vault

mirror of https://github.com/hashicorp/vault.git synced 2026-04-01 03:42:34 +02:00

Author	SHA1	Message	Date
Vault Automation	825a0edc48	Backport VAULT-43198 [1b/7] JWT sys backend: Engine refactor into ce/main (#13300 ) * VAULT-43198 [1b/7] JWT sys backend: Engine refactor (#12936) * feat(jwt): add oauth-resource-server activation flag and bugfix * refactor(jwt): rewrite JWT engine and expiration handling * fix(test): update activation flags tests for oauth-resource-server * fix(test): skip outdated jwt test in logical_ent_test.go * fixes for broken tests (4) * add activation flag tests * moving out request handling changes * fix linter errors * merge * cleanup comments and names * cosmetic var name cleanup * Move API paths and logical system files from 1c to 1b * cleanup * cleanup (2) * cleanup (3) * codeql fixes * fix CreateTestConfigWithJWTAuthProfile using tests * more codeql fixes * Apply suggestions from code review Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com> * comments * comments (2) * comments (3) * comments (4) * merges from main * comments (5) * failing tests --------- Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com> * missing ent paths --------- Co-authored-by: Arnab Chatterjee <arnab.chatterjee@hashicorp.com> Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>	2026-03-24 12:39:24 +01:00
Vault Automation	719dd6f506	Update vault-plugin-auth-cf to v0.23.0 (#13333 ) (#13334 ) * Update vault-plugin-auth-cf to v0.23.0 * Add changelog --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>	2026-03-24 13:47:35 +05:30
Vault Automation	7e587fd026	Update vault-plugin-auth-kubernetes to v0.24.1 (#13259 ) (#13287 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>	2026-03-20 22:24:21 +00:00
Vault Automation	7d4395c412	Update vault-plugin-auth-jwt to v0.26.1 (#13242 ) (#13283 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Cole Heinbaugh <cole.heinbaugh@ibm.com>	2026-03-20 21:40:19 +00:00
Vault Automation	cb1fe89716	Backport Update vault-plugin-secrets-gcp to v0.24.0 into ce/main (#13276 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Vinay Gopalan <vinay@hashicorp.com>	2026-03-20 20:47:47 +00:00
Vault Automation	a71afc9c53	Update vault-plugin-secrets-kv to v0.26.2 (#13264 ) (#13275 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>	2026-03-20 19:38:34 +00:00
Vault Automation	8e3e783a44	Backport Update vault-plugin-secrets-openldap to v0.18.0 into ce/main (#13273 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Vinay Gopalan <vinay@hashicorp.com>	2026-03-20 12:27:03 -07:00
Robert	a40b8dbe6c	update-azure-secrets-v0.25.0 (#13268 )	2026-03-20 19:21:56 +00:00
Vault Automation	eb09f6ed3d	Update vault-plugin-secrets-ad to v0.22.1 (#13237 ) (#13256 ) --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Maithy Ton <github@maithyton.com>	2026-03-20 19:08:12 +00:00
Vault Automation	056ec7e94a	Update vault-plugin-auth-kerberos to v0.17.1 (#13245 ) (#13254 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>	2026-03-20 18:30:34 +00:00
Vault Automation	c8e9c7434a	Backport Update vault-plugin-secrets-gcpkms to v0.23.0 into ce/main (#13244 ) * Update vault-plugin-secrets-gcpkms to v0.23.0 (#13236) --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Maithy Ton <github@maithyton.com> * remove vault-plugin-secrets-keymgmt and vault-plugin-secrets-kmip imports --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Maithy Ton <github@maithyton.com>	2026-03-20 08:30:01 -07:00
Vault Automation	218e0ddfd4	Backport Update vault-plugin-database-snowflake to v0.16.0 into ce/main (#13243 ) * Update vault-plugin-database-snowflake to v0.16.0 (#13240) * Update vault-plugin-database-snowflake to v0.16.0 * Add changelog --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> * changes after go mod tidy to fix failing GitHub checks --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Arjun K S <arjun.ks@hashicorp.com>	2026-03-20 08:04:59 -07:00
Vault Automation	2628e4a9ab	Backport Update vault-plugin-auth-oci to v0.21.1 into ce/main (#13239 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Vinay Gopalan <vinay@hashicorp.com>	2026-03-20 11:00:12 -04:00
Vault Automation	b9ead07965	Update vault-plugin-database-elasticsearch to v0.20.1 (#13225 ) (#13233 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: sachin-chand01 <sachin.chand@hashicorp.com>	2026-03-20 11:29:36 +05:30
Vault Automation	5561edc03f	Backport Update vault-plugin-auth-gcp to v0.23.1 into ce/main (#13238 ) * Update vault-plugin-auth-gcp to v0.23.1 (#13217) --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Maithy Ton <github@maithyton.com> * go: fix missing go.sum entries --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Maithy Ton <github@maithyton.com>	2026-03-19 21:59:48 -07:00
Vault Automation	997b7a4596	Backport Update vault-plugin-auth-azure to v0.24.0 into ce/main (#13232 ) * Update vault-plugin-auth-azure to v0.24.0 (#13227) * Update vault-plugin-auth-azure to v0.24.0 * Add changelog --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> * go mod tidy --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: robmonte <17119716+robmonte@users.noreply.github.com>	2026-03-19 21:25:17 -07:00
Vault Automation	eb1c167308	Update vault-plugin-database-redis-elasticache to v0.9.1 (#13230 ) (#13235 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>	2026-03-20 03:37:39 +00:00
Vault Automation	2ab26b699d	Backport Update vault-plugin-secrets-mongodbatlas to v0.17.1 into ce/main (#13231 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Vinay Gopalan <vinay@hashicorp.com>	2026-03-20 03:09:49 +00:00
Vault Automation	a7544c1b55	Backport Update vault-plugin-database-couchbase to v0.16.1 into ce/main (#13223 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Vinay Gopalan <vinay@hashicorp.com> Co-authored-by: sachin-chand01 <sachin.chand@hashicorp.com>	2026-03-20 02:51:22 +00:00
Vault Automation	051cda3a04	Backport Update vault-plugin-secrets-alicloud to v0.22.1 into ce/main (#13210 ) * Update vault-plugin-secrets-alicloud to v0.22.1 (#13201) * Update vault-plugin-secrets-alicloud to v0.22.1 * Add changelog --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> * revert azure-secrets-plugin from 0.25.0 to 0.23.0 --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Cole Heinbaugh <cole.heinbaugh@ibm.com>	2026-03-20 02:03:11 +00:00
Vault Automation	6ce43bf387	Update vault-plugin-secrets-kubernetes to v0.13.1 (#13203 ) (#13212 ) * Update vault-plugin-secrets-kubernetes to v0.13.1 * Add changelog --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Cole Heinbaugh <cole.heinbaugh@ibm.com>	2026-03-20 02:02:30 +00:00
Vault Automation	2b0080cb15	Update vault-plugin-database-redis to v0.8.1 (#13207 ) (#13220 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>	2026-03-20 01:12:31 +00:00
Vault Automation	7f35dc637d	Update vault-plugin-database-mongodbatlas to v0.17.1 (#13205 ) (#13213 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>	2026-03-20 00:09:09 +00:00
Vault Automation	dfbe8f37d2	Backport Update vault-plugin-secrets-terraform to v0.14.1 into ce/main (#13209 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Vinay Gopalan <vinay@hashicorp.com>	2026-03-19 16:50:43 -07:00
Vault Automation	3e07ddb12f	Backport Upgrade `google.golang.org/grpc` dependency into ce/main (#13182 ) Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com> Co-authored-by: Vinay Gopalan <vinay@hashicorp.com> Co-authored-by: Ben Ash <bash@hashicorp.com>	2026-03-19 21:00:48 +00:00
Vault Automation	808ea3a859	Backport Update vault-plugin-auth-kubernetes to v0.24.0 into ce/main (#13164 ) * Update vault-plugin-auth-kubernetes to v0.24.0 (#13150) * tidy up --------- Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com> Co-authored-by: Ben Ash <bash@hashicorp.com>	2026-03-19 14:45:05 -04:00
Vault Automation	8239372a80	Update vault-plugin-database-redis-elasticache to v0.9.0 (#13139 ) (#13160 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>	2026-03-19 21:37:51 +05:30
Vault Automation	f62684b4de	Backport Update vault-plugin-secrets-alicloud to v0.22.0 into ce/main (#13169 ) * Update vault-plugin-secrets-alicloud to v0.22.0 (#13133) * Update vault-plugin-secrets-alicloud to v0.22.0 * Add changelog --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> * revert unreleased changes to vault-plugin-secrets-azure to fix build failures * rename changelog file --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Arjun K S <arjun.ks@hashicorp.com>	2026-03-19 16:04:43 +00:00
Vault Automation	5e43294b7d	Update vault-plugin-database-mongodbatlas to v0.17.0 (#13134 ) (#13156 ) Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>	2026-03-19 10:50:24 +05:30
Vault Automation	3964a90da2	Update vault-plugin-auth-kerberos to v0.17.0 (#13126 ) (#13141 ) * Update vault-plugin-auth-kerberos to v0.17.0 * Add changelog --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: suraj-simha <suraj.s@hashicorp.com>	2026-03-19 08:54:04 +05:30
Maithy Ton	06f79b5930	revert vault-licensing addition to ce/main mistake (#13109 )	2026-03-18 10:42:54 +05:30
Vault Automation	4071ce00ca	Update vault-plugin-auth-alicloud to v0.23.0 (#13058 ) (#13106 ) --------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com> Co-authored-by: Maithy Ton <github@maithyton.com>	2026-03-17 18:02:21 -07:00
Vault Automation	645d8238d3	Backport update go version 1.26.1 into ce/main (#13099 ) * update go version to 1.26.1 (#13061) --------- Co-authored-by: Maithy Ton <github@maithyton.com>	2026-03-17 17:02:43 -07:00
Vault Automation	417dd0775b	Backport Update vault-plugin-auth-gcp to v0.22.1 into ce/main (#13086 ) * Update vault-plugin-auth-gcp to v0.22.1 (#13051) * go.mod: update go.mod and go.sum for vault-plugin-auth-gcp * add changelog * update changelog file * remove changelog/_13051.txt --------- Co-authored-by: Arjun K S <arjun.ks@hashicorp.com>	2026-03-18 02:42:45 +05:30
Vault Automation	8e9772f516	Backport events: fix missed events with multiple event clients into ce/main (#12867 ) Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>	2026-03-12 19:17:33 +00:00
Vault Automation	d160737ced	[VAULT-42862] upgrade cloudflare/circl => v1.6.3 to partially resolve CVE-2026-1229 (#12567 ) (#12651 ) Upgrade `cloudflare/circl` to v1.6.3 to resolve CVE-2026-1229. We had several transient dependencies that depend on various versions of `circl` that also needed to be updated in order to resolve the latest version everywhere. - github.com/ProtonMail/go-crypto v1.2.0 => v1.3.0 - github.com/google/go-github v17 => v83/v83.0.0 - github.com/google/go-github/v81 => v83/v83.0.0 Signed-off-by: Ryan Cragun <me@ryan.ec> Co-authored-by: Ryan Cragun <me@ryan.ec>	2026-03-03 10:31:03 -07:00
Vault Automation	b706601bf7	Backport go: upgrade go.opentelemetry.io/otel/sdk => 1.40.0 and filippo.io/edwards25519 => v1.1.1 into ce/main (#12496 ) Upgrade filippo.io/edwards25519 v1.1.0 => v1.1.1 to resolve GO-2026-4503 Upgrade go.opentelemetry.io/auto/sdk v1.1.0 => v1.2.1 to resolve GO-2026-4394 Signed-off-by: Ryan Cragun <me@ryan.ec> Co-authored-by: Ryan Cragun <me@ryan.ec>	2026-02-24 17:49:33 +00:00
Vault Automation	dd988ae70a	Updated go.mod with new vault-licensing library (#12418 ) (#12442 ) * Updated go mod * Go mod tidy Co-authored-by: divyaac <divya.chandrasekaran@hashicorp.com>	2026-02-19 18:58:51 +00:00
Vault Automation	f1a0c8d745	Backport Vault 41205 Transform Metrics into ce/main (#12244 ) * no-op commit * Cherry pick * Edited go mods --------- Co-authored-by: divyaac <divya.chandrasekaran@hashicorp.com> Co-authored-by: divyaac <divyaac@berkeley.edu>	2026-02-09 12:54:42 -05:00
Vault Automation	b1fc7f3dd1	VAULT-42232: Duo API client upgrade (#12191 ) (#12193 ) * update duo_api_golang * changelog Co-authored-by: miagilepner <mia.epner@hashicorp.com>	2026-02-05 15:17:37 +00:00
Vault Automation	fc3f525ea8	Backport remove unused TestLicenseOptions into ce/main (#11929 ) * remove unused TestLicenseOptions (#11928) * go mod tidy --------- Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com> Co-authored-by: akshya96 <araghavan@hashicorp.com>	2026-01-23 07:18:29 -05:00
Vault Automation	322d731a7a	bump github.com/hashicorp/vault/sdk to v0.21.0 (#11723 ) (#11732 ) Co-authored-by: Maithy Ton <maithytonn@gmail.com>	2026-01-15 08:34:25 -08:00
Vault Automation	ffee73240b	Backport IBM License key integration: config file changes into ce/main (#11665 ) * IBM License key integration: config file changes (#11509) * adding config changes for ibm license entitlement * added ibm licensing_ent_test * adding newlicensing test * fix TestLicenseEntitlementConfig test * Update vault/core_util_ent.go Co-authored-by: Jenny Deng <jenny.deng@hashicorp.com> * Update vault/licensing_ent.go Co-authored-by: Jenny Deng <jenny.deng@hashicorp.com> * fixing name GenerateHashicorpTestLicenseConfig * remove local vscode settings * add a func to create entitlements and a sample ibm license --------- Co-authored-by: Jenny Deng <jenny.deng@hashicorp.com> * go mod tidy * adding issueroptions to ce --------- Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com> Co-authored-by: Jenny Deng <jenny.deng@hashicorp.com> Co-authored-by: akshya96 <araghavan@hashicorp.com>	2026-01-12 10:52:01 -08:00
Ryan Cragun	1df0fa727e	go: update golang.org/x/crypto to v0.46.0 (#11590 ) * go: update golang.org/x/crypto to v0.46.0 Signed-off-by: Ryan Cragun <me@ryan.ec>	2026-01-05 21:31:08 +00:00
Vault Automation	e7965c8bdf	[VAULT-41294] docker: build OCI container images (#11545 ) (#11549 ) This change does a few things that might not be obvious: - We stop requesting the previous runner image. This will result in us using Docker 29 instead of 28. With this comes changes in our container build system, most notably that container images are now exported as OCI images. Every container runtime that we support also supports OCI images so this ought to have no meaningful impact to downstream users. One noticeable change is that the image layers are now compressed so the final image size on disk will be considerably smaller than before. - Upgrade `hashicorp/action-setup-enos` to the latest version. This is not strictly required for this change but as we just released a new version of the CLI it makes sense to update it here. We should also note that recently we released a new version of `terraform-provider-enos` which contains necessary for this change as our docker and kind resources needed to be updated handle OCI and Docker exported images. Previously they relied on files that existed only in Docker images. Signed-off-by: Ryan Cragun <me@ryan.ec> Co-authored-by: Ryan Cragun <me@ryan.ec>	2025-12-29 10:58:02 -08:00
Vault Automation	be2cb06f8c	Backport refactor dependencies and removes disallowed vault imports from builtin Okta auth into ce/main (#11295 ) * refactor dependencies and removes disallowed vault imports from builtin Okta auth (#10965) * move SkipUnlessEnvVarsSet from vault/helper/testhelpers/ to vault/sdk/helper/testhelpers * use unittest framework from vault-testing-stepwise module in place of sdk/logical * refactor SkipUnlessEnvVarsSet() and NewAssertAuthPoliciesFunc() to sdk * bump docker API version to 1.44 matching 2f33549 --------- Co-authored-by: Thy Ton <maithytonn@gmail.com>	2025-12-12 13:20:57 -06:00
Vault Automation	8cce47281e	[VAULT-41179] go: bump golang.org/x/crypto to v0.45.0 (#11056 ) (#11065 ) * [VAULT-41179] go: bump golang.org/x/crypto to v0.45.0 Bump the golang.org/x/crypto module to v0.45.0 to resolve several CVE's with the prior version: - https://github.com/advisories/GHSA-f6x5-jh6r-wrfv - https://github.com/advisories/GHSA-j5w8-q4qc-rx2x - https://pkg.go.dev/vuln/GO-2025-4134 - https://pkg.go.dev/vuln/GO-2025-4135 Signed-off-by: Ryan Cragun <me@ryan.ec> Co-authored-by: Ryan Cragun <me@ryan.ec>	2025-12-02 21:00:06 +00:00
Vault Automation	51ed1178e9	Update deps to match those introduced by vault-plugin-secrets-azure@v0.25.0+ent into ce/main (#10864 ) Update dependencies to match those introduced into enterprise via the vault-plugin-secrets-azure@v0.25.0+ent bump. We also synchronize a few other dependencies that had drifted. Signed-off-by: Ryan Cragun <me@ryan.ec> Co-authored-by: Ryan Cragun <me@ryan.ec>	2025-11-18 00:17:25 -07:00
Vault Automation	4b54a577fc	Backport VAULT-40931: update jose2go to v1.7.0 into ce/main (#10837 ) * VAULT-40931: update jose2go to v1.7.0 (#10834) * VAULT-40931: update jose2go to v1.7.0 Bump jose2go dependency to resolve https://github.com/advisories/GHSA-9mj6-hxhv-w67j This is a transitive dep for the Snowflake database engine. This temporarily bumps it now until the upstream dep changes are merged and we bump the engine pins on this side. Signed-off-by: Ryan Cragun <me@ryan.ec> Co-authored-by: Ryan Cragun <me@ryan.ec>	2025-11-17 10:17:00 +00:00
Vault Automation	2c95f73ca7	[VAULT-40166] go: check go.mod drift on changes to ce/branches When a pull request is created against a CE branch and it has changed any files in the `gotoolchain` group we'll automatically trigger the diff for every Go module file in the repo against the equivalent in the corresponding enterprise branch. If there's a delta in like configuration it will automatically fail the `build/ce-checks` job. It will also write a complete explanation of the diff to the step output and also to the `build/ce-checks` job step summary. Signed-off-by: Ryan Cragun <me@ryan.ec> Co-authored-by: Ryan Cragun <me@ryan.ec>	2025-10-28 13:26:46 -06:00

1 2 3 4 5 ...

1100 Commits