* fixes issue with auth methods disappearing from list view
* fixes issue with Authentication Methods sidebar nav link not staying active when mounting auth method
* fixes tests and adds coverage for missing auth methods
* Remove component: diff version selector
* delete SecretVersionMenu
* remove secret logic from GetCredentialsCard
* remove DiffVersionSelector hbs file and references
* delete more css for diff version view
* remove diff route
* fix credential card selector
* ui: refactor SecretFormShow (#22723)
* refactor secret form show
* fix selector typo
* remove version route (#22738)
* Remove old KV2 delete things (#23015)
* remove kv2 old delete things
* comment
* Remove old metadata (#22747)
* wip to remove metadata
* review comments
* UI/remove kv2 secret create or update (#23039)
* remove is v2 param
* permissions clean up
* remove version things
* remove excess from form show
* clean up
* created time was never a thing for cubbyhole, confirmed on api
* update tune test
* fix control group tests:
* Remove kv v2 models (#23087)
* remove is v2 param
* permissions clean up
* remove version things
* remove excess from form show
* clean up
* created time was never a thing for cubbyhole, confirmed on api
* update tune test
* fix control group tests:
* remove models
* Update ui/app/models/secret-engine.js
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* blah prettier
---------
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* UI/config update (#23111)
* sweep through clean up
* remove component
* remove unused selectors
* remove unncessary
---------
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: clairebontempo@gmail.com <clairebontempo@gmail.com>
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
Co-authored-by: Angel Garbarino <angel@hashicorp.com>
* fix panic: Fail in goroutine after TestProxy_Config_ReloadTls has completed
* fix proxy test
* feedback
* track the command output code and stdout/err
Rather than assuming a short sleep will work, we instead wait until netcat is listening of the socket. We've also configured the netcat listener to persist after the first connection, which allows Vault and us to check the connection without the process closing.
As we implemented this we also ran into AWS issues in us-east-1 and us-west-2, so we've changed our deploy regions until those issues are resolved.
Signed-off-by: Ryan Cragun <me@ryan.ec>
Fix an issue where netcat would not be installed correctly with certain
package managers. We also fix an issue where SSH cannot exit because nc
is waitaing for SIGHUP, resulting in scenarios running forever.
Signed-off-by: Ryan Cragun <me@ryan.ec>
* Part 1: Upgrade HDS to 2.9.0 (#22311)
* UI: HDS adoption replace <CopyButton> part 2 (#22356)
* certificate-card.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* scope-form.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* fix tests caused by changing certificate-card. change hds copy button in certificate-card.hbs
* json-editor.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* masked-input.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* fix error with certificate-card.hbs copy button
* fix tests that deal with certificate-card.hbs
* add class to hds copy buttons to maintain similar styling to curent UI
* info-table-row.hbs: replace 2 <CopyButton> with <Hds::Copy::Button>
* undo change that should instead by merged in from main
* change tooltip copy button to white. cleanup
* add extra tet for oidc scope form. edit css class for the white icon copy button
* fix tests
* UI: HDS adoption replace <CopyButton> part 3 (#22614)
* encrypt.hbs: replace 2 <CopyButton> with <Hds::Copy::Button>
* decrypt.hbs: replace 2 <CopyButton> with <Hds::Copy::Button>
* datakey.hbs. replace 6 <CopyButton> with <Hds::Copy::Button>
* rewrap.hbs: replace 2 <CopyButton> with <Hds::Copy::Button>
* hmac.hbs: replace 2 <CopyButton> with <Hds::Copy::Button>
* fix typo
* add copy-close class to copy & close buttons
* export.hbs: replace 2 <CopyButton> with <Hds::Copy::Button>. fix styling
* sign.hbs: replace 2 <CopyButton> with <Hds::Copy::Button>
* fix test caused by changing <pre> tag to <code> in export.hbs
* rename class
* add extra style to class needed for part 4 of copy button replacement
* UI: HDS adoption replace <CopyButton> part 4 (#22749)
* user-menu.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* transit-form-show.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* configure-ssh-secret.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* tool-hash.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* tool-random.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* tool-rewrap.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* tool-unwrap.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* tool-wrap.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* paths.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* code-snippet.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* cleanup css for code-snippet. add comments for getting rid of code-snippet and replacing with <Hds::Copy::Snippet
* change code-snippet copy icon to gray to match original design
* change code-snippet class
* accounts.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* hover-copy-button.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* add.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* show.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* copy-secret-dropdown.hbs: replace 1 <CopyButton> with <Hds::Copy::Button>
* change styling of 'link' copy buttons
* generate-credentials.hbs: replace 2 <CopyButton> with <Hds::Copy::Button>
* transform-show-transformation.hbs: replace 2 <CopyButton> with <Hds::Copy::Button>
* sign.hbs: replace 2 <CopyButton> with <Hds::Copy::Button>
* hide some copy buttons' icons and use original flash message
* undo cleanup of scss file so that I can put cleanup all into one PR to be more organized
* update code snippet copy button
* UI: HDS adoption replace <CopyButton> part 5: Cleanup (#22884)
* remove unecessary code-snippet.scssn class
* remove copy classes from masked-input.scss
* remove copy button class from text-file.scss
* uninstall ember-cli-clipboard 0.16.0 since there is no longer structure <CopyButton>
* remove copyright message from code-snippet.scss to avoid merge conflicts with main, where the file is deleted
* replace 2 classes with one
* remove unecessary class from copy button
* cleanup classes
* revert changes to avoid merge conflicts
* remove is-block class
* conditionally render private key
* add more info to comment
* remove HoverCopyButton
* add missing selector
* fix control group padding
---------
Co-authored-by: clairebontempo@gmail.com <clairebontempo@gmail.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* rename class to transparent background
* remove unused test selectors
* replace transit actions with Copy::Snippet
* replace transfrom code blocks with code snippet component
* revert extra css fiddling
* misc cleanup, unused action
* remove copy & close buttons from transit modals
* remove is- from class naming
* remove hds-copy-button class
* add other grey class
* more small cleanup
* add -top to margin
* add changelog
---------
Co-authored-by: clairebontempo@gmail.com <clairebontempo@gmail.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Add known issues around transit managed keys
- Document known issue around managed key encryption failure with Cloud KMS backed keys and the failure to sign with managed keys
* Fix filename typos
* Update website/content/partials/known-issues/transit-managed-keys-sign-fails.mdx
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update website/content/partials/known-issues/transit-managed-keys-panics.mdx
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Apply PR feedback
* Missed new line to force error on new-line.
---------
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
The WebSocket tests have been very flaky because we weren't able to tell when a WebSocket was fully connected and subscribed to events.
We reworked the websocket subscription code to accept the websocket only after subscribing.
This should eliminate all flakiness in these tests. 🤞 (We can follow-up in an enterprise PR to simplify some of the tests after this fix is merged.)
I ran this locally a bunch of times and with data race detection enabled, and did not see any failures.
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
This fixes the enterprise failure of the test
```
=== FAIL: builtin/logical/pki TestCRLIssuerRemoval (0.00s)
crl_test.go:1456:
Error Trace: /home/runner/actions-runner/_work/vault-enterprise/vault-enterprise/builtin/logical/pki/crl_test.go:1456
Error: Received unexpected error:
Global, cross-cluster revocation queue cannot be enabled when auto rebuilding is disabled as the local cluster may not have the certificate entry!
Test: TestCRLIssuerRemoval
Messages: failed enabling unified CRLs on enterprise
```
* Clean up unused CRL entries when issuer is removed
When a issuer is removed, the space utilized by its CRL was not freed,
both from the CRL config mapping issuer IDs to CRL IDs and from the
CRL storage entry. We thus implement a two step cleanup, wherein
orphaned CRL IDs are removed from the config and any remaining full
CRL entries are removed from disk.
This relates to a Consul<->Vault interop issue (#22980), wherein Consul
creates a new issuer on every leadership election, causing this config
to grow. Deleting issuers manually does not entirely solve this problem
as the config does not fully reclaim space used in this entry.
Notably, an observation that when deleting issuers, the CRL was rebuilt
on secondary clusters (due to the invalidation not caring about type of
the operation); for consistency and to clean up the unified CRLs, we
also need to run the rebuild on the active primary cluster that deleted
the issuer as well.
This approach does allow cleanup on existing impacted clusters by simply
rebuilding the CRL.
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add test case on CRL removal
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* allow users to specify files for child process stdout/stderr
* added changelog
* check if exec config is nil
* fix test
* first attempt at a test
* revise test
* passing test
* added failing test
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* code review suggestions
* always close log files
* refactor to use real files
* hopefully fixed tests
* add back bool gates so we don't close global stdout/stderr
* compare to os.Stdout/os.Stderr
* remove unused
---------
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
