Commit graph

3364 commits

Author SHA1 Message Date
Herman Slatman
b9f238ad4d
Add additional ACME meta properties to provisioner configuration 2022-10-24 22:37:57 +02:00
Mariano Cano
aed1738ad0
Upgrade pkcs7 to the latest patches branch
smallstep/pkcs7@patches includes now support for generic Decrypter
methods, so KMS can be used instead of a key in disk with SCIM
2022-10-24 11:07:28 -07:00
Max
c407354c70
Merge pull request #1137 from smallstep/dependabot/go_modules/google.golang.org/api-0.100.0
Bump google.golang.org/api from 0.99.0 to 0.100.0
2022-10-24 09:18:31 -07:00
Max
25340c2bf6
Merge pull request #1138 from smallstep/dependabot/go_modules/github.com/stretchr/testify-1.8.1
Bump github.com/stretchr/testify from 1.8.0 to 1.8.1
2022-10-24 09:14:13 -07:00
dependabot[bot]
3e96113162
Bump github.com/stretchr/testify from 1.8.0 to 1.8.1
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-24 15:45:07 +00:00
dependabot[bot]
016973fd2b
Bump google.golang.org/api from 0.99.0 to 0.100.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.99.0 to 0.100.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.99.0...v0.100.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-24 15:44:56 +00:00
Herman Slatman
e90fe4bfa0
Update CHANGELOG.md with provisioner migration 2022-10-24 16:34:34 +02:00
Herman Slatman
9d04e7d1dc
Remove period in log output 2022-10-24 15:33:48 +02:00
Herman Slatman
54c560f620
Improve configuration file initialization log output 2022-10-24 15:22:37 +02:00
Herman Slatman
fd38dd34f9
Fix PR comments 2022-10-24 14:51:27 +02:00
Herman Slatman
c9793561ff
Make meta object optional in ACME directory response
Harware appliances from Kemp seem to validate the contents of the
`meta` object, even if none of the properties in the `meta` object
is set. According to the RFC, the `meta` object, as well as its
properties are optional, so technically this should be fixed by
the manufacturer.

This commit is to see if we validation of the `meta` object is
skipped if it's not available in the response.
2022-10-24 14:14:28 +02:00
Herman Slatman
49718f1bbb
Fix some comments 2022-10-21 11:48:59 +02:00
Herman Slatman
70da534893
Merge branch 'master' into herman/remote-management-helm 2022-10-21 11:09:57 +02:00
Mariano Cano
398213af51
Merge pull request #1123 from smallstep/renew-raw-subject
Use RawSubject on renew and rekey
2022-10-20 10:41:46 -07:00
Mariano Cano
caf0628b8c
Merge pull request #1122 from smallstep/fix-1114
Split build and download in Dockerfiles
2022-10-19 19:16:38 -07:00
Mariano Cano
aefdfc7be7
Use RawSubject on renew and rekey
Renew was not replicating exactly the subject because extra names
gets decoded into pkix.Name.Names, the non-default ones should be
added to pkix.Name.ExtraNames. Instead of doing that, this commit
sets the RawSubject that will also keep the order.

Fixes #1106
2022-10-19 19:10:50 -07:00
Mariano Cano
18555a3cb2
Split build and download in Dockerfiles
On systems with low resources the command `go mod download` can fail.
This causes long builds of the docker images. This change adds a new
layer in the docker build splitting the build and download in two
steps.

Fixes #1114
2022-10-19 17:57:50 -07:00
Mariano Cano
53f2ecdad9
Merge pull request #1121 from smallstep/fix-1115
Use sh instead of bash in .version.sh script
2022-10-19 16:39:37 -07:00
Mariano Cano
d07c9accea
Use sh instead of bash in .version.sh script
Fixes #1115
2022-10-19 16:28:31 -07:00
Max
7b45968198
Merge pull request #1119 from smallstep/max/common-triage 2022-10-18 18:16:49 -07:00
max furman
91775f6d67
[action] move oss triage wofkow to common workflows 2022-10-18 11:57:47 -07:00
Max
361e2b2907
Merge pull request #1116 from smallstep/max/docs-revocation-link
Update revocation docs link
2022-10-17 13:58:19 -07:00
Max
c103458ee9
Merge pull request #1110 from smallstep/dependabot/go_modules/google.golang.org/api-0.99.0
Bump google.golang.org/api from 0.98.0 to 0.99.0
2022-10-17 13:52:05 -07:00
max furman
e436c36f8b
Update revocation docs link 2022-10-17 13:45:00 -07:00
dependabot[bot]
b83f268b4d
Bump google.golang.org/api from 0.98.0 to 0.99.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.98.0 to 0.99.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.98.0...v0.99.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 20:39:12 +00:00
Max
f410ef6628
Merge pull request #1112 from smallstep/dependabot/go_modules/github.com/googleapis/gax-go/v2-2.6.0
Bump github.com/googleapis/gax-go/v2 from 2.5.1 to 2.6.0
2022-10-17 13:37:29 -07:00
dependabot[bot]
c3f6dcf7e7
Bump github.com/googleapis/gax-go/v2 from 2.5.1 to 2.6.0
Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/googleapis/gax-go/releases)
- [Commits](https://github.com/googleapis/gax-go/compare/v2.5.1...v2.6.0)

---
updated-dependencies:
- dependency-name: github.com/googleapis/gax-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 17:18:04 +00:00
Herman Slatman
f7d153efa7
Merge pull request #1109 from smallstep/herman/remove-acme-revoke-authorization-todo
Remove TODO and clarify ACME revoke authorization method docs
2022-10-17 19:14:18 +02:00
Max
70828b882f
Merge pull request #1111 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.8.1
Bump github.com/hashicorp/vault/api from 1.8.0 to 1.8.1
2022-10-17 10:12:23 -07:00
Max
a7db13d47b
Merge pull request #1113 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.50.1
Bump google.golang.org/grpc from 1.50.0 to 1.50.1
2022-10-17 10:10:29 -07:00
dependabot[bot]
9ee11fd850
Bump google.golang.org/grpc from 1.50.0 to 1.50.1
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.50.0 to 1.50.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.0...v1.50.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 15:58:52 +00:00
dependabot[bot]
3676c59599
Bump github.com/hashicorp/vault/api from 1.8.0 to 1.8.1
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 15:58:43 +00:00
Herman Slatman
cbc0864370
Remove TODO and clarify ACME revoke authorization method docs 2022-10-17 12:38:53 +02:00
Herman Slatman
d981b9e0dc
Add --admin-subject flag to ca init
The first super admin subject can now be provided through the
`--admin-subject` flag when initializing a CA.

It's not yet possible to configure the subject of the first
super admin when provisioners are migrated from `ca.json` to the
database. This effectively limits usage of the flag to scenarios
in which the provisioners are written to the database immediately,
so when `--remote-management` is enabled. It currently also doesn't
work with Helm deployments, because there's no mechanism yet to
pass this type of option to the Helm chart.

This commit partially addresses https://github.com/smallstep/cli/issues/697
2022-10-14 16:03:41 +02:00
Herman Slatman
57001168a5
Add default SSHPOP provisioner to Helm template output 2022-10-14 14:07:13 +02:00
Herman Slatman
c423e2f664
Improve Helm test data to be more realistic 2022-10-14 13:52:27 +02:00
Herman Slatman
459bfc4c4f
Add gibberish test key bytes to Helm tests 2022-10-14 01:45:07 +02:00
Herman Slatman
3262ffd43b
Add X.509 intermedaite and root certificates to Helm tests 2022-10-14 01:06:43 +02:00
Herman Slatman
1a5523f5c0
Add default JWK to the Helm tests 2022-10-14 00:09:32 +02:00
Herman Slatman
da5d2b405c
Merge branch 'master' into herman/remote-management-helm 2022-10-13 23:36:50 +02:00
Max
65b5a636df
Merge pull request #1104 from smallstep/max/err-assert
Fix err assert linter warnings - upgrade outdated package
2022-10-13 10:03:03 -07:00
max furman
7203739369
Fix err assert linter warnings - upgrade outdated package 2022-10-12 16:32:26 -07:00
Herman Slatman
6516384160
Trigger CI 2022-10-12 15:54:32 +02:00
Mariano Cano
e0994bed9d
Merge pull request #1102 from smallstep/yubikey-no-ca
Add test simulating YubiKey v5.2.4
2022-10-11 16:11:24 -07:00
Mariano Cano
a7e597450a
Update acme/challenge_test.go
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
2022-10-11 10:04:42 -07:00
Herman Slatman
317efa4568
Add some TODOs for improvingin PKI initialization maintainability 2022-10-11 17:39:35 +02:00
Herman Slatman
8616d3160f
Add tests for writing the Helm template 2022-10-11 17:18:19 +02:00
Herman Slatman
674206320c
Write updated CA configuration after migrating provisioners 2022-10-11 14:12:06 +02:00
Herman Slatman
b5837f20c9
Merge branch 'master' into herman/remote-management-helm 2022-10-11 12:20:12 +02:00
Herman Slatman
c9ee4a9f9d
Disable initialization log output if started with --quiet 2022-10-11 12:19:48 +02:00