miagilepner
c49d180bc8
VAULT-13169 Require go docs for all new test functions ( #18971 )
...
* example for checking go doc tests
* add analyzer test and action
* get metadata step
* install revgrep
* fix for ci
* add revgrep to go.mod
* clarify how analysistest works
2023-02-07 10:41:04 +01:00
John-Michael Faircloth
d0bf019be5
fix: upgrade vault-plugin-secrets-mongodbatlas to v0.9.0 ( #19012 )
2023-02-06 16:54:18 -06:00
John-Michael Faircloth
aacaddc3c4
fix: upgrade vault-plugin-auth-alicloud to v0.14.0 ( #19005 )
...
* fix: upgrade vault-plugin-auth-alicloud to v0.14.0
* add changelog
2023-02-06 16:15:26 -06:00
Nick Cabatoff
53afd2627b
Make API not depend on SDK ( #18962 )
2023-02-06 09:41:56 -05:00
Ben Ash
e87e4f01d7
fix: upgrade vault-plugin-database-couchbase to v0.9.0 ( #18999 )
2023-02-03 23:17:44 +00:00
Chris Capurso
53390eaddf
Add ClusteName to GetClusterStatus response ( #18950 )
...
* bump github.com/hashicorp/vault/vault/hcp_link/proto
* add ClusterName to GetClusterStatus response
2023-02-02 09:27:55 -05:00
Rachel Culpepper
c151d5fd58
Vault-11713: Add the ability for transit to use managed keys ( #18844 )
...
* add the ability for transit to use managed keys
* add fields for rotate
* reorganize managed keys for better error messaging
* add aad for managed keys
* change encrypting key interface
* fix import error
* fix fmt errors
* move managed key rotation to a separate function
* fix fmt issue
* fix import error
* fix go.mod issue
* fix go.mod
* remove extra rotate param
* fix locking issue in rotation
* fix errors in policy tests
* move managed key params to fit existing policy functions
* fix sign and verify
* fix policy tests
* fix test error
2023-01-27 13:39:58 -06:00
Alexander Scheel
2f5c7458b2
Update x/crypto + x/net ( #18794 )
...
* Update golang.org/x/crypto version
go get -u golang.org/x/crypto && go mod tidy
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update golang.org/x/crypto version in api
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update golang.org/x/crypto version in sdk
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-01-23 19:11:04 +00:00
Josh Black
c9763996d4
Enable undo logs by default ( #18692 )
...
* Enable undo logs by default
* add consul test
* update go.mod/sum
* add a better non-existent key
2023-01-17 13:38:18 -08:00
Christopher Swenson
b95beeb675
Add basic event bus broker stub ( #18640 )
...
Creates a new `eventbus` package under `vault` with
an implementation of the `go-eventlogger` broker.
Also creates a stub of a common broker that will be accessible
in the core, and creates a simple event sending interface.
2023-01-17 13:34:37 -08:00
Ben Ash
3ff530e001
auth/kubernetes: upgrade to v0.14.1 ( #18716 )
2023-01-13 19:00:18 -05:00
Ben Ash
02018f1d1d
Revert "auth/kubernetes: upgrade to v0.14.1 ( #18711 )" ( #18715 )
...
This reverts commit ed244a9263255affa797fe032a5b103d7ae41891.
2023-01-13 18:17:12 -05:00
Ben Ash
6bcd9f4458
auth/kubernetes: upgrade to v0.14.1 ( #18711 )
2023-01-13 17:15:35 -05:00
Chris Capurso
03b23a7970
VAULT-12548: Fix data races in Link status reporting ( #18674 )
...
* pin hcp-scada-provider
* fix link reportStatus data race
* go get hcp-scada-provider@v0.2.1
2023-01-12 15:10:34 -05:00
Mike Palmiotto
43a78c85f4
Mark deprecated builtins Removed ( #18039 )
...
* Remove logical database builtins
* Drop removed builtins from registry keys
* Update plugin prediction test
* Remove app-id builtin
* Add changelog
2023-01-09 09:16:35 -05:00
Chris Capurso
25d0afae23
VAULT-11830: Expand NodeStatusReporter with new fields ( #18302 )
...
* expand NodeStatusReporter with new fields
* only call IsRaftVoter if using raft storage
* add changelog entry
* fix listeners
* return LogLevel as enum
* update github.com/hashicorp/vault/vault/hcp_link/proto
* add changelog entry
* bump github.com/hashicorp/vault/vault/hcp_link/proto
* go mod tidy
2023-01-06 20:53:09 -05:00
Chris Capurso
bb0c92afe7
VAULT-11829: Add cluster status handler ( #18351 )
...
* go get link proto @vault-11829-meta-get-cluster-status
* add HA status
* add HAEnabled method
* add raft config
* allocate HA nodes based on actual count
* add raft autopilot status
* add raft quorum warnings
* add ClusterID method
* add StorageType
* add ClusterID
* update github.com/hashicorp/vault/vault/hcp_link/proto
* add changelog entry
* fix raft config panic
* remove "Warning" quorum message prefix
* add error wrapping
* add Core.HAStateWithLock method
* reduce quorum warnings to single string
* fix HCP_API_HOST test env var check
* Revert "fix HCP_API_HOST test env var check"
This reverts commit 97c73c4798b77b84aea84f341f2c63c4d657914d.
2023-01-06 17:06:54 -05:00
vinay-gopalan
bbd8ac9bbf
Upgrade `go.opentelemetry.io/otel` from v0.20.0 to v1.11.2 ( #18589 )
2023-01-04 11:31:30 -08:00
Theron Voran
49e97a09a6
secrets/kubernetes: updating to latest plugin ( #18587 )
...
go get github.com/hashicorp/vault-plugin-secrets-kubernetes@main
go mod tidy
2023-01-03 15:32:30 -08:00
mickael-hc
a8d8bf7c9d
update x/net ( #18483 )
2022-12-19 17:52:28 -05:00
Chris Capurso
42f36605c7
use meta and link_control from link proto ( #18290 )
2022-12-09 12:35:06 -05:00
Chris Capurso
4dc5155c5f
Link OSS ( #18228 )
...
* add Link config, init, and capabilities
* add node status proto
* bump protoc version to 3.21.9
* make proto
* adding link tests
* remove wrapped link
* add changelog entry
* update changelog entry
2022-12-08 15:02:18 -05:00
Peter Wilson
21a8bcaa7b
Updated go-hclog to v1.4.0 to allow access to GetLevel. Refactored TranslateLoggerLevel ( #18260 )
2022-12-07 14:25:54 +00:00
John-Michael Faircloth
5c4e148ce2
auth/alicloud: update dependencies ( #18021 )
...
* auth/alicloud: update dependencies
* add changelog
2022-11-17 15:00:34 -06:00
vinay-gopalan
adc8f9a20e
secrets/azure: update dependencies ( #17964 )
2022-11-16 13:57:07 -08:00
Max Coulombe
ed1efc7f91
Updated secrets-gcp dependency ( #17871 )
...
+ updated secrets-gcp dependency
+ added changelog
2022-11-10 13:15:46 -05:00
Austin Gebauer
5e85624498
auth/azure: upgrades dependencies ( #17857 )
2022-11-09 10:24:51 -08:00
Max Coulombe
818693be89
Updated auth-gcp plugin ( #17858 )
...
* updated auth-gcp plugin
+ added changelog
2022-11-09 12:00:24 -05:00
Peter Wilson
d2e0f771ef
updated raft-autopilot to v0.2.0 ( #17848 )
...
* updated raft-autopilot to v0.2.0
* Add changelog
2022-11-08 13:51:27 +00:00
Robert
d807b5abba
secrets/aws: update dependencies ( #17747 )
...
* Update AWS secrets deps
2022-11-01 16:01:20 -05:00
Violet Hynes
6d9ea2862e
VAULT-8519 fix spurious "unknown or unsupported fields" warnings for JSON config ( #17660 )
...
* VAULT-8519 add tests for HCL unknown field bug
* VAULT-8519 upversion hcl
* VAULT-8519 include correct comitts in tag
* VAULT-8519 Add changelog
2022-10-27 10:28:03 -04:00
Calvin Leung Huang
9e6256178e
database/snowflake: update plugin to v0.6.1 ( #17593 )
...
* database/snowflake: update plugin to v0.6.1
* add changelog entry
2022-10-18 15:49:37 -07:00
Christopher Swenson
e36e0a59a8
Update httpguts for GO-2022-0236 fix ( #17520 )
...
[`govulncheck`](https://go.dev/blog/vuln ) reports that the `api` package
has a call chain that includes
`golang.org/x/net/http/httpguts.HeaderValuesContainsToken`, a vulnerable
function.
2022-10-12 15:02:54 -07:00
Peter Wilson
138c516498
Update plugin consul template v0.29.5 ( #17419 )
...
* Updated consul-template to v0.29.5
2022-10-04 22:34:28 +01:00
Violet Hynes
6fddb953e9
VAULT-8631 Upgrade vault-plugin-secrets to v0.13.3, to enable synchronous KVV2 creation ( #17406 )
...
* VAULT-8631 Upgrade vault-plugin-secrets to v0.13.2
* VAULT-8631 Update version, go mod tidy
* VAULT-8631 Add changelog
2022-10-04 13:54:38 -04:00
Peter Wilson
e307450c63
fix: upgrade vault-plugin-secrets-kv to v0.13.1 ( #17339 )
...
* fix: upgrade vault-plugin-secrets-kv to v0.13.1
* Added changelog
* Update changelog/17339.txt
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2022-09-28 18:36:10 +01:00
Alexander Scheel
3015689848
Update tlsutil to v0.1.2 for ecdsa algo naming ( #17282 )
...
* Update tlsutil in sdk
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update tlsutil in API
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update tlsutil to v0.1.2 for ecdsa algo naming
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-09-23 08:28:40 -04:00
Yoan Blanc
fa8f7c793f
fix: PGP subkeys support ( #16224 )
...
* fix: PGP subkeys support
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
* fix: bump ProtonMail/go-crypto
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
* fix: bump ProtonMail/go-crypto
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2022-09-22 09:12:41 -04:00
Milena Zlaticanin
6593466b3e
secret/database/redis: upgrade plugin to v0.1.0 ( #17270 )
2022-09-21 19:39:50 -05:00
Tom Proctor
4e51491f7a
Upgrade vault-plugin-auth-alicloud to v0.13.0 ( #17251 )
2022-09-21 21:05:18 +01:00
Kit Haines
45cb910d0b
Try to bring versions of gofumpt to be the same (so running make bootstrap doesn't change version of gofumpt needed for make fmt) ( #17254 )
2022-09-21 12:57:34 -04:00
Tom Proctor
abfeb59646
Upgrade vault-plugin-auth-centrify to v0.13.0 ( #17195 )
2022-09-20 06:05:50 -04:00
Christopher Swenson
5a8a896b5a
fix: upgrade vault-plugin-database-elasticsearch to v0.12.0 ( #17203 )
2022-09-19 14:46:23 -07:00
Christopher Swenson
4ad2dcbfe3
fix: upgrade vault-plugin-database-couchbase to v0.8.0 ( #17205 )
2022-09-19 14:12:33 -07:00
Robert
b8afefbc6a
secrets/ad: update plugin to v0.14.0 ( #17214 )
2022-09-19 16:03:17 -05:00
Ben Ash
d76dbeead1
fix: upgrade vault-plugin-auth-oci to v0.12.0 ( #17212 )
2022-09-19 13:34:44 -07:00
Milena Zlaticanin
f115a3929f
secrets/mongodbatlas: upgrade plugin to v0.8.0 ( #17211 )
2022-09-19 15:13:36 -05:00
Tom Proctor
f7fdb7b7d0
Upgrade vault-plugin-auth-cf to v0.13.0 ( #17196 )
2022-09-19 19:24:24 +01:00
Tom Proctor
bc5ac79928
Upgrade vault-plugin-auth-azure to v0.12.0 ( #17194 )
2022-09-19 19:22:09 +01:00
Ben Ash
adf9b7eca0
fix: upgrade vault-plugin-secrets-alicloud to v0.13.0 ( #17201 )
2022-09-19 10:39:36 -07:00
Christopher Swenson
17fd8ad465
fix: upgrade vault-plugin-database-mongodbatlas to v0.8.0 ( #17200 )
2022-09-19 10:16:20 -07:00
vinay-gopalan
f0d3cbaa43
bump secrets/azure to v0.14.0 ( #17180 )
2022-09-19 10:02:57 -07:00
Ben Ash
bc8ab07b28
fix: upgrade vault-plugin-secrets-gcpkms to v0.13.0 ( #17199 )
2022-09-19 12:56:56 -04:00
vinay-gopalan
fdebc2c2c3
bump secrets/kv to v0.13.0 ( #17175 )
2022-09-19 09:40:52 -07:00
Steven Clark
7f3dd736c9
Update OSS dependencies to match newer versions that ENT is using ( #17188 )
2022-09-19 10:33:36 -04:00
Steven Clark
05a5928b8d
Update missing go-kms-wrapping v2 dep and address some ENT->OSS drift ( #17178 )
...
* Update missing go-kms-wrapping v2 dep and address some ENT->OSS drift
* Bump go-kms-wrapping/wrappers/gcpckms/v2 to v2.0.1
2022-09-19 10:23:40 -04:00
Robert
e529bac132
auth/kerberos: update plugin to v0.8.0 ( #17173 )
...
* Update plugin version to v0.8.0
2022-09-16 16:50:12 -05:00
Robert
d89aeb7a3a
secrets/terraform: update plugin to v.0.6.0 ( #17172 )
...
* Update plugin version to v.0.6.0
2022-09-16 15:56:39 -05:00
Austin Gebauer
7b862f33c3
secrets/gcp: updates plugin to v0.14.0 ( #17174 )
...
* secrets/gcp: updates plugin to v0.14.0
* adds changelog
2022-09-16 12:42:37 -07:00
vinay-gopalan
ec76c2c8a3
update auth/gcp to v0.14.0 ( #17160 )
2022-09-16 09:39:34 -07:00
Max Coulombe
a3f7a8c487
+ upgrade redis-elasticache plugin to v0.1.0 ( #17163 )
2022-09-16 12:32:12 -04:00
Theron Voran
81ea92459c
secrets/kubernetes: upgrade to v0.2.0 ( #17164 )
2022-09-16 08:31:53 -07:00
Theron Voran
37b30337a0
auth/kubernetes: upgrade to v0.14.0 ( #17161 )
2022-09-16 02:03:21 -04:00
Austin Gebauer
c1f51417b0
Adds ldap secrets to plugin registry and updates to v0.9.0 ( #17152 )
...
* Adds ldap secrets to plugin registry and updates to v0.9.0
* adds changelog
* fix test
2022-09-15 22:19:24 -07:00
Christopher Swenson
aa503ef7ff
fix: upgrade vault-plugin-database-snowflake to v0.6.0 ( #17159 )
...
fix: upgrade vault-plugin-database-snowflake to v0.6.0
2022-09-15 16:01:56 -07:00
Austin Gebauer
c87954e7e3
auth/jwt: updates plugin to v0.14.0 ( #17154 )
2022-09-15 13:44:50 -07:00
Max Coulombe
6b2f4e5354
+ added redis elasticache as a built-in plugin ( #17075 )
...
* added redis elasticache as a built-in plugin
2022-09-09 16:16:30 -04:00
Milena Zlaticanin
0977bd1ddc
Import Redis OSS database plugin into Vault ( #17070 )
...
* Import Redis OSS database plugin into Vault
* update the total number of db plugins
* small nit for testing
* adding changelog
2022-09-09 13:42:25 -05:00
Max Coulombe
f9b5d1a563
Multiplexing opt out flag ( #16972 )
...
* added mplexing opt-out flag
2022-09-08 11:32:46 -04:00
Hamid Ghaf
a034ebfd27
HCP link integration ( #16939 )
...
* HCP link integration
* update configure-git.yml
* more OSS stuff
* removing internal repos
* adding a nil check
* removing config test to be included in ENT only
* updating hcp-sdk-go to v0.22.0
* remove Hostname and AuthURL link config params
Co-authored-by: Chris Capurso <1036769+ccapurso@users.noreply.github.com>
2022-09-06 14:11:04 -04:00
Jason O'Donnell
e097e46a50
auth/kerberos: add config to include ldap groups in group alias ( #16890 )
2022-08-25 13:51:54 -07:00
Scott Miller
3bd38fd5dc
OSS portion of wrapper-v2 ( #16811 )
...
* OSS portion of wrapper-v2
* Prefetch barrier type to avoid encountering an error in the simple BarrierType() getter
* Rename the OveriddenType to WrapperType and use it for the barrier type prefetch
* Fix unit test
2022-08-23 15:37:16 -04:00
Nathan Coleman
99eca84c3b
Update crypto package to fix GO-2021-0356 ( #16799 )
2022-08-22 09:57:25 -07:00
John-Michael Faircloth
d3c72080c4
update go-plugin to v1.4.5 ( #16781 )
2022-08-18 12:33:43 -04:00
Matt Schultz
14284c67f5
Update consul-template to v0.29.2. ( #16764 )
2022-08-17 11:24:40 -05:00
Robert
4bbdf61f52
auth/kerberos: update plugin version to v0.7.2 ( #16636 )
...
* Update plugin version to v0.7.2
2022-08-09 11:02:41 -05:00
Hridoy Roy
a02c02ea68
upgrade raft to 1.3.10 ( #16609 )
...
* upgrade raft to 1.3.10
* changelog
2022-08-05 10:27:37 -07:00
Jason O'Donnell
bc93baaaab
auth/kerberos: add remove_instance_name config ( #16594 )
...
* auth/kerberos: add remove_instance_name config
* Update website
* Fix doc
* Fix doc
* changelog
2022-08-04 16:38:12 -04:00
Austin Gebauer
30c75699f2
auth/jwt: updates dependency and adds changelogs ( #16525 )
...
* auth/jwt: updates dependency and adds changelogs
* adds changelog entries
2022-08-01 12:46:34 -07:00
Robert
36c2c11023
auth/gcp: add support for GCE regional instance groups ( #16435 )
...
* Update GCP auth to add support for regional instance groups
* Add changelog file
2022-07-22 17:31:25 -05:00
Austin Gebauer
5fd479a55a
deps: updates google.golang.org/api via plugins ( #16405 )
2022-07-21 13:07:57 -07:00
Austin Gebauer
7df39640e0
Update gopsutil to v3 to fix MacOS deprecation warnings ( #16321 )
...
* Update gopsutil to v3
* Adds v2 field names in host-info response to allow eventual deprecation in favor of v3 field names
* Map v3 to v2 field names to keep host-info api compat
* copy gopsutil license into source
2022-07-20 16:37:10 -07:00
Christopher Swenson
81b702b918
Remove gox in favor of go build. ( #16353 )
...
Remove gox in favor of go build.
`gox` hasn't had a release to update it in many years, so is missing
support for many modern systems, like `darwin/arm64`.
In any case, we only use it for dev builds, where we don't even use
the ability of it to build for multiple platforms. Release builds use
`go build` now.
So, this switches to `go build` everywhere.
I pulled this down and tested it in Windows as well. (Side note: I
couldn't get `gox` to work in Windows, so couldn't build before this
change.)
2022-07-20 10:44:41 -07:00
akshya96
42b13448f9
ActivityLog Implement HyperLogLog Store Functionality During Precomputation ( #16146 )
...
* adding hll for each month
* add changelog
* removing influxdb
* removing influxdb
* removing influxdb
* changing switch to if-else for semgrep
2022-06-27 09:38:32 -07:00
Christopher Swenson
2e56c7fe0a
Update consul-template to latest for pkiCert fix ( #16087 )
...
Update consul-template to latest for pkiCert fix
So that we get the fixes in https://github.com/hashicorp/consul-template/pull/1590
and https://github.com/hashicorp/consul-template/pull/1591 .
I tested manually that this no longer causes `pkiCert` to get into an
infinite failure loop when the cert expires, and that the key and CA certificate are also accessible.
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2022-06-27 08:39:36 -07:00
Calvin Leung Huang
08f148ba42
secrets/ad: update plugin to v0.13.1 ( #16140 )
2022-06-24 12:04:01 -07:00
Steven Clark
37edd59828
Match up dependency versions across OSS and ENT. ( #15820 )
...
- A few pinned dependency versions have been upgraded within ENT but were
not upgraded in OSS. This will syncs the pinned versions across them.
2022-06-17 08:34:00 -04:00
Alexander Scheel
0cbbea1cbe
Update containerd/containerd indirect test dep ( #15816 )
...
* Update containerd/containerd indirect test dep
This dependency is pulled in from our testing infra and not in our final
Vault version. However, updating this dep pulls in newer versions of
other deps (such as protobuf) which are used at runtime. Updated via:
$ go get github.com/containerd/containerd@v1.5.13 && go mod tidy
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update moby/moby direct test dep
Since docker/docker has an indirect dep on containerd, I've updated it
as well:
$ go get github.com/docker/docker@v20.10.17 && go mod tidy
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-06-13 13:37:12 -04:00
Nick Cabatoff
e18e8c3677
Fix broken rabbithole dep exposed by wiping my module cache. ( #15867 )
2022-06-08 10:31:43 -04:00
Austin Gebauer
18d25ca4d1
db/snowflake: updates plugin to v0.5.1 ( #15814 )
2022-06-06 09:28:06 -07:00
Chris Capurso
073cd369b6
bump vault-plugin-secrets-kv to v0.12.1 ( #15792 )
...
* bump vault-plugin-secrets-kv to v0.12.1
* add changelog entry
2022-06-03 16:01:35 -04:00
Alexander Scheel
03efc71e62
Update to fixed parseutil v0.1.6 ( #15774 )
...
Note that this only really applies to the SSH engine, nothing else uses
this helper. Other go.mod's updated for consistency.
See also: https://github.com/hashicorp/go-secure-stdlib/pull/40
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-06-02 17:31:45 -04:00
Robert
d3654dd55c
Update terraform secrets to v0.5 ( #15721 )
2022-05-31 20:26:50 -05:00
Robert
3c057205ab
secrets/openldap: Update plugin to v0.8.0 ( #15667 )
2022-05-27 14:29:02 -05:00
Theron Voran
e2a15cae83
secrets/kubernetes: update to v0.1.1 ( #15655 )
2022-05-26 15:44:03 -07:00
Calvin Leung Huang
fddbd2fe66
auth/cf: update plugin to v0.12.0 ( #15636 )
2022-05-26 12:12:54 -07:00
Tom Proctor
60cc834322
upgrade azure, centrify and kerberos auth plugins ( #15646 )
2022-05-26 19:07:07 +01:00
John-Michael Faircloth
02b1db37fd
fix: upgrade vault-plugin-database-elasticsearch to v0.11.0 ( #15614 )
...
* fix: upgrade vault-plugin-database-elasticsearch to v0.11.0
* add changelog
* Update changelog/15614.txt
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2022-05-26 10:20:52 -05:00
John-Michael Faircloth
fd215fd6fe
fix: upgrade vault-plugin-database-mongodbatlas to v0.7.0 ( #15621 )
2022-05-26 08:55:14 -05:00
Calvin Leung Huang
aa6bf94621
dep: go mod tidy ( #15633 )
2022-05-25 18:08:31 -07:00