Commit graph

17022 commits

Author SHA1 Message Date
Kianna 84957ad993
UI: VAULT-6519 PKI configuration read (#19677) 2023-03-22 14:14:11 -07:00
claire bontempo cde1b3e328
UI: fix enterprise test failures (#19671)
* move oidc tests into new file

* remove module from namespace test

* remove entered line

* add logout to afterEach hook

* remove ns test

* move test setup to within test

* use logout.visit() instead

* updates oidc auth namespaces test

* reverts to authPage logout

---------

Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
2023-03-22 20:32:26 +00:00
Marc Boudreau 4ad111b3dd
Migrating CircleCI Jobs to GHA Workflow (#19662)
* address lint reports

* add diff-oss-ci and test-ui jobs to ci GHA workflow

* Add actions linter workflow

* Fix actions linter errors

* pin 3rd party components with SHA hash and limit actionlint workflow to pull requests touching paths under .github directory

* Fix actionlint runner

* pin SHA hash of 3rd party components
use .go-version file to provide go version to setup-go action
remove unncessary ref parameter in checkout action

---------

Co-authored-by: Brian Shore <bshore@hashicorp.com>
2023-03-22 15:02:06 -04:00
Nick Cabatoff 06e3f971ef
Allow overriding gRPC's connection timeout with VAULT_GRPC_MIN_CONNECT_TIMEOUT (#19676) 2023-03-22 18:51:37 +00:00
Chelsea Shaw 72199e4d94
UI: Fix flaky time-related tests (#19521) 2023-03-22 13:19:11 -05:00
Luis (LT) Carbonell 91e04109be
add clarifying statement for pkcs11 support (#19673) 2023-03-22 12:40:23 -04:00
ram-parameswaran b24115cf1e
Updated connection_url to be pgx library relevant (#19667)
Updated connection_url to be according to the options available in the pgx library instead of the now deprecated use of the lib/pq which was done as part of Vault 1.11 as documented here - https://github.com/hashicorp/vault/blob/main/CHANGELOG.md#june-20-2022
2023-03-22 09:02:47 -07:00
bcrich 6913e7c82a
Update CHANGELOG.md (#19670)
irrevocable release gets deleted. [GH-18401] corrected to irrevocable lease gets deleted. [GH-18401]
2023-03-22 08:35:44 -07:00
Karel 7469b0828a
Fix: Optionally reload x509 key-pair from disk on agent auto-auth (#19002)
* Optionally reload x509 key-pair from disk

* Document 'reload' config value

* Added changelog release note
2023-03-22 11:01:58 -04:00
Alexander Scheel 2fcaec4b21
Add support for HEAD operations (#19520)
* Add header operation to sdk/logical

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add support for routing HEAD operations

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-21 18:37:17 -04:00
Kuba Wieczorek 89fa73c9f7
Fix a typo in the Makefile (#19663) 2023-03-21 20:59:40 +00:00
Raymond Ho 96e966e9ef
VAULT-13614 Support SCRAM-SHA-256 encrypted passwords for PostgreSQL (#19616) 2023-03-21 12:12:53 -07:00
mickael-hc 427b4dbd49
security model updates (#19656) 2023-03-21 11:14:00 -07:00
Kuba Wieczorek 641f42f767
Add a GHA job running Go tests with race detection enabled to the CI … (#19561)
* Add a GHA job running Go tests with race detection enabled to the CI workflow

* Incorporate logic from test-go-race into the test-go testing matrix

* Make test-go testing matrix job names more meaningful

* Fix some a bug in script's logic

* Experiment: bump wait time in the failing TestLoginMFASinglePhase test to see if that makes a difference

* Lower the wait time in TestLoginMFASinglePhase

* Change the wait time in TestLoginMFASinglePhase to 15

* Add more detail to test-go testing matrix job names

* Test whether we already have access to larger runners

* Run Go tests with enabled data race detection from a separate job than the standard suite of tests

* Tweak runner sizes for OSS

* Try rebalancing test buckets

* Change instance type for larger ENT runners

* Undo rebalancing of test buckets as it changed nothing

* Change instance type for larger OSS runners

* Change the way we generate names for matrix jobs

* Consolidate the Go build tags variables, update them to use comma as a separator and fix the if statement in test-go

* Fix a typo
2023-03-21 14:13:40 -04:00
Chris Capurso 12cf80fafd
user Platform from host info for node status OS (#19611) 2023-03-21 09:53:31 -04:00
claire bontempo 566a29ee23
UI/update auth form to fetchRoles after a namespace is inputted, prior to OIDC auth (#19541)
* re-fetch roles if there is a namespace

* remove redundant conditional

* reorder oidc auth operations

* add test

* test cleanup

* add changelog
2023-03-21 07:51:15 -06:00
Rowan Smith c29f5e718a
docs / Update 1.13.0 Known Issues (#19601)
* Update 1.13.0.mdx

add a note to known issues

* Update website/content/docs/release-notes/1.13.0.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

---------

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-03-20 18:14:41 -07:00
Mike Palmiotto d6a1cc63ac
activitylog: Fix pq.Get trace logger output (#19650) 2023-03-20 19:35:40 -04:00
Steven Clark ae4b02e6c4
Fix for PKI.TestStandby_Operations test to work in ENT (#19647)
* Fix for PKI.TestStandby_Operations test to work in ENT

 - Remove wait call to testhelpers.WaitForActiveNodeAndStandbys and
   leverage testhelpers.WaitForStandbyNode instead.

* Use InmemBackendSetup for a proper HA backend in ENT
2023-03-20 21:11:56 +00:00
Daniel Huckins 058710d33d
Add -mount flag to kv list command (#19378)
* add flag

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* handle kv paths

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* scaffold test

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* need metadata for list paths

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add (broken) test

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* fix test

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* update docs

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add changelog

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* format

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add godoc

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add test case for mount only

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* handle case of no unnamed arg

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add non-mount behavior

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add more detail to comment

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add v1 tests

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

---------

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
2023-03-20 16:26:21 -04:00
Rowan Smith c581f90c05
Update deregister.mdx (#19573)
adding `-version=` parameter to docs
2023-03-20 12:08:20 -07:00
Austin Gebauer 66e26d2735
secrets/ldap: upgrades plugin to v0.10.1 (#19640)
* secrets/ldap: upgrades plugin to v0.10.1

* adds changelog
2023-03-20 11:29:09 -07:00
Tom Proctor 7fd394fc76
Docs: Implementing the plugin version interface (#19606) 2023-03-20 17:43:31 +00:00
Anton Averchenkov 4d10063cbd
openapi: Fix logic for labeling unauthenticated/sudo paths (#19600) 2023-03-20 13:25:09 -04:00
Alexander Scheel 1fe1c756ab
Add known issue text for PKI revocation (#19632)
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-20 12:24:05 -04:00
Alexander Scheel 411705d723
More wrapped errors - PKI, SSH, Transit (#19631)
* Add missing wrapped errors in PKI

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add missing wrapped errors in SSH

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add missing wrapped errors in Transit

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-20 16:00:49 +00:00
Steven Clark 2217731266
Forward PKI revocation requests received by standby nodes to active node (#19624)
* Forward PKI revocation requests received by standby nodes to active node

 - A refactoring that occurred in 1.13 timeframe removed what was
   considered a specific check for standby nodes that wasn't required
   as a writes should be returning ErrReadOnly.
 - That sadly exposed a long standing bug where the errors from the
   storage layer were not being properly wrapped, hiding the ErrReadOnly
   coming from a write and failing the request.

* Add cl

* Add test for basic PKI operations against standby nodes
2023-03-20 14:58:36 +00:00
Mike Palmiotto 2381e6be66
Add no-op CensusAgent (#19625)
* Add no-op CensusAgent

* Changelog for Census Agent background worker
2023-03-20 10:51:35 -04:00
Violet Hynes e627737fe8
VAULT-8337 OSS changes (#19580) 2023-03-20 09:04:55 -04:00
Tom Proctor f1f5c8444a
Suppress event broker not started log warning (#19593) 2023-03-20 11:14:14 +00:00
Steven Clark 6fbf3da148
Add known issue about OCSP GET redirection responses (#19523) 2023-03-17 18:07:04 +00:00
Kianna f96851d699
UI: Glimmerize Chevron, EmptyState, FieldGroupShow, InfoTooltip, Icon (#19570) 2023-03-17 09:22:12 -07:00
Violet Hynes 31f764b82b
Update KV-V2 docs to explicitly call out the secret mount path as a parameter (#19607)
* Update KV-V2 docs to explicitly call out the secret mount path as a parameter

* Missed some angular brackets

* remove wishy language
2023-03-17 12:21:55 -04:00
Kianna da72adcc4c
UI: Glimmerize InfoTable, PageHeader, UpgradePage, NamespaceReminder, PageHeaderLevel Left,Right,Top (#19572) 2023-03-17 08:13:54 -07:00
Hamid Ghaf 85ead99d64
vault-12244 (#19591)
* vault-12244

* CL
2023-03-17 07:52:54 -07:00
Kianna d6e1dec686
UI: Glimmerize - Colocate template and remove component file (#19569) 2023-03-17 07:38:52 -07:00
Kianna f0283988bb
UI: Glimmerize BoxRadio and AlertPopup (#19571) 2023-03-17 07:37:33 -07:00
Chris Capurso 078d4eef7c
update link policy fetch URL (#19371)
* update link policy fetch URL

* fix fmt
2023-03-17 09:09:25 -04:00
miagilepner ec4bd1fb25
VAULT-14204 Update parameter policy documentation (#19586) 2023-03-17 11:14:54 +01:00
Mike Baum 8de15e4827
[QT-523] Remove copyright/license header from raft config used in the Docker/K8S integration test (#19584) 2023-03-16 17:39:59 -04:00
Violet Hynes 943678e359
Fix remount for mounts with spaces in the name (#19585)
* Fix remount for mounts with spaces in the name

* Git mishap

* Git mishap

* Changelog

* Godocs for tests
2023-03-16 15:26:55 -04:00
Marc Boudreau 00219b3917
comment out HCP_SCADA_ADDRESS environment variable (#19583) 2023-03-16 13:04:23 -04:00
Mike Palmiotto 89d7b874ba
Add upgrade note for Removed builtins in 1.13 (#19531) 2023-03-15 22:18:44 +00:00
Ryan Cragun cebde2f880
ci: pin terraform until planning bug is resolved (#19560)
Signed-off-by: Ryan Cragun <me@ryan.ec>
2023-03-15 17:54:18 +00:00
Austin Gebauer f73348e501
database/elasticsearch: upgrades plugin to v0.13.1 (#19545)
* database/elasticsearch: upgrades plugin to v0.13.1

* adds changelog
2023-03-15 10:24:03 -07:00
Hamid Ghaf 27bb03bbc0
adding copyright header (#19555)
* adding copyright header

* fix fmt and a test
2023-03-15 09:00:52 -07:00
Scott Miller de31641aea
Add the Tokenization/Rotation persistence issue as a Known Issue (#19542)
* Note the known issue with rotation interaction with tokenization key policy persistence

* typo
2023-03-15 09:42:02 -05:00
Violet Hynes fdd38deb49
Update auto-auth docs to remove tilde for home (#19548)
* Update auto-auth docs to remove tilde for home

* Extra clean-up
2023-03-15 09:35:43 -04:00
Francis Chuang 74c3697144
Add Oracle Cloud auth to the Vault Agent (#19260)
* Add Oracle Cloud auth to the Vault Agent

* Use ParseDurationSecond to parse credential_poll_interval

* Use os.UserHomeDir()
2023-03-15 09:08:52 -04:00
Angel Garbarino bd8d3d4e07
Glimmer Navigate Input component (#19517)
* wip

* wip

* todo hackeweek remove

* clean up

* add documetnation and fix test failure

* pr review changes

* spelling

* remove unused method
2023-03-14 20:23:04 -06:00