This project is mirrored from https://gitee.com/mirrors/nomad.git. Pull mirroring failed .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer.
  1. 14 Jun, 2022 31 commits
    • Charlie Voiselle's avatar
      Secure Variables: Seperate Encrypted and Decrypted structs (#13355) · 71d187d6
      Charlie Voiselle authored
      
      This PR splits SecureVariable into SecureVariableDecrypted and
      SecureVariableEncrypted in order to use the type system to help
      verify that cleartext secret material is not committed to file.
      
      * Make Encrypt function return KeyID
      * Split SecureVariable
      Co-authored-by: default avatarTim Gross <tgross@hashicorp.com>
      71d187d6
    • Tim Gross's avatar
      keyring CLI: refactor to use subcommands (#13351) · 260f0b1a
      Tim Gross authored
      Split the flag options for the `secure-variables keyring` into their
      own subcommands. The gossip keyring CLI will be similarly refactored
      and the old version will be deprecated.
      260f0b1a
    • Phil Renaud's avatar
      Secure Variables form validation improvements (#13335) · 32c6d042
      Phil Renaud authored
      * Validation tests for secure variables form: duplicate path error
      
      * Validation for dot in key name
      
      * Defensive pattern on copy keyValues
      32c6d042
    • Phil Renaud's avatar
      variable index header and deletion hook (#13302) · aeaabb71
      Phil Renaud authored
      * variable index header and deletion hook
      
      * Some visual improvements to edit header and back button
      
      * Mirage fixtures for variables
      
      * Deletion flow test
      
      * Account for disabled state of add-more button
      
      * Transition destination changes after design chat
      
      * Simplified parent folder path by adding to variable model
      
      * Lint cleanup
      
      * test update to reflect path redirect on delete
      
      * No longer have to re-traverse to a deleted var folder after deletion, tests updated
      aeaabb71
    • Tim Gross's avatar
      workload identity (#13223) · 6fa2c8a0
      Tim Gross authored
      In order to support implicit ACL policies for tasks to get their own
      secrets, each task would need to have its own ACL token. This would
      add extra raft overhead as well as new garbage collection jobs for
      cleaning up task-specific ACL tokens. Instead, Nomad will create a
      workload Identity Claim for each task.
      
      An Identity Claim is a JSON Web Token (JWT) signed by the server’s
      private key and attached to an Allocation at the time a plan is
      applied. The encoded JWT can be submitted as the X-Nomad-Token header
      to replace ACL token secret IDs for the RPCs that support identity
      claims.
      
      Whenever a key is is added to a server’s keyring, it will use the key
      as the seed for a Ed25519 public-private private keypair. That keypair
      will be used for signing the JWT and for verifying the JWT.
      
      This implementation is a ruthlessly minimal approach to support the
      secure variables feature. When a JWT is verified, the allocation ID
      will be checked against the Nomad state store, and non-existent or
      terminal allocation IDs will cause the validation to be rejected. This
      is sufficient to support the secure variables feature at launch
      without requiring implementation of a background process to renew
      soon-to-expire tokens.
      6fa2c8a0
    • Phil Renaud's avatar
      Notify a user if they try to make a variable with an existing path (#13278) · 680dd0ed
      Phil Renaud authored
      * Notify a user if they try to make a variable with an existing path
      
      * Stylize error fade
      
      * Bugfix: if you click the dupe link to a variable you havent previously loaded, you lack its keyvalues
      
      * rename and typefix for duplicate path warning
      680dd0ed
    • Phil Renaud's avatar
      Disable path input when model is not new (#13273) · 6b495cf7
      Phil Renaud authored
      * Disable path input when model is not new
      
      * isDisabled tests for secure variables path
      6b495cf7
    • Tim Gross's avatar
      ffbc7ebc
    • Charlie Voiselle's avatar
      73c21e85
    • Tim Gross's avatar
      keyring replication (#13167) · 89f9e087
      Tim Gross authored
      Replication for the secure variables keyring. Because only key
      metadata is stored in raft, we need to distribute key material
      out-of-band from raft replication. A goroutine runs on each server and
      watches for changes to the `RootKeyMeta`. When a new key is received,
      attempt to fetch the key from the leader. If the leader doesn't have
      the key (which may happen if a key is rotated right before a leader
      transition), try to get the key from any peer.
      89f9e087
    • Phil Renaud's avatar
      Secure Variables: Build a path tree and traverse it at /variables/*path (#13202) · 7442901a
      Phil Renaud authored
      * Recursive trie-building with variable paths
      
      * tree structure applied to new path routes and a new util class
      
      * Breadcrumbs for SV paths and prompt when nothing exists at a path
      
      * Lint and test cleanup
      
      * Pre-review cleanup
      
      * lintfix
      
      * Abstracted pathtree each-ins into a new component class
      
      * Path tree component styles
      
      * Types added and PR feedback addressed
      
      * Path tree to variable paths
      
      * Slightly simpler path QP mods
      
      * More pr feedback handling
      
      * Trim moved into a function on variable model
      
      * Traversal and compaction tests for PathTree
      
      * Trim Path tests
      
      * Variable-paths component tests
      
      * Lint fixup for tests
      7442901a
    • Tim Gross's avatar
      core job for root key GC (#13199) · 6f32a361
      Tim Gross authored
      Inactive and unused keys older than a threshold will be periodically
      garbage collected.
      6f32a361
    • Tim Gross's avatar
      remove end-user algorithm selection (#13190) · 8f6617e6
      Tim Gross authored
      After internal design review, we decided to remove exposing algorithm
      choice to the end-user for the initial release. We'll solve nonce
      rotation by forcing rotations automatically on key GC (in a core job,
      not included in this changeset). Default to AES-256 GCM for the
      following criteria:
      
      * faster implementation when hardware acceleration is available
      * FIPS compliant
      * implementation in pure go
      * post-quantum resistance
      
      Also fixed a bug in the decoding from keystore and switched to a 
      harder-to-misuse encoding method.
      8f6617e6
    • Tim Gross's avatar
      provide state store query for variables by key ID (#13195) · e6a15da1
      Tim Gross authored
      The core jobs to garbage collect unused keys and perform full key
      rotations will need to be able to query secure variables by key ID for
      efficiency. Add an index to the state store and associated query
      function and test.
      e6a15da1
    • Tim Gross's avatar
      bootstrap keyring (#13124) · d8b77da6
      Tim Gross authored
      When a server becomes leader, it will check if there are any keys in
      the state store, and create one if there is not. The key metadata will
      be replicated via raft to all followers, who will then get the key
      material via key replication (not implemented in this changeset).
      d8b77da6
    • Phil Renaud's avatar
      Secure Variables UI: /variables/new and /variables/*path (#13069) · b5501975
      Phil Renaud authored
      * variables.new initialized
      
      * Hacky but savey
      
      * Variable wildcard route and multiple creatable at a time
      
      * multiple KVs per variable
      
      * PR Prep cleanup and lintfix
      
      * Delog
      
      * Data mocking in mirage for variables
      
      * Linting fixes
      
      * Re-implement absent params
      
      * Adapter and model tests
      
      * Moves the path-as-id logic to a serializer instead of adapter
      
      * Classic to serializer and lint cleanup
      
      * Pluralized save button (#13140)
      
      * Autofocus modifier and better Add More button UX (#13145)
      
      * Secure Variables: show/hide functionality when adding new values (#13137)
      
      * Flight Icons added and show hide functionality
      
      * PR cleanup
      
      * Linting cleanup
      
      * Position of icon moved to the right of input
      
      * PR feedback addressed
      
      * Delete button and stylistic changes to show hide
      
      * Hmm, eslint doesnt like jsdoc-usage as only reason for import
      
      * More closely match the button styles and delete test
      
      * Simplified new.js model
      
      * Secure Variables: /variables/*path/edit route and functionality (#13170)
      
      * Variable edit page init
      
      * Significant change to where we house model methods
      
      * Lintfix
      
      * Edit a variable tests
      
      * Remove redundant tests
      
      * Asserts expected
      
      * Mirage factory updated to reflect model state
      b5501975
    • Charlie Voiselle's avatar
      Secure Variables: Variables - State store, FSM, RPC (#13098) · 2265740a
      Charlie Voiselle authored
      
      * Secure Variables: State Store
      * Secure Variables: FSM
      * Secure Variables: RPC
      * Secure Variables: HTTP API
      Co-authored-by: default avatarTim Gross <tgross@hashicorp.com>
      2265740a
    • Tim Gross's avatar
      keystore serialization (#13106) · 355ccb78
      Tim Gross authored
      This changeset implements the keystore serialization/deserialization:
      
      * Adds a JSON serialization extension for the `RootKey` struct, along with a metadata stub. When we serialize RootKey to the on-disk keystore, we want to base64 encode the key material but also exclude any frequently-changing fields which are stored in raft.
      * Implements methods for loading/saving keys to the keystore.
      * Implements methods for restoring the whole keystore from disk.
      * Wires it all up with the `Keyring` RPC handlers and fixes up any fallout on tests.
      355ccb78
    • Tim Gross's avatar
      keyring HTTP API (#13077) · 05fb2853
      Tim Gross authored
      05fb2853
    • Tim Gross's avatar
      keyring RPC handlers (#13075) · 908b015f
      Tim Gross authored
      Implement the upsert, list, delete, and rotate RPC handlers for the
      secure variables keyring. Operations on the keyring itself are still
      stubbed out.
      908b015f
    • Tim Gross's avatar
      keyring state store operations (#13016) · ecee942e
      Tim Gross authored
      Implement the basic upsert, list, and delete operations for
      `RootKeyMeta` needed by the Keyring RPCs.
      
      This changeset also implements two convenience methods
      `RootKeyMetaByID` and `GetActiveRootKeyMeta` which are useful for
      testing but also will be needed to implement the rest of the RPCs.
      ecee942e
    • Phil Renaud's avatar
      Secure Variables UI: Router setup and /variables/index route + guards (#12967) · 4e8006a2
      Phil Renaud authored
      * Route init
      
      * Bones of a mirage-mocked secure variables policy
      
      * Functinoing policy for list vars
      
      * Delog and transition on route
      
      * Basic guard test
      
      * Page guard tests for secure variables
      
      * Cleanup and unit tests for variables ability
      
      * Linter cleanup
      
      * Set expectations for test assertions
      
      * PR feedback addressed
      
      * Read label changed to View per suggestion
      4e8006a2
    • Charlie Voiselle's avatar
      Provide mock secure variables implementation (#12980) · 2cec114b
      Charlie Voiselle authored
      * Add SecureVariable mock
      * Add SecureVariableStub
      * Add SecureVariable Copy and Stub funcs
      2cec114b
    • Tim Gross's avatar
      secure variables: initial state store (#12932) · bf918961
      Tim Gross authored
      Implement the core SecureVariable and RootKey structs in memdb,
      provide the minimal skeleton for FSM, and a dummy storage and keyring
      RPC endpoint.
      bf918961
    • Charlie Voiselle's avatar
    • Tim Gross's avatar
      fixup changelog entry for backported regression fix (#13370) · 354e70c4
      Tim Gross authored
      The changelog entry for #13340 indicated it was an improvement. But on
      discussion, it was determined that this was a workaround for a
      regression. Update the changelog to make this clear.
      354e70c4
    • Luiz Aoqui's avatar
      docs: create volume spec page (#13353) · 3737fb3c
      Luiz Aoqui authored
      
      In addition to jobs, there are other objects in Nomad that have a
      specific format and can be provided to commands and API endpoints.
      
      This commit creates a new menu section to hold the specification for
      volumes and update the command pages to point to the new centralized
      definition.
      
      Redirecting the previous entries is not possible with `redirect.js`
      because they are done server-side and URL fragments are not accessible
      to detect a match. So we provide hidden anchors with a link to the new
      page to guide users towards the new documentation.
      Co-authored-by: default avatarTim Gross <tgross@hashicorp.com>
      3737fb3c
    • Luiz Aoqui's avatar
      ci: remove step that generates GO_LDFLAGS (#13314) · a41495f5
      Luiz Aoqui authored
      These flags were not being used because GNUmakefile overwrites them with
      another value. We also don't want to set `-s -w` since they remove
      information that is important for production debug.
      
      In other projects this variable is used to override the default `-dev`
      prerelease that is set even if `VersionPrerelease` is empty, but in
      Nomad this check is never actually done because this conditional in
      `version/version.go` is always false:
      
      ```go
      func GetVersion() *VersionInfo {
        // ...
        rel := VersionPrerelease
        // ...
        if GitDescribe == "" && rel == "" && VersionPrerelease != "" {
          rel = "dev"
        }
        // ...
      }
      ```
      
      This seems like some leftover from a previous release process, but I
      decided the leave the code as is.
      a41495f5
    • Luiz Aoqui's avatar
      website: fix redirects with fragments (#13354) · 854a2c6d
      Luiz Aoqui authored
      * website: fix redirects with fragments
      
      Vercel redirects don't support fragments in relative destination paths,
      so an absolute URL must be specified instead.
      
      * website: fix Vercel redirect documentation link
      854a2c6d
    • Tim Gross's avatar
    • Grant Griffiths's avatar
  2. 13 Jun, 2022 1 commit
  3. 10 Jun, 2022 6 commits
  4. 09 Jun, 2022 2 commits