Upstream tag v1.18.0 (revision 77f26ba561) #76
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Docs changes * More condensation of docs * Added some clarity on date ranges * Edited wording' * Added estimation client count info * Update website/content/api-docs/system/internal-counters.mdx Co-authored-by: miagilepner <mia.epner@hashicorp.com> --------- Co-authored-by: miagilepner <mia.epner@hashicorp.com>
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
…p#27978) * Replace getNewModel with hydrateModel when model exists * Update getNewModel to only handle nonexistant model types * Update test * clarify test * Fix auth-config models which need hydration not generation * rename file to match service name * cleanup + tests * Add comment about helpUrl method
…p#28018) * changelog for 1.17.3, 1.16.7 enterprise, 1.15.13 enterprise * Add spacing to match older changelogs
intialize -> initialize Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
* Update 1_15-auto-upgrade.mdx * Update known issue version numbers for AP issue --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Made a few grammar changes plus updating term from Vault IU to Vault UI
* Edit alias_name_source explanation We wanted to clarify the difference between the two options and the implications. * Add missing backticks * Add comma * Update website/content/api-docs/auth/kubernetes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Update telemetry metric name from vault.kv.secret.count to vault.secret.kv.count
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
…y cluster (hashicorp#28013) * document manual entity merge failures when sent to PR secondary cluster * Update website/content/partials/known-issues/manual-entity-merge-does-not-persist.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/partials/known-issues/manual-entity-merge-does-not-persist.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/partials/known-issues/manual-entity-merge-does-not-persist.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Fix link --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* initial changes * test selector and duplicate tests clean up * check for flashDanger * rename to make it easier to parse * clean up selector names * clean up * add component test coverage * remove true
--------- Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
…shicorp#28038) * Add cross referencing link to AppRole usage best practices * Minor edits to flow the sentence better
* Core: CLI Doc imporvements to example read / write. Resolves hashicorp#16788 * Core: CLI Doc imporvements to example read / write. Resolves hashicorp#16788. Updated Changelog filename. * Core: CLI Doc imporvements to example read / write. Resolves hashicorp#16788. Updated Changelog.. * Updated read example to use token lookup instead.
…icorp#28024) * add inline cert auth to postres db plugin * handle both sslinline and new TLS plugin fields * refactor PrepareTestContainerWithSSL * add tests for postgres inline TLS fields * changelog * revert back to errwrap since the middleware sanitizing depends on it * enable only setting sslrootcert
…p#28042) * Show current month data * Added changelog * Edited changelog
…ashicorp#28022) Sometimes the replication scenario will race with other steps and attempt to check the `v1/sys/version-history` API before the cluster is ready. Eventually when it gets retried some of the original nodes are down so it will fail. This makes the verification happen later, only after we've ensured the cluster is unsealed and have gotten leader and cluster IP addresses. We also make dependent steps require the version verification so that if it does fail for some reason it will retry before doing the rest of the scenario. Signed-off-by: Ryan Cragun <me@ryan.ec>
…corp#28012) * VAULT-29583: Modernize default distributions in enos scenarios Our scenarios have been running the last gen of distributions in CI. This updates our default distributions as follows: - Amazon: 2023 - Leap: 15.6 - RHEL: 8.10, 9.4 - SLES: 15.6 - Ubuntu: 20.04, 24.04 With these changes we also unlock a few new variants combinations: - `distro:amzn seal:pkcs11` - `arch:arm64 distro:leap` We also normalize our distro key for Amazon Linux to `amzn`, which matches the uname output on both versions that we've supported. Signed-off-by: Ryan Cragun <me@ryan.ec>
* Create 'Troubleshoot' section * Remove extra spaces * Update redirects.js * Remove extra comma * Change the title * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * edit suggestions (hashicorp#28047) * Fix the relative path - add missing '/' * Fix a typo --------- Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
…tion (hashicorp#28049) Signed-off-by: Ryan Cragun <me@ryan.ec>
* Add trace logging to context creation during log req/resp. Improve context sensitivity of sink nodes (file, socket), update eventlogger to include context info in error * changelog * Queue for the lock but check context immediately * fix race in test
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
…corp#28062) * sort namespaces and mounts before adding them * also sort clients * add comments * pr comment fixes * changelog * changelog update
removing these recommendations because they are not inline with conventional wisdom or our HVDs. For example, AppRole should not be leverage when a platform native identity source is available (e.g. AWS, Azure, GCP, K8s, Nomad, etc...)
Co-authored-by: Raja Nadar <rajanadar@gmail.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
Co-authored-by: Kit Haines <khaines@mit.edu>
Co-authored-by: Chris Capurso <1036769+ccapurso@users.noreply.github.com>
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
Co-authored-by: Luis (LT) Carbonell <lt.carbonell@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Lee Boynton <lee@lboynton.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Chris Capurso <1036769+ccapurso@users.noreply.github.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Victor Rodriguez <vrizo@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
This reverts commit dcbc4f3.
Co-authored-by: VAL <val@hashicorp.com>
Co-authored-by: Tin Vo <tintvo08@gmail.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Bianca Moreira <48203644+biazmoreira@users.noreply.github.com>
Co-authored-by: Scott Miller <smiller@hashicorp.com>
Co-authored-by: Mike Palmiotto <mike.palmiotto@hashicorp.com>
Co-authored-by: Scott Miller <smiller@hashicorp.com>
…) (hashicorp#28610) * VAULT-31402: Add verification for all container images Add verification for all container images that are generated as part of the build. Before this change we only ever tested a limited subset of "default" containers based on Alpine Linux that we publish via the Docker hub and AWS ECR. Now we support testing all Alpine and UBI based container images. We also verify the repository and tag information embedded in each by deploying them and verifying the repo and tag metadata match our expectations. This does change the k8s scenario interface quite a bit. We now take in an archive image and set image/repo/tag information based on the scenario variants. To enable this I also needed to add `tar` to the UBI base image. It was already available in the Alpine image and is used to copy utilities to the image when deploying and configuring the cluster via Enos. Since some images contain multiple tags we also add samples for each image and randomly select which variant to test on a given PR. Signed-off-by: Ryan Cragun <me@ryan.ec> Co-authored-by: Ryan Cragun <me@ryan.ec>
Use the latest Docker action to ensure correct arm64 container builds Signed-off-by: Ryan Cragun <me@ryan.ec>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Integrating latest changes from hashicorp/vault tag v1.18.0
Commit summary omitted as it exceeds maximum message size.