scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-29 09:42:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,829 Commits 2,630 Branches 341 Tags
74d02c8a435d3e670a1bbe1180b43fac16aa39e6
Commit Graph

846 Commits

Author SHA1 Message Date
hc-github-team-secure-vault-core
64e92ba9fd Update vault-plugin-secrets-ad to v0.20.1 (#29648) 
* Update vault-plugin-secrets-ad to v0.20.1

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-14 20:56:46 +00:00
hc-github-team-secure-vault-core
b756fe6c0e Update vault-plugin-secrets-azure to v0.21.0 (#29639) 
---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-13 19:01:47 -05:00
hc-github-team-secure-vault-core
513f5a96b1 Backport of update vault-plugin-auth-oci to v0.18.0 into release/1.19.x (#29620) 
* Update vault-plugin-auth-kerberos to v0.14.0

* Add changelog

* Update vault-plugin-auth-oci to v0.18.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Jaired Jawed <jaired.jawed@hashicorp.com>
 2025-02-13 23:20:01 +00:00
hc-github-team-secure-vault-core
a57972713d Update vault-plugin-auth-kerberos to v0.14.0 (#29617) 
* Update vault-plugin-auth-kerberos to v0.14.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Jaired Jawed <jaired.jawed@hashicorp.com>
 2025-02-13 22:55:01 +00:00
hc-github-team-secure-vault-core
6efe9c7142 Update vault-plugin-auth-kubernetes to v0.21.0 (#29619) 
* Update vault-plugin-auth-kubernetes to v0.21.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-13 12:45:56 -08:00
hc-github-team-secure-vault-core
3fe8dfce13 Update vault-plugin-secrets-kv to v0.21.0 (#29614) 
* Update vault-plugin-secrets-kv to v0.21.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-13 14:02:05 -05:00
hc-github-team-secure-vault-core
d3c14d577f Update vault-plugin-auth-alicloud to v0.20.0 (#29613) 
* Update vault-plugin-auth-alicloud to v0.20.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-13 14:01:09 -05:00
hc-github-team-secure-vault-core
cf8b6ba70b Update vault-plugin-secrets-gcpkms to v0.20.0 (#29612) 
* Update vault-plugin-secrets-gcpkms to v0.20.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-13 14:00:50 -05:00
hc-github-team-secure-vault-core
4feed3d382 Update vault-plugin-auth-azure to v0.20.0 (#29606) 
* Update vault-plugin-auth-azure to v0.20.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-13 11:38:37 -05:00
hc-github-team-secure-vault-core
c397423c37 Update vault-plugin-secrets-openldap to v0.15.0 (#29605) 
---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-13 11:34:25 -05:00
hc-github-team-secure-vault-core
b17c6d5b6d Update vault-plugin-secrets-gcp to v0.21.0 (#29598) 
* Update vault-plugin-secrets-gcp to v0.21.0

* Add changelog

* Update 29598.txt

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: robmonte <17119716+robmonte@users.noreply.github.com>
 2025-02-13 05:43:49 +00:00
hc-github-team-secure-vault-core
2493fc7355 Update vault-plugin-database-redis to v0.5.0 (#29597) 
Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-13 01:15:53 +00:00
hc-github-team-secure-vault-core
1c77670afa Update vault-plugin-database-redis-elasticache to v0.6.0 (#29594) 
Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-12 23:52:15 +00:00
hc-github-team-secure-vault-core
8611a24d84 Update vault-plugin-auth-gcp to v0.20.0 (#29591) 
* Update vault-plugin-auth-gcp to v0.20.0

* Add changelog

* Update 29591.txt

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: robmonte <17119716+robmonte@users.noreply.github.com>
 2025-02-12 17:28:05 -06:00
hc-github-team-secure-vault-core
73d16609dc Update vault-plugin-secrets-kubernetes to v0.10.0 (#29592) 
* Update vault-plugin-secrets-kubernetes to v0.10.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-12 15:25:31 -08:00
hc-github-team-secure-vault-core
04b2e377c7 Update vault-plugin-database-mongodbatlas to v0.14.0 (#29584) 
* Update vault-plugin-database-mongodbatlas to v0.14.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Milena Zlaticanin <60530402+Zlaticanin@users.noreply.github.com>
 2025-02-12 13:46:21 -07:00
hc-github-team-secure-vault-core
52ab80caec Update vault-plugin-secrets-mongodbatlas to v0.14.0 (#29583) 
* Update vault-plugin-secrets-mongodbatlas to v0.14.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-12 13:12:48 -07:00
hc-github-team-secure-vault-core
9ba523a0d0 Update vault-plugin-database-elasticsearch to v0.17.0 (#29542) 
* Update vault-plugin-database-elasticsearch to v0.17.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Michael Blaum <96261585+hashiblaum@users.noreply.github.com>
 2025-02-11 20:10:50 +00:00
hc-github-team-secure-vault-core
b9ee65e302 Update vault-plugin-secrets-terraform to v0.11.0 (#29541) 
* Update vault-plugin-secrets-terraform to v0.11.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Michael Blaum <96261585+hashiblaum@users.noreply.github.com>
 2025-02-11 14:25:21 -05:00
hc-github-team-secure-vault-core
429d890efb Update vault-plugin-database-couchbase to v0.13.0 (#29543) 
* Update vault-plugin-database-couchbase to v0.13.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Michael Blaum <96261585+hashiblaum@users.noreply.github.com>
 2025-02-11 14:23:21 -05:00
hc-github-team-secure-vault-core
6556857229 Update vault-plugin-database-snowflake to v0.13.0 (#29554) 
* Update vault-plugin-database-snowflake to v0.13.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-11 18:41:57 +00:00
hc-github-team-secure-vault-core
41a9865a31 Update vault-plugin-auth-jwt to v0.23.0 (#29553) 
* Update vault-plugin-auth-jwt to v0.23.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-11 18:07:50 +00:00
hc-github-team-secure-vault-core
5c9dedda48 Update vault-plugin-secrets-openldap to v0.14.5 (#29551) 
* Update vault-plugin-secrets-openldap to v0.14.5

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-11 10:30:55 -06:00
hc-github-team-secure-vault-core
784216310f Update vault-plugin-secrets-alicloud to v0.19.0 (#29512) 
* Update vault-plugin-secrets-alicloud to v0.19.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Michael Blaum <96261585+hashiblaum@users.noreply.github.com>
 2025-02-07 15:09:47 -05:00
hc-github-team-secure-vault-core
b3baef9a81 Update vault-plugin-auth-cf to v0.20.0 (#29528) 
* Update vault-plugin-auth-cf to v0.20.0

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-02-07 10:50:30 -08:00
Scott Miller
7b40df7b64 Update go-secure-stdlib (#29501) 2025-02-04 12:58:31 -06:00
Scott Miller
5752e64d09 Update azure key vault wrapper (#29499) 
* Update azure key vault wrapper

* changelog
 2025-02-04 17:58:40 +00:00
Scott Miller
73a98ddd48 Update go-kms-wrapping wrapper dependencies, adding ParsePaths support for sensitive values. (#29402) 
* Update go-kms-wrapping wrapper dependencies, adding ParsePaths support for sensitive values

* changelog

* document indirect value references, e.g ParsePath
 2025-02-03 18:23:52 +00:00
Kit Haines
371ffc4bd4 Move all pki-verification calls from sdk-Verify() to pki-specific (#29342) 
* Move all pki-verification calls from sdk-Verify() to pki-specific
VerifyCertifcate(...); update sdk-Verify to allow multiple chains,
but validate that at least one of those chains is valid.

* Updates to Validate on Parse PEMBlock, so that a single cert or a single key parses (test fixes).

* Add changelog.

* Make test certificate expire in a while, not at linux epoch.

* Remove duplicate code.

* Fix header file + go mod tidy.

* Updates based on review.
 2025-01-29 11:05:55 -05:00
Violet Hynes
32d61c3893 Update go/x/net and go/x/crypto to latest versions throughout (#29422) 2025-01-27 10:47:40 -05:00
Johan Brandhorst-Satzkorn
8d83c5d047 physical: use permitpool from go-secure-stdlib (#29331) 
* sdk/physical: use permitpool from go-secure-stdlib

* physical: use permitpool from go-secure-stdlib

* fixup! sdk/physical: use permitpool from go-secure-stdlib

* fixup! sdk/physical: use permitpool from go-secure-stdlib
 2025-01-24 12:33:44 -05:00
mickael-hc
d6d49390a9 update go-slug to 0.16.3 (#29404) 
does not affect vault but addresses CVE-2025-0377 to reduce scanner noise
 2025-01-23 17:40:47 -08:00
Nick Cabatoff
13c445bd45 Websocket lib has moved, see https://coder.com/blog/websocket. (#29386) 2025-01-22 19:30:03 +00:00
Mike Palmiotto
9d80c4548f proto: bump protoc-gen-go to 1.36.3 (#29359) 2025-01-22 13:58:43 -05:00
John-Michael Faircloth
49d8fb2b64 replace keyring dependency to address zombie dbus-daemons processes (#29334) 
* replace keyring dependency to address zombie dbus-daemons processes

* changelog
 2025-01-09 22:00:41 +00:00
helenfufu
b74e2e798c Vault 27421 update cap/ldap dep (#29302) 
* go get github.com/hashicorp/cap/ldap@main && go mod tidy

* add 1.19 upgrade note

* changelog

* cd sdk && go get github.com/hashicorp/cap/ldap@main && go mod tidy

* add more detail in changelog

* update changelog

* go mod tidy after resolving merge conflicts
 2025-01-08 13:27:45 -06:00
Kuba Wieczorek
67663c85a3 [VAULT-21282] Bump raft-autopilot dependency to v0.3.0 (#29306) 
This pulls in a logic change in the autopilot library that helps us to avoid increasing the quorum when reconciling in presence of an unhealthy voter, when the overall number of voters is odd.
 2025-01-07 17:35:46 +00:00
hc-github-team-secure-vault-core
d2e902629d Update vault-plugin-auth-cf to v0.19.1 (#29295) 
* Update vault-plugin-auth-cf to v0.19.1

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2025-01-06 18:30:19 +00:00
mickael-hc
11708f14d6 bump golang.org/x/crypto (#29153) 
mitigates CVE-2024-45337 which does not affect Vault but will help reduce scanner noise
 2024-12-12 11:23:37 -05:00
hc-github-team-secure-vault-core
59489a8882 Update vault-plugin-secrets-openldap to v0.14.4 (#29131) 
Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-12-09 13:58:16 -08:00
Scott Miller
86ba0dbdeb Use go-secure-stdlib's RSA key generator backed by a DRBG (#29020) 
* Use DRBG based RSA key generation everywhere

* switch to the conditional generator

* Use DRBG based RSA key generation everywhere

* switch to the conditional generator

* Add an ENV var to disable the DRBG in a pinch

* update go.mod

* Use DRBG based RSA key generation everywhere

* switch to the conditional generator

* Add an ENV var to disable the DRBG in a pinch

* Use DRBG based RSA key generation everywhere

* update go.mod

* fix import

* Remove rsa2 alias, remove test code

* move cryptoutil/rsa.go to sdk

* move imports too

* remove makefile change

* rsa2->rsa

* more rsa2->rsa, remove test code

* fix some overzelous search/replace

* Update to a real tag

* changelog

* copyright

* work around copyright check

* work around copyright check pt2

* bunch of dupe imports

* missing import

* wrong license

* fix go.mod conflict

* missed a spot

* dupe import
 2024-12-05 15:39:16 -06:00
Victor Rodriguez
48cec9729d Enforce PKI issuer constraints. (#29045) 
Add environment variable VAULT_DISABLE_PKI_CONSTRAINTS_VERIFICATION.

Setting VAULT_DISABLE_PKI_CONSTRAINTS_VERIFICATION=true will disable the cert
issuance/signing verification.
 2024-11-27 18:34:26 +01:00
Victor Rodriguez
b2886d2a99 Revert "Perform validation when issuing or signing certificates. (#28921)" (#29041) 
This reverts commit 31fc51c68f.
 2024-11-27 16:22:20 +00:00
Victor Rodriguez
31fc51c68f Perform validation when issuing or signing certificates. (#28921) 
Add environment variable VAULT_DISABLE_ISSUING_VERIFICATION.

Setting VAULT_DISABLE_ISSUING_VERIFICATION=true will disable the cert
issuance/signing verification.
 2024-11-27 13:23:07 +00:00
kpcraig
71c2121317 Okta Dep Update (#28121) 
Update okta to use v5 sdk instead of v2
---------

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2024-11-26 15:33:45 -05:00
Rachel Culpepper
a0ceaf6772 Add ml-dsa key type and stubs (#28961) 
* add ml-dsa key type and stubs

* add in sdk changes

* ent breakout

* fix private key func and run go mod tidy

* change function name

* tidy go.mod

---------

Co-authored-by: Scott G. Miller <smiller@hashicorp.com>
 2024-11-20 15:57:00 -06:00
Josh Black
2269cc3f7c remove hashicorp-forge/bbolt and replace with official beta release (#28916) 
* remove hashicorp-forge/bbolt and replace with official beta release

* get rid of redundant method

* go mod tidy

* make proto
 2024-11-18 11:18:50 -08:00
Steven Clark
c3d5c1b3ec Update to Go 1.23.3 (#28920) 
* Update to Go 1.23.3

 - Update to latest major version of Go 1.23.3 from 1.22.8.
 - Update github.com/sasha-s/go-deadlock to address deadlock timer
   issue we were seeing.
 - Fix one of our tests to only reset the member variable we change
   instead of the entire Opts parameter to avoid a data race during
   testing.

* Add workaround for MSSQL TLS certificate container issue
 2024-11-15 13:32:09 -05:00
hc-github-team-secure-vault-core
9cb10e41da Update vault-plugin-auth-azure to v0.19.2 (#28848) 
* Update vault-plugin-auth-azure to v0.19.2

* Add changelog

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
 2024-11-06 17:19:28 -05:00
vinay-gopalan
4688583754 upgrade GCP Auth to v0.19.1 (#28782) 2024-10-25 20:18:38 +00:00