Commit Graph

578 Commits

Author SHA1 Message Date
hc-github-team-secure-vault-core f491ad1454
replace nytimes/gziphandler with klauspost/compress/gzhttp (#23898) (#23962)
Co-authored-by: Marc Boudreau <marc.boudreau@hashicorp.com>
2023-11-02 16:16:18 -04:00
hc-github-team-secure-vault-core 19d740c312
Backport of Update hashicorp/vault-plugin-secrets-mongodbatlas to v0.10.2 into release/1.14.x (#23851)
* Update hashicorp/vault-plugin-secrets-mongodbatlas to v0.10.2 (#23849)

* Automated dependency upgrades

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>

* Run tidy

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Luis (LT) Carbonell <lt.carbonell@hashicorp.com>
2023-10-26 10:32:08 -04:00
Christopher Swenson 5038953f3d
Update go to version 1.20.10 (#23712)
And update:
* `google.golang.org/grpc` v1.55.0 => v1.58.3
* `golang.org/x/net` v0.13.0 => v0.17.0

and run `go mod tidy`
2023-10-17 15:31:01 -07:00
Hamid Ghaf f0cfec5bca
bump go version to 1.20.8 on 1.14.x (#22936)
* bump go version to 1.20.8 on 1.14.x

* go mod tidy
2023-09-08 19:20:04 +00:00
Scott Miller ba9806c971
Update go-kms-wrapping to get Azure HTTP/2 workaround (1.14.x) (#22768)
* Update go-kms-wrapping to get Azure HTTP/2 workaround (1.14.x)

* changelog
2023-09-05 14:28:48 -05:00
John-Michael Faircloth 1bf536eebd
Update hashicorp/vault-plugin-database-snowflake to v0.9.0 (#22516) (#22527)
* Automated dependency upgrades

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-core <82990506+hc-github-team-secure-vault-core@users.noreply.github.com>
Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
2023-08-23 17:17:22 -05:00
Alexander Scheel dfa43e537d
Bump go version to 1.20.7 on Vault 1.14.x (#22498)
* Bump go version to 1.20.7 on Vault 1.14.x

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update to Docker v24.0.5 to fix host header issue

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-08-22 15:09:26 -04:00
hc-github-team-secure-vault-core 23a4340a19
backport of commit a5b3b3d6b5ed9b912f8b837822e94155e161e0f8 (#22339)
Co-authored-by: Ellie <ellie.sterner@hashicorp.com>
2023-08-15 10:39:50 -05:00
Tom Proctor ed25ab6cf4
Backport: Bump consul-template 0.32.0 -> 0.33.0 (#22322) (#22338)
Also adds a test to ensure the new VAULT_CACERT_BYTES functionality works.
Conflicts:
	go.mod
	go.sum
2023-08-15 14:36:26 +01:00
hc-github-team-secure-vault-core 036e692ee1
Backport of Update hashicorp/vault-plugin-auth-azure to v0.16.0 into release/1.14.x (#22278)
---------

Co-authored-by: Kay Craig <kay.craig@hashicorp.com>
2023-08-10 15:03:43 -04:00
hc-github-team-secure-vault-core 94a3711e0f
backport of commit 7e5f2cebb787bd9045c29874b5e68c51a4fa1223 (#22274)
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
2023-08-10 10:56:45 -04:00
Nick Cabatoff 2617223e5f
Bump go mod versions to match those in ent (#22170) 2023-08-02 15:06:45 -04:00
hc-github-team-secure-vault-core f66da5eda2
backport of commit bf05cfd64a8ac01e07c2b6b1e1db02390266c932 (#21957)
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
2023-07-19 19:43:50 +00:00
hc-github-team-secure-vault-core 7b8c8e722c
backport of commit c2cbd5a578108d2447efc52f47f3bb7f7b69ee02 (#21819)
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2023-07-13 10:27:03 -07:00
hc-github-team-secure-vault-core 93d2fc099f
VAULT-17592 Extract failed Go test results across runners (#21625) (#21672)
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
2023-07-07 18:52:01 +01:00
hc-github-team-secure-vault-core 820e38e259
backport of commit 304ecfc8e9d61536834e1e3904c3eee28411f6f8 (#21637)
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2023-07-06 15:35:25 -07:00
hc-github-team-secure-vault-core 2c4e40eaf6
backport of commit 8bb9cbbebaed39b290590f79a8857f5ba01fbf16 (#21627)
Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
2023-07-06 18:46:13 +01:00
hc-github-team-secure-vault-core 94213dacde
backport of commit c6ef0800a00f3634b869e1152cfbf5581753633f (#21576)
Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com>
2023-07-05 11:22:27 -04:00
hc-github-team-secure-vault-core c1e932ed20
backport of commit 17d63abdb1a8c0e0c3aaf649b34b4645d28dc17b (#21371)
Co-authored-by: Josh Black <raskchanky@gmail.com>
2023-06-20 21:19:13 +00:00
hc-github-team-secure-vault-core a485cf8f9a
backport of commit 82359a9e8ff8902be46f8c54864d594f83e1d41a (#20858)
Co-authored-by: Christopher Swenson <christopher.swenson@hashicorp.com>
2023-06-01 17:27:37 +00:00
hc-github-team-secure-vault-core 5b545ba747
backport of commit e5ae00a767fec245c954dd89cc3dec10d0b5f56b (#20857)
Co-authored-by: Christopher Swenson <christopher.swenson@hashicorp.com>
2023-06-01 16:51:54 +00:00
hc-github-team-secure-vault-core cdace6f002
Update MongoDB Atlas plugin to v0.10.0 (#20882) (#20896)
* Update MongoDB Atlas plugin to v0.10.0

* add changelog

* add a changelog with feature release note

* Update changelog/20882.txt



---------

Co-authored-by: Milena Zlaticanin <60530402+Zlaticanin@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
2023-05-31 20:19:27 +00:00
hc-github-team-secure-vault-core a486b13957
backport of commit 63ccb60b9a6dadf717e6813f9789c7194a2375de (#20877)
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-05-30 23:49:24 +00:00
Max Coulombe 4c45de5b37
Updated snowflake plugin to v0.8.0 (#20807)
* updated snowflake plugin to v0.8.0
2023-05-26 09:48:25 -04:00
John-Michael Faircloth 5ed35b8257
update secrets/kubernetes and auth/kubernetes plugin versions (#20802)
* update secrets/kubernetes and auth/kubernetes plugin versions

* add changelog
2023-05-25 18:54:45 -05:00
Christopher Swenson 8fbca24c2f
fix: upgrade vault-plugin-auth-jwt to v0.16.0 (#20799) 2023-05-25 14:59:17 -07:00
Alexander Scheel 30488bc374
sdk/helper/nonce -> go-secure-stdlib/nonceutil (#20737)
Depends on https://github.com/hashicorp/go-secure-stdlib/pull/73

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-05-25 20:57:08 +00:00
vinay-gopalan f9f4b68a58
upgrade vault-plugin-secrets-alicloud to v0.15.0 (#20787) 2023-05-25 10:34:48 -07:00
Robert 2fa0953759
auth/kerberos: upgrade plugin version (#20771)
* Upgrade vault-plugin-auth-kerberos to v0.10.0
2023-05-25 17:29:42 +00:00
Robert a7054c643b
database/redis: upgrade plugin version (#20763)
* Upgrade vault-plugin-database-redis to v0.2.1
2023-05-25 17:25:18 +00:00
Raymond Ho e010999167
fix: upgrade vault-plugin-auth-cf to v0.15.0 (#20785) 2023-05-25 17:10:51 +00:00
Robert bd528daeef
database/elasticsearch: upgrade plugin version (#20767)
* Upgrade vault-plugin-database-elasticsearch to v0.13.2
2023-05-25 17:09:41 +00:00
vinay-gopalan ae2ebb1b1b
upgrade vault-plugin-auth-alicloud to v0.15.0 (#20758) 2023-05-25 09:56:48 -07:00
Raymond Ho 0d1ecfdc7d
fix: upgrade vault-plugin-secrets-terraform to v0.7.1 (#20748) 2023-05-25 16:47:08 +00:00
Robert 9c09bf1501
secrets/gcpkms: upgrade plugin version (#20784)
* Upgrade vault-plugin-secrets-gcpkms to v0.15.0
2023-05-25 16:39:00 +00:00
Christopher Swenson d0c364558c
fix: upgrade vault-plugin-database-couchbase to v0.9.2 (#20764) 2023-05-25 09:17:36 -07:00
Raymond Ho 8f83bee210
fix: upgrade vault-plugin-secrets-mongodbatlas to v0.10.0 (#20742) 2023-05-25 09:13:28 -07:00
Raymond Ho 400d47d93c
fix: upgrade vault-plugin-auth-centrify to v0.15.1 (#20745) 2023-05-25 09:13:11 -07:00
Max Coulombe 84b63ed833
Updated the azure secrets plugin (#20777)
* updated the azure secrets plugin
2023-05-25 11:27:33 -04:00
Daniel Huckins 958ccda6b1
agent: Add implementation for injecting secrets as environment variables to vault agent cmd (#20739)
* added exec and env_template config/parsing

* add tests

* we can reuse ctconfig here

* do not create a non-nil map

* check defaults

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* first go of exec server

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* convert to list

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* convert to list

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* sig test

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add failing example

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* refactor for config changes

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add test for invalid signal

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* account for auth token changes

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* only start the runner once we have a token

* tests in diff branch

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* fix rename

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* Update command/agent/exec/exec.go

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* apply suggestions from code review

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* cleanup

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove unnecessary lock

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* refactor to use enum

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* dont block

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* handle default

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* make more explicit

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* cleanup

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove unused

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove unused file

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove test app

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* apply suggestions from code review

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* update comment

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add changelog

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* new channel for exec server token

* wire to run with vault agent

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* watch for child process to exit on its own

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* block before returning

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

---------

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
2023-05-25 09:23:56 -04:00
Daniel Huckins 2343ff04f6
agent: Add implementation for injecting secrets as environment variables (#20628)
* added exec and env_template config/parsing

* add tests

* we can reuse ctconfig here

* do not create a non-nil map

* check defaults

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* first go of exec server

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* convert to list

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* convert to list

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* sig test

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add failing example

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* refactor for config changes

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add test for invalid signal

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* account for auth token changes

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* only start the runner once we have a token

* tests in diff branch

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* fix rename

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* Update command/agent/exec/exec.go

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* apply suggestions from code review

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* cleanup

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove unnecessary lock

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* refactor to use enum

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* dont block

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* handle default

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* make more explicit

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* cleanup

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove unused

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove unused file

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove test app

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* apply suggestions from code review

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* update comment

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add changelog

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* watch for child process to exit on its own

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

---------

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
2023-05-24 16:56:06 -04:00
Raymond Ho c921a74b56
fix: upgrade vault-plugin-secrets-openldap to v0.11.0 (#20753) 2023-05-24 13:45:24 -07:00
vinay-gopalan 1ef982849b
upgrade vault-plugin-secrets-ad to v0.16.0 (#20750) 2023-05-24 13:37:41 -07:00
Christopher Swenson 7956c382e6
fix: upgrade vault-plugin-database-redis-elasticache to v0.2.1 (#20751) 2023-05-24 20:15:53 +00:00
kpcraig 628c51516a
VAULT-12226: Add Static Roles to the AWS plugin (#20536)
Add static roles to the aws secrets engine

---------

Co-authored-by: maxcoulombe <max.coulombe@hashicorp.com>
Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-05-24 14:55:13 -04:00
John-Michael Faircloth a151ec76dd
fix: upgrade vault-plugin-auth-oci to v0.14.0 (#20743) 2023-05-24 13:00:49 -05:00
John-Michael Faircloth a123ca2b6a
fix: upgrade vault-plugin-secrets-kv to v0.15.0 (#20746) 2023-05-24 13:00:23 -05:00
Christopher Swenson d12604eff2
fix: upgrade vault-plugin-auth-gcp to v0.16.0 (#20725) 2023-05-23 11:24:33 -07:00
Márk Sági-Kazár 258b2ef740
Upgrade go-jose library to v3 (#20559)
* upgrade go-jose library to v3

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

* chore: fix unnecessary import alias

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

* upgrade go-jose library to v2 in vault

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

---------

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2023-05-23 12:25:58 +00:00
Daniel Huckins 2658dcf48d
agent: Add support for parsing env_template configuration files (#20598)
* added exec and env_template config/parsing

* add tests

* we can reuse ctconfig here

* do not create a non-nil map

* check defaults

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* convert to list

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* convert to list

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* sig test

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add failing example

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add test for invalid signal

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* Update command/agent/config/config.go

* use latest consul-template

* fix build

* fix test

* fix test fixtures

* make fmt

* test docs

* rename file

* env var -> environment variable

* default to SIGTERM

* empty line

* explicit naming

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* clean typo

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* replace $ HOME with /home/username in examples

* remove empty line

---------

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <anton.averchenkov@hashicorp.com>
2023-05-19 18:11:41 -04:00