* VAULT-44326 only poll currentmonth and intial load
* VAULT-44370 API always returns the value now, so we can remove this logic
* Fix tests..
* Add logic back in
Co-authored-by: Kianna <30884335+kiannaquach@users.noreply.github.com>
* Initial implementation of PKCS11 managed key support for SCEP
* Add test using managed keys for SCEP
* Tweak docs and make pkcs7 decrypter tests after initial direct key tests
* Add cl
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Fix secrets -> secrets-engines redirect
* Add changelog..
* Add tests and another route for path
* Fix test name
* Ensure we delete the engine
Co-authored-by: Kianna <30884335+kiannaquach@users.noreply.github.com>
* cleanup from clients migrations
* updates oidc provider list views to use api client
* updates oidc provider details view to use api service
* adds oidc provider form class
* updates oidc provider create and edit routes to use api service and form
* updates oidc provider-form component to support form class
* updates oidc acceptance tests
* updates oidc provider delete to use api service
* test fixes
* updates search-select fallback to check if fallback component is defined
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
* VAULT-44412: upgrade github.com/Azure/go-ntlmssp to resolve GHSA-pjcq-xvwq-hhpj
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
* Allow nodes to join a cluster with a multi-seal configuration (#14271)
* Move SealGenerationInfo validation logic to its own file.
Refactor methog SealGenerationInfo.Validate into function
ValidateSealGeneration.
* Refactor SealGeneationInfo.Validate to func ValidateMultiSealGenerationInfo.
* Allow nodes to join a cluster with a multi-seal configuration.
Relax the multi-seal restriction when setting the Vault seal: allow an initial
multi-seal configuration if there is no stored seal generation information.
Validate multi-seal configuration at initialization time, but do not allow for
an initial multi-seal configuration at this time.
* Add unit tests.
* Run make fmt. Add copyright header.
* Add changelog entry.
* Add godoc comments to unit tests.
* Add seal generation validation stub files.
---------
Co-authored-by: Victor Rodriguez Rizo <vrizo@hashicorp.com>
- Migrate undo logs verification from shell script to Go blackbox test
- Add session_metrics.go and session_remote.go helpers to blackbox SDK
- Create undo_logs_test.go in vault/external_tests/blackbox/verify package
- Update autopilot scenario to use vault_run_blackbox_test module
- Remove deprecated vault_verify_undo_logs module
- Update vault_run_blackbox_test module to support test environment variables
This change improves test maintainability and consistency by using the
standardized blackbox testing framework instead of custom shell scripts.
Co-authored-by: brewgator <12831681+brewgator@users.noreply.github.com>
* changing cloning to a bool
* fixing linting and bad error return
* adding changelog
* moving tests in to external tests, adding helper
Co-authored-by: JMGoldsmith <spartanaudio@gmail.com>
* updating matrix workflow format for easier visualization
* adding test to create and delete Vault AWS Roles
* refactoring functions
* testing pipeline
* testing pipeline
* testing pipeline
* testing pipeline
* finishing up role deletion test
* finishing up role deletion test
Co-authored-by: Tin Vo <tintvo08@gmail.com>
* updates oidc clients list view to use api service
* updates oidc client and client details routes to use api service
* updates form field groups component to yield out form field yields
* adds oidc client form class
* updates oidc client client and edit routes to use api service
* updates oidc client-form component to use form class and removes store/model support
* updates oidc provider client route to use api service
* updates oidc key clients route to use api service
* fixes tests
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
* fix: add timeout context around UpdateUser to prevent static role rotation hang (#13697)
* fix: add timeout context around UpdateUser to prevent static role rotation hang
* changelog: add entry for static role rotation timeout fix
* fix: rename changelog file to match expected format
* fix: update changelog format to release-note style
* Bound database Initialize to prevent static rotation stalls
* add missing go doc
* pr comments: close changelog block, distinguish parent context cancellation from UpdateUser timeout
* changelog: include Initialize timeout handling
* async Close on init cancel/timeout, add test, and set PluginName in test config
* add UpdateUser timeout test coverage for static role rotation
* go doc comments fix
* Apply suggestions from code review
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* welp copilot prompt was out of date and I shouldn't have accepted it.
---------
Co-authored-by: Angel Garbarino <argarbarino@gmail.com>
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* fix(database): remove async UpdateUser timeout and use synchronous context to avoid race conditions
* fix(backport): restore async UpdateUser timeout behavior
---------
Co-authored-by: arslan23-push <arslan.muhammad@ibm.com>
Co-authored-by: Angel Garbarino <argarbarino@gmail.com>
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
