This project is mirrored from https://gitee.com/NQL886/vault.git.
Pull mirroring failed .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer.
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer.
- 11 Feb, 2022 2 commits
-
-
Mark Lewis authored
-
Lars Lehtonen authored
-
- 10 Feb, 2022 8 commits
-
-
Shohei Maeda authored
-
claire bontempo authored
* adds date picker if no license start date found * handle permissions denied for license endpoint * handle permissions errors if no license start date * change empty state copy for OSS * fix tests and empty state view * update nav links * remove ternary Co-authored-by:
Chelsea Shaw <82459713+hashishaw@users.noreply.github.com> * simplify hbs boolean Co-authored-by:
-
Kabu authored
write terraform/roles may be write terraform/role Co-authored-by:Gary Frederick <imthaghost@protonmail.com>
-
Ben Ash authored
-
Angel Garbarino authored
* first tooltip for next year disabled * workable for left tooltip * styling * make dry * forgot this one * remove right tooltip * clean up * bug fix * add bullets when two error messages in one * fix to isAfter on range comparisons * remove * update message per design * only warning for startTime * fix for firefox
-
Loann Le authored
-
Loann Le authored
-
Robert authored
-
- 09 Feb, 2022 16 commits
-
-
Gary Frederick authored
* added TestDeleteUserContainedDB | testContainedDBCredsExist helper function * unit test contained db sanitization Co-authored-by:Gary Frederick <imtahghost@protonmail.com>
-
EsbenDalgaard authored
-
Robert authored
* Add support for consul namespaces and admin partitions
-
Ray Ryjewski authored
Updated the example for oauth. In my testing I had to use the project-id for both the project attribute as well as within the bindings attribute.
-
Niklas Wagner authored
The Environment Variables seems wrong as you can see: $ echo "https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_PORT" https://172.20.0.1:tcp//172.20.0.1:443
-
Loann Le authored
* updated license faq doc * fixed typo * Update website/content/docs/enterprise/license/faq.mdx Co-authored-by:
Yoko Hyakuna <yoko@hashicorp.com> * Update website/content/docs/enterprise/license/faq.mdx Co-authored-by:
-
Samori Gorse authored
Following my previous fix, those are some small formatting touch ups.
-
Alexander Scheel authored
* Clarify subject of this w.r.t. TLS configuration Thanks to @aphorise for pointing this out internally. Signed-off-by:
Alexander Scheel <alex.scheel@hashicorp.com> * Clarify vague this in secrets/gcp docs Signed-off-by:
-
Jason O'Donnell authored
* secrets/gcp: update to v0.11.2 * Changelog
-
Rudy Gevaert authored
bound_cidr_list has been deprecated since 1.2.0
-
Loann Le authored
* added a warning about using ie browswer * added Vault UI at the end
-
Jason O'Donnell authored
* secrets/azure: update to v0.11.3 * Changelog
-
Chelsea Shaw authored
* Add format-ttl helper * Add autoRotateInterval to model and serializer for transit key * Add goSafeTimeString to object returned from TtlPicker2 component * Add auto rotate interval to transit key components * clean up unit calculator on ttl-picker, with tests * Fix tests, cleanup * Add changelog
-
Alexander Scheel authored
* Allow all other_sans in sign-intermediate and sign-verbatim /sign-verbatim and /sign-intermediate are more dangerous endpoints in that they (usually) do not have an associated role. In this case, a permissive role is constructed during execution of these tests. However, the AllowedOtherSANs field was missing from this, prohibiting its use when issuing certificates. Resolves: #13157 Signed-off-by:
-
Robert authored
-
-
- 08 Feb, 2022 9 commits
-
-
claire bontempo authored
* updates data with response returned after dates queried * alphabetize todo * clarify comments * change dashboard.js to history.js * separate clients route, add history and config * add loading to config template * Add failsafes for no data * remove commented code * update all LinkTos with new routes, remove params * return response if no data * fix tests * cleanup * fixes template with namespace filter * fixes tests with namespace filter merged * fix namespace array mapping * add version history to test object Co-authored-by:hashishaw <cshaw@hashicorp.com>
-
Steven Clark authored
* Add documentation for Managed Keys - Add concept, sys/api and pki updates related to managed keys * Review feedback - Reworked quite a bit of the existing documentation based on feedback and a re-reading - Moved the managed keys out of the concepts section and into the enterprise section * Address broken links and a few grammar tweaks
-
Angel Garbarino authored
* setup * add catch for when no payload * clean up * pr comments * wip * finish findAll fixes * clean up * remove console log
-
VAL authored
-
Chelsea Shaw authored
-
Austin Gebauer authored
-
Jason O'Donnell authored
-
Scott Miller authored
* Add duration/count metrics to PKI issue and revoke flows * docs, changelog * tidy * last tidy * remove err * Update callsites * Simple returns * Handle the fact that test cases don't have namespaces * Add mount point to the request * fmt * Handle empty mount point, and add it to unit tests * improvement * Turns out sign-verbatim is tricky, it can take a role but doesn't have to * Get around the field schema problem
-
Alexander Scheel authored
* Use application/pem-certificate-chain for PEMs As mentioned in #10948, it appears we're incorrectly using the `application/pkix-cert` media type for PEM blobs, when `application/x-pem-file` is more appropriate. Per RFC 5280 Section 4.2.1.13, `application/pkix-crl` is only appropriate when the CRL is in DER form. Likewise, Section 4.2.2.1 states that `application/pkix-cert` is only applicable when a single DER certificate is used. Per recommendation in RFC 8555 ("ACME"), Section 7.4.2 and 9.1, we use the newer `application/pem-certificate-chain` media type for certificates. However, this is not applicable for CRLs, so we use fall back to `application/x-pem-file` for these. Notably, no official IETF source is present for the latter. On the OpenSSL PKI tutorial (https://pki-tutorial.readthedocs.io/en/latest/mime.html ), this type is cited as coming from S/MIME's predecessor, PEM, but neither of the main PEM RFCs (RFC 934, 1421, 1422, 1423, or 1424) mention this type. Signed-off-by:
-
- 07 Feb, 2022 5 commits
-
-
cr48 authored
* Fixed 2 typos on-premise to on-premises. * Added changelog file. * Removed 13402.txt file from changelog. * Update website/content/docs/secrets/terraform.mdx Co-authored-by:hghaf099 <83242695+hghaf099@users.noreply.github.com>
-
Scott Miller authored
* OSS of the managed key consumer pattern * Wrong changes
-
Austin Gebauer authored
* identity/oidc: adds tests for validation of loopback IP redirect URIs * Update vault/identity_store_oidc_provider_test.go Co-authored-by:
John-Michael Faircloth <fairclothjm@users.noreply.github.com> Co-authored-by:
-
Jordan Reimer authored
* updates regex-validator component to optionally show pattern input and adds capture groups support * adds form-field-label component * adds autocomplete-input component * updates kv-object-editor component to yield block for value and glimmerizes * updates transform template model * adds transform-advanced-templating component * updates form-field with child component changes * updates transform template serializer to handle differences in regex named capture groups * fixes regex-validator test * adds changelog entry * updates for pr review feedback * reverts kv-object-editor guidFor removal
-
Alexander Scheel authored
* Include full chain in /cert/ca_chain response This allows callers to get the full chain (including issuing certificates) from a call to /cert/ca_chain. Previously, most endpoints (including during issuance) do not include the root authority, requiring an explicit call to /cert/ca to fetch. This allows full chains to be constructed without without needing multiple calls to the API. Resolves: #13489 Signed-off-by:
-
