Commit graph

2674 commits

Author SHA1 Message Date
Carl Tashian
c82296b7cd
Merge pull request #910 from jschlyter/docker_hsm
Dockerfile for HSM-enabled Step CA
2022-04-27 09:37:43 -07:00
Jakob Schlyter
c1425422dd include support for GCP and AWS KMS by default 2022-04-25 14:25:31 +02:00
Jakob Schlyter
df8eca2c19 space 2022-04-25 14:14:23 +02:00
Jakob Schlyter
66ba6048a4 start pcscd if installed 2022-04-24 11:08:51 +02:00
Jakob Schlyter
6ee48ca631 add pcsc-lite 2022-04-24 10:59:26 +02:00
Jakob Schlyter
221ced5c51 add Dockerfile for building with HSM support 2022-04-23 10:49:33 +02:00
Carl Tashian
3424442c50
Merge pull request #906 from smallstep/install-step-ra-arm5
We now have an armv5 step-ca build; remove guard clause from RA installer
2022-04-20 10:32:24 -07:00
Carl Tashian
a16facecc9
Merge pull request #905 from smallstep/carl/startup-msg-tweak
Cosmetic fix for consistency in the startup messages
2022-04-20 10:08:15 -07:00
Carl Tashian
340aa3206c We now have an armv5 step-ca build; remove guard clause from RA install script 2022-04-20 09:48:06 -07:00
Carl Tashian
97b64aa851 Cosmetic fix for consistency in the startup messages 2022-04-20 09:24:53 -07:00
max furman
605a959029 [action] attempt to pin goreleaser version 2022-04-19 15:20:00 -07:00
max furman
27b3d82f1d [action] goamd64 another attempt at fix 2022-04-19 15:20:00 -07:00
max furman
18ca66069e [action] issue uploading to scoop - attempt setting goamd64 2022-04-19 15:20:00 -07:00
Herman Slatman
ddac3b251d
Merge pull request #904 from smallstep/herman/changelogs-20220419
Fix `step` -> `step-ca`
2022-04-19 22:51:58 +02:00
Herman Slatman
714b5e61e2
Fix step -> step-ca 2022-04-19 22:50:28 +02:00
Herman Slatman
375ac22e6c
Merge pull request #903 from smallstep/herman/changelogs-20220419
Update changelog for v0.19.0
2022-04-19 21:33:17 +02:00
Herman Slatman
62e57f2073
Update changelog for v0.19.0 2022-04-19 21:24:21 +02:00
Mariano Cano
d61cd98a3e
Merge pull request #894 from smallstep/ahmet2mir-feat/vault
Vault CAS
2022-04-18 17:55:03 -07:00
Mariano Cano
fe9c3cf753
Merge branch 'master' into ahmet2mir-feat/vault 2022-04-18 15:35:26 -07:00
Mariano Cano
b99692fdaa
Merge pull request #901 from smallstep/fix/admin-token
Drop any query string from the admin tokens
2022-04-18 15:30:42 -07:00
Mariano Cano
4770b405ba Drop any query string from the admin tokens
This commit makes sure the admin token audience is passed without
a query string (or any fragment).
2022-04-18 15:18:23 -07:00
Mariano Cano
50a271edca
Merge pull request #888 from smallstep/fix/adminra
Fix/adminra
2022-04-18 12:46:41 -07:00
Mariano Cano
c066694c0c Allow renew token issuer to be the provisioner name.
For consistency with AuthorizeAdminToken, AuthorizeRenewToken will
allow the issuer to be either the fixed string 'step-ca-client/1.0'
or the provisioner name.
2022-04-18 12:38:09 -07:00
Mariano Cano
3aebe8d019 Add missing comma in comment. 2022-04-15 12:19:32 -07:00
Mariano Cano
d3b6bc3c75 Merge branch 'master' into fix/adminra 2022-04-13 17:44:23 -07:00
Mariano Cano
ad5aedfa60 Fix backward compatibility in AuthorizeAdminToken
This commit validates both new and old issuers.
2022-04-13 16:00:15 -07:00
Mariano Cano
5f714f2485 Fix tests for AuthorizeRenewToken 2022-04-13 15:59:37 -07:00
Mariano Cano
6331041b2b
Merge pull request #898 from smallstep/fix/claim-name
Rename unreleased claim to allowRenewalAfterExpiry for consistency.
2022-04-13 15:19:49 -07:00
Mariano Cano
674dc3c844 Rename unreleased claim to allowRenewalAfterExpiry for consistency. 2022-04-13 15:11:54 -07:00
Mariano Cano
4e4d4e882f Use a fixed string for renewal token issuer. 2022-04-13 14:50:06 -07:00
Mariano Cano
3694ba30dc Store certificate and provisioner in one transaction. 2022-04-12 18:42:27 -07:00
Mariano Cano
0a5dc237df Fix typo in comment. 2022-04-12 17:56:39 -07:00
Max
0dc5646e31
add Postgres to available databases in README 2022-04-12 15:21:18 -07:00
Mariano Cano
00cd0f5f21
Apply suggestions from code review
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
2022-04-12 14:44:55 -07:00
Mariano Cano
1c24863d2f Update changelog. 2022-04-12 14:41:25 -07:00
Mariano Cano
e29c85bbd4 Use errors and fmt instead of pkg/errors. 2022-04-12 14:04:46 -07:00
Mariano Cano
ea5f7f2acc
Fix SANs for step-ca certificate
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
2022-04-12 13:57:55 -07:00
Mariano Cano
c4ff0f1cc3 Add codecov token.
It shouldn't be necessary for public repos, but GitHub actions
error suggests to add it.
2022-04-12 11:19:43 -07:00
Mariano Cano
25d0ca258d Upgrade codecov to v2 2022-04-12 11:19:43 -07:00
Mariano Cano
76c483c36f Add missing comments. 2022-04-12 11:15:28 -07:00
Mariano Cano
48bc20c9f3 Unify json parameters. 2022-04-12 11:11:36 -07:00
Mariano Cano
790a19c6f6
make json names uniform
Co-authored-by: Ahmet Demir <ahmet2mir+github@gmail.com>
2022-04-12 10:01:22 -07:00
Mariano Cano
26e40068c8 Remove unnecessary dependencies. 2022-04-11 18:49:14 -07:00
Mariano Cano
967d9136ca Cleanup Vault CAS integration 2022-04-11 18:44:13 -07:00
Mariano Cano
9134bad22c Run go mod tidy. 2022-04-11 14:59:22 -07:00
Mariano Cano
37b521ec6c
Merge branch 'master' into feat/vault 2022-04-11 14:57:45 -07:00
Mariano Cano
1880b4b2d0 Add codecov token.
It shouldn't be necessary for public repos, but GitHub actions
error suggests to add it.
2022-04-11 14:21:14 -07:00
Mariano Cano
435bb8123b Upgrade codecov to v2 2022-04-11 14:14:02 -07:00
Mariano Cano
c8c59d68f5 Allow mTLS renewals if the provisioner extension does not exists.
This fixes a backward compatibility issue with with the new
LoadProvisionerByCertificate.
2022-04-11 12:19:42 -07:00
Mariano Cano
2fbff47acf Add missing return in test. 2022-04-11 12:18:44 -07:00