* Delete cluster.Start for NewTestCluster clusters, and deprecate and clean up cluster.Cleanup for NewTestCluster clusters (#14014)
* progress
* more progress
* missed cleanup
* fix mistakes
* cleanup
* fix docker cleanup
* various fixes
* further fixes
* further cleanup
* the cleanup will continue until morale improves
* two morE
* more fixes
* how did I miss that
* new test cleanup
* update
* cleanup, attempt small de-flake
* fix and extra cleanup
* some docker cleanup
* newlines
* some testwaitactives
* CE changes
---------
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
* Update config.go
* added validation and parsing
* tests
* move pki external config structs and validation into separate file
* update copywrite
* update configuration
* updates
* Moved tests to pki_external_config.go, comments, refactoring
* refactor
* add tests
* linter fix
* Consolidate to table tests
* consolidate to table tests
* remove APIVersion from PKIExternalCA
* added comments for explaining each struct
* Added ParsePKIExternalCA Test
* Update tests
* Added remaining constraints
* Added destination.template field
* changes
* Added validateListenerAddr
* refactor
* more comments
* changes
* Check for duplicates across blocks
* Make RSA bits a required field
* moved template to the top level
* added comment for test explanation
* move template to the top level
* Move pki config into pkiexternalca directory
* fix linting error
* move pkiconfig back into config folder
* fix failing unit tests
* added comments
* update to preserve order of templatePKIExternalCARefs
* Added comment descriptions for each struct member
* update to include warning
* bring in warning logger from upstream into the pki config parser
* Set default umask to 077
* added comments to each field in agent config
* execute tests in parallel
* combine tests into Validate
* Use assertion error func for tests
* assert error strings
* Removed warning for now
* removed normalization on values during validation
* added tests to ensure that user values are not overridden
* remove testparse
* Update command/agent/config/config.go
* change improvement to feature in changelog
* updated to add line number in error
* Added _ent suffix to files
* Implement CA manager for ACME-based workflows (#12827)
* Implement CA manager for ACME-based workflows
* refactor tests into table tests
* update with suggestions
* format
* fix challenge cleanup
* make fmt
* update with suggestions
* add _ent + build flags
* Add a runtime component for pkiexternalca (#12838)
* Implement CA manager for ACME-based workflows
* Add a runtime component for pkiexternalca
* make fmt
* refactor tests into table tests
* update with suggestions
* format
* fix challenge cleanup
* make fmt
* update with suggestions
* update with suggestions
* add _ent + build flags
* fix linters
* delete duplicate files
* fix changelog
* rename test files
* fix linter
* try to bypass false positive linter err
* fix
* Rename file
* fix linter
* fix linter
* remove go:build enterprise commends from _ent files
* update order statuses to use kebab case + fix scanner failures
* add missing order status
* Template Integration For pki_external_ca resources (#13069)
* Implement CA manager for ACME-based workflows
* Add a runtime component for pkiexternalca
* make fmt
* refactor tests into table tests
* update with suggestions
* initial commit
* fix test failure
* changes
* remove logger check
* remove redundant config by name check
* convert to table tests
* added comments
* updates
* Fix tests
* fix nil pointer issue
* move changes to _ent files
* remove ce duplicate files
* updates
* update template.go
* added changelog.txt
* create template_pem_ent_test.go
* added comment explanation
* update ca_manager_ent.go
* update changelog
* separate ce stubs into server_ce.go and common code into server.go
* Moved helper functions to bottom of test file. Added godocs.
* Make pkiExternalCA name required in template
* remove go:build enterprise commends from _ent files
* rename to template_pem_ent
* include ent tag in server_ent.go
* remove enterprise tag comment from server_ent.go
* create pki_external_config_ce.go
* update template_pem_ent_integration_test.go
* rename integration test
---------
---------
Co-authored-by: Jaired Jawed <jaired.jawed@hashicorp.com>
Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
Co-authored-by: Zlaticanin <60530402+Zlaticanin@users.noreply.github.com>
Co-authored-by: Milena Zlaticanin <Milena.Zlaticanin@ibm.com>
* license: update headers to IBM Corp.
* `make proto`
* update offset because source file changed
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
* Fix "t.Fatal from a non-test goroutine" errors in cache_test.go
- t.Fatal(f) should not be called within a Go routine based on it's documentation and only from the main test's thread.
- In 1.24 this seems to cause build failures
* Address all "non-constant format string errors" from go vet
- Within 1.24 these now cause test builds to fail
…" from go vet
* VAULT-28192 fix Agent and Proxy consuming large amounts of CPU for auto-auth self-healing
* Changelog
* Update changelog
* drain incoming if we get invalid token
---------
Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
* VAULT-25341 Address issue where having no permissions to renew caused Agent and Proxy auth to attempt to renew with no backoff
* Fiddle with go.mod changes that shouldn't have happened
* VAULT-25341 small cleanup and extra test
* VAULT-25341 backoff only in error case
* VAULT-25341 godocs
* VAULT-25342 changelog
* Update command/agent_test.go
Co-authored-by: divyaac <divya.chandrasekaran@hashicorp.com>
* VAULT-25341 rename file audit
---------
Co-authored-by: divyaac <divya.chandrasekaran@hashicorp.com>
We have many hand-written String() methods (and similar) for enums.
These require more maintenance and are more error-prone than using
automatically generated methods. In addition, the auto-generated
versions can be more efficient.
Here, we switch to using https://github.com/loggerhead/enumer, itself
a fork of https://github.com/diegostamigni/enumer, no longer maintained,
and a fork of the mostly standard tool
https://pkg.go.dev/golang.org/x/tools/cmd/stringer.
We use this fork of enumer for Go 1.20+ compatibility and because
we require the `-transform` flag to be able to generate
constants that match our current code base.
Some enums were not targeted for this change:
* Auto Auth Healing for Proxy
* Edited changelog
* Fix failing tests and small comment change
* Readded check because proxy cache is initialized with inmem sink
* add gosimport to make fmt and run it
* move installation to tools.sh
* correct weird spacing issue
* Update Makefile
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* fix a weird issue
---------
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
I have an upcoming PR for event notifications that needs similar
exponential backoff logic, and I prefer the API and logic in the
auto-auth exponential backoff rather than that of
github.com/cenkalti/backoff/v3.
This does have a small behavior change: the auto-auth min backoff
will now be randomly reduced by up to 25% on the first call. This is
a desirable property to avoid thundering herd problems, where a bunch
of agents won't all try have the same retry timeout.
* VAULT-19239 create disable static secret caching config
* VAULT-19239 missed file
* VAULT-19239 didn't finish a log line
* VAULT-19239 adjust test to use new option
* Fix typo
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
---------
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
