* Auto-join support for IPv6 discovery
The go-discover library returns IP addresses and not URLs. It just so
happens net.URL parses "127.0.0.1", which isn't a valid URL.
Instead, we construct the URL ourselves. Being careful to check if it's
an ipv6 address and making sure it's in explicit form if so.
Fixes#12323
* feedback: addrs & ipv6 test
Rename addrs to clusterIPs to improve clarity and intent
Tighten up our IPv6 address detection to be more correct and to ensure
it's actually in implicit form
* OIDC Provider: implement discovery endpoint
* handle case when provider does not exist
* refactor providerDiscover struct and add scopes_supported
* fix authz endpoint
* Send x-forwarded-for in Okta Push Factor request
Why:
In order for Okta to properly report the location of the authentication
attempt, the X-Forwarded-For header must be included in the request to
Okta (if it exists).
This change addresses the need by:
* Duplicating the value of X-Forwarded-For if it's passed through to the
auth backend
* Add changelog entry for 12320
* Override loading behavior which breaks query params passed to API calls
* Only show loading state if transition is not queryparams only
* Add changelog
* Skip loader if testing
* initial setup
* form field editType kv is very helpful
* setting up things
* setup two routes for metadata
* routing
* clean up routing
* meh router changes not my favorite but its working
* show metadata
* add controller for backendCrumb mixin
* setting up edit metadata and trimming SecretEditMetadata component
* add edit metadata save functionality
* create new version work
* setup model and formfieldgroups for added config data.
* add config network request to secret-engine
* fix validations on config
* add config rows
* breaking up secret edit
* add validation for metadata on create
* stuff, but broken now on metadata tab
* fix metadata route error
* permissions
* saving small text changes
* permissions
* cleanup
* some test fixes and convert secret create or update to glimmer
* all these changes fix secret create kv test
* remove alert banners per design request
* fix error for array instead of object in jsonEditor
* add changelog
* styling
* turn into glimmer component
* cleanup
* test failure fix
* add delete or
* clean up
* remove all hardcoded for api integration
* add helper and fix create mode on create new version
* address chelseas pr comments
* add jsdocs to helper
* fix test
* Upgrade note for Alpine 3.14 docker images
It might break things for some people
* Add CVE #
Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com>
* Adding upgrade note to all relevant versions
Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com>
* Client count config view
- Switched to toggle button from checkbox and updated the design
- Switched to ember octane
- Update ember concurrency dependency
* Fixed integration tests
* Added changelog
* Update switch label on toggle
* Code cleanup
* Fixed test
The previous version of `go-discover` pulled in a broken version of
`tencentcloud-sdk-go`, resulting in anything that runs `go get -d`
downstream breaking... ie, a dep on hashicorp vault will break
Dependabot (among other things).
I already fixed it in `go-discover`, so this just pulls in the update.
More details in
657e803ce0
and https://github.com/hashicorp/go-discover/issues/172.
* add known issue for dr secondary lease count quota invalidation
* Update website/content/partials/lease-count-quota-upgrade.mdx
Co-authored-by: Meggie <meggie@hashicorp.com>
* put known issues to main 1.6 and 1.7 pages
Co-authored-by: Meggie <meggie@hashicorp.com>
* add custom-metdata flag to "kv metadata put" command
* add kv metadata put command test for custom-metadata flag
* add custom_metadata to kv-v2 api docs
* add custom_metadata to kv-v2 cli docs
* update go.mod
* Add custom metadata limits to docs
* add changelog entry
* update vault-plugin-secrets-kv to @master
* initial commit
* add read and delete operations
* fix bug in delete and add list unit test
* func doc typo fix
* add existence check for assignment
* remove locking on the assignment resource
It is not needed at this time.
* convert Callbacks to Operations
- convert Callbacks to Operations
- add test case for update operations
* add CRUD operations and test cases
* add client api and tests
* remove use of oidcCache
* remove use of oidcCache
* add template validation and update tests
* remove usage of oidcCache
* refactor struct and var names
* harmonize test name conventions
* refactor struct and var names
* add changelog and refactor
- add changelog
- be more explicit in the case where we do not recieve a path field
* refactor
be more explicit in the case where a field is not provided
* remove extra period from changelog
* update scope path to be OIDC provider specific
* refactor naming conventions
* update assignment path
* update scope path
* enforce key existence on client creation
* removed unused name field
* removed unused name field
* removed unused name field
* prevent assignment deletion when ref'ed by a client
* enfoce assignment existence on client create/update
* update scope template description
* error when attempting to created scope with openid reserved name
* fix UT failures after requiring assignment existence
* disallow key deletion when ref'ed by existing client
* generate client_id and client_secret on CreateOp
* do not allow key modification on client update
* return client_id and client_secret on read ops
* small refactor
* fix bug in delete assignment op
* remove client secret get call
* OIDC Client API: add more test coverage
* change name convention in tests
Daniel Kimsey