23293 commits

This branch

This branch

All branches

Author	SHA1	Message	Date
hc-github-team-secure-vault-core	467b31b361	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-28 23:17:41 +00:00
Kianna	cb41400bf2	Manual backport... (#14369)	2026-04-28 15:28:07 -07:00
hc-github-team-secure-vault-core	8ee02d4929	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-28 22:17:50 +00:00
Vault Automation	b2675da223	call RegisterRotationJobWithResponse from RegisterRotationJob from the grpcsystem server instead of duplicating the code (#14315) (#14383) ... Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>	2026-04-28 21:37:21 +00:00
hc-github-team-secure-vault-core	cb4a687f41	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-28 21:21:27 +00:00
Vault Automation	06b3374bd5	VAULT-43442: Adding Enos SDK AWS test to add/delete Vault AWS Roles (#14248) (#14358) ... * updating matrix workflow format for easier visualization * adding test to create and delete Vault AWS Roles * refactoring functions * testing pipeline * testing pipeline * testing pipeline * testing pipeline * finishing up role deletion test * finishing up role deletion test Co-authored-by: Tin Vo <tintvo08@gmail.com>	2026-04-28 13:46:11 -07:00
hc-github-team-secure-vault-core	f8e0489905	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-28 20:26:18 +00:00
Vault Automation	3f3c29607f	[UI] Add total credential units + GCP KMS in data protection calls (#14312) (#14367) ... * Add tests! * Add gcp kms value * Update to use enum * Update metric helper test Co-authored-by: Kianna <30884335+kiannaquach@users.noreply.github.com>	2026-04-28 12:57:30 -07:00
hc-github-team-secure-vault-core	79ee930e3a	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-28 17:31:57 +00:00
Vault Automation	42780fbcf2	[UI] Ember Data Migration - OIDC Clients (#14288) (#14353) ... * updates oidc clients list view to use api service * updates oidc client and client details routes to use api service * updates form field groups component to yield out form field yields * adds oidc client form class * updates oidc client client and edit routes to use api service * updates oidc client-form component to use form class and removes store/model support * updates oidc provider client route to use api service * updates oidc key clients route to use api service * fixes tests Co-authored-by: Jordan Reimer <zofskeez@gmail.com>	2026-04-28 17:22:28 +00:00
Vault Automation	38461975db	added 1.20.x back (#14294) (#14307) ... Co-authored-by: kelly <69541941+kporter101@users.noreply.github.com>	2026-04-28 17:12:41 +00:00
hc-github-team-secure-vault-core	1ce6289c5e	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-28 16:33:10 +00:00
Vault Automation	ceada1d29a	Backport Provide more information around seal migrations into ce/main (#14345)	2026-04-28 15:54:15 +00:00
hc-github-team-secure-vault-core	e867b15f88	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-28 15:46:28 +00:00
Vault Automation	1d4d9bc61c	override lodash dep (#14316) (#14317) ... Co-authored-by: lane-wetmore <lane.wetmore@hashicorp.com>	2026-04-28 08:37:26 -07:00
Vault Automation	2f4fe5345a	Backport fix: add timeout context around UpdateUser to prevent static role rotation hang into ce/main (#13971) ... * fix: add timeout context around UpdateUser to prevent static role rotation hang (#13697) * fix: add timeout context around UpdateUser to prevent static role rotation hang * changelog: add entry for static role rotation timeout fix * fix: rename changelog file to match expected format * fix: update changelog format to release-note style * Bound database Initialize to prevent static rotation stalls * add missing go doc * pr comments: close changelog block, distinguish parent context cancellation from UpdateUser timeout * changelog: include Initialize timeout handling * async Close on init cancel/timeout, add test, and set PluginName in test config * add UpdateUser timeout test coverage for static role rotation * go doc comments fix * Apply suggestions from code review Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * welp copilot prompt was out of date and I shouldn't have accepted it. --------- Co-authored-by: Angel Garbarino <argarbarino@gmail.com> Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * fix(database): remove async UpdateUser timeout and use synchronous context to avoid race conditions * fix(backport): restore async UpdateUser timeout behavior --------- Co-authored-by: arslan23-push <arslan.muhammad@ibm.com> Co-authored-by: Angel Garbarino <argarbarino@gmail.com> Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-04-28 09:01:57 -06:00
hc-github-team-secure-vault-core	933d304b94	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-28 13:32:26 +00:00
Vault Automation	3b43df47ae	VAULT-43741 (enos) Convert vault_verify_version to Use Blackbox SDK (#13950) (#14323) ... * Update vault version verify to use Go BB SDK test * Add missing env vars * more * formatting * typo * formatting * fmt * more-fmt * requested changes * formatting * Apply suggestions from code review Co-authored-by: brewgator <ltcarbonell@pm.me> * formatting * remove external test access * remove exec mode * formtting * Delete sdk/helper/testcluster/blackbox/session_remote.go Co-authored-by: brewgator <lt.carbonell@hashicorp.com>	2026-04-28 08:59:34 -04:00
hc-github-team-secure-vault-core	68c5959bdb	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-27 23:16:40 +00:00
Vault Automation	f595b77c23	[UI][Automated] API Client Dependency Update (#14291) (#14313) ... * auto: bumps vault-client-typescript version * fixes sync activation flags method name that changed in client * updates azure auth config form test --------- Co-authored-by: Jordan Reimer <jordan.reimer@hashicorp.com>	2026-04-27 16:22:12 -06:00
hc-github-team-secure-vault-core	b03c93e824	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-27 18:23:02 +00:00
Vault Automation	ac8286bd3c	This adds a comment which tripped up our code-reviewers. We are disabling a check that doesn't make sense for our customers. (#14268) (#14278) ... Co-authored-by: Kit Haines <khaines@mit.edu>	2026-04-27 14:08:40 -04:00
hc-github-team-secure-vault-core	0ee3793e0d	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-27 16:29:55 +00:00
Vault Automation	2cf5691315	Change Policy locking so that GetPolicy always returns a locked policy (#13899) (#14277) ... * change GetPolicy to return a locked policy always * add more fixes and changelog * remove extra unlock * make fmt * fix transform test * fix write locks with cache * address comments Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>	2026-04-27 11:34:47 -04:00
hc-github-team-secure-vault-core	db2cc6218c	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-24 23:12:48 +00:00
Vault Automation	d695549743	[VAULT-44363] go: resolve GHSA-j88v-2chj-qfwx by upgrading github.com/jackc/pgx/v5 (#14226) (#14272) ... * [VAULT-44363] go: resolve GHSA-j88v-2chj-qfwx by upgrading github.com/jackc/pgx/v5 Signed-off-by: Ryan Cragun <me@ryan.ec> Co-authored-by: Ryan Cragun <me@ryan.ec>	2026-04-24 15:52:27 -07:00
hc-github-team-secure-vault-core	173d4af70b	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-24 19:17:42 +00:00
Vault Automation	6ecb3ad2bf	Backport VAULT-43313 change months stored and displayed in billing to 37 months into ce/main (#14235) ... * no-op commit * cherry pick --------- Co-authored-by: Amir Aslamov <amir.aslamov@hashicorp.com>	2026-04-24 12:04:52 -07:00
hc-github-team-secure-vault-core	da9646486e	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-24 18:12:18 +00:00
Vault Automation	dcea542a3a	Upload-Issuer Compliance with Common Criteria. (#12101) (#12501) ... * Upload-Issuer Compliance with Common Criteria. * Add Changelog. * Update changelog/_12101.txt * Update builtin/logical/pki/storage_validate_imports_ent.go * PR-Review, add trap for deletion errors. * Add test-doc referencing NIAP requirement. --------- Co-authored-by: Kit Haines <khaines@mit.edu> Co-authored-by: Steven Clark <steven.clark@hashicorp.com>	2026-04-24 14:06:07 -04:00
Vault Automation	40c5f44a6d	Add error-logs on invalid x_forwarded_for configuration. (#11823) (#11899) ... * Add error-logs on invalid x_forwarded_for configuration. * Add Error-Logging on Invalid X-Forwarded-For configuration on startup. * PR Feedback. * Update changelog/_11823.txt --------- Co-authored-by: Kit Haines <khaines@mit.edu> Co-authored-by: Steven Clark <steven.clark@hashicorp.com>	2026-04-24 14:03:43 -04:00
hc-github-team-secure-vault-core	73f291790b	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-24 17:18:31 +00:00
Vault Automation	72fe26b141	tests: fix failing dev server command test (#14255) (#14264) ... Test was failing because the global prometheus registry doesn't allow duplicate registrations. We don't need prometheus in server command tests, so we disable it. Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>	2026-04-24 11:57:49 -05:00
Vault Automation	25cb017310	Include root CA in chain for CIEPS issue/sign endpoints when root is the direct issuer (#14249) (#14257) ... * add test coverage before fixing * add changelog * fix ca chain generation Co-authored-by: claire b <68122737+hellobontempo@users.noreply.github.com>	2026-04-24 09:51:02 -07:00
hc-github-team-secure-vault-core	d6c94fd0ad	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-24 12:15:43 +00:00
Vault Automation	ce18ef35a8	Backport Make it possible to skip the go generate part of the build. into ce/main (#14245)	2026-04-24 07:41:32 -04:00
hc-github-team-secure-vault-core	4b50b0a686	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-23 22:13:14 +00:00
Vault Automation	6c198ac93b	add dev flag to override pgp key for plugin signature verification (#13559) (#14240) ... * add dev flag to override pgp key for plugin signature verification -dev-plugin-pgp-key is the path to a PGP public key file to use for plugin signature verification in dev mode. This prevents developers from having to manually hard code their own pgp key into vault source code and rebuild vault to develop and test enterprise plugins. * fix sync once error handling * add tests * remove test * tests: set random listener addr * improve error message * dedupe getVerifyFunc annd verifyPGPSignatureDetached * accept raw key as well as path * keep hc key and add custom key to keyring Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>	2026-04-23 21:16:51 +00:00
hc-github-team-secure-vault-core	c0fdb36ddd	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-23 21:15:01 +00:00
Vault Automation	ffe3a83897	Backport Enable OIDC Secret Engine Tokens in sys/billing/overview into ce/main (#14232) ... * Enable OIDC Secret Engine Tokens in sys/billing/overview (#13568) * adding oidc duration adjusted token count * fix Test_BillingOverview_EmptyCluster test * cleanup plus adding comments * make OidcIssuedTokens atomic * make OidcTokenDurationSeconds atomic * add TestConcurrentOidcDurationAdjustedCount * fix TestSystemBackend_BillingOverview_EmptyMetrics * adding oidc counts to id_token_units metric * add oidc to end of month tests * add removed gcp check * add oidc data to previous month * removing oidc token count * change DurationAdjustedTokenUnits to IdentityTokenUnits * changing storage path for oidc * address comments * remove spiffe test from ce --------- Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com> Co-authored-by: akshya96 <araghavan@hashicorp.com>	2026-04-23 13:48:52 -07:00
hc-github-team-secure-vault-core	bf49025677	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-23 17:29:44 +00:00
Vault Automation	eec654c6d6	[UI][VAULT-44070] Hide billing metrics sidebar link from namespaces other than root and admin (#14186) (#14229) ... * Only show dashboard if user is in hvd namespace and root namespace * Add tests.. * Fix test names Co-authored-by: Kianna <30884335+kiannaquach@users.noreply.github.com>	2026-04-23 17:23:57 +00:00
Vault Automation	cb9e2e49bb	[UI][VAULT-44082] Billing metrics dashboard date subtext and update dashboard copy (#14174) (#14230) ... * Update billing date subtext * Update billing acceptance tests... * Code cleanup and tests Co-authored-by: Kianna <30884335+kiannaquach@users.noreply.github.com>	2026-04-23 17:12:34 +00:00
hc-github-team-secure-vault-core	b2ef6ea751	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-23 16:31:13 +00:00
Vault Automation	ebe1a5d496	Add sidebar to billing route (#14220) (#14227) ... Co-authored-by: Kianna <30884335+kiannaquach@users.noreply.github.com>	2026-04-23 09:28:57 -07:00
hc-github-team-secure-vault-core	115179cbe5	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-23 15:21:16 +00:00
miagilepner	fef9e348c6	VAULT-44100: Backport missing oauth changes to CE (#14222) ... * CE changes for agent registry/oauth * add oauth resource config server profile to ce stub	2026-04-23 08:04:12 -07:00
hc-github-team-secure-vault-core	64e25b6587	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-23 13:31:19 +00:00
Vault Automation	d6e909ae4b	Fix flaky test TestTransit_SignVerify_ECDSA (#14185) (#14205) ... * Fix flaky test TestTransit_SignVerify_ECDSA * Fix comment on incrementing Co-authored-by: Steven Clark <steven.clark@hashicorp.com>	2026-04-23 09:03:30 -04:00
hc-github-team-secure-vault-core	d33da8cf11	Merge remote-tracking branch 'remotes/from/ce/main'	2026-04-22 23:15:49 +00:00