* backport all gha migration changes to release/1.13.x
* remove the .circleci directory
* remove references to circleci configuration from pre-commit hook
* remove reference to .circleci in Makefile
* port change to how gofumpt is executed in Makefile
* add gotestsum to tools/tools.go
* remove postgresql/scram package from generate-test-package-lists.sh since it didn't exist in release 1.13 or earlier
* blank out environment variables to allow test to properly function
* use go:embed to load files into test
---------
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
* Rename files to match test suite and existing pattern
* Factor out issuer loading into a dedicated function
- Add a little more checks/validation when loading the a PKI issuer
- Factor out the issuer loading into a dedicated function
- Leverage existing health check code to parse issuer certificates
* Read parent issuer once instead of reloading it for every child
- Read in our parent issuer once instead of running it for every child
we want to compare against
- Provides clearer error message that we have failed reading from which
path to the end user
* PR Feedback
- Rename a variable for clarity
- Use readIssuer in the validation of the parent issuer within
pkiIssuer
- Add some missing return 1 statements in error handlers that had been
missed
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Also updates the event receieved to include a timestamp.
Websockets support both JSON and protobuf binary formats.
This can be used by either `wscat` or the new
`vault events subscribe`:
e.g.,
```sh
$ wscat -H "X-Vault-Token: $(vault print token)" --connect ws://127.0.0.1:8200/v1/sys/events/subscribe/abc?json=true
{"event":{"id":"5c5c8c83-bf43-7da5-fe88-fc3cac814b2e", "note":"testing"}, "eventType":"abc", "timestamp":"2023-02-07T18:40:50.598408Z"}
...
```
and
```sh
$ vault events subscribe abc
{"event":{"id":"5c5c8c83-bf43-7da5-fe88-fc3cac814b2e", "note":"testing"}, "eventType":"abc", "timestamp":"2023-02-07T18:40:50.598408Z"}
...
```
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
- Match the existing vault kv capitalization scheme for Synopsis help of each sub-command.
- A few small tweaks as well to the messages text in a few cases
* Revert "Don't execute the seal recovery tests on ENT. (#18841)"
This reverts commit 990d3bacc2.
* Revert "Add the ability to unseal using recovery keys via an explicit seal option. (#18683)"
This reverts commit 2ffe49aab0.
* Move some test helper stuff from the vault package to a new helper/testhelpers/corehelpers package. Consolidate on a single "noop audit" implementation.
* Revert "Remove t.Parallel() due to initialization race (#18751)"
This reverts commit ebcd653102.
We're going to fix this properly, running initCommands exactly once.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Prevent parallel testing racing in initCommands(...)
When running initCommands(...) from multiple tests, they can potentially
race, causing a panic. Test callers needing to set formatting
information must use RunCustom(...) instead of directly invoking the
test backend directly. When using t.Parallel(...) in these top-level
tests, we thus could race.
This removes the Commands global variable, making it a local variable
instead as nothing else appears to use it. We'll update Enterprise to
add in the Enterprise-specific commands to the existing list.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* wip
* Transit byok cli
* It works!
* changelog
* document return codes
* Update command/transit_import_key.go
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* make fmt
---------
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* The verify-sign command in it's cleanest existing form.
* Working state
* Updates to proper verification syntax
Co-authored-by: 'Alex Scheel' <alex.scheel@hashicorp.com>
* make fmt
* Git CI caught some stuff.
* Base functionality.
* make fmt; changelog
* pki issue command.
* Make fmt. Changelog.
* Error Handling Is Almost A Tutorial
* What I thought empty issuers response fix would be.
* Some tests
* PR-review updates.
* make fmt.
* Fix null response data for listing empty issuers causing a crash.
* Update command/pki_list_children_command.go
Fix double specifier
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Add test for pki_list_children.
* Fix tests.
* Update descriptions for correctness based on PR reviews.
* make fmt.
* Updates based on PR feedback.
* Allow multiple arguements (space separated)
* Remove bad merge-thing.
* White-space hell fix change.
* Tests, and return information for issue ca
* Fix make fmt error introduced here: https://github.com/hashicorp/vault/pull/18876
* Update command/pki_issue_intermediate.go
Puncutation.
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Remove smart quotes for standard quotes.
* More information as part of the help text.
* Better help text.
* Add missing "/" into error message.
---------
Co-authored-by: 'Alex Scheel' <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Reflow pki list-intermediates help text, add args
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Reflow pki verify-sign help text, add args
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Simplify boolean checks across PKI commands
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Clean up pki list-intermediate arg text
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Rename list_children->list_intermediate to align with command
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Base functionality.
* make fmt; changelog
* What I thought empty issuers response fix would be.
* Fix null response data for listing empty issuers causing a crash.
* Update command/pki_list_children_command.go
Fix double specifier
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Add test for pki_list_children.
* Fix tests.
* Update descriptions for correctness based on PR reviews.
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Shadow globally defined var to avoid race
output is defined in format_test.go as a global variable, which the
login_test.go tests were unknowingly using. Since these tests execute in
parallel, under the correct circumstances, they'd race to write/read
from the same variable in separate tests.
Shadow to avoid the race.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Remove global output variable from tests
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* The verify-sign command in it's cleanest existing form.
* Working state
* Updates to proper verification syntax
Co-authored-by: 'Alex Scheel' <alex.scheel@hashicorp.com>
* make fmt
* Git CI caught some stuff.
* Some tests
* PR-review updates.
* make fmt.
Co-authored-by: 'Alex Scheel' <alex.scheel@hashicorp.com>
* Parallel migration (#18815)
* flagParallel sanity check
* Attempt to use ErrGroups
* Updated docs
* Allow 'start' and 'max-parallel' together
* parallel flag renamed to max-parallel
* tests for start + parallel
* Removed permit pool
* Updated docs to make it clearer that a high setting might not be honored based on storage backend setting
* System dependent max int size
* Default max-parallel 1 => 10
* Test folder/paths updated
Co-authored-by: Tomasz Pawelczak <10206601+gites@users.noreply.github.com>
Co-authored-by: Mike Palmiotto <mike.palmiotto@hashicorp.com>
