* IBM License key integration: config file changes (#11509)
* adding config changes for ibm license entitlement
* added ibm licensing_ent_test
* adding newlicensing test
* fix TestLicenseEntitlementConfig test
* Update vault/core_util_ent.go
Co-authored-by: Jenny Deng <jenny.deng@hashicorp.com>
* Update vault/licensing_ent.go
Co-authored-by: Jenny Deng <jenny.deng@hashicorp.com>
* fixing name GenerateHashicorpTestLicenseConfig
* remove local vscode settings
* add a func to create entitlements and a sample ibm license
---------
Co-authored-by: Jenny Deng <jenny.deng@hashicorp.com>
* go mod tidy
* adding issueroptions to ce
---------
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
Co-authored-by: Jenny Deng <jenny.deng@hashicorp.com>
Co-authored-by: akshya96 <araghavan@hashicorp.com>
This change does a few things that might not be obvious:
- We stop requesting the previous runner image. This will result in us
using Docker 29 instead of 28. With this comes changes in our
container build system, most notably that container images are now
exported as OCI images. Every container runtime that we support also
supports OCI images so this ought to have no meaningful impact to
downstream users. One noticeable change is that the image layers are
now compressed so the final image size on disk will be considerably
smaller than before.
- Upgrade `hashicorp/action-setup-enos` to the latest version. This is not
strictly required for this change but as we just released a new version of
the CLI it makes sense to update it here. We should also note that recently
we released a new version of `terraform-provider-enos` which contains
necessary for this change as our docker and kind resources needed to be
updated handle OCI and Docker exported images. Previously they relied on
files that existed only in Docker images.
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
* refactor dependencies and removes disallowed vault imports from builtin Okta auth (#10965)
* move SkipUnlessEnvVarsSet from vault/helper/testhelpers/ to vault/sdk/helper/testhelpers
* use unittest framework from vault-testing-stepwise module in place of sdk/logical
* refactor SkipUnlessEnvVarsSet() and NewAssertAuthPoliciesFunc() to sdk
* bump docker API version to 1.44 matching 2f33549
---------
Co-authored-by: Thy Ton <maithytonn@gmail.com>
Update dependencies to match those introduced into enterprise via the vault-plugin-secrets-azure@v0.25.0+ent bump. We also synchronize a few other dependencies that had drifted.
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
* VAULT-40931: update jose2go to v1.7.0 (#10834)
* VAULT-40931: update jose2go to v1.7.0
Bump jose2go dependency to resolve https://github.com/advisories/GHSA-9mj6-hxhv-w67j
This is a transitive dep for the Snowflake database engine. This
temporarily bumps it now until the upstream dep changes are merged and
we bump the engine pins on this side.
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
When a pull request is created against a CE branch and it has changed any files in the `gotoolchain` group we'll automatically trigger the diff for every Go module file in the repo against the equivalent in the corresponding enterprise branch. If there's a delta in like configuration it will automatically fail the `build/ce-checks` job. It will also write a complete explanation of the diff to the step output and also to the `build/ce-checks` job step summary.
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
* Add PR secondary support for login MFA TOTP self-enrollment workflow (#9616)
* [VAULT-38058] Add missing error return statement in possiblyForwardPendingLoginMFASecretWrite (#9840)
* [VAULT-38058] Add missing error return statement in possiblyForwardPendingLoginMFASecretWrite
* Add a changelog entry
* Update vault/login_mfa.go
Co-authored-by: Mike Palmiotto <mike.palmiotto@hashicorp.com>
* Update vault/login_mfa.go
* Update vault/login_mfa.go
* Fix the linter
---------
Co-authored-by: Mike Palmiotto <mike.palmiotto@hashicorp.com>
* [VAULT-39647] Add a CE version of possiblyForwardPendingLoginMFASecretWrite function (#9912)
* Delete ENT files
* go mod tidy
Signed-off-by: Ryan Cragun <me@ryan.ec>
---------
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
Co-authored-by: Mike Palmiotto <mike.palmiotto@hashicorp.com>
Co-authored-by: Ryan Cragun <me@ryan.ec>
* Update github.com/ulikunitz/xz to v0.5.15 resolve GHSA-jc7w-c686-c4v9
* Update go-getter to v1.7.10 to resolve GHSA-jc7w-c686-c4v9
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
* [VAULT-38910]upgrade docker package to resolve GO-2025-3829 (#8642)
* bump github.com/hashicorp/go-secure-stdlib/plugincontainer to v0.4.2
* bump github.com/docker/docker to v28.3.3+incompatible
Signed-off-by: Ryan Cragun <me@ryan.ec>
* go mod tidy
Signed-off-by: Ryan Cragun <me@ryan.ec>
---------
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
* bump go-getter to 1.7.9 (#8899)
* bump go-getter to 1.7.9
* add changelog
* go mod tidy
Signed-off-by: Ryan Cragun <me@ryan.ec>
---------
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Josh Black <raskchanky@gmail.com>
Co-authored-by: Ryan Cragun <me@ryan.ec>
