mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-12-25 03:11:40 +01:00
Code Issues Projects Releases Wiki Activity
20,484 Commits 2,850 Branches 460 Tags
Commit Graph

20484 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
divyaac
52ba156d47
Fix protoc issue (#28928) 2024-11-15 19:33:48 +00:00
divyaac
e21dfa6b1c
Store global clients at separate storage paths (#28926) 2024-11-15 19:15:41 +00:00
Violet Hynes
4cabe08c10
Smoke Benchmarks for Continuous Benchmarking (#28744) 
* Benchmark

* introduce performance regression

* Whoops wrong branch

* Push tests

* Update vault/bench/smoke_bench_test.go

Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>

* Update vault/bench/smoke_bench_test.go

Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>

* Update vault/bench/smoke_bench_test.go

Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>

---------

Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
 2024-11-15 13:53:17 -05:00
Michael Blaum
b0e00a3f13
update versions (#28890) 2024-11-15 13:51:41 -05:00
Steven Clark
c3d5c1b3ec
Update to Go 1.23.3 (#28920) 
* Update to Go 1.23.3

 - Update to latest major version of Go 1.23.3 from 1.22.8.
 - Update github.com/sasha-s/go-deadlock to address deadlock timer
   issue we were seeing.
 - Fix one of our tests to only reset the member variable we change
   instead of the entire Opts parameter to avoid a data race during
   testing.

* Add workaround for MSSQL TLS certificate container issue
 2024-11-15 13:32:09 -05:00
Yoko Hyakuna
dc40b23d9a
[Docs] Move the tutorial content to the docs (#28894) 
* Move the tutorial content to the docs

* Split the usage doc from the overview

* Change 'Key Management' to 'key management' where appropriate
 2024-11-15 09:05:30 -08:00
Violet Hynes
4478a6aa14
Keep wording consistent on main (#28922) 2024-11-15 12:00:57 -05:00
Steven Clark
95a16dbafe
PKI: Add a new leaf_not_after_behavior value to force erroring in all circumstances (#28907) 
* PKI: Add a new leaf_not_after_behavior value to force erroring in all circumstances

 - We introduce a new value called `always_enforce_err` for the existing
   leaf_not_after_behavior on a PKI issuer. The new value will force we
   error out all requests that have a TTL beyond the issuer's NotAfter value.

 - This will apply to leaf certificates issued through the API as did err,
   but now to CA issuance and ACME requests for which we previously changed
   the err configuration to truncate.

* Add cl

* Update UI test

* Fix changelog type
 2024-11-15 11:59:54 -05:00
Violet Hynes
e309098d1a
VAULT-32201 release notes for product usage reporting (#28904) 
* VAULT-32201 release notes for product usage reporting

* Add note about default report months

* Better release notes
 2024-11-14 14:27:38 -05:00
Brian Shumate
bb5ce48eac
Docs: update move commands (#28900) 
- Add a namespace example for secrets move
- Add a namespace example for auth method move
- Add post-move considerations for both
 2024-11-14 10:51:35 -05:00
Kuba Wieczorek
d211f47d9e
[VAULT-31754] Check removed status in sys/unseal and error out if the node has been removed from the cluster (#28909) 2024-11-14 13:23:30 +00:00
VAL
4536681edf
Clarify backport instructions further (#28908) 2024-11-13 21:59:47 +00:00
Jonathan Frappier
1a43ff6755
Remove deprecated tutorial links (#28905) 2024-11-13 15:26:38 -05:00
Steven Clark
0adf2664b6
secrets/ssh: Return the allow_empty_principals field in read api (#28901) 
* secrets/ssh: Return the allow_empty_principals field in read api

 - Return the new field in the read response api and add a test case
   that will catch these errors in the future of adding a field to
   the ssh role and not returning it in the read api response

* Add cl
 2024-11-13 12:49:51 -05:00
Steven Clark
1196b8eda8
Add notes within the documentation about the generate_key flag (#28898) 2024-11-13 11:35:29 -05:00
Amir Aslamov
bf132719cf
VAULT-32330: fix sanitize path function to account for backslashes (#28878) 
* expand the leading prefix check to check for double forward and back slashes

* improve the logic to be more concise

* add unit tests

* add a changelog

* make it a bug type

* feedback: reconstruct the check to explicitly check for backslash as well as slash followed by backslash
 2024-11-13 10:56:55 -05:00
Brian Shumate
6b97d822ef
Docs: remove link to deprecated tutorial (#28889) 
The rekey and rotate tutorial is being deprecated, so this link
pointing to it needs to be removed.
 2024-11-12 13:53:28 -05:00
Brian Shumate
afdf42b0b6
Docs: Update rotate encryption key command doc (#28888) 
- Add command examples from the tutorial

- Update for linting
 2024-11-12 13:53:20 -05:00
Robert
721a603491
Add quickdev Make target (#28882) 2024-11-12 11:38:59 -06:00
Jonathan Frappier
47eeeb7996
Add steps from IBM Db2 tutorial (#28879) 2024-11-12 09:39:49 -05:00
Gabriele Olla
ea3002fd30
Add iam:GetUser action for IAM Policy to AWS docs (#28788) 
* add iam:GetUser action on split policy

Signed-off-by: Olla Gabriele <gabriele.olla@prima.it>
 2024-11-12 09:28:33 -05:00
Violet Hynes
aa09d0cec5
Product usage reporting docs (#28858) 
* First draft of product usage reporting docs

* Table data, fix issues

* Changelog
 2024-11-12 09:15:52 -05:00
Steven Clark
8403f00caa
Add 1.19.x upgrade note around Transit API change for Ed25519ph signatures (#28847) 2024-11-12 09:06:38 -05:00
Mike Palmiotto
d77ddc41b5
Move helper funcs out of tests to fix build errors (#28877) 
* Move helper funcs out of tests to fix build errors

* Rename identiy->identity
 2024-11-11 17:05:28 -05:00
Paul Banks
1aa9a7a138
Make identity store loading and alias merging deterministic (#28867) 
* Make identity store loading and alias merging deterministic

* Add CHANGELOG

* Refactor our Ent-only logic from determinism test

* Use stub-maker

* Add test godoc
 2024-11-11 15:53:16 +00:00
Kajeepan Kandeepan
c09ca8c124
[Docs] update reference consul-helm url to consul-k8s (#28825) 
* chore: update reference consul-helm url to consul-k8s

* docs: add changelog

---------

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
 2024-11-08 16:24:13 -08:00
Theron Voran
3f6cf98055
Docs update for vault-helm v0.29.0 and vault-k8s v1.5.0 releases (#28851) 2024-11-08 23:50:45 +00:00
Angel Garbarino
c7ca295816
Solve cntrl+f issue on KVv2 JSON details and edit views (#28808) 
* initial changes need to add test coverage

* change icon

* replace original idea with hds::codeblock on kvv2 details view

* changelog

* fixing edit view by addressing viewportMargin

* fix failing test

* missedone

* Update 28808.txt

* Update json-editor.js

* test coverage

* update codeblock selector

* Update general-selectors.ts

* Update kv-data-fields.js

* Update ui/lib/core/addon/components/json-editor.js

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>

* Update ui/lib/kv/addon/components/kv-data-fields.js

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>

* update test name

* add default to modifier

---------

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
 2024-11-08 18:23:01 +00:00
miagilepner
09747c5d66
500 for grpc context canceled errors during login (#28866) 2024-11-08 18:01:18 +01:00
Angel Garbarino
2c3c585d70
Add identity_token_key to Azure and GCP secret engines (#28822) 
* changes then onto tests

* fix wif test failures

* changelog

* clean up

* address pr comments

* only test one wif engine for relevant tests

* add back engine loop for tests that depend on type
 2024-11-08 16:32:05 +00:00
ram-parameswaran
6f653692ea
Update seal-ha.mdx (#28863) 
Fix typo and text formatting
 2024-11-08 09:24:00 -05:00
akshya96
73702dbc8b
add fragment locks to GetActiveLocalFragment and GetActiveFragment (#28862) 
* add fragment locks to GetActiveLocalFragment and GetActiveFragment

* update locks for all functions
 2024-11-07 17:30:08 -08:00
Yoko Hyakuna
2cd0e14b7e
Update the AWS Marketplace link (#28860) 2024-11-07 14:21:42 -08:00
akshya96
1e82fe9980
adding local clients to local fragments ce changes (#28856) 
* adding ce changes

* using oss patch
 2024-11-07 13:32:16 -08:00
Yoko Hyakuna
69b1a615fb
[Docs] Add recommended patterns (#28843) 
* Content conversion from tutorial to doc - seal

* Add AppRole best practices

* Clean up the reference list

* Updated the title

* match the titles

* Add namespaces best practices

* Update the table style
 2024-11-07 13:17:43 -08:00
Steven Clark
68413ad058
Pull versioned golang images in Zlint testsuite to avoid pulling with latest (#28855) 
* Pull versioned golang images in Zlint testsuite to avoid pulling with latest

 - Leverage the versioned golang images which should be more static avoiding
   issues we somtimes encounter pulling latest images from our docker mirror.
 - We use the golang runtime version to avoid having to update this test
   continuously.

* Fallback to latest if the version tag isn't a release tag
 2024-11-07 14:04:45 -05:00
miagilepner
6c184c8756
VAULT-31393: Return 500 for some gRPC errors during login on perf standbys (#28807) 
* return 500 for RPC failures during perf standby logins

* godoc

* changelog
 2024-11-07 15:47:20 +01:00
miagilepner
2744bdbb7e
VAULT-24466: Quotas and replication docs (#28837) 2024-11-07 10:26:03 +01:00
hc-github-team-secure-vault-core
9cb10e41da
Update vault-plugin-auth-azure to v0.19.2 (#28848) 
* Update vault-plugin-auth-azure to v0.19.2

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-11-06 17:19:28 -05:00
Violet Hynes
a7ffab97d0
VAULT-31075 CE changes (#28845) 2024-11-06 12:50:46 -05:00
Steven Clark
2e4a30f914
Fail sign/verify apis when Ed25519ph/ctx arguments are provided on CE (#28838) 2024-11-06 12:23:14 -05:00
claire bontempo
30d4e21e88
UI: LDAP Hierarchical roles (#28824) 
* remove named path adapter extension, add subdirectory query logic to adapter

* add subdirectory route and logic to page::roles component

* fix overview page search select

* breadcrumbs

* update tests and mirage

* revert ss changes

* oops

* cleanup adapter, add _ for private methods

* add acceptance test

* remove type

* add changelog

* add ldap breadcrumb test

* VAULT-31905 link jira

* update breadcrumbs in Edit route

* rename type interfaces
 2024-11-06 00:52:29 +00:00
Steven Clark
752bb08664
Transit: fix race in the key update api (#28839) 
- The key update API would release the lock a little too early
   after it persisted the update so the reference could be updated
   when it was preparing the response to the caller across updates
   and/or key rotations
 - The storage updates were okay, just the response back to the caller
   of the update might see a mixture of different updates
 2024-11-05 14:41:09 -05:00
Victor Rodriguez
c855f6e982
Fix bug setting PKI issuer enable_aia_url_templating to be set to false (#28832) 
Fix bug setting PKI issuer enable_aia_url_templating to be set to false.
 2024-11-04 20:51:01 +00:00
Sarah Chavis
38ad49d63b
Update ServiceNow info (#28823) 
* Update ServiceNow info

* apply feedback

* tweaks

* clarify
 2024-11-04 11:14:43 -08:00
Martin
c38c5763ed
Fix: Add missing iam:TagUser permission (#28757) 
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
 2024-11-04 09:20:37 -08:00
Victor Rodriguez
d99ade20be
Add PKI issuer config fields to enable check disablement parameters (#28826) 
Add PKI issuer config fields to enable check disablement parameters.

Add the following new configuration fields for issuers:
  * allow_disable_critical_extension_checks
  * allow_disable_path_length_checks
  * allow_disable_name_checks
  * allow_disable_name_constraint_checks
 2024-11-04 11:46:55 -05:00
miagilepner
10bd15f956
VAULT-30877: Repopulate AWS static creds queue in initialize (#28775) 
* populate rotation queue in initialize

* docs, changelog

* add t.Helper()
 2024-11-04 09:32:14 -06:00
Steven Clark
e489631e87
Transit: Allow ENT only arguments for sign/verify. Add docs for new Ed25519 signature types (#28821) 2024-11-01 12:57:52 -04:00
divyaac
bad87541ed
OSS Changes Patch (#28810) 2024-10-31 17:13:23 +00:00