Commit Graph

831 Commits

Author SHA1 Message Date
Jordan Reimer 5b1172ad7b
MFA method acceptance tests (#15665)
* adds acceptance tests for mfa config login enforcement workflows

* adds acceptance tests for mfa config method workflows

* reverts masked-input test selector changes

* fixes test failures
2022-05-27 14:49:44 -06:00
Angel Garbarino 5abe12f4a6
Test for MFA end user setup (#15578)
* test for status menu

* first test setup

* next test

* test1

* test2

* test3

* test4

* test5

* test6

* test7

* test8

* please:
2022-05-26 14:13:47 -06:00
Arnav Palnitkar ce4e6efb17
Update to ttl component (#15648)
* Update to ttl component

- Allow the ttl component to work without displaying toggle
- Used in mfa method totp form

* Added tooltip if toggle is not present

- Fixed MFA delete message
2022-05-26 12:37:19 -07:00
Jordan Reimer 40dfe6943c
adds acceptance tests for mfa config login enforcement workflows (#15630) 2022-05-26 10:09:32 -06:00
claire bontempo d4f3fba56e
UI/Fix form validation issues (#15560)
* clean up validators

* fix getter overriding user input

* add changelog

* remove asString option

* move invalid check up

* remove asString everywhere

* revert input value defaults

* undo form disabling if validation errors

* address comments

* remove or

* add validation message to form, create pseudo loading icon

* whole alert disappears with refresh

* glimmerize alert-inline

* add tests

* rename variables for consistency

* spread attributes to glimmerized component

* address comments

* add validation test
2022-05-25 11:22:36 -07:00
Angel Garbarino df4fd6731c
the fix (#15597) 2022-05-25 11:26:28 -06:00
linda9379 2a91a5c4e5
Remove unsupported fields for DB roles show page (#15573)
* Fixed unsupported revocation statements field display for DB roles

* Fixed linting

* Added changelog

* Fixed conditional to filter for only elasticsearch database and changed format of text in changelog

* Fixed conditional and added comment for bug fix
2022-05-25 11:28:19 -04:00
Angel Garbarino 6d668aa60a
Glimmerize and add component test for MountAccessorSelect (#15565)
* glimmerize and add documentation to component

* fix test

* add component test:

* clean up

* address pr comments

* fix?

* replace drop with task

* replace test selector
2022-05-24 12:02:15 -06:00
Jordan Reimer 7da2085fa3
MFA Config (#15200)
* adds mirage factories for mfa methods and login enforcement

* adds mirage handler for mfa config endpoints

* adds mirage identity manager for uuids

* updates mfa test to use renamed mfaLogin mirage handler

* updates mfa login workflow for push methods (#15214)

* MFA Login Enforcement Model (#15244)

* adds mfa login enforcement model, adapter and serializer

* updates mfa methods to hasMany realtionship and transforms property names

* updates login enforcement adapter to use urlForQuery over buildURL

* Model for mfa method (#15218)

* Model for mfa method

* Added adapter and serializer for mfa method

- Updated mfa method model
- Basic route to handle list view
- Added MFA to access nav

* Show landing page if methods are not configured

* Updated adapter,serializer

- Backend is adding new endpoint to list all the mfa methods

* Updated landing page

- Added MFA diagram
- Created helper to resolve full path for assets like images

* Remove ember assign

* Fixed failing test

* MFA method and enforcement list view (#15353)

* MFA method and enforcement list view

- Added new route for list views
- List mfa methods along with id, type and icon
- Added client side pagination to list views

* Throw error if method id is not present

* MFA Login Enforcement Form (#15410)

* adds mfa login enforcement form and header components and radio card component

* skips login enforcement form tests for now

* adds jsdoc annotations for mfa-login-enforcement-header component

* adds error handling when fetching identity targets in login enforcement form component

* updates radio-card label elements

* MFA Login Enforcement Create and Edit routes (#15422)

* adds mfa login enforcement form and header components and radio card component

* skips login enforcement form tests for now

* updates to login enforcement form to fix issues hydrating methods and targets from model when editing

* updates to mfa-config mirage handler and login enforcement handler

* fixes issue with login enforcement serializer normalizeItems method throwing error on save

* updates to mfa route structure

* adds login enforcement create and edit routes

* MFA Login Enforcement Read Views (#15462)

* adds login enforcement read views

* skip mfa-method-list-item test for now

* MFA method form (#15432)

* MFA method form

- Updated model for form attributes
- Form for editing, creating mfa methods

* Added comments

* Update model for mfa method

* Refactor buildURL in mfa method adapter

* Update adapter to handle mfa create

* Fixed adapter to handle create mfa response

* Sidebranch: MFA end user setup (#15273)

* initial setup of components and route

* fix navbar

* replace parent component with controller

* use auth service to return entity id

* adapter and some error handling:

* clean up adapter and handle warning

* wip

* use library for qrCode generation

* clear warning and QR code display fix

* flow for restart setup

* add documentation

* clean up

* fix warning issue

* handle root user

* remove comment

* update copy

* fix margin

* address comment

* MFA Guided Setup Route (#15479)

* adds mfa method create route with type selection workflow

* updates mfa method create route links to use DocLink component

* MFA Guided Setup Config View (#15486)

* adds mfa guided setup config view

* resets type query param on mfa method create route exit

* hide next button if type is not selected in mfa method create route

* updates to sure correct state when changing mfa method type in guided setup

* Enforcement view at MFA method level (#15485)

- List enforcements for each mfa method
- Delete MFA method if no enforcements are present
- Moved method, enforcement list item component to mfa folder

* MFA Login Enforcement Validations (#15498)

* adds model and form validations for mfa login enforcements

* updates mfa login enforcement validation messages

* updates validation message for mfa login enforcement targets

* adds transition action to configure mfa button on landing page

* unset enforcement on preference change in mfa guided setup workflow

* Added validations for mfa method model (#15506)

* UI/mfa breadcrumbs and small fixes (#15499)

* add active class when on index

* breadcrumbs

* remove box-shadow to match designs

* fix refresh load mfa-method

* breadcrumb create

* add an empty state the enforcements list view

* change to beforeModel

* UI/mfa small bugs (#15522)

* remove pagintion and fix on methods list view

* fix enforcements

* Fix label for value on radio-card (#15542)

* MFA Login Enforcement Component Tests (#15539)

* adds tests for mfa-login-enforcement-header component

* adds tests for mfa-login-enforcement-form component

* Remove default values from mfa method model (#15540)

- use passcode had a default value, as a result it was being sent
with all the mfa method types during save and edit flows..

* UI/mfa small cleanup (#15549)

* data-test-mleh -> data-test-mfa

* Only one label per radio card

* Remove unnecessary async

* Simplify boolean logic

* Make mutation clear

* Revert "data-test-mleh -> data-test-mfa"

This reverts commit 31430df7bb42580a976d082667cb6ed1f09c3944.

* updates mfa login enforcement form to only display auth method types for current mounts as targets (#15547)

* remove token type (#15548)

* remove token type

* conditional param

* removes type from mfa method payload and fixes bug transitioning to method route on save success

* removes punctuation from mfa form error message string match

* updates qr-code component invocation to angle bracket

* Re-trigger CI jobs with empty commit

Co-authored-by: Arnav Palnitkar <arnav@hashicorp.com>
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Michele Degges <mdeggies@gmail.com>
2022-05-20 18:40:16 -06:00
Arnav Palnitkar ae106058b8
Handle client count timezone (#15167)
* Handle client count timezone

- Backend convert the timezone to UTC, to mitigate it's impact sending
  start and end date other than 1. Chose 10 and 20 randomly.

* Added changelog
2022-05-20 21:43:01 +02:00
Arnav Palnitkar 7a5a63d0e3
Remove reference to stored license (#15513)
* Remove reference to stored license

- Stored license was deprecated in 1.8 and from 1.11 all licenses will be
auto loaded.

* Added changelog

* Remove test for stored license

* Add defensive check in serializer
2022-05-20 09:33:50 -07:00
Chelsea Shaw 81105e6209
UI: keymgmt secret engine (#15523)
* No default provider on create, add subText to service_account_file field

* Show empty state if no provider selected -- sorry for all the conditionals

* Button and distribution title styling on key edit

* Fix key distribute empty state permissions

* Don't try to fetch distribution if provider is permissionError

* Use search-select component for provider on distribute component

* Show distribution form errors on page rather than popup

* Add id, label, subtext to input-search for search-select fallback

* Remove created field from provider, default to querying for keys unless capabilities is false

* Fix link to provider from key-edit

* Search select label styling and add subText to fallback

* Refetch model after key rotate

* Create distribution method is task so we can load and disable button

* Move keymgmt to cloud group on mount options

* Key actions are tasks, fix tab active class

* Add isRunning attr to confirm-action which disables confirm button and replaces text with loader

* Fix provider active tab class

* Handle control groups on distribution

* Correctly handle error message on key-edit

* Show loading state on distribute, reload key after distribute

* Clear old validation errors if valid

* Fix tests

* Fix delete url

* Add changelog

* Address PR comments

* kick circle-ci

* Format go file breaking fmt

* Rename old changelog

* Remove resolved TODO
2022-05-20 10:41:24 -05:00
claire bontempo 7966a98fc2
UI/cleanup client charts for 1.11 (#15408)
* remove manipulations of data ranges;

* fix bar aligntment

* consume empty months existing on response

* revert grey bar transformation

* up one more line..

* remove attr
2022-05-18 16:47:16 -07:00
claire bontempo af2c9784df
UI/vault 6212/multiple issuer pki changes (#15464)
* pki copy changes

* change delete endpoint and remove warning

* update test

* fix typo

* remove delete capabilities in the ui

* add changelog

* typo fix
2022-05-18 11:31:17 -07:00
Chelsea Shaw bab5fe34f0
UI: Better default transit auto-rotation (#15474)
* TTL Picker convers to largest unit when value is number

* Initial value for transit auto-rotation period is 30d

* Add auto-rotation check to transit test

* Add changelog

* Add clarifying comment
2022-05-17 16:06:57 -05:00
Arnav Palnitkar a0a67e671f
Fix OIDC callback query params (#15378)
* Fix OIDC callback query params

- Value of namespace was getting stripped from the state query param
- Used native URL search param api to fetch the values

* Add changelog

* Remove unnecessary check for url encoding

* Extract ns value and pass as namespace param

* Update changelog
2022-05-13 09:58:56 -07:00
claire bontempo 125c13eb46
UI/remove chart check (#15407)
* remove chart check

* update assert number

* add settled

* more settled

* give up and remove flaky test entirely
2022-05-12 14:06:48 -07:00
Alexander Scheel f8b6077b8d
Fix unknown type parameter during CA generation (#15401)
* Fix unknown type parameter during CA generation

When generating a new PKI CA from the Web UI, the UI incorrectly sends
the type parameter in the POST body. The server will now warn on unknown
parameters, resulting in the UI surfacing that up to the caller. Since
the type is part of the URL, we don't need to duplicate it in the POST
body, so elide it.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update ui/app/adapters/pki-ca-certificate.js

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
2022-05-12 16:28:47 -04:00
claire bontempo 8497010acd
UI/remove flaky client count tests (#15396)
* remove flaky tests

* and more flaky

* update assertions
2022-05-12 09:25:20 -07:00
Alexander Scheel 01bd627ee9
Attempt to fix UI tests for PKI (#15374)
* ui/pki: Remove test for warning to re-generate root

With the multiple issuer feature merged from #15277, we can now allow
multiple root generations to occur in the mount. Remove the test for the
warning.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix test for empty CA chain

With Vault 1.11's #15277, we'll now always render the CAChain field on
response.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix formatting in role-ssh.js

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-12 11:20:50 -04:00
Gabriel Santos 469ad6d09a
not_before_duration added to SSH (#15250)
* add-not-before-duration-to-ssh

* Missing field

* Adding tests

* changelog file

* Backend test

* Requested changes

* Update builtin/logical/ssh/path_roles.go

Co-authored-by: Alexander Scheel <alexander.m.scheel@gmail.com>
2022-05-12 08:50:40 -04:00
Chelsea Shaw 0f8ef80336
UI: Fix version-history serializer and update mirage to reflect real API (#15362)
* Fix version-history serializer and update mirage to reflect real API

* add missing periods

* fix tests

Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
2022-05-11 10:26:20 -07:00
claire bontempo 9d608a2e38
remove legend (#15359) 2022-05-11 09:06:39 -07:00
claire bontempo 10a19b7c54
UI/ fix firefox not recognizing csv export (#15364)
* add extension to filenmae

* add changelog
2022-05-10 17:19:38 -07:00
Chelsea Shaw 789dc75a45
UI/single historical month (#15350)
* Hide MonthlyUsage if only one month of data

* Display stat text instead of chart if data passed to running-total includes only one month

* Update clients mirage to return single month if end and start time are the same

* Update clients mirage to work with filtering

* Add comments

* More padding

* Address comments

* Refactor mirage month data to be oldest to newest

* Use stat text which automatically formats number
2022-05-10 17:32:36 -05:00
claire bontempo 999d243544
UI/filter monthly graphs (#15279)
* alphabetize utils

* add util to add namespace key

* finish filtering

* add fake data for filtering

* address comments

* add empty state for no new client counts, when filtered by namespace

* fix mirage clients linting

* re-add namespaces to month object

* clean up filtering

* add tests and refactor accordingly

* fix tooltip bug and chart new month client chart not rendering

* filter out undefined

* optional method chaining

* add filter and fix ticks for line chart

* fix axes domains

* fix average calculation
2022-05-09 12:16:32 -07:00
claire bontempo 261f165452
fix linting (#15326) 2022-05-09 09:17:54 -07:00
Chris Capurso 353246655a
base sys/license/status mock times based on current timestamp (#15286)
* base sys/license/status mock times based on current timestamp

* add missing trailing commas

* license specific test selector

Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
2022-05-05 08:20:40 -04:00
Angel Garbarino 33de0a0a49
CSV Export include monthly data (#15169)
* setup

* add new clients to attribution

* refactor serializers, move to util folder

* cleanup export csv generator

* fix isDateRange getter

* remove new chart from partial/current month

* fix export modal text

* update version history text

* update variable naming, remove new client data from current/partial month

* add filtering by namespace to month over month charts

* remove filtering for namespace by month, need to change serializer

* add checks

* update horizontal bar chart test

* update tests

* cleanup

* address comments

* fix flakey test

* add new counts to export

Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
2022-05-02 18:37:09 -07:00
Jordan Reimer 9eaea7bc14
KMSE Wizard Steps (#15171)
* fixes issues in key-edit component

* adds capabilities checks for keys and providers

* adds distribute component to key and provider edit

* adds wizard steps for kmse
2022-04-26 13:17:42 -06:00
Jordan Reimer d6933e9ef4
KMSE Capabilities & Phase 1 Cleanup (#15143)
* fixes issues in key-edit component

* adds capabilities checks for keys and providers

* adds distribute component to key and provider edit
2022-04-26 08:23:31 -06:00
Angel Garbarino 80c4ab7148
Client Count banner warnings for upgraded of minor 9 or 10 (#15103)
* handle current warning

* handle history

* match the two flows

* clean up

* Refactor to account for chart indicator (#15121)

* refactor for charts

* revert handler changes

* clarify variable

* add 1.10 to version history

* woops add key

* handle mock query end date

* update current template

* add date

* fix tests

* fix fake version response

* address comments, cleanup

* change word

* add TODO

* revert selector

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Claire Bontempo <cbontempo@hashicorp.com>
2022-04-25 11:23:12 -06:00
claire bontempo 2907464b96
fix test selector (#15132) 2022-04-22 11:44:45 -07:00
Jordan Reimer 22c5159520
updates LinkTo disabled attributes to args and fixes toolbar secret link disabled styling (#15106) 2022-04-21 07:44:06 -06:00
Chelsea Shaw c77e620879
Add back metadata.json (#15105)
* Add back metadata.json

* remove space
2022-04-20 17:32:03 -05:00
Jordan Reimer 3172e74d7e
Key Management Secrets Engine Phase 1 (#15036)
* KMSE: Key Model / Adapter / Serializer setup (#13638)

* First pass model

* KMS key adapter (create/update), serializer, model

* Add last rotated and provider to key

* KeyEdit secret-edit component, and more key model stuff

* add formatDate param support to infotablerow

* Add keymgmt key to routes and options-for-backend

* Rename keymgmt-key to keymgmt/key

* Add test, cleanup

* Add mirage handler for kms

* Address PR comments

* KMS Providers (#13797)

* adds pagination-controls component

* adds kms provider model, adapter and serializer

* adds kms provider-edit component

* updates secrets routes to handle itemType query param for kms

* updates kms key adapter to query by provider

* adds tests for provider-edit component

* refactors kms provider adapter to account for dynamic path

* adds model-validations-helper util

* removes keymgmt from supported-secret-backends

* fixes issue generating url for fetching keys for a provider

* updates modelType method on secret-edit route to accept options object as arg rather than transition

* adds additional checks to ensure queryParams are defined in options object for modelType method

* UI/keymgmt distribute key (#13840)

* Add distribution details on key page, and empty states if no permissions

* Allow search-select component to return object so parent can tell when new item was created

* Add stringarray transform

* Distribute component first pass

* Refactor distribute component for use with internal object rather than ember-data model

* Specific permission denied errors on key edit

* Allow inline errors on search-select component

* Style updates for form errors

* Styling and error messages on distribute component

* Allow block template on inline alert so we can add doc links

* Add distribute action, flash messages, cleanup

* Cleanup & Add tests

* More cleanup

* Address PR comments

* Move disable operations logic to commponent class

* KMSE Enable/Config (#14835)

* adds keymgmt secrets engine as supported backend

* adds comment to check on keymgmt as member of adp module

* updates kms provider to use model-validations decorator

* fixes lint errors and tests

Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
2022-04-20 12:40:27 -06:00
Jordan Reimer 6cfa604044
Generated Model Bug (#15099)
* updates path help service to handle setting id of model

* adds changelog entry

* removes changelog entry
2022-04-20 09:56:03 -06:00
claire bontempo 6c7dee4824
UI/Add upgrade indicator client charts (#15083)
* clean up activity serailizer

* fix line chart so only plot months with data

* cleanup monthly serializer

* account for empty months in vertical bar chart

* tidy version upgrade info

* fix version history model typo

* extract const into helper

* add upgrade indicator to line chart

* fix tests

* add todos
2022-04-20 08:35:57 -07:00
Angel Garbarino afddcfd645
remove storybook: (#15074)
* remove storybook:

* changelog

* clean up

* update browserstack

* remove special case for storybook

* add back gen-story-md
2022-04-19 15:45:20 -06:00
claire bontempo 787ebaebd3
UI/Add double attribution chart to current (#15035)
* update /monthly endpoint

* change object key names to match API

* update serializers

* add optional no data mesage for horizontal chart

* add split chart option for attribution component

* wire up filtering namespaces and auth methods

* update clients current tests

* update todos and address comments

* fix attribution test
2022-04-15 12:06:10 -07:00
Chelsea Shaw d43324831b
UI: fix blank selection on search select field (#15058)
* WIP

* Cleanup

* cleanup

* Add changelog
2022-04-15 12:47:55 -05:00
Angel Garbarino 774bf2241a
Custom tooltip for Generated Token Policies form field on auth methods (#15046)
* the conditional fix

* add test coverage

* changelog

* add possesive

* fix language

* fix

* fix

* change quotes

* fix

* replace with find
2022-04-14 14:58:26 -06:00
Chelsea Shaw f6e4a87457
UI: Masked inputs always look the same when value is hidden (#15025)
* Masked inputs always look the same when value is hidden

* Add changelog

* Fix failing test
2022-04-13 16:56:39 -05:00
Jordan Reimer 5b33b6fdf2
Form Field Glimmer (#15026)
* glimmerizes form field components

* updates model validations handling in components that use form field
2022-04-13 15:51:44 -06:00
claire bontempo 85b2263dce
UI/Clients monthly usage component (#15012)
* clarify timestamp in jsdocs

* make title bottom margin smaller

* add monthly usage component

* fix doubled up css

* clean up average helpers

* copy update

* change arg to component variable

* fix awkward grammar

* clean up mirage handler

* address comments

* remove prop
2022-04-12 17:49:35 -05:00
Angel Garbarino 3e2028441f
Ember upgrade to 3.28.6 (#14763)
* initial upgrade running ember-cli-update --to 3.28

* bumps node-sass version

* fragments bump

* fixes overriding errors prop on policy model causing issues

* bumps some addon versions related to Ember Global deprecation warning on build

* bumps back ember-test-selectors version for now

* removes ember-promise-helpers addon and creates await helper

* upgrades ember-template-lint and adds prettier plugin

* Ember 3.28 Upgrade Lint Fixes (#14890)

* fixes js lint errors

* fixes hbs lint errors

* allow multiple node versions for now to get tests runinng

* fixes tests

* Upgrade ember-test-selectors (#14937)

* updates ember-test-selectors, ember-cli-page-object and ember-cli-string-helpers

* adds attributeBindings to classic components with data-test property

* glimmerizes toolbar-link component and removes data-test args

* glimmerizes toolbar-secret-link and secret-link components and removes data-test and class args

* glimmerizes linked-block component

* glimmerizes toggle-button component

* updates toggle-button test

* fixes remaining test selector issues

* comments out test assertions related to cp-validations bug

* adds todo to comment

* Model Validations (#14991)

* adds model-validations decorator and validators util

* converts key-mixin to decorator

* updates models to use validations decorator instead of ember-cp-validations

* updates invocation of model validations

* removes ember-cp-validations

* reverts secret-v2 model updates

* adds initials to TODO comment

* flight-icons (#14993)

* flight-icons

* basic dropdown

* UI/merge main (#14997)

* Vault documentation: changing references from learn to tutorial (#14844)

* changed learn to tutorial references

* changed learn to tutorial

* Update website/content/docs/plugins/plugin-portal.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/platform/aws/run.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* UI/Only show form values if have read access (#14794)

* only show value in edit form if has read capabilities

* revert messing with form

* delete secret data from secret

* add check for selected version

* remove added line

* add changelog

* modified text (#14854)

* fixed a link issue (#14850)

* docs: add known issue to 1.10 release notes (#14859)

* Vault 3999 Change permissions for directory/archive created by debug command  (#14846)

* adding debug changes from ent

* adding changelog

* Vault 3992 ToB Config and Plugins Permissions  (#14817)

* updating changes from ent PR

* adding changelog

* fixing err

* fixing semgrep error

* updated references from learn to tutorial (#14866)

* updated references from learn to tutorial (#14867)

* changed reference from learn to tutorial (#14868)

* Fix handling of default zero SignatureBits value with Any key type in PKI Secrets Engine (#14875)

* Correctly handle minimums, default SignatureBits

When using KeyType = "any" on a role (whether explicitly or implicitly
via a sign-verbatim like operation), we need to update the value of
SignatureBits from its new value 0 to a per-key-type default value. This
will allow sign operations on these paths to function correctly, having
the correctly inferred default signature bit length.

Additionally, this allows the computed default value for key type to be
used for minimum size validation in the RSA/ECDSA paths. We additionally
enforce the 2048-minimum in this case as well.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix defaults and validation of "any" KeyType

When certutil is given the placeholder any keytype, it attempts to
validate and update the default zero value. However, in lacking a
default value for SignatureBits, it cannot update the value from the
zero value, thus causing validation to fail.

Add more awareness to the placeholder "any" value to certutil.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add role-based regression tests for key bits

This adds regression tests for Key Type, Key Bits, and Signature Bits
parameters on the role. We test several values, including the "any"
value to ensure it correctly restricts key sizes.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add sign-verbatim test for key type

This ensures that we test sign-verbatim against a variety of key types.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Subtle docs change for allow_store_key (#14889)

* Subtle docs change for allow_store_key

* errant space

* Adds Vault version prerelease and metadata to logical.PluginEnvironment (#14851)

* docs: fix formatting on plugin upgrade page (#14874)

* docs: fix formatting on plugin upgrade page

* fix more formatting issues

* Update CC docs (#14714)

* Update CC docs

* Add sample response

* Address review feedback

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Minor edits

* Update partial month API

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>

* Docs improvements for Managed Keys (#14756)

* Add more color around managed keys in their concepts page, and create additional links between
the various docs pages related to them.

* Typos

* sdk/useragent: plugin version string consistent with Vault version string (#14912)

* clean up (#14911)

* website: fix usages of img tag  (#14910)

* fix usages of img tag and integrate dev-portal workflows

* Adjust Makefile

* remove mount_accessor from the docs (#14927)

* Add extra test coverage to PKI  (#14767)

* Add PKI test for delete role

 - Create a role, validate that defaults are what we expect
   and delete the role, verifying it is gone on subsequent read
   attempts.

* Add PKI test for crl/rotate command

 - Missing a unit test that validates the crl/rotate command works. The test validates the rotate command was successful
   by checking if we have a different/new update time on the CRL.

* Rework PKI TestBackend_PathFetchValidRaw test to not write directly to storage

 - Rework the existing test to not write directly to storage as we might change that in the future.
 - Add tests that validate the ca_chain behaviour of not returning the root authority cert

* PR Feedback

* Additional PR feedback

* Use WriteWithContext in auth helpers (#14775)

* Add ability to pass certificate PEM bytes to vault/api (#14753)

* Respect increment value in grace period calculations (api/LifetimeWatcher) (#14836)

* Mount flag syntax to mitigate confusion from KV-v2 path discrepancies (#14807)

* Add explanation to help text and flag usage text

* KV get with new mount flag

* Clearer naming

* KV Put, Patch, Metadata Get + corresponding tests

* KV Delete, Destroy, Rollback, Undelete, MetadataDelete, MetadataPatch, MetadataPut

* Update KV-v2 docs to use mount flag syntax

* Add changelog

* Run make fmt

* Clarify deprecation message in help string

* Address style comments

* Update vault-plugin-auth-gcp to newest pseudo-version (#14923)

* docs: added hello-vault-spring repo link to developer-qs.mdx. (#14928)

* Update developer-qs.mdx

docs: added link to Java / Spring Boot sample app repo in developer quick start.

* removed space.

* trigger ci

Co-authored-by: taoism4504 <loann@hashicorp.com>

* OIDC Login Bug (#14916)

* fixes issue logging in with oidc from listed auth path tab

* adds changelog entry

* adds more tests for oidc auth workflow

* updates oidc auth method test to use non-standard path

* Fix handling of SignatureBits for ECDSA issuers (#14943)

When adding SignatureBits control logic, we incorrectly allowed
specification of SignatureBits in the case of an ECDSA issuer. As noted
in the original request, NIST and Mozilla (and others) are fairly
prescriptive in the choice of signatures (matching the size of the
NIST P-curve), and we shouldn't usually use a smaller (or worse, larger
and truncate!) hash.

Ignore the configuration of signature bits and always use autodetection
for ECDSA like ed25519.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Bug Fix and Glimmerize secret-edit component (#14941)

* inital glimmerize

* wip

* wip

* wip

* fix maybeQueryRecord

* fix

* fix

* fix test

* cleanup

* add changelog

* clean up

* Agent error log level is mismatched (#14424)

* [VAULT-1618] Agent error log level is mismatched

`logLevelToStringPtr` translates `go-hclog`'s `ERROR` to `"ERROR"` for
Consul Template's runner, but that expects `ERR` and is quite strict
about it.

This will address https://github.com/hashicorp/vault-k8s/issues/223
after it is set as the default image in `vault-k8s`.

I didn't find a simple way to test this other than starting up a full
server and agent and letting them run, which is unfortunately fairly
slow.

I confirmed that this addresses the original issue by modifying the helm
chart with the values in this commit and patching the log level to `err`.

* VAULT-1618 Add changelog/14424.txt

* VAULT-1618 Update changelog/14424.txt based on @kalafut suggestion

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

* VAULT-1618 Move cancel and server stop into defer in tests

* VAULT-1618 Triggering CircleCI tests

* VAULT-1618 Replace ioutil with os functions for agent template tests

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

* UI/Add months to activity serializer (#14942)

* add mock monthly data to mirage handler

* add months to serializer for activity response

* change selectors

Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>

* clean up serializer

* please stop being flakey <3

Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>

* Revert the WithContext changes to vault tests (#14947)

* adding env var (#14958)

* Fix dead link for JWT supported algorithms (#14953)

* Don't clone OutputCurlString value (#14968)

* Don't clone OutputCurlString value, add flag to docs

* Add changelog

* Ensure initialMmapSize is 0 on Windows (#14977)

* ensure initialMmapSize is 0 on windows

* add changelog

* Vault 3992 documentation changes (#14918)

* doc changes

* adding config changes

* adding chnages to plugins

* using include

* making doc changes

* adding newline

* aws auth displayName (#14954)

* set displayName to include RoleSessionName

* Add Windows error (#14982)

* Warnings indicating ignored and replaced parameters (#14962)

* Warnings indicating ignored and replaced parameters

* Avoid additional var creation

* Add warnings only if the response is non-nil

* Return the response even when error is non-nil

* Fix tests

* Rearrange comments

* Print warning in the log

* Fix another test

* Add CL

* Fix edit capabilities call in auth method (#14966)

* Fix edit capabilities call in auth method

- Capabilities call was not getting triggered correctly as apiPath
  method was missing the correct context.

* Added changelog

* make linting fix

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Scott Miller <smiller@hashicorp.com>
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
Co-authored-by: VAL <val@hashicorp.com>
Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
Co-authored-by: mryan-hashi <88851444+mryan-hashi@users.noreply.github.com>
Co-authored-by: taoism4504 <loann@hashicorp.com>
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
Co-authored-by: Christopher Swenson <swenson@swenson.io>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Jose Estrada <jose.estrada@tradeshift.com>
Co-authored-by: Arnav Palnitkar <arnav@hashicorp.com>

* skips kmip tests with concurrency issues for now

* changelog

* skips another test

* Remove ModelWrap Component (#15001)

* removes ModelWrap component which was not working in Ember 3.28

* removes kmip test skips

* updates role controller class name

* adds annotations to model-validations file

* pr feedback

* lint fixes after main merge

Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Scott Miller <smiller@hashicorp.com>
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
Co-authored-by: VAL <val@hashicorp.com>
Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
Co-authored-by: mryan-hashi <88851444+mryan-hashi@users.noreply.github.com>
Co-authored-by: taoism4504 <loann@hashicorp.com>
Co-authored-by: Christopher Swenson <swenson@swenson.io>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Jose Estrada <jose.estrada@tradeshift.com>
Co-authored-by: Arnav Palnitkar <arnav@hashicorp.com>
2022-04-12 13:59:34 -06:00
claire bontempo 8ebdf1ee5a
UI/Client count running totals component (#14967)
* wire up running total component

* remove waitUntil

* remove unused functions

* abstract x/y keys

* adjust tick size

* refactor helpers into utils

* cleanup

* cleanup utils files and imports

* update variables to const

* mock empty monthly data
2022-04-12 13:30:40 -05:00
Arnav Palnitkar 459909ae33
Fix edit capabilities call in auth method (#14966)
* Fix edit capabilities call in auth method

- Capabilities call was not getting triggered correctly as apiPath
  method was missing the correct context.

* Added changelog
2022-04-11 10:48:35 -07:00
claire bontempo 8f54282828
UI/Add months to activity serializer (#14942)
* add mock monthly data to mirage handler

* add months to serializer for activity response

* change selectors

Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>

* clean up serializer

* please stop being flakey <3

Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
2022-04-07 14:07:53 -05:00
Angel Garbarino 138dfbf90d
Bug Fix and Glimmerize secret-edit component (#14941)
* inital glimmerize

* wip

* wip

* wip

* fix maybeQueryRecord

* fix

* fix

* fix test

* cleanup

* add changelog

* clean up
2022-04-07 11:07:33 -06:00