scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-29 17:52:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,817 Commits 2,630 Branches 341 Tags
09e7c2e8faf3d4e9846c37ef6692e5fe20c32ffb
Commit Graph

20817 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thy Ton
607991e551 exclude *_ent_test.go from copywrite-exceptions.sh (#29319) 2025-01-08 21:21:19 +00:00
Thy Ton
ad35129486 update copywrite exceptions to exclude *_ent.go (#29315) 2025-01-08 20:39:28 +00:00
Alexandr Hacicheant
2f95a73d1d Updated description of the field (#29146) 
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
 2025-01-08 20:32:41 +00:00
helenfufu
b74e2e798c Vault 27421 update cap/ldap dep (#29302) 
* go get github.com/hashicorp/cap/ldap@main && go mod tidy

* add 1.19 upgrade note

* changelog

* cd sdk && go get github.com/hashicorp/cap/ldap@main && go mod tidy

* add more detail in changelog

* update changelog

* go mod tidy after resolving merge conflicts
 2025-01-08 13:27:45 -06:00
Luis (LT) Carbonell
cb32dd03c0 Update docs for auth-cf (#29311) 2025-01-07 20:18:11 -05:00
vinay-gopalan
27bd3e9535 Add SDK helpers and Core stubs for plugins to communicate with Enterprise Rotation Manager (#29273) 
Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
 2025-01-07 22:22:45 +00:00
Michael Blaum
f18801693b Vault 27392 log ldap warning - remove from warning from response (#29134) 
* log ldap warnings instead of returning them to end user

* add cl

* code review

* Update changelog/29134.txt

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update changelog/29134.txt

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* fix test

---------

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
 2025-01-07 16:51:15 -05:00
Evan Moncuso
035b7e6d8e VAULT-32677 - Fix missing client count card in managed clusters (#29241) 
* add check for admin namespace on managed clusters

* add tests for client count card in managed clusters

* add changelog
 2025-01-07 12:53:06 -08:00
claire bontempo
6e3ae793f5 UI: LDAP Hierarchical Library names (#29293) 
* refactor crumbs

* add subdirectory library route and hierarchical nav

* update library breadcrumbs;

* fix role popup menus

* add getter to library model for full path

* cleanup model getters

* add changelog

* add bug fix note

* add transition after deleting

* fix function definition

* update adapter test

* add test coverage

* fix crumb typo
 2025-01-07 12:54:36 -06:00
Kuba Wieczorek
67663c85a3 [VAULT-21282] Bump raft-autopilot dependency to v0.3.0 (#29306) 
This pulls in a logic change in the autopilot library that helps us to avoid increasing the quorum when reconciling in presence of an unhealthy voter, when the overall number of voters is odd.
 2025-01-07 17:35:46 +00:00
John-Michael Faircloth
c39aa51916 test: fix ce/ent diff (#29307) 2025-01-07 09:19:32 -08:00
Steven Clark
e1538468c9 PKI: Add management APIs for ACME accounts (#29173) 
* Allow a Vault operator to list, read and update PKI ACME accounts

 - This allows an operator to list the ACME account key ids, read
   the ACME account getting all the various information along with
   the account's associated orders and update the ACME account's
   status to either valid or revoked

* Add tests for new ACME management APIs

* Update PKI api-docs

* Add cl

* Add missing error handling and a few more test assertions

* PR feedback

* Fix Note tags within the website

* Apply suggestions from docscode review

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/api-docs/secret/pki/issuance.mdx

* Update website/content/api-docs/secret/pki/issuance.mdx

* Update website/content/api-docs/secret/pki/issuance.mdx

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
 2025-01-07 09:34:17 -05:00
miagilepner
4f32443722 fixes for flakes in raft removed tests (#29270) 
* fixes for flakes in raft removed tests

* one more fix
 2025-01-07 13:56:07 +01:00
claire bontempo
6d566cb6d0 UI: Remove kv data download button (#29290) 
* remove download button

* add changelog
 2025-01-06 15:41:08 -06:00
Violet Hynes
539a7b73d1 Remove potentially misleading part of automated reporting docs (#29297) 2025-01-06 16:26:02 -05:00
divyaac
ac42bf718b Revert "Add tokens to local path (#28722)" (#29294) 
This reverts commit 435ecc63ba.
 2025-01-06 10:36:23 -08:00
hc-github-team-secure-vault-core
d2e902629d Update vault-plugin-auth-cf to v0.19.1 (#29295) 
* Update vault-plugin-auth-cf to v0.19.1

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-01-06 18:30:19 +00:00
John-Michael Faircloth
6110ee084f db: allow updates to self_managed_password (#29283) 2025-01-06 12:05:41 -06:00
Scott Miller
031c5d6d20 More CE changes for hybrid wireup (#29282) 
* More CE changes for hybrid wireup

* remove unused func

* undo reintroduction of loss of omitempty

* Add ent hooks and handle unsupported keys correctly

* tidy import

* Fix ent encode test logic
 2025-01-06 16:45:07 +00:00
Steven Clark
d3a91f74c7 Update an expired certificate within the cert-auth test fixtures (#29289) 
* Update an expired certificate within the cert-auth test fixtures

* Update additional vault-diagnose tests with an expired cert using pkihelper
 2025-01-06 11:11:30 -05:00
Brian Shumate
5fc382d339 Docs: add migrate Consul storage document (#29222) 
- Migrate tutorial content as part of [SPE-901](https://hashicorp.atlassian.net/browse/SPE-901)
 2025-01-06 09:45:25 -05:00
divyaac
546d34d4ca Revert "Creates Skeleton RPC to send global client data to primaries … (#29285) 
* Revert "Creates Skeleton RPC to send global client data to primaries (#28761)"

This reverts commit 5a372eed2c.

* Run make proto

Run make proto
 2025-01-03 15:36:54 -08:00
divyaac
7f722baf58 Revert "Added Stubs to stop breakage of Ent (#28772)" (#29284) 
This reverts commit 0923064dff.
 2025-01-03 14:56:59 -08:00
Ryan Cragun
f730d31bc6 protobuf: rebuild protos with protobuf 1.36 (#29229) 
Signed-off-by: Ryan Cragun <me@ryan.ec>
 2025-01-03 14:19:00 -07:00
akshya96
a713a820b8 Revert "OSS Changes Patch (#28810)" (#29281) 
This reverts commit bad87541ed.
 2025-01-03 13:08:12 -08:00
Scott Miller
39365aa01f Simply remove any ent machinery from the export test (#29280) 
* Simply remove any ent machinery from the export test

* missed
 2025-01-03 18:37:53 +00:00
divyaac
c3cb730bae Revert "adding local clients to local fragments ce changes (#28856)" (#29278) 
This reverts commit 1e82fe9980.
 2025-01-03 10:09:40 -08:00
John-Michael Faircloth
9a830736c8 fix db test data race for queue tick interval (#29276) 2025-01-03 09:27:10 -06:00
Scott Miller
7c1d6e5e84 CE side changes to key policy engine for ML-DSA/Hybrid support (#29274) 
* CE side changes to key policy engine for ML-DSA/Hybrid support

* fix ce mismatch for verify

* restore omitempty

* unnecessary

* Perform code reuse of ed25519 validation differently

* make parts of export testing ent only

* license
 2025-01-03 09:46:00 -05:00
akshya96
ecf8d0bc11 Revert "add fragment locks to GetActiveLocalFragment and GetActiveFragment (#…" (#29277) 
This reverts commit 73702dbc8b.
 2025-01-02 17:55:33 -08:00
Angel Garbarino
a3e977745f Add GCP configuration details (#29247) 
* starting

* add the details functionality

* test coverage

* welp, friday fingers

* small small changes

* Update ui/app/models/gcp/config.js

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>

* Update ui/app/helpers/mountable-secret-engines.js

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>

* update small changes on model

* reorder loop on configuration details

* Update ui/tests/integration/components/secret-engine/configuration-details-test.js

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>

* Update ui/app/models/gcp/config.js

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>

* Update ui/app/models/gcp/config.js

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>

* Update ui/app/routes/vault/cluster/secrets/backend/configuration/index.js

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>

* add comment

---------

Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
 2025-01-02 13:33:14 -07:00
claire bontempo
b5f2accc1d fix typo (#29275) 2025-01-02 20:13:05 +00:00
divyaac
1aa49af191 Revert "Store global clients at separate storage paths (#28926)" (#29272) 
This reverts commit e21dfa6b1c.

Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
 2025-01-02 19:42:41 +00:00
Tom Chwojko-Frank
81590f45a4 Correcting the changelog to reflect that this features was not implemented for Oracle yet. (#29262) 2025-01-02 11:23:24 -08:00
claire bontempo
91d88c3de1 Add UI support name constraints (#29263) 
* add open api params

* support pki name constraints

* fix conditional

* revert helptextwsubtext

* fix typo

* add name constraints to sign intermediate form

* add changelog

* update test
 2025-01-02 11:50:49 -06:00
akshya96
3c15d4b7fa Revert "Storing local clients to local storage paths ce changes (#28958)" (#29268) 
This reverts commit 504227bd74.
 2025-01-02 09:17:27 -08:00
Steven Clark
f1efd98ecf Prevent barrier term overflow on rotation (#29176) 
* Prevent barrier term overflow on rotation

 - Upon requesting to rotate the barrier key if we overflow the
   term uint32, fail the rotation.

* Add cl
 2025-01-02 09:28:56 -05:00
divyaac
3622e22101 Revert "Remove all references to current fragments, standbyfragments and part…" (#29267) 
This reverts commit 6ed4ad0851.
 2024-12-30 13:19:09 -08:00
Shannon Roberts (Beagin)
66470b3538 [VAULT-33207] Update Policy Modal to add isHrefExternal to External Links (#29264) 
* [VAULT-33207] Update Policy Modal to add isHrefExternal to External Links

* add isHrefExternal to doc links as well as github links
 2024-12-27 09:30:49 -08:00
Shannon Roberts (Beagin)
28768d5b5b [VAULT-33207] Update Policy Modal links to use HDS, add ACL Policies "get started" link (#29254) 
* [VAULT-33207] Update Policy Modal links to use HDS, add ACL Policies "get started" link

* fix failing test
 2024-12-26 09:24:24 -08:00
claire bontempo
847597fbae add open api params (#29257) 2024-12-24 00:22:21 +00:00
Victor Rodriguez
f6910bbb2e Sort CA chain into root and intermediates on VerifyCertificate. (#29255) 
Sort CA chain into root and intermediates on VerifyCertificate.

In order for the Certificate.Verify method to work correctly, the certificates
in the CA chain need to be sorted into separate root and intermediate
certificate pools.

Add unit tests to verify that name constraints in both the root and intermediate
certificates are checked.
 2024-12-23 19:56:41 +00:00
divyaac
88f0710e26 Revert "Migrate Clients From Old Storage Paths to New Paths During Upgrade #7…" (#29253) 
This reverts commit 9ba62bec6f.
 2024-12-20 16:06:41 -08:00
divyaac
30e853da9d Revert "Send Global Data From Secondary to Primary During Upgrade (#29137)" (#29252) 
This reverts commit 537fc0f3ea.
 2024-12-20 13:46:17 -08:00
Victor Rodriguez
b9e949bf73 Support all fields of the name constraints extension when generating CA certificates (#29245) 
Support all fields of the name constraints extension when generating CA certs.

The PKI secrets engine only provided parameter permitted_dns_domains to create
the name constraints extension when generating CA certificates.

Add the following parameters to provide full support for the extension:

  * permitted_email_addresses
  * permitted_ip_ranges
  * permitted_uri_domains
  * excluded_dns_domains
  * excluded_email_addresses
  * excluded_ip_ranges
  * excluded_uri_domains

Specifying any combination of these parameters will trigger the creation of the
name constraints extension as per RFC 5280 section 4.2.1.10.
 2024-12-20 14:55:25 -05:00
divyaac
df73491763 Revert "Added LocalMount field to Export API (#29145)" (#29251) 
This reverts commit af6d983404.
 2024-12-20 19:38:59 +00:00
divyaac
6501a562f6 Revert "OSS Changes Patch (#29154)" (#29250) 
This reverts commit 46c69d739d.
 2024-12-20 19:35:02 +00:00
akshya96
357a13fbb0 Revert "OSS-Changes Patch (#29193)" (#29249) 
This reverts commit 1fab64e9c6.
 2024-12-20 19:28:10 +00:00
Scott Miller
3754c67abf Enable seal wrapping for approle secret storage (#28703) 
* Enable seal wrapping for approle secret storage

* changelog
 2024-12-20 13:03:34 -06:00
Shannon Roberts (Beagin)
0d3a82adf4 [VAULT-19467] UI Breadcrumb Title Case (#29206) 
* [VAULT-19467] Vault UI Breadcrumb Title Case

* should use Title Case

* update changelog

* rename changelog

* update tests

* more test updates

* update tests

---------

Co-authored-by: Tony Wittinger <anwittin@users.noreply.github.com>
 2024-12-20 12:47:34 -06:00