Commit graph

3675 commits

Author SHA1 Message Date
dependabot[bot]
442f2fe5f9
Bump github.com/newrelic/go-agent/v3 from 3.20.3 to 3.20.4
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.20.3 to 3.20.4.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.3...v3.20.4)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-13 16:02:01 +00:00
Remi Vichery
b2c2eec76b
Add identity token for all Azure cloud environments
* Azure Public Cloud (default)
* Azure China Cloud
* Azure US Gov Cloud
* Azure German Cloud
2023-03-08 08:18:55 -08:00
Carl Tashian
4378300c80
Update cache before installing packages 2023-03-06 09:40:50 -08:00
github-actions[bot]
b8ee206f71
Merge pull request #1305 from smallstep/dependabot/go_modules/google.golang.org/api-0.111.0
Bump google.golang.org/api from 0.110.0 to 0.111.0
2023-03-06 09:36:27 -08:00
github-actions[bot]
201be0891f
Merge pull request #1307 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.25.2
Bump go.step.sm/crypto from 0.25.0 to 0.25.2
2023-03-06 09:32:46 -08:00
Carl Tashian
79b3924322
Fix docker tags 2023-03-06 09:25:43 -08:00
dependabot[bot]
dd43e9e09f
Bump google.golang.org/api from 0.110.0 to 0.111.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.110.0 to 0.111.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.110.0...v0.111.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-06 17:15:23 +00:00
dependabot[bot]
152a0a2f3e
Bump go.step.sm/crypto from 0.25.0 to 0.25.2
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.25.0 to 0.25.2.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.25.0...v0.25.2)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-06 17:15:03 +00:00
github-actions[bot]
4fb00940c6
Merge pull request #1308 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.7.0
Bump golang.org/x/crypto from 0.6.0 to 0.7.0
2023-03-06 09:07:35 -08:00
dependabot[bot]
6452afc45c
Bump golang.org/x/crypto from 0.6.0 to 0.7.0
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-06 16:08:09 +00:00
Herman Slatman
7c54154013
Merge pull request #1300 from smallstep/herman/pkcs7-rsa-oaep 2023-03-03 20:30:15 +01:00
Herman Slatman
702f844fa2
Add RSA-OAEP decryption support to changelog 2023-03-03 13:39:38 +01:00
Herman Slatman
4d6ecf9a48
Upgrade to latest smallstep/pkcs7 to fix RSA OAEP decryption 2023-03-03 13:33:44 +01:00
Carl Tashian
12d8ca526a
Update Dockerfile.hsm to use debian:bullseye base image 2023-03-02 15:42:09 -05:00
Mariano Cano
2eb90bf45e
Merge pull request #1298 from smallstep/badger-gc
Add support for compacting the badger db
2023-03-02 10:42:26 -08:00
Mariano Cano
7700bb77da
Remove old call to compact 2023-03-01 17:37:56 -08:00
Mariano Cano
831a1e35ea
Add support for compating the badger db
This commit adds a job that will compact the badger db periodically.
In the nosql package, when Compact is called, it will run badger's
RunValueLogGC method.
2023-03-01 17:16:34 -08:00
github-actions[bot]
f8adb0a51c
Merge pull request #1295 from smallstep/dependabot/go_modules/github.com/stretchr/testify-1.8.2
Bump github.com/stretchr/testify from 1.8.1 to 1.8.2
2023-02-27 09:20:50 -08:00
dependabot[bot]
fe63f3e832
Bump github.com/stretchr/testify from 1.8.1 to 1.8.2
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-27 16:05:54 +00:00
Mariano Cano
060a2f186c
Merge pull request #1294 from smallstep/fix-1292
Disable database if WithNoDB() option is passed
2023-02-24 15:48:05 -08:00
Mariano Cano
4fd9a9b92b
Disable database if WithNoDB() option is passed
This commit removes the database from the configuration if the ca was
initialized with the "--no-db" flag.

Fixes #1292
2023-02-24 15:40:48 -08:00
Mariano Cano
23423814d3
Merge pull request #1293 from LarsBingBong/patch-1
Mark the IDP critical in the generated CRL data.
2023-02-24 14:58:32 -08:00
LarsBingBong
0d5c40e059
Mark the IDP critical in the generated CRL data.
Trying to get CRL to work on my environment I've been reading up on [RFC5280](https://www.rfc-editor.org/rfc/rfc5280#section-5.2.5) ... and the IDP to be marked as `Critical`. I hope I'm correct and that my understanding on how to mark the IDP is critical.
Looking at e.g. `3470b1ec57/x509util/extensions_test.go (L48)` makes me think so.

---

Hopefully the above change - if accepted - can get CRL's to work on my environment. If not we're at least one step closer.
2023-02-24 20:32:49 +01:00
Herman Slatman
176cf30a6f
Merge pull request #1290 from smallstep/herman/email-domain-ssh-sign-error
Add email address to error message returned for OIDC validation
2023-02-23 21:13:54 +01:00
Herman Slatman
59462e826c
Improve testing errors for OIDC authorizeToken function 2023-02-23 13:43:13 +01:00
Herman Slatman
10958a124b
Add email address to error message returned for OIDC validation 2023-02-23 13:24:09 +01:00
github-actions[bot]
b02c43cf8e
Merge pull request #1280 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.12.0
Bump cloud.google.com/go/security from 1.11.0 to 1.12.0
2023-02-21 22:16:06 -08:00
github-actions[bot]
81b1d2ede6
Merge pull request #1279 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/approle-0.4.0
Bump github.com/hashicorp/vault/api/auth/approle from 0.3.0 to 0.4.0
2023-02-21 21:57:12 -08:00
dependabot[bot]
e0b9f3960c
Bump cloud.google.com/go/security from 1.11.0 to 1.12.0
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.11.0...video/v1.12.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-22 05:49:03 +00:00
dependabot[bot]
b4f8100c72
Bump github.com/hashicorp/vault/api/auth/approle from 0.3.0 to 0.4.0
Bumps [github.com/hashicorp/vault/api/auth/approle](https://github.com/hashicorp/vault) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/approle
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-22 05:49:03 +00:00
github-actions[bot]
ae0be0acbd
Merge pull request #1282 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.4.1
Bump cloud.google.com/go/longrunning from 0.4.0 to 0.4.1
2023-02-21 21:47:44 -08:00
dependabot[bot]
5f835dc808
Bump cloud.google.com/go/longrunning from 0.4.0 to 0.4.1
Bumps [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.4.0...batch/v0.4.1)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/longrunning
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-21 21:14:50 +00:00
Max
6915feaae9
Merge pull request #1287 from smallstep/max/linting-errors
Fix linting errors
2023-02-21 11:30:47 -08:00
max furman
7c1c32d86b
Fix linting errors 2023-02-21 11:26:33 -08:00
github-actions[bot]
8e47f05dba
Merge pull request #1283 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.6.0
Bump golang.org/x/crypto from 0.5.0 to 0.6.0
2023-02-21 09:20:11 -08:00
dependabot[bot]
790139d5a7
Bump golang.org/x/crypto from 0.5.0 to 0.6.0
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-20 16:06:45 +00:00
Carl Tashian
ca9f8dc576
Merge pull request #1278 from smallstep/policy-help
Clarify policy lockout error message
2023-02-17 22:07:36 -08:00
Carl Tashian
cfcc95de93
Update policy test 2023-02-16 15:58:36 -08:00
Carl Tashian
96c6613739
Clarify policy lockout error message 2023-02-16 15:56:57 -08:00
github-actions[bot]
effe729d53
Merge pull request #1267 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.53.0
Bump google.golang.org/grpc from 1.52.3 to 1.53.0
2023-02-15 15:44:49 -08:00
dependabot[bot]
bb068f8280
Bump google.golang.org/grpc from 1.52.3 to 1.53.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.52.3 to 1.53.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.3...v1.53.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 23:38:31 +00:00
github-actions[bot]
d59d6c414f
Merge pull request #1268 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/kubernetes-0.4.0
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.3.0 to 0.4.0
2023-02-15 15:36:56 -08:00
Max
25599f8ad5
Merge pull request #1255 from zyzyx03/fix-step-ca-path
There is an error during RA installation which shows.
2023-02-14 23:02:56 -08:00
dependabot[bot]
2f2e3dea0f
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.3.0 to 0.4.0
Bumps [github.com/hashicorp/vault/api/auth/kubernetes](https://github.com/hashicorp/vault) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-14 22:04:07 +00:00
Mariano Cano
5fbee3d3ef
Merge pull request #1275 from smallstep/net-update
Upgrade golang.org/x/net
2023-02-14 14:00:28 -08:00
Mariano Cano
0d80473157
Upgrade golang.org/x/net
When the Go client is configured with an http2.Transport we need to
upgrade x/net due to:
  - net/http: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
2023-02-14 13:11:25 -08:00
github-actions[bot]
12d905be3e
Merge pull request #1270 from smallstep/dependabot/go_modules/golang.org/x/net-0.6.0
Bump golang.org/x/net from 0.5.0 to 0.6.0
2023-02-14 09:51:49 -08:00
dependabot[bot]
045ae52452
Bump golang.org/x/net from 0.5.0 to 0.6.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-14 17:36:34 +00:00
Mariano Cano
c2c246b062
Merge pull request #1265 from smallstep/check-csr-acme-da
Verify CSR key fingerprint with attestation certificate key
2023-02-14 09:34:48 -08:00
Max
ff7b8830fe
Merge pull request #1273 from smallstep/max/dependabot-auto-merge
enable auto merge for dependabot PRs
2023-02-13 22:56:50 -08:00