scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2026-01-08 21:21:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,484 Commits 2,630 Branches 341 Tags
52ba156d47da170bf40471fe57d72522030bdc7e
Commit Graph

20484 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Scott Miller
6fe1b88401 Remove the BETA badge from EST in documentation (#28265) 
* Remove the BETA badge from EST

* Add ent badge
 2024-09-10 17:35:13 +00:00
Victor Rodriguez
7c0fb830b2 Update Go to 1.22.7. (#28335) 2024-09-10 16:59:08 +00:00
hc-github-team-secure-vault-core
45acb819e4 Update vault-plugin-secrets-kv to v0.20.0 (#28334) 
* Update vault-plugin-secrets-kv to v0.20.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-10 09:32:28 -07:00
divyaac
582035e162 Added storage limits (#28270) 2024-09-10 08:46:15 -07:00
Ryan Cragun
392412829b [VAULT-30189] enos: verify identity and OIDC tokens (#28274) 
* [VAULT-30189] enos: verify identity and OIDC tokens

Expand our baseline API and data verification by including the identity
and identity OIDC tokens secrets engines. We now create a test entity,
entity-alias, identity group, various policies, and associate them with
the entity. For the OIDC side, we now configure the OIDC issuer, create
and rotate named keys, create and associate roles with the named key,
and issue and introspect tokens.

During a second phase we also verify that the those some entities,
groups, keys, roles, config, etc all exist with the expected values.
This is useful to test durability after upgrades, migrations, etc.

This change also includes new updates our prior `auth/userpass` and `kv`
verification. We had two modules that were loosely coupled and
interdependent. This restructures those both into a singular module with
child modules and fixes the assumed values by requiring the read module
to verify against the created state.

Going forward we can continue to extend this secrets engine verification
module with additional create and read checks for new secrets engines.

Signed-off-by: Ryan Cragun <me@ryan.ec>
 2024-09-09 14:29:11 -06:00
hc-github-team-secure-vault-core
149c78f705 Update vault-plugin-database-couchbase to v0.12.0 (#28327) 
* Update vault-plugin-database-couchbase to v0.12.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-09 19:56:01 +00:00
Ryan Cragun
0764d7d177 enos: poweroff and terminate instances when shutting them down (#28316) 
Previously our `shutdown_nodes` modules would halt the machine. While
this is useful for simulating a failure it makes cleaning up the halted
machines very slow in AWS.

Instead, we now poweroff the machines and utilize EC2's instance
poweroff handling to immediately terminate the instances.

I've test both scenarios locally utilizing the change and both still
work as expected. I also timed before and after and this change saves 5
MINUTES in total runtime (~40%) for the PR replication scenario. I assume
it yields similar results for autopilot.

Signed-off-by: Ryan Cragun <me@ryan.ec>
 2024-09-09 13:22:41 -06:00
hc-github-team-secure-vault-core
899c18be81 Update vault-plugin-secrets-openldap to v0.14.0 (#28325) 
* Update vault-plugin-secrets-openldap to v0.14.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-09 12:17:28 -07:00
hc-github-team-secure-vault-core
d61510329e Update vault-plugin-secrets-gcp to v0.20.0 (#28324) 
Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-09 17:47:55 +00:00
John-Michael Faircloth
f7701e1d8c docs: add postgres TLS docs (#28302) 
* docs: add postgres TLS docs

* fix link formatting
 2024-09-09 12:34:16 -05:00
Brian Howe
59342940fd lock public JWKS generation and re-check cache (#27929) 
---------

Co-authored-by: kpcraig <3031348+kpcraig@users.noreply.github.com>
 2024-09-09 09:36:38 -07:00
Jonathan Herlin
cbbe573916 Fix repeating word (#28304) 2024-09-09 09:20:37 -04:00
Ryan Cragun
c9340dc7d5 VAULT-30640: support running test-go in parallel on multiple branches (#28296) 
In order for our enterprise nightlies to run the same test-go job but
across a matrix of different base references we need to consider the
checkout ref in our failure and summary uploads in order to prevent
an upload race.

We also configure Git with our token before setting up Go so that
enterprise CI workflows can execute without downloading a module cache.

Signed-off-by: Ryan Cragun <me@ryan.ec>
 2024-09-06 15:14:55 -06:00
Chelsea Shaw
963a12211a UI: only render date range reset button in enterprise (#28315) 2024-09-06 15:06:12 -05:00
Chelsea Shaw
f434693aa1 UI: show monthly new chart based on any data not average (#28313) 2024-09-06 19:05:08 +00:00
Chelsea Shaw
dcdbacd281 UI: Fix no data read within namespaces (#28311) 
* Add test for capabilities within namespace

* update capabilities fetchMultiplePaths so that the resulting records have the non-prefixed path as ID
 2024-09-06 13:44:09 -05:00
hc-github-team-secure-vault-core
da4152eee9 Update vault-plugin-secrets-terraform to v0.10.0 (#28312) 
* Update vault-plugin-secrets-terraform to v0.10.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-06 11:27:58 -07:00
Chelsea Shaw
6c270af47b UI Remove obscured json (#28261) 2024-09-06 18:13:59 +00:00
hc-github-team-secure-vault-core
a3b354a180 Update vault-plugin-auth-oci to v0.17.0 (#28307) 
* Update vault-plugin-auth-oci to v0.17.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-06 15:08:54 +00:00
Steven Clark
829d4f1ce3 Fix some broken links on the PKI EST docs page (#28303) 2024-09-06 08:58:39 -04:00
JMGoldsmith
eb1a4c2387 updating the release notes with the known issue for hmac audit values (#28285) 2024-09-06 14:29:40 +02:00
claire bontempo
73fbdb4565 UI: Hide patch for deleted or destroyed secrets (#28301) 
* hide patch action for deleted or destroyed versions

* update jsdoc

* add conditional chaining for CE versions that dont have subkeys

* stub version for CE tests

* add comments

* Update ui/lib/kv/addon/routes/secret.js
 2024-09-05 15:52:38 -07:00
Luis (LT) Carbonell
cdf3da4066 Add DR failover scenario to Enos (#28256) 
* Add DR failover scenario to Enos

* Update enos/enos-scenario-dr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-qualities.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-scenario-dr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-scenario-dr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-qualities.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-scenario-dr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-scenario-dr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-scenario-dr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-scenario-pr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* remove superuser

* Update enos/enos-scenario-dr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-scenario-dr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-scenario-dr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-scenario-dr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

* Update enos/enos-scenario-dr-replication.hcl

Co-authored-by: Ryan Cragun <me@ryan.ec>

---------

Co-authored-by: Ryan Cragun <me@ryan.ec>
 2024-09-05 21:33:53 +00:00
Robert
3bda80649f Add docs for github sync environment secrets (#28175) 
---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
 2024-09-05 16:11:01 -05:00
John-Michael Faircloth
b682a79551 actions: support ent plugins in plugin update workflow (#28295) 2024-09-05 15:53:08 -05:00
claire bontempo
620430d236 cleanup sass deprecations (#28279) 2024-09-05 13:33:11 -07:00
hc-github-team-secure-vault-core
cbf08fdc15 Update vault-plugin-secrets-gcpkms to v0.18.0 (#28300) 
* Update vault-plugin-secrets-gcpkms to v0.18.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-05 12:48:29 -07:00
claire bontempo
c4962925de UI: address flaky auth-jwt and control group tests (#28297) 
* address flaky auth-jwt test

* refactor control group success test
 2024-09-05 12:37:13 -07:00
Scott Miller
cbec86fba5 Update dependencies used by the crypto team (#28298) 2024-09-05 13:56:07 -05:00
Brian Shumate
9e64619c88 Update redirect (#28299) 2024-09-05 14:53:37 -04:00
hc-github-team-secure-vault-core
9c5d3ffc85 Update vault-plugin-auth-azure to v0.19.0 (#28294) 
* Update vault-plugin-auth-azure to v0.19.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Milena Zlaticanin <60530402+Zlaticanin@users.noreply.github.com>
 2024-09-05 09:54:12 -07:00
hc-github-team-secure-vault-core
65bc18b2e9 Update vault-plugin-database-redis-elasticache to v0.5.0 (#28293) 
* Update vault-plugin-database-redis-elasticache to v0.5.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Milena Zlaticanin <60530402+Zlaticanin@users.noreply.github.com>
 2024-09-05 09:30:32 -07:00
Angel Garbarino
92d585510c replace placeholder (#28291) 2024-09-05 10:09:09 -06:00
Theron Voran
ffb88e93ce sdk: update to docker v26.1.5 (#28269) 
Updates to plugincontainer@v0.4.0 in sdk/, and
vault-testing-stepwise@v0.3.1 in root, which updates vault/sdk and
vault itself to docker v26.1.5.
 2024-09-05 15:51:25 +00:00
Peter Wilson
322cb27395 Audit: always use derived context for audit logging, increase timeout to 10s (#28286) 
* always use derived context for audit logging, increase timeout to 10secs max

* improve go doc

* changelog
 2024-09-05 16:34:18 +01:00
Mike Palmiotto
6069e665c0 sdk: go mod tidy (#28290) 2024-09-05 15:24:02 +00:00
hc-github-team-secure-vault-core
b9c66c0809 Update vault-plugin-secrets-kubernetes to v0.9.0 (#28287) 
* Update vault-plugin-secrets-kubernetes to v0.9.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-05 10:08:28 -04:00
Peter Wilson
3be1719c71 add auth and secret block to response test for hmac (#28283) 2024-09-05 12:26:53 +01:00
Scott Miller
047ec756c0 Document CMPv2 (#27915) 
* CMPv2 Documentation, and restructuring of Issuance Protocols into its own section for PKI.

* title

* CMPv2 API

* Add default path policy

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* respond to some PR feedback

* pr feedback

* Fix nav and add key_usage

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Update website/content/api-docs/secret/pki/issuance.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Docs fixes

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
 2024-09-04 17:24:50 -05:00
hc-github-team-secure-vault-core
f6701b3672 Update vault-plugin-database-elasticsearch to v0.16.0 (#28277) 
* Update vault-plugin-database-elasticsearch to v0.16.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Milena Zlaticanin <60530402+Zlaticanin@users.noreply.github.com>
 2024-09-04 14:45:16 -07:00
claire bontempo
1238a187df UI: address test flakiness, especially kmip role edit form (#28262) 
* absolute hail mary

* what about this?

* that was not right

* nope

* refactor problematic test

* remove all of the runloop stuff, just chasing flaky tests

* chasing authPage

* move away from page objects for runCmd

* replace existing runCmd function

* add line

* test if removing chrome version helps this time?

* rerun tests

* rerun tests

* Revert "test if removing chrome version helps this time?"

This reverts commit 0b189c4f6978d6c55c283e3fe9fddd03d28c4377.

* remove await

* add trace log

* change test:oss command

* remove log tracing
 2024-09-04 14:16:09 -07:00
hc-github-team-secure-vault-core
690520ad1b Update vault-plugin-database-snowflake to v0.12.0 (#28275) 
* Update vault-plugin-database-snowflake to v0.12.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-04 19:40:48 +00:00
hc-github-team-secure-vault-core
68238ad424 Update vault-plugin-secrets-alicloud to v0.18.0 (#28271) 
* Update vault-plugin-secrets-alicloud to v0.18.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-04 14:13:33 -05:00
hc-github-team-secure-vault-core
3ecc513d34 Update vault-plugin-database-mongodbatlas to v0.13.0 (#28268) 
* Update vault-plugin-database-mongodbatlas to v0.13.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Milena Zlaticanin <60530402+Zlaticanin@users.noreply.github.com>
 2024-09-04 09:55:05 -07:00
hc-github-team-secure-vault-core
61463f591e Update vault-plugin-secrets-azure to v0.20.0 (#28267) 
* Update vault-plugin-secrets-azure to v0.20.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-04 09:31:47 -07:00
hc-github-team-secure-vault-core
42164dfc51 Update vault-plugin-auth-cf to v0.19.0 (#28266) 
* Update vault-plugin-auth-cf to v0.19.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-04 16:28:16 +00:00
hc-github-team-secure-vault-core
07dfe7716a Update vault-plugin-auth-kerberos to v0.13.0 (#28264) 
* Update vault-plugin-auth-kerberos to v0.13.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-04 15:18:20 +00:00
crystalstall
8dee06f977 chore: fix some function names (#28251) 
Signed-off-by: crystalstall <crystalruby@qq.com>
 2024-09-04 09:38:52 -04:00
Steven Clark
789f9b7821 Add missing revocation storage lock on RevokeCert refactoring (#28259) 
* Add missing revocation storage lock on RevokeCert refactoring

* Refactor internal PKI revocation API

 - Process the odd logical.Response/error returns internally to make
   the returns better consumable from other users.
 - Leverage the GetConfigWithUpdate to fetch the current CRL config, otherwise we can use older or nil configs.
 2024-09-03 17:18:30 -04:00
hc-github-team-secure-vault-core
6bda443807 Update vault-plugin-auth-alicloud to v0.19.0 (#28263) 
* Update vault-plugin-auth-alicloud to v0.19.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-09-03 20:49:44 +00:00