I'm comfortable with the failing tests on this branch.
* Add vault revision to --version cmd

* Need to vendor for 1.7
Co-authored-by: Meggie Ladlow <meggie@hashicorp.com>

* Move to Go 1.16.12 and newer cimg docker images for CI. (#13422)
* Update MongoDB tests to not fail in Go 1.16 (#11533)
* Upgrade snappy to fix panic with identity/packer on Go 1.16+arm64. (#12371) (#12375)
* creds/aws: Add support for DSA signature verification for EC2 (#12340)

* add .release for crt

* crt onboarding: unignore ci.hcl

* adding build.yml file

* adding make target for versioning and versioning script

* merge make version

* update path to version file

* update build.yml for vault make target

* pass version string to make build

* pass version in env

* pass version to go build

* set workdir for npm/yarn install

* set setup-node cache-dependency-path

* specific setup-node action version

* quote dependency path

* use setup-node yarn cache

* rename setup node/yarn step

* add a bit of output to the make build

* apply yarn action change to all os/arch

* debug path

* debug go bin dir

* update packaging action

* move go gets to build

* more debugging go env

* install go tools for local os/arch

* copy GOHOSTOS/ARCH to GOOS/ARCH

* only pass goos/arch to build step

* try go mod vendor in build step

* apply 386 fixes to other arches

* adding docker action

* adding docker directory

* revising dockerfile

* sneaky build change didnt get pushed in previous commit

* removing unnecessary docker things

* specify target in action steps and Dockerfile

* cleaning up some redundant cmds

* removing workdir and updaing copy command

* moving dockerfile to root

* adding generate metadata action

* reorganize build yaml

* use correct linux package names

* remove message_template from notification

* tidying up

* only specify go output dir

* pass commit sha to ldflags

* pass sha to build

* the -X is important

* Do a Build!

* add notarize darwin arm64 event to ci.hcl

* adding vault specific linux packaging

* doin some rearranging

* update build matrix and makefile

* set go111module=off for tools setup

* disable darwin arm64 notorization on 1.7

* add rpm signing workflow

* update release branch name to real release branch

* make ci-config

* update notification channel

* feedback from 1.9 PR

* linux packaging fix

* linux packaging fix

* add cgo_enabled:0
Co-authored-by: Kyle Penfound <kpenfound11@gmail.com>

* [VAULT-3268] Upgrade go to 1.15.15

* [VAULT-3268] Update remaining circleci executors, readme

* [VAULT-3268] Add changelog

* [VAULT-3268] Update go version in dockerfile.ui

* [VAULT-3268] Update sdk version

* [VAULT-3268] Update go_test go version

* update go to 1.16.5

* Add CL

* Revert Go update and fix vendoring

* Update Go to 1.15.13

* Update CL

* Upgrade packagespec to 0.2.7

* Try fixing go.mod

* Test downgrade of hcl
Co-authored-by: Brian Kassouf <bkassouf@hashicorp.com>

* Update go version to 1.15.3

* Fix OU ordering for go1.15.x testing

* Fix CI version

* Update docker image

* Fix test

* packagespec upgrade -version 0.1.8
Co-authored-by: Sam Salisbury <samsalisbury@gmail.com>

This is part 1 of 4 for renaming the `newdbplugin` package. This copies the existing package to the new location but keeps the current one in place so we can migrate the existing references over more easily.

* packagespec upgrade -version 0.1.5

* remove meta.POST_PROCESSORS - no longer needed

* make ci-config: remove old prereq

* packagespec v0.1.2 - prep: remove unneeded code

* packagespec v0.1.2 - packagespec init

* packagespec v0.1.2 - make packages

* packagespec v0.1.3 - make packages

* Added stub class for activity logging. (#1435)
* Define activity fragments and starter methods for manipulating them. (#1441)

* Add new Database v5 interface with gRPC client & server
This is primarily for making password policies available to the DB engine, however since there are a number of other problems with the current interface this is getting an overhaul to a more gRPC request/response approach for easier future compatibility.

This is the first in a series of PRs to add support for password policies in the combined database engine

* add packagespec build system

- The majority of changes in this commit are files generated
  by packagespec (everything in the packages-oss.lock directory).

* add .yamllint

* update to packagespec@fd54aea4

* ci: bust packagespec cache

- Change to packagespec results in package IDs that can use
  git tag refs, not just commit refs.

* update to packagepsec@5fc121d0

- This busts all caches, because of a change to the way we
  no longer traverse from tag refs to commit refs, due to
  the potential confusion this can cause.
- See https://github.com/hashicorp/packagespec/commit/fd54aea4827bb6cfd637c78a2ab6274111605330
  for the original change to packagespec necessitating this.

* update to packagespec@5e6c87b6

- This completes the change to allowing git tag refs
  to be used for source IDs, begun in f130b940a8fbe3e9398225b08ea1d63420bef7b6

* update to packagespec@4d3c9e8b

- This busts cache, needed to apply previous change.

* remove RELEASE_BUILD_WORKFLOW_NAME

* update packagespec, add watch-ci target

* fix package names (do not refer to EDITION)

* remove EDITION input from packages-oss.yml

* bump package cache, update packagespec

* update packagespec, add 'aliases' target

* update packagespec; less output noise

* ci: give release bundle file a better name

- When performing a release build, this will include the build ID
  as part of the name, making it easier to distinguish from other
  builds.

* ci: create aliases tarball artifact

* ci: cache package metadata files

* ci: add metadata artifact

* ci: bust circleci package cache

* Revert "ci: bust circleci package cache"

This reverts commit 1320d182.

* ci: remove aliases artifact

* ci: use buildID not workflowName to id artifacts

* packages: add BUNDLE_NAME metadata

* do not cache package metadata with binaries

* ci: bump package cache

* ci: debugging

* ci: fix package cache; update packagespec

* ci: update packagespec to 10e7beb2

* ci: write package metadata and aliases

* ci: switch to .zip artifacts

* switch package bundle back to tar.gz (from zip)

- Because of the way zip works, the zip archive was over 2GB rather than under 750MB as with tar.gz.

* bump packagespec, adds list-staged-builds

* update packagespec

* add publish stub + general tidy up

* bump packagespec

* bump packagespec; add make publish-config

* Makefile: tidy up packagespec targets

* pass PRODUCT_REPO_ROOT to packagespec

* bump go to 1.14.6

* packages-oss.yml: use more explicit base image

* bump packagespec to b899b7c1

* bump packagespec to f040ce8f

* packages-oss.yml: pin base image to digest

- This digest is pointed to by debian:buster-20200720
- Using a specific digest ensures that builds use the same
  base image in all contexts

* add release-repo; bump packagespec

* remove BUILD_TAGS and -tags flag

* bump packagespec to e444f742

* bump to go1.14.7

* ci: bump to go1.14.7

* Add docker dev build target

* Update scripts/docker/Dockerfile
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

* Add multi-stage build

* Add comment about multi-stage

* Add docker-dev-ui
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

- This is needed for building the final release.

Use a more minimal bootstrap target when running in CI: just what we need to satisfy our job needs.  Also remove govendor which we no longer use. (#8808)

This reverts commit 5a3c55b6.

* UI update headless chrome flags to fix ember/chrome crash in test

* UI update references from test-oss to test:oss

* UI removed disable-gpu flag from headless Chrome

* UI and also remove the comment

Fixes #7863

* be more specific about node version, and specify a yarn version

* update ember, ember-cli, ember-data, ember-data-model-fragments

* use router handlers to access transition information

* fix shadowing of component helper

* update ivy-codemirror, ember-cli-inject-live-reload

* remove custom router service

* don't use transition.queryParams

* update ember-cli-deprecation-workflow

* refactor kv v1 to use 'path' instead of 'id' on creation

* fix auth-jwt-test and toolbar-link-test

* update ember composable helpers

* remove Ember.copy from test file

* no more deprecations in the workflow

* fix more secret tests

* fix remaining failed tests

* move select component to core because it's used by ttl-picker

* generate new model class for each test instead of reusing an existing one

* fix selectors on kmip tests

* refactor how control groups construct urls from the new transition objects

* add router service override back in, and have it be evented so that we can trigger router events on it

* move stories and markdown files to core if the component lives in core

* update ember-cli, ember-cli-babel, ember-auto-import

* update base64js, date-fns, deepmerge, codemirror, broccoli-asset-rev

* update linting rules

* fix test selectors

* update ember-api-actions, ember-concurrency, ember-load-initializers, escape-string-regexp, normalize.css, prettier-eslint-cli, jsdoc-to-markdown

* remove test-results dir

* update base64js, ember-cli-clipboard, ember-cli-sass, ember-cli-string-helpers, ember-cli-template-lint, ember-cli-uglify, ember-link-action

* fix linting

* run yarn install without restoring from cache

* refactor how tests are run and handle the vault server subprocess

* update makefile for new test task names

* update circle config to use the new yarn task

* fix writing the seal keys when starting the dev server

* remove optional deps from the lockfile

* don't ignore-optional on yarn install

* remove errant console.log

* update ember-basic-dropdown-hover, jsonlint, yargs-parser

* update ember-cli-flash

* add back optionalDeps

* update @babel/core@7.5.5, ember-basic-dropdown@1.1.3, eslint-plugin-ember@6.8.2

* update storybook to the latest release

* add a babel config with targets so that the ember babel plugin works properly

* update ember-resolver, move ember-cli-storybook to devDependencies

* revert normalize.css upgrade

* silence fetchadapter warning for now

* exclude 3rd party array helper now that ember includes one

* fix switch and entity lookup styling

* only add -root suffix if it's not in versions mode

* make sure drop always has an array on the aws role form

* fix labels like we did with the backport

* update eslintignore

* update the yarn version in the docker build file

* update eslint ignore

Closes #7147

* ci: update Makefile

- Copied from https://github.com/samsalisbury/circleci-multi-file-config/blob/c5c5149583f7733675bb987780a5da5959450f57/copythis.circleci/Makefile

* Makefile: make ci- targets phony and more explicit

* ci: add pre-flight checks

- Right now just validates ci config is up to date.

* ci: add --skip-update-check to circleci

* ci: remove cruft from Makefile

* ci: fix missing source dir error message

* ci: consolidate circleci path handling

* Work on raft backend

* Add logstore locally

* Add encryptor and unsealable interfaces

* Add clustering support to raft

* Remove client and handler

* Bootstrap raft on init

* Cleanup raft logic a bit

* More raft work

* Work on TLS config

* More work on bootstrapping

* Fix build

* More work on bootstrapping

* More bootstrapping work

* fix build

* Remove consul dep

* Fix build

* merged oss/master into raft-storage

* Work on bootstrapping

* Get bootstrapping to work

* Clean up FMS and node-id

* Update local node ID logic

* Cleanup node-id change

* Work on snapshotting

* Raft: Add remove peer API (#906)

* Add remove peer API

* Add some comments

* Fix existing snapshotting (#909)

* Raft get peers API (#912)

* Read raft configuration

* address review feedback

* Use the Leadership Transfer API to step-down the active node (#918)

* Raft join and unseal using Shamir keys (#917)

* Raft join using shamir

* Store AEAD instead of master key

* Split the raft join process to answer the challenge after a successful unseal

* get the follower to standby state

* Make unseal work

* minor changes

* Some input checks

* reuse the shamir seal access instead of new default seal access

* refactor joinRaftSendAnswer function

* Synchronously send answer in auto-unseal case

* Address review feedback

* Raft snapshots (#910)

* Fix existing snapshotting

* implement the noop snapshotting

* Add comments and switch log libraries

* add some snapshot tests

* add snapshot test file

* add TODO

* More work on raft snapshotting

* progress on the ConfigStore strategy

* Don't use two buckets

* Update the snapshot store logic to hide the file logic

* Add more backend tests

* Cleanup code a bit

* [WIP] Raft recovery (#938)

* Add recovery functionality

* remove fmt.Printfs

* Fix a few fsm bugs

* Add max size value for raft backend (#942)

* Add max size value for raft backend

* Include physical.ErrValueTooLarge in the message

* Raft snapshot Take/Restore API  (#926)

* Inital work on raft snapshot APIs

* Always redirect snapshot install/download requests

* More work on the snapshot APIs

* Cleanup code a bit

* On restore handle special cases

* Use the seal to encrypt the sha sum file

* Add sealer mechanism and fix some bugs

* Call restore while state lock is held

* Send restore cb trigger through raft log

* Make error messages nicer

* Add test helpers

* Add snapshot test

* Add shamir unseal test

* Add more raft snapshot API tests

* Fix locking

* Change working to initalize

* Add underlying raw object to test cluster core

* Move leaderUUID to core

* Add raft TLS rotation logic (#950)

* Add TLS rotation logic

* Cleanup logic a bit

* Add/Remove from follower state on add/remove peer

* add comments

* Update more comments

* Update request_forwarding_service.proto

* Make sure we populate all nodes in the followerstate obj

* Update times

* Apply review feedback

* Add more raft config setting (#947)

* Add performance config setting

* Add more config options and fix tests

* Test Raft Recovery (#944)

* Test raft recovery

* Leave out a node during recovery

* remove unused struct

* Update physical/raft/snapshot_test.go

* Update physical/raft/snapshot_test.go

* fix vendoring

* Switch to new raft interface

* Remove unused files

* Switch a gogo -> proto instance

* Remove unneeded vault dep in go.sum

* Update helper/testhelpers/testhelpers.go
Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* Update vault/cluster/cluster.go

* track active key within the keyring itself (#6915)

* track active key within the keyring itself

* lookup and store using the active key ID

* update docstring

* minor refactor

* Small text fixes (#6912)

* Update physical/raft/raft.go
Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* review feedback

* Move raft logical system into separate file

* Update help text a bit

* Enforce cluster addr is set and use it for raft bootstrapping

* Fix tests

* fix http test panic

* Pull in latest raft-snapshot library

* Add comment