Commit graph

17264 commits

Author SHA1 Message Date
Alexander Scheel 5389477107
Make config load consistent with config write (#20059)
When reading the config, we attempt to detect if the running Vault
instance has been changed from its Enterprise status on write.
Similarly, we should detect if the mount is a local mount instead. While
this isn't changeable at runtime, using sys/raw to side-load an invalid
config could be possible.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-04-11 11:05:43 -04:00
Alexander Scheel 3e36a58cf7
Support namespaces in test helpers (#20048)
Sometimes the tests will modify the client to set a namespace; this
results in testhelpers sometimes trying to access sys/ endpoints with a
namespace, which usually don't work well.

Detect an unset namespaces, if present, before executing, and restore
afterwards so as not to affect the tests.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-04-11 14:09:16 +00:00
John-Michael Faircloth 8a4e50fa64
secrets/openldap: add creds/ endpoint to API docs (#19973) 2023-04-11 08:42:50 -05:00
Alexander Scheel 509f862494
Log, don't err, on unified delta WAL write failure (#20057)
* Log, don't err, on unified delta WAL write failure

When the PBPWF fails on the Active node of a PR Secondary cluster with a
read-only failure, there is no value in forwarding this request up to
the Active node of the PR Primary cluster: it does not have the local
revocation context necessary to write a Delta WAL entry for this
request, and would likely end up writing a cross-cluster revocation
entry (if it is enabled) or else erring completely.

Instead, log this error like we do when failing to write unified CRL
entries. Switch both to using Error instead of Debug for this type of
failure.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-04-11 09:36:10 -04:00
Kianna 6873c3c58e
UI: VAULT-9409 Pki Tidy Form (#20043) 2023-04-10 23:07:26 -07:00
claire bontempo 45737ddd3c
UI: Fix remaining DocLink paths (#20070)
* fix remaining doclinks

* add changelog

* Apply suggestions from code review

fix links
2023-04-10 23:26:50 +00:00
Anton Averchenkov 194ce13a95
openapi: Add display attributes for database plugin (#19414) 2023-04-10 14:22:02 -04:00
Anton Averchenkov 9d3ab193a5
openapi: Add display attributes for transit plugin (#19575) 2023-04-10 14:20:53 -04:00
Anton Averchenkov f257d68576
openapi: Add display attributes for RabbitMQ plugin (#19540) 2023-04-10 14:19:32 -04:00
Anton Averchenkov c61052ef29
openapi: Add display attributes for SSH plugin (#19543) 2023-04-10 14:18:00 -04:00
Anton Averchenkov 592d3464f6
openapi: Add display attributes for TOTP plugin (#19544) 2023-04-10 13:32:15 -04:00
Alexander Scheel f0fc48c788
Only log stopping rollback manager once (#20041)
When testing the Rollback Manager's one-time invocation in Enterprise,
it was noticed that due to the channel being closed, we'd always hit
this case and thus spam logs rather quickly with this message.

Switch to a boolean flip to log this once, as it is not executed in
parallel and thus doesn't need a sync.Once.

This only affected anyone calling the test core's
StopAutomaticRollbacks() helper.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-04-10 13:24:03 -04:00
Yoko Hyakuna de1eeffdcf
[Docs] Add tutorial links to install doc (#20051)
* Add tutorial links for additional guidance

* Removed extra space
2023-04-10 08:52:48 -07:00
Chelsea Shaw bb6964e18e
UI: Mount PKI options + allowed_managed_keys (#19791) 2023-04-07 14:05:29 -07:00
Christopher Swenson 43912fe0e2
Update docs for Helm 0.24.0 release (#20049)
Release: https://github.com/hashicorp/vault-helm/releases/tag/v0.24.0
2023-04-07 14:03:43 -07:00
Anton Averchenkov f61ce6874c
Use vault/sdk v0.9.0 (#20050) 2023-04-07 15:14:35 -04:00
Kyle Schochenmaier c3ef3d9c3f
add upgrade documentation around STS lease_duration issue (#20011)
* add upgrade documentation around STS lease_duration issue

Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
2023-04-07 17:34:42 +00:00
Anton Averchenkov 33bc8f5d00
openapi: Add display attributes for GitHub auth (#19384)
Please see https://github.com/hashicorp/vault/pull/19319 for more details on how this will affect the generated OpenAPI schema.

____

### The following OperationID's will be generated for GitHub auth:

github-read-configuration
github-configure
github-log-in
github-read-teams
github-read-team-mapping
github-write-team-mapping
github-delete-team-mapping
github-read-users
github-read-user-mapping
github-write-user-mapping
github-delete-user-mapping
2023-04-07 13:30:26 -04:00
Anton Averchenkov 7ed4a429f7
openapi: Add display attributes for Nomad plugin (#19415)
Please see #19319 for more details on how this will affect the generated OpenAPI schema.
___

The following OperationID's will be generated for Nomad plugin:

nomad-read-access-configuration
nomad-configure-access
nomad-delete-access-configuration
nomad-read-lease-configuration
nomad-configure-lease
nomad-delete-lease-configuration
nomad-generate-credentials
nomad-list-roles
nomad-read-role
nomad-write-role
nomad-delete-role
2023-04-07 13:21:21 -04:00
Anton Averchenkov c915dea526
openapi: Add display attributes for LDAP auth (#19389) 2023-04-07 13:16:17 -04:00
Anton Averchenkov 2ec2d050c0
openapi: Add display attributes for Radius auth (#19392) 2023-04-07 13:14:44 -04:00
Anton Averchenkov 44d4f39e1b
openapi: Add display attributes for cert auth (#19383) 2023-04-07 13:12:56 -04:00
Andreas Gruhler 0036a35c58
Update helm.mdx (#20020)
I was wondering why the default VaultAuth CR was not created. It was due the fact that I copy/pasted the snippet from the docs here, which has the wrong key.
2023-04-07 09:31:08 -07:00
ram-parameswaran 29182ae562
update index.mdx with correct installation doc ref (#19932)
* update index.mdx with correct installation doc ref

update index.mdx with installation doc ref to point to the right installation.mdx path

* Update installation ref

Update installation ref

* Update index ref without relative path

Update installation doc index ref without relative path
2023-04-07 08:48:23 -07:00
Brian Shumate 29fdfeeb04
API docs: update Transit restore payload example (#20032)
- Correct JSON payload example
2023-04-07 08:14:43 -04:00
Kuba Wieczorek af0adf85fa
Fix issues tripping the actionlint linter again (#20026) 2023-04-06 17:04:09 +00:00
Anton Averchenkov 56698d6d15
openapi: Add display attributes for token/ (#19399) 2023-04-06 11:11:49 -04:00
Anton Averchenkov 543efc83e4
openapi: Add display attributes for PKI plugin (#19422) 2023-04-06 11:10:01 -04:00
Anton Averchenkov 7cf86c6dae
openapi: Add display attributes for AWS (#19366) 2023-04-06 11:08:30 -04:00
Anton Averchenkov 5370d07b6c
openapi: Add display attributes for approle (#19363) 2023-04-06 11:03:11 -04:00
miagilepner 3b91b9ebbf
VAULT-14733: SegmentReader interface for reading activity log segments (#19934)
* create a segment reader for activity log segment

* fix imports

* updates based on comments
2023-04-06 16:23:41 +02:00
Chip Stepowski 8cd90fc1e2
Update Create Role heading to Create/Update Role (#20000)
The subheading states you can update a named role but for navigation purposes I think it would also make sense to add it to the heading too.
2023-04-06 11:42:22 +01:00
Thy Ton fcf06d5874
feat: add plugin metadata to audit logging (#19814) 2023-04-06 00:41:07 -07:00
Raymond Ho e26aa0aff2
update vault-plugin-secrets-openldap@main (#19993) 2023-04-05 14:40:08 -07:00
Kianna d868d398dc
UI: VAULT-9408 Delete all issuers toolbar action + modal (#19756) 2023-04-05 14:25:55 -07:00
Jaymala d0ac3d8fe2
[QT-488] Get artifact summary info along with product metadata (#19977)
* [QT-488] Get artifact summary info along with product metadata

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

* Fix GH Lint warnings

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

---------

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
2023-04-05 13:49:46 -06:00
Jason O'Donnell e4e34c0f96
Add extra ssct gen counter debug logs (#19980) 2023-04-05 13:06:57 -04:00
Chelsea Shaw b7049eb3fc
UI: Namespace area fixes (#19799) 2023-04-05 10:54:27 -05:00
Florin Cătălin Țiucra-Popa 59d3f5110d
Update create.mdx (#19981)
Add the missing Command Option `-wrap-ttl`
2023-04-05 17:54:07 +02:00
claire bontempo e16bf6a94b
add test (#19982) 2023-04-05 09:01:43 -06:00
Marc Boudreau 209671c25e
add workflow_dispatch trigger to ci.yml workflow (#19979) 2023-04-05 10:03:08 -04:00
Kuba Wieczorek f7aacbe74a
Fix an issue tripping the actionlint linter in test-run-enos-scenario-matrix.yml (#19986) 2023-04-05 13:14:44 +00:00
Yoko Hyakuna f649c9e20c
Updated the example config with api_addr parameter (#19985) 2023-04-04 17:58:08 -07:00
Anton Averchenkov 35d07e91d2
Fix OpenAPI-related tests (#19983) 2023-04-04 18:27:20 -04:00
Yoko Hyakuna e90d94b97e
Extends the PR19488 (#19928) 2023-04-04 14:52:57 -07:00
Jordan Reimer 7fe9a2b328
Node Version CI Update (#19978)
* updates github workflows to read node version from .nvmrc file

* updates to double quotes for shell expression

* removes set-output workflow command

* updates to use node-version-file option for gh workflows

* pins node version to 16
2023-04-04 15:39:17 -06:00
Anton Averchenkov 4564a3534b
openapi: Improve operationId/request/response naming strategy (#19319) 2023-04-04 13:14:40 -04:00
claire bontempo 28e68ae86d
ui: fix empty tooltip rendering when no creation time (#19971)
* fix empty tooltip for no creation time

* remove extra space
2023-04-04 16:31:49 +00:00
Peter Wilson 4fc4516b49
Moved 'WaitForNodesExcludingSelectedStandbys' to shared testhelpers file (#19976) 2023-04-04 15:32:01 +01:00
miagilepner 09adb9ee12
VAULT-14733: Refactor processClientRecord in activity log (#19933) 2023-04-04 14:50:19 +02:00