* Fix typos
* Update Oracle DB secrets docs to show support for Static Roles
* Add warning about username case sensitivity
* Remove warning about casing
* Fix typo
Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>
Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
* Seal migration after unsealing
* Refactor migration fields migrationInformation in core
* Perform seal migration as part of postUnseal
* Remove the sleep logic
* Use proper seal in the unseal function
* Fix migration from Auto to Shamir
* Fix the recovery config missing issue
* Address the non-ha migration case
* Fix the multi cluster case
* Avoid re-running seal migration
* Run the post migration code in new leaders
* Fix the issue of wrong recovery being set
* Address review feedback
* Add more complete testing coverage for seal migrations. (#8247)
* Add more complete testing coverage for seal migrations. Also remove VAULT_ACC gate from some tests that just depend on docker, cleanup dangling recovery config in storage after migration, and fix a call in adjustCoreForSealMigration that seems broken.
* Fix the issue of wrong recovery key being set
* Adapt tests to work with multiple cores.
* Add missing line to disable raft join.
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
* Fix all known issues
* Remove warning
* Review feedback.
* Revert my previous change that broke raft tests. We'll need to come back and at least comment
this once we better understand why it's needed.
* Don't allow migration between same types for now
* Disable auto to auto tests for now since it uses migration between same types which is not allowed
* Update vault/core.go
Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>
* Add migration logs
* Address review comments
* Add the recovery config check back
* Skip a few steps if migration is already done
* Return from waitForLeadership if migration fails
Co-authored-by: ncabatoff <nick.cabatoff@gmail.com>
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
* external_tests: ensure derived cores are stable before proceeding on tests
* testhelpers: add min duration tolerance when checking stability on derived core
* thread backend through requests so that the transit-key model has it on list responses
* add tests for transit-key menu and serializer handling of backend
* remove changes to preview-head
Co-authored-by: Noelle Daley <noelledaley@users.noreply.github.com>
* Core usage metrics v1 (merge to side-branch) (#8238)
* restructure menu layout per designs
* setup new routing that will set the stage for a metrics landing page
* fix formatting
* Revert "fix formatting"
This reverts commit e77cdec5e58cdcea49aa1b97f80238433c4f7d1e.
* fix formatting
* small styling changes
* change request routing to metrics
* rename route js file
* Core usage metrics v2 (#8263)
* restructure menu layout per designs
* setup new routing that will set the stage for a metrics landing page
* fix formatting
* Revert "fix formatting"
This reverts commit e77cdec5e58cdcea49aa1b97f80238433c4f7d1e.
* fix formatting
* small styling changes
* change request routing to metrics
* rename route js file
* setup selectable card component and api request
* add token and http request models to route and template
* add entities to route and template
* clean up
* add breadcrumbs and some clean up work
* remove unused selectable-card component
* refactor to a serializer
* move adapters, serializers, and models into metrics folder
* remove unused file
* address pr comments
* address pr comments
* Core Usage Metrics V3 (#8316)
* restructure menu layout per designs
* setup new routing that will set the stage for a metrics landing page
* fix formatting
* Revert "fix formatting"
This reverts commit e77cdec5e58cdcea49aa1b97f80238433c4f7d1e.
* fix formatting
* small styling changes
* change request routing to metrics
* rename route js file
* setup selectable card component and api request
* add token and http request models to route and template
* add entities to route and template
* clean up
* add breadcrumbs and some clean up work
* remove unused selectable-card component
* setup smaller http request bar chart
* refactor to a serializer
* move adapters, serializers, and models into metrics folder
* remove unused file
* setup change part of component
* fix broken model
* add conditional class
* setting up computed properties in new component
* small fixes
* setup components
* minor fixes
* rename
* clean up
* firefox fix
* remove shadow bars
* move out of metrics folders
* modify permissions to show difference between token entities and requests
* make tests
* fix class names and associated tests
* clean up
* fix text overflow in non-chrome browsers
* address pr comments, specifically class names and tests
* move into one component
* clean up component descriptions in comments
* small wording changes
* fix for accessibility
* address pr comments around component examples for storybook
* fix test
* fix failing test
* fix test
* Adding a new replication metric (WAL GC counter)
Adding a new line about the vault.replication.wal.gc metric
* Update website/pages/docs/internals/telemetry.mdx
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
* database/influx: fix panic when trying to revoke user
Guard against other nil responses
* return an error if response is nil, which is unlikely but best safe than sorry
* refactor a deeply nested statement into a function
* Add specification about AWS IAM Unique Identifiers
We experienced an issue where IAM roles resources were re-provisioned with the same ARNs and no change had been made to our vault role configuration but users lost access with `-method=aws`. It wasn't immediately clear to us how IAM Unique Identifiers where being used to avoid the same situations outlined in the AWS documentation. We eventually concluded that re-provisioning the roles in our auth/aws/auth would fetch the new IAM Unique Identifiers.
I hope that this small amendment helps people avoid this problem in the future.