* CI: Pre-emptively delete logs dir after cache restore in test-collect-reports (#23600)
* Fix OktaNumberChallenge (#23565)
* remove arg
* changelog
* exclude changelog in verifying doc/ui PRs (#23601)
* Audit: eventlogger sink node reopen on SIGHUP (#23598)
* ensure nodes are asked to reload audit files on SIGHUP
* added changelog
* Capture errors emitted from all nodes during proccessing of audit pipelines (#23582)
* Update security-scan.yml
* Listeners: Redaction only for TCP (#23592)
* redaction should only work for TCP listeners, also fix bug that allowed custom response headers for unix listeners
* fix failing test
* updates from PR feedback
* fix panic when unlocking unlocked user (#23611)
* VAULT-18307: update rotation period for aws static roles on update (#23528)
* add disable_replication_status_endpoints tcp listener config parameter
* add wrapping handler for disabled replication status endpoints setting
* adapt disable_replication_status_endpoints configuration parsing code to refactored parsing code
* refactor configuration parsing code to facilitate testing
* fix a panic when parsing configuration
* update refactored configuration parsing code
* fix merge corruption
* add changelog file
* document new TCP listener configuration parameter
* make sure disable_replication_status_endpoints only has effect on TCP listeners
* use active voice for explanation of disable_replication_status_endpoints
* fix minor merge issue
---------
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
Co-authored-by: Hamid Ghaf <83242695+hghaf099@users.noreply.github.com>
Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
Co-authored-by: Mark Collao <106274486+mcollao-hc@users.noreply.github.com>
Co-authored-by: davidadeleon <56207066+davidadeleon@users.noreply.github.com>
Co-authored-by: kpcraig <3031348+kpcraig@users.noreply.github.com>
* wip
* Initial draft of Seal HA docs
* nav data
* Fix env var name
* title
* Note partially wrapped values and disabled seal participation
* Update website/data/docs-nav-data.json
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* correct initial upgrade limitation
* Add note about shamir seals and migration
* fix nav json
* snapshot note
* availability note
* seal-backend-status
* Add a couple more clarifying statements
* header typo
* correct initial upgrade wording
* Update website/content/docs/configuration/seal/seal-ha.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Update website/content/docs/concepts/seal.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
---------
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Add note to outline correspondence with Consul config
Calling out corresponding parameter for Vault's integrated storage `max_entry_size` with Consul's `kv_max_value_size`.
* Update website/content/docs/configuration/storage/raft.mdx
---------
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
* Chroot Listener Docs
* Update website/content/docs/configuration/listener/tcp.mdx
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* Update website/content/docs/configuration/listener/tcp.mdx
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Update website/content/docs/configuration/listener/tcp.mdx
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Added a statement on what happens when namespace does not exist
* Information on what will happen if a namespace is provided through the CLI or the header
* Changed from specified value to default value
* Edit typo
* Edited docs with clarification on appending
* Edited docs
* Update website/content/docs/configuration/listener/tcp.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
---------
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* best-practice: prom format by header
* move config related doc closer to config example
---------
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
* updated the clarification note for performance_multiplier
* Put some original text related to performance_multiplier back.
* Update website/content/docs/configuration/storage/raft.mdx
Force committing TW suggestions as PR appears abandoned
* Update website/content/docs/configuration/storage/raft.mdx
Force committing TW suggestions as PR appears abandoned
---------
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* When support for service tags was added, the only way we had to parse
and dedup a list of strings also forced them to be lowercase. Now there's
another helper func that doesn't smash the case so use that instead.
* update Consul 'service_tag' documentation to include case sensitivity
* added upgrade guide for 1.15
* test for service tags
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
* Update service_registration if use Vault HA
* Update protocol
* Minor updates for style consistency
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* add core state lockd eadlock detection config option v2
* add changelog
* split out NewTestCluster function to maintain build flag
* replace long func with constant
* remove line
* rename file, and move where detect deadlock flag is set
* Work to unify log-file for agent/server and add rotation
* Updates to rotation code, tried to centralise the log config setup
* logging + tests
* Move LogFile to ShareConfig in test
* Docs
* add compatibility info to consul service reg docs
* fix alert formatting
* add consul dataplane compatibility partial
* add compat partial to more consul doc pages
* fix links
