* add a new method to identify whether KMIP is enabled
* add a new prefix for the new metric
* add new methods to store and update the metric
* update the kmip usage in billing
* move the method to ent file since kmip is ent only feature
* add unit tests at the core metrics level
* add new unit tests to test the billing methods for the new metric
* add persistence to test cases
* add external tests for primary and secondary
* account for DR secondaries, add clarifying comments, fix tests
* fmt
* move call of update into update local hwm metric method
* feedback: simplify update method by removing operation to get stored value
* feedback: optimize kmip usage detection by adding atomic tracker to detect usage once kmip mount is enabled
* fmt
* feedback: remove check on DR secondary inside update method but leave it at Get method for now
* feedback: change kmip prefix to a more flexible structure with sub item
* feedback: rename atomic tracker for kmip usage
* feedback: simplify the kmip identifier method
* revert back on kmip path prefix changes
* feedback: move the atomic bool into consumption billing struct
* feedback: remove DR check in Get method since dr needs to have billing data replicated
* add another external test to test local mount detection in perf secondary
* add a no-op oss stub for kmip enabled method
Co-authored-by: Amir Aslamov <amir.aslamov@hashicorp.com>
* PKI: Address failures with SCEP handlers on standby nodes
* add cl
* Add extra safety to protect against nil panics
* PR feedback
* PR feedback 2
* Ignore DR states
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* VAULT-41682 - update header to add title tag and centre align with icon
* Fixed linting error
Co-authored-by: mohit-hashicorp <mohit.ojha@hashicorp.com>
- Resolves CVE-2025-61732
- Fixes an issue in `crypto/x509` with certificate validation with
single-label DNS name constraints.
- Fixes an issue in `crypto/tls` where certificate chaings were not
reverified during resumption.
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
* WIP secrets sidebar
* Remove unwanted text and put some things back..
* Add secrets templates for sidebar
* Fix tests
* Update more Secrets navlinks
* Add copywrite headers
* Creates secrets.hbs so its the parent route
* Update secrets comment
* Update component name
* Update sidebar to use helper
* Secrets sync breadcrumbs
* Address feedback~
* Use enum and add helper test
* Fix links!
Co-authored-by: Kianna <30884335+kiannaquach@users.noreply.github.com>
* Add the ability to specify extra audit only fields from a plugin
* Add extra auditing fields within the PKI OCSP handler
* Add missing copywrite headers
* Format OCSP dates when non-zero, otherwise specify not set to be clear
* Feedback 2: Only set time fields if not zero instead of non-parsable string
* Serialize JSON fields in SDK response struct
* Perform renames based on RFC feedback
* Resolve OpenAPI test failure
* add cl
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Vault 42177 Add Backend Field (#12092)
* add a new struct for the total number of successful requests for transit and transform
* implement tracking for encrypt path
* implement tracking in encrypt path
* add tracking in rewrap
* add tracking to datakey path
* add tracking to hmac path
* add tracking to sign path
* add tracking to verify path
* unit tests for verify path
* add tracking to cmac path
* reset the global counter in each unit test
* add tracking to hmac verify
* add methods to retrieve and flush transit count
* modify the methods that store and update data protection call counts
* update the methods
* add a helper method to combine replicated and local data call counts
* add tracking to the endpoint
* fix some formatting errors
* add unit tests to path encrypt for tracking
* add unit tests to decrypt path
* fix linter error
* add unit tests to test update and store methods for data protection calls
* stub fix: do not create separate files
* fix the tracking by coordinating replicated and local data, add unit tests
* update all reference to the new data struct
* revert to previous design with just one global counter for all calls for each cluster
* complete external test
* no need to check if current count is greater than 0, remove it
* feedback: remove unnacassary comments about atomic addition, standardize comments
* leave jira id on todo comment, remove unused method
* rename mathods by removing HWM and max in names, update jira id in todo comment, update response field key name
* feedback: remove explicit counter in cmac tests, instead put in the expected number
* feedback: remove explicit tracking in the rest of the tests
* feedback: separate transit testing into its own external test
* Update vault/consumption_billing_util_test.go
Co-authored-by: divyaac <divya.chandrasekaran@hashicorp.com>
* update comment after test name change
* fix comments
* fix comments in test
* another comment fix
* feedback: remove incorrect comment
* fix a CE test
* fix the update method: instead of storing max, increment by the current count value
* update the unit test, remove local prefix as argument to the methods since we store only to non-replicated paths
* update the external test
* Adds a field to backend to track billing data
removed file
* Changed implementation to use a map instead
* Some more comments
* Add more implementation
* Edited grpc server backend
* Refactored a bit
* Fix one more test
* Modified map:
* Revert "Modified map:"
This reverts commit 1730fe1f358b210e6abae43fbdca09e585aaaaa8.
* Removed some other things
* Edited consumption billing files a bit
* Testing function
* Fix transit stuff and make sure tests pass
* Changes
* More changes
* More changes
* Edited external test
* Edited some more tests
* Edited and fixed tests
* One more fix
* Fix some more tests
* Moved some testing structures around and added error checking
* Fixed some nits
* Update builtin/logical/transit/path_sign_verify.go
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* Edited some errors
* Fixed error logs
* Edited one more thing
* Decorate the error
* Update vault/consumption_billing.go
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
---------
Co-authored-by: Amir Aslamov <amir.aslamov@hashicorp.com>
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* Edited stub function
---------
Co-authored-by: divyaac <divya.chandrasekaran@hashicorp.com>
Co-authored-by: Amir Aslamov <amir.aslamov@hashicorp.com>
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: divyaac <divyaac@berkeley.edu>
Update to the latest actions. The primary motivation here is to get the
latest action-setup-enos.
- actions/cache => v5.0.3: security patches
- actions/checkout => v6.0.2: small fixes to git user-agent and tag
fetching
- hashicorp/action-setup-enos => v1.50: security patches
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
* In the random APIs, add a 'prng' param that causes a DRBG seeded from the selected source(s) to be the source of the returned bytes
* fixes, unit test next
* unit tests
* changelog
* memory ramifications
* switch to using a string called drbg
* Update helper/random/random_api.go
* wrong changelog
---------
Co-authored-by: Scott Miller <smiller@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* updates flags service to use api service
* converts clients index route to ts
* updates clients config workflows to use api service
* updates clients date-range component to handle Date objects rather than ISO strings
* updates clients page-header component to handle Date objects and use api and capabilities services
* updates clients route to use api and capabilities services
* updates types in client-counts helpers
* updates client counts route to use api service
* updates types for client-counts serializers
* updates date handling in client counts page component
* updates clients overview page component
* converts clients page-header component to ts
* fixes type errors in clients page-header component
* updates client counts tests
* updates client-count-card component to use api service
* converts client-count-card component to ts
* removes model-form-fields test that uses clients/config model
* removes clients/version-history model usage from client-counts helpers tests
* removes migrated models from adapter and model registries
* removes clients ember data models, adapters and serializers
* updates clients date-range component to format dates in time zone
* cleans up references to activityError in client counts route
* adds clients/activity mirage model
* updates activation flags assertions in sync overview tests
* fixes issue selecting current period in clients date-range component and adds test
* fixes issues with enabled state for client counts
* updates parseAPITimestamp to handle date object formatting
* removes unnecesarry type casting for format return in parseAPITimestamp util
* updates parseAPITimestamp to use formatInTimeZone for strings
* updates parseAPITimestamp comment
* updates enabled value in clients config component to boolean
* adds date-fns-tz to core addon
* removes parseISO from date-formatters util in favor of new Date
* updates comments for client counts
* updates retention months validation for client counts config
* updates comment and min retention months default for client counts config
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
* adding ibm tests for ent files
* changing isHashicorpLicense to isIBMLicense and moving DiagnoseCheckLicenseGeneration to core_util_common.go
* reverting non-license related tests
* removing hashicorp license test
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
* add a new struct for the total number of successful requests for transit and transform
* implement tracking for encrypt path
* implement tracking in encrypt path
* add tracking in rewrap
* add tracking to datakey path
* add tracking to hmac path
* add tracking to sign path
* add tracking to verify path
* unit tests for verify path
* add tracking to cmac path
* reset the global counter in each unit test
* add tracking to hmac verify
* add methods to retrieve and flush transit count
* modify the methods that store and update data protection call counts
* update the methods
* add a helper method to combine replicated and local data call counts
* add tracking to the endpoint
* fix some formatting errors
* add unit tests to path encrypt for tracking
* add unit tests to decrypt path
* fix linter error
* add unit tests to test update and store methods for data protection calls
* stub fix: do not create separate files
* fix the tracking by coordinating replicated and local data, add unit tests
* update all reference to the new data struct
* revert to previous design with just one global counter for all calls for each cluster
* complete external test
* no need to check if current count is greater than 0, remove it
* feedback: remove unnacassary comments about atomic addition, standardize comments
* leave jira id on todo comment, remove unused method
* rename mathods by removing HWM and max in names, update jira id in todo comment, update response field key name
* feedback: remove explicit counter in cmac tests, instead put in the expected number
* feedback: remove explicit tracking in the rest of the tests
* feedback: separate transit testing into its own external test
* Update vault/consumption_billing_util_test.go
* update comment after test name change
* fix comments
* fix comments in test
* another comment fix
* feedback: remove incorrect comment
* fix a CE test
* fix the update method: instead of storing max, increment by the current count value
* update the unit test, remove local prefix as argument to the methods since we store only to non-replicated paths
* update the external test
* fix a bug: reset the counter everyime we update the stored counter value to prevent double-counting
* update one of the tests
* update external test
---------
Co-authored-by: Amir Aslamov <amir.aslamov@hashicorp.com>
Co-authored-by: divyaac <divya.chandrasekaran@hashicorp.com>
* update namespace empty state
add in refresh button to empty state and update tests
update button design
* update copy
* update when exit button is shown
* update css class
* revert state changes
Co-authored-by: lane-wetmore <lane.wetmore@hashicorp.com>
- actions/checkout -> v6.0.2: some minor changes around setting the
ACTIONS_ORCHESTRATION_ID and some fixes to `fetch-tags`.
- actions/setup-python -> v6.2.0: Node 24 compat
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
