* Sign empty to cert on manual-chain update.
* Add role defaults.
* Add changelog.
* More useful error message.
* Suggestions from PR Review.
* Fixes to update as well as write; test that still fails; revert code.
* Unit Test fix.
* Add go doc to TestManualChainValidation
* added check for updating static roles, appending full payload data
* pulling specific properties into payload obj to fix popups
* adding changelog
* add else to keep previous imp for dynamic roles
* removing separate request, utilizing snapshot
* renamed serialized data var, added comment for required username line
* adding test for editing static role
* updated test for edit payload
* Update changelog/29498.txt
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
---------
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* replace custom tag class with Hds::Badge
* another wave of custom class replacements
* remove tag class styles and cleanup
* add changelog entry
* fix changelog name
* remove changelog entry and old styles and clean up
* remove extra classes and clean up
* one more clean up section
* update tests
* fix value check
* updated test
* update tests
* switch to code elements with specific styling and cleanup
This PR introduces a test which exercises Vault's renameResolver and
asserts deterministic state after invalidation. To ensure that automatic
de-duplication is consistent across all nodes, we detect the node's
cluster status and persist renames IFF the node is active.
The PR includes some modifications to deterministic reload testing,
since they now have the side-effect of persistence on active nodes, as
well as tests for consistency in the face of storagePacker bucket
invalidation.
This commit introduces a random seed variable to be used with UUID
generation in Identity Store determinism tests. The seed is
automatically generated or passed during Environment Variable and
displayed during test failure. This allows for easy reproduction
of any test failures for later debugging.
* VAULT-33074: add `github` sub-command to `pipeline`
Investigating test workflow failures is common task that engineers on the
sustaining rotation perform. This task often requires quite a bit of
manual labor by manually inspecting all failed/cancelled workflows in
the Github UI on per repo/branch/workflow basis and performing root cause
analysis.
As we work to improve our pipeline discoverability this PR adds a new `github`
sub-command to the `pipeline` utility that allows querying for such workflows
and returning either machine readable or human readable summaries in a single
place. Eventually we plan to automate sending a summary of this data to
an OTEL collector automatically but for now sustaining engineers can
utilize it to query for workflows with lots of various criteria.
A common pattern for investigating build/enos test failure workflows would be:
```shell
export GITHUB_TOKEN="YOUR_TOKEN"
go run -race ./tools/pipeline/... github list-workflow-runs -o hashicorp -r vault -d '2025-01-13..2025-01-23' --branch main --status failure build
```
This will list `build` workflow runs in `hashicorp/vault` repo for the
`main` branch with the `status` or `conclusion` of `failure` within the date
range of `2025-01-13..2025-01-23`.
A sustaining engineer will likely do this for both `vault` and
`vault-enterprise` repositories along with `enos-release-testing-oss` and
`enos-release-testing-ent` workflows in addition to `build` in order to
get a full picture of the last weeks failures.
You can also use this utility to summarize workflows based on other
statuses, branches, HEAD SHA's, event triggers, github actors, etc. For
a full list of filter arguments you can pass `-h` to the sub-command.
> [!CAUTION]
> Be careful not to run this without setting strict filter arguments.
> Failing to do so could result in trying to summarize way too many
> workflows resulting in your API token being disabled for an hour.
Signed-off-by: Ryan Cragun <me@ryan.ec>
* added the 1.18.4, 1.17.11, and 1.16.15 changelog entries
* added manual changelog entry
* Update CHANGELOG.md
Co-authored-by: Meggie <meggie@hashicorp.com>
* Update CHANGELOG.md
Co-authored-by: Meggie <meggie@hashicorp.com>
* moved the CL entry about a feature to improvement since we don't ship features in minor releases
* added more context to the dep change record
* updated an improvement to be inline with others
---------
Co-authored-by: lursu <leland.ursu@hashicorp.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
* run oidcPeriodicFunc for each namespace id store
* remove unused noNamespace var
* properly check for errors getting namespace
not sure why I decided to ignore the NoNamespace error before
or not log the unexpected error, that doesn't make sense.
* add changelog
* improve changelog
* remove too many namespace warning for OIDC rotations
this was already in the ENT PR, I had already checked that the file didn't exist on CE before but somehow I missed it.
* identity: Ensure state is changed on activation
This PR introduces some changes to the way activation flags are
processed in Vault.
Rather than reaching into subsystems and modifying
state from the activationflags package, each plugin can now register its
own ActivationFunc. Updates to activation flags now trigger the the
feature's ActivationFunc, which can encapsulate the associated
subsystem state.
We include a few bugfixes and minor cosmetic changes, like updates to
log lines and godocs.
* Check for nil system backend
* Move deduplication activation to common file
* Add identity dedup activation log lines
* Make interface methods clearer
* Clean up some comments
* More cleanups
* fixup! More cleanups
* fixup! More cleanups
* gcp initial changes
* acceptance test coverage for gcp
* update config-wif component test so tests are passing
* specific gcp test coverage
* changelog
* comment clean up
* one more test
* comment things
* address pr comments
* adding overflow class to link text
* adding separate class to fix overflow text on list & card views
* adding class to search list items to handle overflow
* adding ellipsis instead of just hidden for visual indicator
* added changelog
* updating styling to use helper classes, added child class to global style, updated changelog
* added test checks for oveflow classes
