Commit graph

3616 commits

Author SHA1 Message Date
Herman Slatman
6e1f8dd7ab
Refactor policy engines into container 2022-04-26 13:12:16 +02:00
Herman Slatman
2a7620641f
Fix more PR comments 2022-04-26 10:15:17 +02:00
Herman Slatman
76112c2da1
Improve error creation and testing for core policy engine 2022-04-26 01:47:07 +02:00
max furman
b91affdd34 exposing authority configuration for provisioner cli commands 2022-04-25 10:23:07 -07:00
Jakob Schlyter
c1425422dd include support for GCP and AWS KMS by default 2022-04-25 14:25:31 +02:00
Jakob Schlyter
df8eca2c19 space 2022-04-25 14:14:23 +02:00
Herman Slatman
20f5d12b99
Improve test rigour for reloadPolicyEngines 2022-04-25 11:02:03 +02:00
Herman Slatman
6264e8495c
Improve policy error handling code coverage 2022-04-24 16:29:31 +02:00
Herman Slatman
3fa96ebf13
Improve policy errors returned to client 2022-04-24 13:11:32 +02:00
Jakob Schlyter
66ba6048a4 start pcscd if installed 2022-04-24 11:08:51 +02:00
Jakob Schlyter
6ee48ca631 add pcsc-lite 2022-04-24 10:59:26 +02:00
Jakob Schlyter
221ced5c51 add Dockerfile for building with HSM support 2022-04-23 10:49:33 +02:00
Herman Slatman
a3c51881c7
Merge branch 'master' into herman/allow-deny 2022-04-22 15:52:36 +02:00
Herman Slatman
c40a4d2694
Contain policy engines inside provisioner Controller 2022-04-22 01:20:38 +02:00
Herman Slatman
ef110a94df
Change pointer booleans to regular boolean configuration 2022-04-21 23:45:05 +02:00
Herman Slatman
e9f5a1eb98
Improve policy bad request handling 2022-04-21 17:16:02 +02:00
Herman Slatman
b72430f4ea
Block all APIs when using linked deployment mode 2022-04-21 16:18:55 +02:00
Herman Slatman
fb81407d6f
Fix ACME policy comments 2022-04-21 13:21:06 +02:00
Herman Slatman
a2cfbe3d54
Fix (part of) PR comments 2022-04-21 12:14:03 +02:00
Carl Tashian
3424442c50
Merge pull request #906 from smallstep/install-step-ra-arm5
We now have an armv5 step-ca build; remove guard clause from RA installer
2022-04-20 10:32:24 -07:00
Carl Tashian
a16facecc9
Merge pull request #905 from smallstep/carl/startup-msg-tweak
Cosmetic fix for consistency in the startup messages
2022-04-20 10:08:15 -07:00
Carl Tashian
340aa3206c We now have an armv5 step-ca build; remove guard clause from RA install script 2022-04-20 09:48:06 -07:00
Carl Tashian
97b64aa851 Cosmetic fix for consistency in the startup messages 2022-04-20 09:24:53 -07:00
max furman
605a959029 [action] attempt to pin goreleaser version 2022-04-19 15:20:00 -07:00
max furman
27b3d82f1d [action] goamd64 another attempt at fix 2022-04-19 15:20:00 -07:00
max furman
18ca66069e [action] issue uploading to scoop - attempt setting goamd64 2022-04-19 15:20:00 -07:00
Herman Slatman
ddac3b251d
Merge pull request #904 from smallstep/herman/changelogs-20220419
Fix `step` -> `step-ca`
2022-04-19 22:51:58 +02:00
Herman Slatman
714b5e61e2
Fix step -> step-ca 2022-04-19 22:50:28 +02:00
Herman Slatman
375ac22e6c
Merge pull request #903 from smallstep/herman/changelogs-20220419
Update changelog for v0.19.0
2022-04-19 21:33:17 +02:00
Herman Slatman
62e57f2073
Update changelog for v0.19.0 2022-04-19 21:24:21 +02:00
Herman Slatman
3eecc4f7bb
Improve test coverage for reloadPolicyEngines 2022-04-19 17:10:13 +02:00
Herman Slatman
72bbe53376
Add additional policy options 2022-04-19 14:41:36 +02:00
Herman Slatman
9a21208f22
Add deduplication of policy configuration values 2022-04-19 13:21:37 +02:00
Herman Slatman
f2f9cb899e
Add conditional defaults to policy protobuf request bodies 2022-04-19 12:09:45 +02:00
Herman Slatman
6532c93303
Improve read.ProtoJSON bad protobuf body error handling 2022-04-19 12:07:57 +02:00
Herman Slatman
647538e9e8
Merge branch 'herman/allow-deny' into herman/allow-deny-options 2022-04-19 10:32:16 +02:00
Herman Slatman
ad2de16299
Merge branch 'master' into herman/allow-deny 2022-04-19 10:26:31 +02:00
Herman Slatman
7f9034d22a
Add additional policy options 2022-04-19 10:24:52 +02:00
Mariano Cano
d61cd98a3e
Merge pull request #894 from smallstep/ahmet2mir-feat/vault
Vault CAS
2022-04-18 17:55:03 -07:00
Mariano Cano
fe9c3cf753
Merge branch 'master' into ahmet2mir-feat/vault 2022-04-18 15:35:26 -07:00
Mariano Cano
b99692fdaa
Merge pull request #901 from smallstep/fix/admin-token
Drop any query string from the admin tokens
2022-04-18 15:30:42 -07:00
Mariano Cano
4770b405ba Drop any query string from the admin tokens
This commit makes sure the admin token audience is passed without
a query string (or any fragment).
2022-04-18 15:18:23 -07:00
Herman Slatman
def9438ad6
Improve handling of bad JSON protobuf bodies 2022-04-18 23:38:13 +02:00
Herman Slatman
2ca5c0170f
Fix flaky test behavior for protobuf messages 2022-04-18 22:39:47 +02:00
Herman Slatman
ff8cb19b78
Fix usage of URL in generateAdminToken 2022-04-18 21:59:06 +02:00
Herman Slatman
abcad679ff
Merge branch 'master' into herman/allow-deny 2022-04-18 21:54:55 +02:00
Herman Slatman
82e0033428
Remove Adder options 2022-04-18 21:47:39 +02:00
Herman Slatman
8d15a027a7
Fix if-else linting issue 2022-04-18 21:47:13 +02:00
Mariano Cano
50a271edca
Merge pull request #888 from smallstep/fix/adminra
Fix/adminra
2022-04-18 12:46:41 -07:00
Mariano Cano
c066694c0c Allow renew token issuer to be the provisioner name.
For consistency with AuthorizeAdminToken, AuthorizeRenewToken will
allow the issuer to be either the fixed string 'step-ca-client/1.0'
or the provisioner name.
2022-04-18 12:38:09 -07:00