to active node

 - A refactoring that occurred in 1.13 timeframe removed what was
   considered a specific check for standby nodes that wasn't required
   as a writes should be returning ErrReadOnly.
 - That sadly exposed a long standing bug where the errors from the
   storage layer were not being properly wrapped, hiding the ErrReadOnly
   coming from a write and failing the request.

* Add cl

* Add test for basic PKI operations against standby nodes
2023-03-20 14:58:36 +00:00
Mike Palmiotto 2381e6be66
Add no-op CensusAgent (#19625)
* Add no-op CensusAgent

* Changelog for Census Agent background worker
2023-03-20 10:51:35 -04:00
Violet Hynes e627737fe8
VAULT-8337 OSS changes (#19580) 2023-03-20 09:04:55 -04:00
Tom Proctor f1f5c8444a
Suppress event broker not started log warning (#19593) 2023-03-20 11:14:14 +00:00
Steven Clark 6fbf3da148
Add known issue about OCSP GET redirection responses (#19523) 2023-03-17 18:07:04 +00:00
Kianna f96851d699
UI: Glimmerize Chevron, EmptyState, FieldGroupShow, InfoTooltip, Icon (#19570) 2023-03-17 09:22:12 -07:00
Violet Hynes 31f764b82b
Update KV-V2 docs to explicitly call out the secret mount path as a parameter (#19607)
* Update KV-V2 docs to explicitly call out the secret mount path as a parameter

* Missed some angular brackets

* remove wishy language
2023-03-17 12:21:55 -04:00
Kianna da72adcc4c
UI: Glimmerize InfoTable, PageHeader, UpgradePage, NamespaceReminder, PageHeaderLevel Left,Right,Top (#19572) 2023-03-17 08:13:54 -07:00
Hamid Ghaf 85ead99d64
vault-12244 (#19591)
* vault-12244

* CL
2023-03-17 07:52:54 -07:00
Kianna d6e1dec686
UI: Glimmerize - Colocate template and remove component file (#19569) 2023-03-17 07:38:52 -07:00
Kianna f0283988bb
UI: Glimmerize BoxRadio and AlertPopup (#19571) 2023-03-17 07:37:33 -07:00
Chris Capurso 078d4eef7c
update link policy fetch URL (#19371)
* update link policy fetch URL

* fix fmt
2023-03-17 09:09:25 -04:00
miagilepner ec4bd1fb25
VAULT-14204 Update parameter policy documentation (#19586) 2023-03-17 11:14:54 +01:00
Mike Baum 8de15e4827
[QT-523] Remove copyright/license header from raft config used in the Docker/K8S integration test (#19584) 2023-03-16 17:39:59 -04:00
Violet Hynes 943678e359
Fix remount for mounts with spaces in the name (#19585)
* Fix remount for mounts with spaces in the name

* Git mishap

* Git mishap

* Changelog

* Godocs for tests
2023-03-16 15:26:55 -04:00
Marc Boudreau 00219b3917
comment out HCP_SCADA_ADDRESS environment variable (#19583) 2023-03-16 13:04:23 -04:00
Mike Palmiotto 89d7b874ba
Add upgrade note for Removed builtins in 1.13 (#19531) 2023-03-15 22:18:44 +00:00
Ryan Cragun cebde2f880
ci: pin terraform until planning bug is resolved (#19560)
Signed-off-by: Ryan Cragun <me@ryan.ec>
2023-03-15 17:54:18 +00:00
Austin Gebauer f73348e501
database/elasticsearch: upgrades plugin to v0.13.1 (#19545)
* database/elasticsearch: upgrades plugin to v0.13.1

* adds changelog
2023-03-15 10:24:03 -07:00
Hamid Ghaf 27bb03bbc0
adding copyright header (#19555)
* adding copyright header

* fix fmt and a test
2023-03-15 09:00:52 -07:00
Scott Miller de31641aea
Add the Tokenization/Rotation persistence issue as a Known Issue (#19542)
* Note the known issue with rotation interaction with tokenization key policy persistence

* typo
2023-03-15 09:42:02 -05:00
Violet Hynes fdd38deb49
Update auto-auth docs to remove tilde for home (#19548)
* Update auto-auth docs to remove tilde for home

* Extra clean-up
2023-03-15 09:35:43 -04:00
Francis Chuang 74c3697144
Add Oracle Cloud auth to the Vault Agent (#19260)
* Add Oracle Cloud auth to the Vault Agent

* Use ParseDurationSecond to parse credential_poll_interval

* Use os.UserHomeDir()
2023-03-15 09:08:52 -04:00
Angel Garbarino bd8d3d4e07
Glimmer Navigate Input component (#19517)
* wip

* wip

* todo hackeweek remove

* clean up

* add documetnation and fix test failure

* pr review changes

* spelling

* remove unused method
2023-03-14 20:23:04 -06:00
AnPucel 65e5730c6c
PKI Responses Part 4 (#18612) 2023-03-14 15:00:37 -07:00
Violet Hynes 85f845c3e0
VAULT-12798 Correct removal behaviour when JWT is symlink (#18863)
* VAULT-12798 testing for jwt symlinks

* VAULT-12798 Add testing of jwt removal

* VAULT-12798 Update docs for clarity

* VAULT-12798 Small change, and changelog

* VAULT-12798 Lstat -> Stat

* VAULT-12798 remove forgotten comment

* VAULT-12798 small refactor, add new config item

* VAULT-12798 Require opt-in config for following symlinks for JWT deletion

* VAULT-12798 change changelog
2023-03-14 15:44:19 -04:00
Anton Averchenkov e19dc98016
Ignore special HTTP fields in response validation tests (#19530) 2023-03-14 13:21:20 -04:00
Angel Garbarino 42f5894be0
Remove oracle banner (#19532)
* remove oracle banner

* add back extra test coverage for other banner

* add description
2023-03-14 15:19:46 +00:00
John-Michael Faircloth 1553c310c4
Fix a possible data race with rollback manager and plugin reload (#19468)
* fix data race on plugin reload

* add changelog

* add comment for posterity

* revert comment and return assignment in router.go

* rework plugin continue on error tests to use compilePlugin

* fix race condition on route entry

* add test for plugin reload and rollback race detection

* add go doc for test
2023-03-14 09:36:37 -05:00
Peter Wilson f7f19aab3c
add comment to explain use of math/rand package in lifetime_watcher (#19533) 2023-03-14 13:17:26 +00:00
Rachel Culpepper b04ef55f78
change mul and div functions (#19495) 2023-03-13 14:52:55 -05:00
Ashlee M Boyer 788af4a90e
Remove .mdx extension from link (#19514) 2023-03-13 15:03:06 -04:00
Alexander Scheel ab3d6d61e0
Add support for importing RSA-PSS keys into Transit (#19519)
* Add support for importing RSA-PSS keys in Transit

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-13 17:03:01 +00:00
Tom Proctor 480c1dc85b
sdk: Fix fmt + add FieldType test (#19493)
* sdk: Fix fmt + add FieldType test

* Add test comment
2023-03-10 18:07:48 +00:00
Meggie be18d6cac3
Un-hiding link to 1.13 upgrade guide (#19505)
* Un-hiding link to 1.13 upgrade guide

* Removing draft notice
2023-03-10 11:30:19 -05:00