Commit Graph

12783 Commits

Author SHA1 Message Date
Mark Gritter f12719fbde
Add upgrade note about the KV metric crash. (#9882)
Co-authored-by: swayne275 <swayne275@gmail.com>
2020-09-02 22:19:09 -05:00
Calvin Leung Huang 63d484b831
docs: fix URL for plugin portal mdx page (#9885) 2020-09-02 17:20:00 -07:00
Calvin Leung Huang 744623746a
docs: add a plugin portal page (#9590)
* docs: add a plugins directory page

* docs: remove divs on the plugins directory page

* add columns

* tag component

* docs: use tags on plugins directory

* docs: revert tags on plugins directory for now

* fix header for official plugins

* add note on submission for community plugins

* s/plugins directory/plugin portal/

* move portal page into docs section

* tag oracle db as external, fix kerberos misspelling

* include gh issue template as submission form

Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2020-09-02 16:25:06 -07:00
Mark Gritter 3690774f7b
Fix crash when KV store has a zero-length key. (#9881)
* Fix crash when KV store has a zero-length key.
* Add PR to changelog.
2020-09-02 17:43:44 -05:00
Theron Voran 4fa8cc422a
Updating the vault injector connectivity docs (#9783)
Adding more detail about connectivity requirements, noting that
masters sometimes need to connect to workers on :8080, and
considerations when Vault is running outside of Kubernetes.
2020-09-02 14:07:31 -07:00
Mark Gritter c4ee595e23
Retry a KV put command if the message indicates kv-v2 upgrade. (#9873) 2020-09-02 10:53:36 -05:00
Jason O'Donnell d10a000e2f
docs: add injector tls setup (#9871)
* docs: add injector tls setup

* Add missing prompts

* Grammar

* fix sidebar

* Update website/pages/docs/platform/k8s/helm/examples/injector-tls.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/pages/docs/platform/k8s/helm/examples/injector-tls.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/pages/docs/platform/k8s/helm/examples/injector-tls.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Move note before command

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2020-09-02 11:36:21 -04:00
ncabatoff f4079fd84f
changelog++ 2020-09-02 10:21:17 -04:00
Calvin Leung Huang 7c887a7ece
Plugin submission GH issue template (#9860)
* Plugin submission GH issue template

* Update .github/ISSUE_TEMPLATE/plugin-submission.md

* update portal URL

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-09-01 17:23:38 -07:00
Michael Golowka e976c3bfda
Create middleware for Database v5 (#9642) 2020-09-01 10:46:20 -06:00
Josh Black b842700572
changelog++ 2020-08-31 10:48:46 -07:00
Meggie 31a52a7a05
Update version.js (#9858) 2020-08-31 13:27:49 -04:00
Jason O'Donnell b2110a2e87
docs: add ldap ppolicy to enforce password hashing (#9856)
* docs: add ldap ppolicy to enforce password hashing

* formatting

* grammar

* Clarify password policy doc
2020-08-31 13:05:27 -04:00
Scott Miller 24794d8457
Dev Message after log quiescence (#9702)
* Register a log sink that delays the printing of the big dev warning until logs have settled down

* Since this is always an intercept logger, just be explicit about the type

* changelog++
2020-08-31 10:45:50 -05:00
ncabatoff 30eba1eed1
Update retryablehttp to fix a data race (#9551) 2020-08-31 11:10:52 -04:00
Meggie 6811db0235
changelog++ 2020-08-31 10:09:41 -04:00
ncabatoff b2908d1744
Avoid O(n^2) lookup to remove duplicate subfolders in list output. (#9694) 2020-08-31 09:23:34 -04:00
Jim Kalafut b61f080daf
Update docs to add EdDSA to supported algorithms (#9854) 2020-08-29 10:30:05 -07:00
Jim Kalafut 1044021b03
changelog++ 2020-08-29 10:22:50 -07:00
Chelsea Shaw 7662de315a
Ui/transform roles list create (#9852)
* Can see list of roles, templates, and alphabets when you click on corresponding tab inside a transform secrets engine

* Cannot click on items in list other than transformations

* Can create a new transform role from the empty state or toolbar

* Creating a role redirects to the view of that role

* Breadcrumb links on transform roles work

* Role create form handles error
2020-08-28 15:38:00 -05:00
Michael Golowka acda64aa35
Add Database v5 interface with gRPC client & server (#9641)
* Add new Database v5 interface with gRPC client & server
This is primarily for making password policies available to the DB engine, however since there are a number of other problems with the current interface this is getting an overhaul to a more gRPC request/response approach for easier future compatibility.

This is the first in a series of PRs to add support for password policies in the combined database engine
2020-08-28 11:20:49 -06:00
Tom Proctor f6284dde23
Remove incorrect couchbase command (#9851) 2020-08-28 16:34:00 +01:00
Calvin Leung Huang 0d723e54a9
docs: add tls settings on cert auto-auth's config page (#9848) 2020-08-27 19:21:32 -07:00
Michael Ethridge a71798a445
TLS Cert Authentication example updates (#9735)
* TLS Cert Authentication example updates

- Updated the Cert Auth example description to clarify which CA
should issue the certificate.
- Removed `-ca-cert` parameter from examples as this caused
confusion.  Is this the auth CA or the CA of the listener?

* Return CA parameter to examples, add Note

- Returned CA parameter to login examples
- Added note above examples to explain which CA is being used in CLI
- Updated examples in API doc to use httpS
- Added note above login example to explain wich CA is being used

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-08-27 17:47:16 -07:00
Jim Kalafut ba1adb6d22
Update Known Issues (#9847)
Provide information about AWS IAM fix versions.
2020-08-27 16:48:44 -07:00
Meggie f1fb18ce8b
Changelog updates for 1.5.3 etc (#9845) 2020-08-27 16:36:35 -07:00
Chelsea Shaw bc5091f32c
Fix templates on transformation being saved as array of array (#9846) 2020-08-27 16:42:05 -05:00
Angel Garbarino a3a9ca4132
Ui/transform delete v2 (#9842)
* first cherry pick

* fix cli clipboard copy text for masking vs fpe

* dynamically setup copy commands for cli copy button

* add backend to cli clipboard text

* add capabilities cherry pick

* setup modal

* handle error response in Modal

* pass in type to info table row so can handle array specific

* remove todo
2020-08-27 15:23:24 -06:00
Scott Miller 0dc0a8233f
Update go.mod to reference latest public gcp-auth plugin (#9813)
* Point to the public, recent version of vault-plugin-auth-gcp

* Vendor the subsequent changes
2020-08-27 13:34:41 -05:00
Austin Gebauer b96f073e23
docs: fixes rollback_statements description and some punctuation (#9836) 2020-08-26 16:49:17 -07:00
Jim Kalafut 2c737182e4
Import vault-plugin-mock (#9839)
Support testing of CI and GitHub actions by creating a real dependency
between Vault and a plugin. The plugin itself is a no-op.
2020-08-26 12:51:46 -07:00
Mark Gritter 6d1b71962f
Add date/time argument type. (#9817)
* Add date/time argument type.
* Add an argument to select which time formats are valid.
* Increase minimum date for epoch timestamps to avoid ambiguity.
2020-08-26 14:40:23 -05:00
Calvin Leung Huang 3a5c7a6946
secrets/ssh: allow algorithm_signer to use the key's default algo (#9824)
* secrets/ssh: allow algorithm_signer to use the key's default algo

* add test for ed25519 key signing

* test: add role upgrade test case

* test: rename and add more test cases

* test: clean up tests cases, fix broken test case on expected error

* test: fix broken test case on expected error
2020-08-26 12:31:56 -07:00
Chelsea Shaw 5c64846225
UI: Transform secrets engine with transformations
* Ui/transform enable (#9647)

* Show Transform on engines list if enterprise

* Add box-radio component

* Add is-disabled styling for box-radio and fix tooltip styling when position: above

* Add KMIP and Transform to possible features on has feature helper

* Sidebranch: Transform Secret Engine Initial setup (#9625)

* WIP // list transforms, console.logs and all

* setup LIST transformations ajax request and draft out options-for-backend options

* change from plural to singluar and add transform to secret-edit

* create two transform edit components

* modify transform model with new attrs

* add adapterFor to connect transform adapter to transform-edit-form component

* setup Allowed roles searchSelect component to search over new transform/role adapter and model.

* clean up for PR

* clean up linting errors

* restructure adapter call, now it works.

* remove console

* setup template model for SearchSelect component

* add props to form field and search select for styling

Co-authored-by: Chelsea Shaw <chelshaw.dev@gmail.com>

* Ui/transform language fixes (#9666)

* Update casing and wording on Transform list route. Use generic list item for transformations

* Add back js file for transformation-edit

* Set up transform for tabs

* Ui/create edit transformation fixes (#9668)

* add conditional for masking vs tweak source based on type, and update text for create transformation

* change order

* fix error with stringArray

* setup the edit/delete transformation view

* clean up toolbar links

* setup serializer to change response of mask character from keycode to character

* change styling of label and sub-text size, confirmed with design

* temp fix on templates vs template

* add clickable list item

* add space between template list

* setup styling and structure for the rest of the show transformation.  TODO: turn into components.

* create transform-show-transformation component

* add attachCapabilities to transform model and update transform-transformation-itme list accordingly

* clean up liniting errors

* address pr comments

* remove leftover

* clean up

* Sidebranch: UI transform create and edit clean up (#9778)

* clean up some of the TODOs

* setup edit view with read only attributes for name and template

* setup initial selected for search select component

* fixes

* hide templates form field for now

* set selectLimit for search select component

* hide power select if the select limit is greater than or equal to the selectedOptions length

* clean up failing linting

* address pr comments

* Ui/fix list roles transformation (#9788)

* Update search-select to pass backend to query if exists

* Update role and template adapters

* cleanup

* Fix replace with static string

* Ui/transform cleanup 2 (#9789)

* amend encode/decode commands for now until design gets back with more details

* restrict character count on masking input field

* clean up selectLimit

* show backend instead of transform in cli copy command

* Show KMIP un-selectable if enterprise but no ADP module (#9780)

* New component transform-edit-base

* Duplicate RoleEdit as TransformEditBase and swap in all transform components

* Roll back role-edit changes

* Update to transform edit base

* Remove extraeneous set backend type on transform components

* formatting

* Revert search-select changes

* Update template/templates data on transformation (#9838)

Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
2020-08-26 11:31:18 -05:00
Scott Miller 4c4fb54806
Aws auth fixes (#9825)
* Bring over PSIRT-37 changes from ENT

* Add additional allowed headers

* Already had this one

* Change to string slice comma separated parsing

* Add allowed_sts_header_values to read output

* Only validate AWS related request headers

* one per line

* Import ordering

* Update test

* Add X-Amz-Credential

* Reorder imports
2020-08-25 17:37:59 -05:00
Calvin Leung Huang 8b7a3812dc
agent: support providing certificate information in cert's config map (#9819)
* agent: support providing certificate information in cert's config map

* update TestCertEndToEnd

* remove URL reference on warning message
2020-08-25 14:26:06 -07:00
Jason O'Donnell 052dea6e57
doc: update vault-helm to 0.7.0 (#9810)
* doc: update vault-helm to 0.7.0

* Fix typo in agent image

* Remove doc from sidebar

* Update website/pages/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Clint <catsby@users.noreply.github.com>

* Update website/pages/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Clint <catsby@users.noreply.github.com>

* Add note about prometheus

Co-authored-by: Clint <catsby@users.noreply.github.com>
2020-08-24 19:03:36 -04:00
Meggie 844bb0b69a
changelog++ (#9812)
* changelog++

* Keep Clint's changes

* Tired of typing versions
2020-08-24 16:27:02 -04:00
Clint 7f78ff5a6a
Update CHANGELOG.md 2020-08-24 15:07:01 -05:00
Jason O'Donnell dfd5e2d532
vault-k8s: add new annotations for 0.5.0 (#9804)
* vault-k8s: add new annotations for 0.5.0

* feedback revision
2020-08-24 13:20:29 -04:00
Jim Kalafut 8815905114
Add Known Issue for AWS IAM logins (#9798)
* Add Known Issue for AWS IAM logins

* Add note about license issue
2020-08-21 15:21:56 -07:00
Andy Baran dffd0dfa4b
K8s docs cross reference (#9795)
* add links to commonly reference Learn site docs

* fixed markdown links

* Moved Deployment Guide to "Guides" subs section
2020-08-21 15:03:01 -04:00
Mark Gritter 6cd00407ad
Add vault.metrics.collection.* metrics to documentation. (#9796) 2020-08-21 13:27:30 -05:00
Meggie 94f963b8b6
changelog++
Credit for Felix.
2020-08-20 19:25:13 -04:00
Meggie 275a34476c
Updates for 1.5.1, 1.4.4, 1.3.8, and 1.2.5 (#9793)
* Updates for 1.5.1, 1.4.4, 1.3.8, and 1.2.5

* Recommend against using these versions

* Re-running checks

* Update docs-navigation.js
2020-08-20 18:57:44 -04:00
ncabatoff e62c6fd2c7
Add ui build tag so we create binaries that serve a UI. (#9790) 2020-08-20 14:37:26 -04:00
Meggie 2f7c6db9b4
changelog++ 2020-08-20 13:57:25 -04:00
ncabatoff 7f7ac71746
Document allowed_domains_template. (#9751) 2020-08-20 09:54:52 -04:00
ncabatoff f20f3747c7
New seal migration strategy doesn't work in 1.4. (#9765) 2020-08-20 09:54:28 -04:00
Junya Ogasawara 0a13195450
Reduce a required permission for OIDC with AzureAD (#9785)
`Group.Read.All` is too permissive policy to achieve external groups
feature. `GroupMembers.Read.All` is enough for that purpose.

MicroSoft Graph API Permission reference follows
https://docs.microsoft.com/en-us/graph/permissions-reference#application-permissions-23
2020-08-20 00:00:31 -07:00