Commit Graph

12783 Commits

Author SHA1 Message Date
Hridoy Roy d7a673321d
Retry Logic to Mssql Tests [VAULT-637] (#10039)
* added retry to mssql testing

* setting num retry to 3

* removed a comment and moved svc into loop

Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MacBook-Pro.local>
Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MBP.hitronhub.home>
2020-09-28 09:03:23 -07:00
Sam Salisbury 98fe5029b0
Packagespec v0.1.2/master (#9995)
* packagespec v0.1.2 - prep: remove unneeded code

* packagespec v0.1.2 - packagespec init

* packagespec v0.1.2 - make packages

* packagespec v0.1.3 - make packages
2020-09-28 13:53:39 +01:00
Jim Kalafut d6cf73e6cd
changelog++ 2020-09-25 17:21:43 -07:00
Billy Keyes 26e8627cfc
Use us-gov-west-1 for global APIs in aws-us-gov (#9947)
* Use us-gov-west-1 for global APIs in aws-us-gov

Certain partition-global AWS services, like IAM, seem to require
specific regions. In the regular 'aws' partition, this is us-east-1. In
the 'aws-us-gov' partition, this is us-gov-west-1. Providing
us-gov-east-1 returns an error from AWS:

  SignatureDoesNotMatch: Credential should be scoped to a valid region, not 'us-gov-east-1'.

This resolves a problem where AWS authentication could randomly fail
depending on the value cached by Vault at startup.
2020-09-25 17:13:26 -07:00
Meggie 1d1011bc9f
changelog++
1.5.5 section
2020-09-25 15:18:27 -04:00
ncabatoff a1a9889f81
changelog++ 2020-09-25 14:32:49 -04:00
Theron Voran 2ba19c3f16
Update k8s auth docs for new parameter (#9992)
Adds info about the disable_local_ca_jwt parameter.

Co-authored-by: Clint <catsby@users.noreply.github.com>
2020-09-25 11:17:28 -07:00
Meggie 44b255ab61
Updating version for website to 1.5.4 (#10040) 2020-09-25 13:50:09 -04:00
Theron Voran 8b20c04eb1
Update to vault-plugin-auth-kubernetes@master (#10004) 2020-09-24 15:44:06 -07:00
Scott Miller a8cbda1713
Add retry to TestPostgresqlBackend (#10032) 2020-09-24 16:19:11 -05:00
Meggie 34b7b4bde6
changelog++
Updated with security content for new 1.5.4 and 1.4.7.
2020-09-24 16:46:10 -04:00
Josh Black da34497041
changelog++ 2020-09-24 13:37:48 -07:00
mgritter db99f5a14f Move entries to correct release. 2020-09-23 16:23:33 -07:00
Jim Kalafut 427cca9ce9
changelog++ 2020-09-23 16:10:27 -07:00
Scott G. Miller 0bf207f96c changelog++ 2020-09-23 18:04:12 -05:00
Josh Black 7c34eeada8
changelog++ 2020-09-23 15:59:00 -07:00
Michael Golowka 41d8c89169
[DBPW 5/X] Use AutoMTLS with DB plugins (#10008) 2020-09-23 16:08:03 -06:00
Brian Kassouf ffcff10151
changelog++ 2020-09-23 12:34:15 -07:00
Brian Kassouf b0d3d9bf49
Update lease timer logic (#10030) 2020-09-23 11:46:22 -07:00
Tom Proctor 64d899da52
Update CHANGELOG.md (#10029) 2020-09-23 19:13:21 +01:00
ncabatoff 3fb20ed529
Logging tweaks, mostly for tests (#10028)
Fix some places where raft wasn't hooking into the core logger as it should.
Revisited the code that was setting the log level to Error during cleanup: it's normal for there to be a bunch of errors then, which makes it harder to see what went wrong up to the point where the test was deemed to have failed.  So now, instead of setting log level to Error, we actually stop logging altogether.  This only applies if the test didn't pass in its own logger during cluster creation, but we should be moving away from that anyway.
2020-09-23 13:40:00 -04:00
Hridoy Roy c595244482
Normalize format output for vault status [VAULT-508] (#9976)
* normalize format output for vault status

* interim commit

* interim commit

* make formatting idiomatic

* clean up comments

* added formatting test

* updated comments in format test to match godocs

Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MBP.hitronhub.home>
Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MacBook-Pro.local>
2020-09-23 10:30:01 -07:00
Brian Kassouf b29acbc605
Update version_base.go 2020-09-22 15:59:03 -07:00
Brian Kassouf 3f30fc5f4e
Port changes from enterprise lease fix (#10020) 2020-09-22 14:47:13 -07:00
Lauren Voswinkel 3cc15ba146
changelog++ 2020-09-22 14:17:10 -07:00
Scott G. Miller 1c3d915042 changelog++ 2020-09-22 15:02:39 -05:00
Mark Gritter 38ae7efca3
Switch to PerfStandby() where possible. (#9993) 2020-09-22 14:48:30 -05:00
Hridoy Roy a20fe5c066
moved the documentation to kv2 page (#10017)
Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MacBook-Pro.local>
2020-09-22 11:58:00 -07:00
Vishal Nayak 60fefde1ac changelog++ 2020-09-22 14:36:25 -04:00
Lauren Voswinkel 201fc8fd4d
Add content-sha256 as a default allowed STS header (#10009)
Also, alphabetize those headers... just because.
2020-09-22 10:02:37 -07:00
ncabatoff f8599a1670
changelog++ 2020-09-22 09:57:34 -04:00
Marco Rieger b634e1964d
fix missing plaintext in bulk decrypt response (#9991)
Decrypting an ciphertext where its corresponding value equals empty, the payload property "plaintext" is missing in the response object. This fixes the problem by adding a new, distinct struct for decrypt batch response items where "omitempty" is not set.
2020-09-22 09:43:07 -04:00
Lauren Voswinkel 15e608c0ed
Update AD secret engine docs for root cred rotation (#9990) 2020-09-21 16:21:14 -07:00
Chelsea Shaw 2289c9ef1d
CRUD for transform alphabets (#9989)
includes tests for templates and alphabets
2020-09-21 15:36:07 -05:00
Meggie 9190860cc0
docs: Change sidebar labeling to use Integrated Storage (#10002)
I changed some verbiage in the page as well.
2020-09-21 15:55:36 -04:00
Theron Voran 6a23328308
changelog++ 2020-09-21 12:00:21 -07:00
Vishal Nayak daa2c2b1e4 changelog++ 2020-09-21 13:56:51 -04:00
Vishal Nayak 4f3c833b94 Vendor diff 2020-09-21 13:43:21 -04:00
Mike Green 9eb1fb1df4
minor only ha_storage clarification (#10001) 2020-09-21 13:06:03 -04:00
Sebin John 9b3e244e40
Fix doc formatting. (#9994) 2020-09-21 10:01:43 -07:00
Michael Golowka 60e0cbbc37
[DBPW 4/X] Update DB engine to support v4 and v5 interfaces with password policies (#9878) 2020-09-18 15:10:54 -06:00
Jim Kalafut f01f053c34
changelog++ 2020-09-18 13:32:08 -07:00
Chelsea Shaw a8dcc3e6d9
changelog link 2020-09-18 14:53:23 -05:00
Chelsea Shaw 5b1df8c60b
changelog ++ 2020-09-18 14:52:41 -05:00
ncabatoff 2872702995
Use a longer timeout for DeriveActiveCore in the hopes that giving more time will allow for raft leader election failure to recover. (#9988) 2020-09-18 11:07:35 -04:00
ncabatoff 27c7a77624
When expiration attempts to revoke a cert that's not in storage (perhaps due to pki tidy), don't treat that as an error. Let the lease get expired. (#9880) 2020-09-17 16:15:03 -04:00
ncabatoff 0f77d0e282
Move the code that creates Consul containers out of teststorage. This allows importers of teststorage that don't need consul to run as a non-docker test. (#9975) 2020-09-17 15:44:29 -04:00
ncabatoff abdf5dfded
Force docker API version to use. (#9985) 2020-09-17 15:24:31 -04:00
Chelsea Shaw 41bf752080
Ui/transform templates (#9981)
Add CRUD capabilities on transform templates. Disallow read or edit for built-ins.
2020-09-17 14:08:06 -05:00
ncabatoff 64301d3b22
Allow for testing Consul with a different repo that requires auth. (#9983) 2020-09-17 13:05:24 -04:00