* Correct doctype
This is not a valid doctype, the 'lang' belongs to the html element.
* Create 22153.txt
---------
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
* Add metadata policy requirement for KV-V2 list.mdx
Customer requested change as our API docs page does not state the token policy must have access to metadata in the policy when listing KV-V2 secrets. I let them know it exists here: https://developer.hashicorp.com/vault/docs/secrets/kv/kv-v2#acl-rules, in the ACL section, but they wanted to have it added to the API docs as well.
* Update website/content/api-docs/secret/kv/kv-v2.mdx
---------
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
Update ServiceNow Vault documentation to explicitly call out from ServiceNow UTAH:
- use the ServiceNow App store
- set the name of the Credential Resolver to match the name of the jar
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Updating the vault leader step down documentation to include some extra info about possible failed requests during leader step down
* Add changelog.txt
* Update website/content/docs/commands/operator/step-down.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Initial oss-patch apply
* Added changelog
* Renamed changelog txt
* Added the imports to the handler file
* Added a check that no two ports are the same, and modified changelog
* Edited go sum entry
* Tidy up using go mod
* Use strutil instead
* Revert go sum and go mod
* Revert sdk go sum
* Edited go.sum to before
* Edited go.sum again to initial
* Revert changes
* use non-persistent Salter for logging test message
* adjust tests based on code changes to ProcessManual
* suggestion for log test message fix (#22320)
* clean up test code and fix misnamed elements
---------
Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
* Adding explicit MPL license for sub-package.
This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository.
* Adding explicit MPL license for sub-package.
This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository.
* Updating the license from MPL to Business Source License.
Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at https://hashi.co/bsl-blog, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl.
* add missing license headers
* Update copyright file headers to BUS-1.1
* Fix test that expected exact offset on hcl file
---------
Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Co-authored-by: Sarah Thompson <sthompson@hashicorp.com>
Co-authored-by: Brian Kassouf <bkassouf@hashicorp.com>
* replaced each instance of MaskedInput in PKI with CertificateCard
* modify tests for pki-generate-csr
* add test for pki-issuer-details. modify test for pki-certificate-details
* added test for pki-key-details. modified test for pki-sign-intermediate-form
* update 2 test helper files and modify test for pki-issuer-rotate-root
* update test for certificate-card-test.js, update test for the kubernetes configuration-test.js
* modify pki-action-forms-test.js to no longer look for masked input. expand test for pki-issuer-details-test.js to check for all issuer details
* change CertificateCard to show different format types (PEM, DER, nothing) depending on the value provided. update 2 test files to account for this.
* change CertificateCard arg name from @certficateValue to @data to be more inclusive of different uses of CertificateCard (i.e when used for a private key, not a certificate). add description to certificate-card.js
* change naming for attr.options.masked to attr.options.displayCard to reflect the change from MaskedInput to CertificateCard
* add changelog
* change attribute to isCertificate to better fit the title of the component CertificateCard. edit pki-certificate-details.hbs to get rid of extraneous code
* Major overhaul of `vault operator generate-root` CLI help
Resolves#15252
A major overhaul of the `vault operator generate-root` CLI help to
surface the fact that it is actually six separate commands in one,
rather than requiring users to independently deduce this mental model
themselves.
In the process of doing so, also standardize some terminology:
* Fix places which used the phrase "operational token" instead of
"operation token" to be consistent with the prevailing terminology.
* Fix places which used the phrase "recovery operation token" instead of
"recovery token" to be consistent with the prevailing terminology.
This PR currently focusses on the CLI help, but following review and
feedback, I assume I'll need to replicate many of the same changes in
website/content/docs/commands/operator/generate-root.mdx as well.
* Fix some tab characters which should have been spaces
* Update command/operator_generate_root.go
---------
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
* Add ADP requirement callout
Add a callout to the top of the page to note that this feature requires Vault ENT + ADP
* rephrase
* Update website/content/docs/enterprise/pkcs11-provider/index.mdx
---------
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>=
* Refactor sign-intermediate API response
- Allow the sign-intermediate response handling code to be shared
across different API calls.
* Add missing cieps.go
* add hashfunc field to EntryFormatter struct and adjust NewEntryFormatter function and tests
* add HeaderAdjuster interface and require it in EntryFormatter
* adjust all references to NewEntryFormatter to include a HeaderAdjuster parameter
* replace use of hash function in AuditedHeadersConfig's ApplyConfig method with Salter interface instance
* export audit.NewEvent function and adjust function signature
* add eventlogger based handling in LogRequest
* adjust eventlogger.Broker according to number of backends
* record auditing metrics
* only send events if a pipeline is registered
* remove TODO comments
* remove unused struct and method
* move setup of audited headers earlier into Core's initialization
* adjust entry_formatter to properly handle request headers
* protect against potential segmentation fault
* moved common code out of both switch cases
* protect against case where a.Data.Request or a.Data.Request.Headers is nil
---------
Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
* Automatically track subloggers in allLoggers
This PR introduces a new interface called `SubloggerAdder` for tracking
allLoggers across startup phases.
The interface enables us to register a single `SubloggerHook` during
initial logger creation and hand off management of `allLoggers` during
the three phases we need to handle:
- Before `CoreConfig` is created, the `SubloggerHook`
(`AppendToAllLoggers`) appends new subloggers to
`ServerCommand.allLoggers`.
- After `CoreConfig` is created and before `NewCore` returns, new subloggers
are added to `CoreConfig.AllLoggers`. Intermediate state must also be
kept in sync within NewCore to track new subloggers before we return
to the server command and register the `Core.SubloggerAdder`
implementation.
- After `NewCore` returns to the server command, we register Core as the
implementer of `ServerCommand.SubloggerAdder` ensuring that all new
subloggers are appended to `Core.allLoggers`.
* Wire up the sublogger hook in NewTestLogger
