* add vault versions that support official community plugins with extracted zip artifact
* fix capitalization
* remove repeated line about enterprise plugins requiring zip
* more capitalization and replace mentions of artifact with extracted .zip file
* cli: only set default command parameter to plugin name if sha256 is provided
* api: write warnings to RegisterPluginResponse, propagate up to cli
* api: filter out 'Endpoint replaced the value of these parameters' warning before returning in RegisterPluginWithContext
* docs
* add TODO on filtering that links to api type parameter deprecation ticket
* fix tests
* allocate filteredWarning slice only if there are warnings
* improve deferred resp close and early error return conditionals in RegisterPluginWithContext
* refer to sha256 as cli option -sha256 in command cli usage
* break up ui error lines for sha256 and version flag check
* consolidate if statements for sha256 and command, oci_image check in cli
* consolidate if statements for sha256 and command, oci_image check in api
* new RegisterPluginV2 and RegisterPluginWithContextV2 api client functions for backward compatibility
* add changelog
* more descriptive changelog
* rename RegisterPluginV2 to RegisterPluginDetailed and RegisterPluginWithContextV2 to RegisterPluginWithContextDetailed
* return nil, nil if no warnings to preserve status code
* fix eof from decoding (check if no content before decoding)
* doc for RegisterPluginResponse
* only validate plugin.Command in plugin catalog set for downloaded and binary plugins, which rely on plugin.Command input; extracted artifact plugins don't rely on plugin.Command input
* Update website/content/api-docs/system/plugins-catalog.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/api-docs/system/plugins-catalog.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/api-docs/system/plugins-catalog.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/docs/commands/plugin/register.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/docs/commands/plugin/register.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/docs/commands/plugin/register.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/docs/commands/plugin/register.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* move up enterprise note on plugin register command doc
* [DOCS] Editorial suggestions for PR #30811 (#31111)
* suggestions
* move common reqs to a partial
* fix typo
* tweak reqs
* Update website/content/partials/plugins/prepare-plugin.mdx
Co-authored-by: helenfufu <25168806+helenfufu@users.noreply.github.com>
* Update website/content/partials/plugins/prepare-plugin.mdx
Co-authored-by: helenfufu <25168806+helenfufu@users.noreply.github.com>
* Update website/content/partials/plugins/prepare-plugin.mdx
Co-authored-by: helenfufu <25168806+helenfufu@users.noreply.github.com>
* tweak feedback
* remove deprecation
* Update website/content/partials/plugins/common-requirements.mdx
Co-authored-by: helenfufu <25168806+helenfufu@users.noreply.github.com>
* save
* Update website/content/docs/plugins/rollback.mdx
Co-authored-by: helenfufu <25168806+helenfufu@users.noreply.github.com>
* Update website/content/docs/plugins/upgrade.mdx
Co-authored-by: helenfufu <25168806+helenfufu@users.noreply.github.com>
* fix formatting
---------
Co-authored-by: helenfufu <25168806+helenfufu@users.noreply.github.com>
---------
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Pulls in github.com/go-secure-stdlib/plugincontainer@v0.3.0 which exposes a new `Config.Rootless` option to opt in to extra container configuration options that allow establishing communication with a non-root plugin within a rootless container runtime.
* Adds a new "rootless" option for plugin runtimes, so Vault needs to be explicitly told whether the container runtime on the machine is rootless or not. It defaults to false as rootless installs are not the default.
* Updates `run_config.go` to use the new option when the plugin runtime is rootless.
* Adds new `-rootless` flag to `vault plugin runtime register`, and `rootless` API option to the register API.
* Adds rootless Docker installation to CI to support tests for the new functionality.
* Minor test refactor to minimise the number of test Vault cores that need to be made for the external plugin container tests.
* Documentation for the new rootless configuration and the new (reduced) set of restrictions for plugin containers.
* As well as adding rootless support, we've decided to drop explicit support for podman for now, but there's no barrier other than support burden to adding it back again in future so it will depend on demand.
* fix plugin reload mounts
* do not require sys/ prefix
* update plugin reload docs with examples
* fix unit test credential read path
* update docs to reflect correct cli usage
* allow sys/auth/foo or auth/foo
* append trailing slash if it doesn't exist in request
* add changelog
* use correct changelog number
