* Add release notes for 1.18
* Make corrections per feedback
* Update website/content/docs/release-notes/1.18.0.mdx
Co-authored-by: Jonathan Frappier <92055993+jonathanfrappier@users.noreply.github.com>
---------
Co-authored-by: Jonathan Frappier <92055993+jonathanfrappier@users.noreply.github.com>
* Update azure.mdx
Update Azure secrets engine docs to use AZURE_SDK_GO_LOGGING for Azure debug
* Update azure.mdx
Update Azure Auth engine docs to use AZURE_SDK_GO_LOGGING for Azure debug
* Add a missing parameter
* Update website/content/docs/configuration/replication.mdx
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* Fix the cross referencing link
---------
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* use alias for router injection
* update @router declarations in engine files
* fix remaining pki router imports
* dynamically set router based on owner
* address replication routers
* update markdown docs
* use non-deprecated import for getOwner
* revert out of scope changes
* add transition-to test
* VAULT-31402: Add verification for all container images
Add verification for all container images that are generated as part of
the build. Before this change we only ever tested a limited subset of
"default" containers based on Alpine Linux that we publish via the
Docker hub and AWS ECR.
Now we support testing all Alpine and UBI based container images. We
also verify the repository and tag information embedded in each by
deploying them and verifying the repo and tag metadata match our
expectations.
This does change the k8s scenario interface quite a bit. We now take in
an archive image and set image/repo/tag information based on the
scenario variants.
To enable this I also needed to add `tar` to the UBI base image. It was
already available in the Alpine image and is used to copy utilities to
the image when deploying and configuring the cluster via Enos.
Since some images contain multiple tags we also add samples for each
image and randomly select which variant to test on a given PR.
Signed-off-by: Ryan Cragun <me@ryan.ec>
* include user-agent header in audit by default
* add user-agent audit tests
* update audit default headers docs
* add changelog entry
* remove temp changes from TestAuditedHeadersConfig_ApplyConfig
* more TestAuditedHeadersConfig_ApplyConfig fixes
* add some test comments
* verify type assertions in TestAudit_Headers
* more type assertion checks
* Set region parameter to be used for STS only on AWS secrets engine
* Add changelog
* Fix formatting
* region fix when not setting iam_endpoint or sts_endpoint
* Add 'sts_region' parameter for AWS secrets engine.
* Update TestBackend_PathConfigRoot for aws secrets
* Update changelog entry
---------
Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
* fix promise issues on transformation-edit
* fix one test and the transition problem
* cannot call capabilities service directly inside template because its an unresolved promise
* address transit capabilities issues
* remove deprecations line for promise-proxies
* handle hot mess of delete permissions and such
* blah
* update flash message language. It will now show a flash message for each role whose transformationw as not removed.
* small wording change
* one small change to the default flash message
* Update ui/app/components/transformation-edit.js
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update ui/app/components/transformation-edit.js
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update ui/app/components/transformation-edit.js
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* fix policy flow
* fix linting and can't define let outside if block
* fix flashmessage things
* make show and edit use same param
---------
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Log when the seal is unavailable as error
* changelog
* Update changelog/28564.txt
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
---------
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* add warning for when MAP_POPULATE mmap flag not set
* Make mmap flags method handle any flags, where MAP_POPULATE is just one of them
* Only have the log print out on restores
* Add test, make logic more consistent
* Add changelog
* Add godoc for test
* Make test less dangerous
- If we encounter a deadlock/long running test it is better to have go
test timeout. As we've noticed if we hit the GitHub step timeout, we
lose all information about what was running at the time of the timeout
making things harder to diagnose.
- Having the timeout through go test itself on a long running test it
outputs what test was running along with a full panic output within
the logs which is quite useful to diagnose
Move the call to SetStoredKeys to the end of the initialization process. On
Vault Enterprise, this minimizes the chances that the initial seal re-wrap fails
when a node other than the one performing initialization becomes the active one.
- I have a suspicion the for loop with the timer can be infinite loops
in certain circumstances. Instead leverage the normal test helpers
for fetching tidy status
* add auth-config/oidc to openapi model helper
* alphabetize
* update maskedinput selector to be standard data-test-input
* add test
* add changelog
* fix maskedinput test and kv selector
* final textarea selector!
* Track the last PKI auto-tidy time ran for use across nodes
- If the interval time for auto-tidy is longer then say a regularly
scheduled restart of Vault, auto-tidy is never run. This is due to
the time of the last run of tidy is only kept in memory and
initialized on startup to the current time
- Store the last run of any tidy, to maintain previous behavior, to
a cluster local file, which is read in/initialized upon a mount
initialization.
* Add auto-tidy configuration fields for backing off at startup
* Add new auto-tidy fields to UI
* Update api docs for auto-tidy
* Add cl
* Update field description text
* Apply Claire's suggestions from code review
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Implementing PR feedback from the UI team
* remove explicit defaults and types so we retrieve from backend, decouple enabling auto tidy from duration, move params to auto settings section
---------
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: claire bontempo <cbontempo@hashicorp.com>
* Add helper combineOpenApiAttrs + test
* hydrateModel working with upgradeModelSchema
* new registerNewModelWithAttrs method for generated models
* Add newFields to generated models
* copyright
* Glimmerize path-help service
* update generated-item-list adapter and path-help usage of it
* remove unused methods combineAttributes and combineFields
* move expandOpenApiProps to ts helper file
* fix auth test
* fix bug where adding user to second userpass mount saves to first mount
* Add mutableId
* fix ent test
* remove addressed deprecation
* Address PR comments
* [VAULT-31208] remove deprecation early-static from decorator tests
* rename validators util into model-helpers folder
* move kmip-role-fields to model-helpers
* fill out docs
* Move database-helpers into model-helpers
* broom
