2da7de2fec
Minimal changes to solve Dependency CVEs [VAULT-871] ( #11015 )
...
* minimal changes to solve most of the cves
* cleanup
* finished go mod vendor upgrades
2021-03-01 14:35:40 -08:00
00c1acf0e1
Vendor OpenLDAP v0.4.0 ( #10996 )
2021-02-25 13:00:00 -07:00
eb891db72d
Vendor Couchbase DB plugin v0.3.0 ( #10995 )
2021-02-25 12:59:45 -07:00
0c17cb5a79
upgrade consul template ( #10973 )
2021-02-22 14:24:27 -08:00
2aff402279
Bundle new Vault plugin: Terraform secrets ( #10931 )
...
* Bundle Terraform secrets engine
* update go.mod/sum
* vendor update
* add changelog entry
* add secrets terraform
2021-02-19 16:38:56 -06:00
4a96126d5a
Revert "Vault Dependency Upgrades [VAULT-871] ( #10903 )" ( #10939 )
...
This reverts commit eb74ca61fc4dcb7038f39defb127d5d639ba0ca1.
2021-02-18 15:40:18 -05:00
a26d1300e8
Vault Dependency Upgrades [VAULT-871] ( #10903 )
...
* upgrade vault dependency set
* etcd and grpc issues:
* better for tests
* testing
* all upgrades for hashicorp deps
* kubernetes plugin upgrade seems to work
* kubernetes plugin upgrade seems to work
* etcd and a bunch of other stuff
* all vulnerable packages upgraded
* k8s is broken in linux env but not locally
* test fixes
* fix testing
* fix etcd and grpc
* fix etcd and grpc
* use master branch of go-testing-interface
* roll back etcd upgrade
* have to fix grpc since other vendors pull in grpc 1.35.0 but we cant due to etcd
* rolling back in the replace directives
* a few more testing dependencies to clean up
* fix go mod vendor
2021-02-18 12:31:57 -08:00
a7531a11ea
Updates the JWT/OIDC auth plugin ( #10919 )
2021-02-16 17:21:35 -08:00
6e1b183f79
Shutdown Test Cores when Tests Complete ( #10912 )
...
* Shutdown Test Cores when Tests Complete
* go mod vendor
2021-02-12 13:04:48 -07:00
d22c6f9a7a
Update gopsutil & x/sys libraries ( #10889 )
2021-02-10 14:33:11 -07:00
baf50061e9
MSSQL - Add username customization ( #10767 )
2021-02-05 11:14:24 -07:00
43a05c5e84
PostgreSQL - Add username customization ( #10766 )
2021-02-04 16:05:56 -07:00
ec18926754
Vendor OpenLDAP dynamic secrets ( #10818 )
2021-02-02 11:41:47 -07:00
fa5784d789
Pull in newest consul-template from master and all corresponding dependencies [VAULT-1392] ( #10756 )
...
* pull in newest consul template with bugfix and all dependencies
* pull in newest consul template with bugfix and all dependencies
* Rename readme.md to README.md
* add changelog
2021-01-29 12:30:16 -08:00
508d33e64a
Updating GCP secrets plugin ( #10759 )
...
* Update gcp secrets plugin pseudo tag
2021-01-26 09:35:49 -08:00
5794c4e91e
Updating snowflake plugin to 0.1.1 ( #10709 )
2021-01-20 12:56:36 -08:00
331529fc94
Aerospike storage backend ( #10131 )
...
* add an Aerospike storage backend
* go mod vendor
* add Aerospike storage configuration docs
* review fixes
* bump aerospike client to v3.1.1
* rename the defaultHostname variable
* relocate the docs page
2021-01-12 15:26:07 -08:00
7189a67a33
Adding snowflake as a bundled database secrets plugin ( #10603 )
...
* Adding snowflake as a bundled database secrets plugin
* Add snowflake-database-plugin to expected bundled plugins
* Add snowflake plugin name to the mockBuiltinRegistry
2021-01-07 09:30:24 -08:00
058532406b
mod: update secrets-gcp to latest ( #10558 )
2020-12-14 11:42:53 -08:00
747d49150b
Updates the OIDC/JWT auth plugin ( #10546 )
2020-12-14 10:07:07 -08:00
1911e92dca
Add template helper library ( #10500 )
2020-12-11 13:23:08 -07:00
cc7efd393d
MySQL - Fix username generation length bug ( #10433 )
2020-12-01 15:24:51 -07:00
32cb144d0d
Update HCL dependency to fix ParseACLPolicy error on invalid syntax ( #10156 )
2020-11-30 09:17:33 -06:00
ca72dd4761
mod: update database-couchbase to v0.2.1 ( #10286 )
2020-10-30 14:29:54 -07:00
531e2eb613
mod: update vault plugins ( #10283 )
2020-10-30 13:28:47 -07:00
a15236e664
Updating to jwt plugin@master ( #10266 )
2020-10-29 14:25:06 -07:00
08486cdbb9
mod: update gopsutil@v2.20.9 ( #10261 )
2020-10-28 17:20:54 -07:00
b7cf4a05ff
Add support for Managed Identity auth for physical/Azure ( #10189 )
...
* Add support for Managed Identity auth for physical/Azure
Obtain OAuth token from IMDS to allow for access to Azure Blob with
short-lived dynamic credentials
Fix #7322
* add tests & update docs/dependencies
2020-10-28 15:04:26 -07:00
95bbd8d920
Merge PR #10192 : Auto-Join: Configurable Scheme & Port (and add k8s provider)
2020-10-23 16:13:09 -04:00
bd79fbafb3
Add couchbase, elasticsearch, and mongodbatlas back ( #10222 )
...
Updated the `Serve` function so these can be added back into Vault
2020-10-22 17:20:17 -06:00
e6c8ee24ea
DBPW - Enables AutoMTLS for DB plugins ( #10220 )
...
This also temporarily disables couchbase, elasticsearch, and
mongodbatlas because the `Serve` function needs to change signatures
and those plugins are vendored in from external repos, causing problems
when building.
2020-10-22 15:43:19 -06:00
92fa04c910
Update auth/jwt to latest master ( #10214 )
...
Fixes oidc config UI, and adds EdDSA (ed25519) to supported algorithms
2020-10-22 13:59:37 -07:00
f4a3bf46ed
Couchbase -> 0.2.0; Elasticsearch -> 0.6.0; MongoDBAtlas -> 0.2.0 ( #10188 )
2020-10-20 11:48:53 -06:00
a3375f0fc8
Set default IMDS timeouts to match AWS SDK ( #10133 )
2020-10-16 15:54:16 -07:00
a9e7edab39
DBPW - Updated couchbase plugin ( #10162 )
2020-10-16 15:19:42 -06:00
66274607b7
OSS changes for enterprise automated snapshots ( #10160 )
2020-10-16 14:57:11 -04:00
bd2dc7734c
Backport leader status telemetry [VAULT-672] ( #10147 )
...
* backport VAULT-672
* backport VAULT-672
* go mod tidy
* go mod tidy
* add back indirect import
* replace go mod and go sum with master version
* go mod vendor
* more go mod vendor
Co-authored-by: Hridoy Roy <hridoyroy@Hridoys-MBP.hitronhub.home>
Co-authored-by: Hridoy Roy <hridoyroy@Hridoys-MacBook-Pro.local>
2020-10-15 14:15:58 -07:00
84dbca38a1
Revert "Migrate internalshared out ( #9727 )" ( #10141 )
...
This reverts commit ee6391b691ac12ab6ca13c3912404f1d3a842bd6.
2020-10-13 16:38:21 -07:00
d37be9af6e
Merge PR #10095 : Integrated Storage Cloud Auto-Join
2020-10-13 16:26:39 -04:00
e6881c8147
Migrate internalshared out ( #9727 )
...
* Migrate internalshared out
* fix merge issue
* fix merge issue
* go mod vendor
Co-authored-by: Brian Kassouf <bkassouf@hashicorp.com>
2020-10-12 11:56:24 -07:00
0b7c6d2f71
Update couchbase plugin to use v5 dbplugin ( #10124 )
...
* Update couchbase plugin to use v5 dbplugin
2020-10-09 13:47:13 -07:00
5705133c2b
Fix checksum for vault-plugin-secrets-ad ( #10125 )
2020-10-09 13:53:27 -06:00
abcac87687
secrets/ad: update dependency ( #10121 )
2020-10-09 14:07:04 -04:00
cf9a7373bb
Update ad plugin to v0.6.7 ( #10116 )
2020-10-08 17:00:45 -04:00
9b599c8162
Migrate to azure-storage-blob-go ( #9577 )
...
The azure sdk for go is maintenance-only for storage, see https://github.com/Azure/azure-sdk-for-go/tree/master/storage\#azure-storage-sdk-for-go-preview
Migrate to new azure-storage-blob-go SDK
Minor test improvements
Fix #9661
2020-10-05 14:37:13 -07:00
dc5a0da770
Pull latest raft updates ( #10055 )
...
* Implement raft peers metric
* Remove old peers metric
* Update vault raft dependency
* Add peer_id docs
2020-10-05 16:36:48 +02:00
52581cd472
Add logging during awskms auto-unseal ( #9794 )
...
Adds debug and warn logging around AWS credential chain generation,
specifically to help users debugging auto-unseal problems on AWS, by
logging which role is being used in the case of a webidentity token.
Adds a deferred call to flush the log output as well, to ensure logs
are output in the event of an initialization failure.
2020-09-28 14:06:49 -07:00
8b20c04eb1
Update to vault-plugin-auth-kubernetes@master ( #10004 )
2020-09-24 15:44:06 -07:00
60e0cbbc37
[DBPW 4/X] Update DB engine to support v4 and v5 interfaces with password policies ( #9878 )
2020-09-18 15:10:54 -06:00
8d830fc772
Upgrade bolt to get 543c40ab41 to avoid panics in tests. ( #9964 )
2020-09-16 15:35:43 -04:00
Hridoy Roy