Commit graph

3742 commits

Author SHA1 Message Date
Mariano Cano
3b1be62663
Add step-kms-plugin to docker images and build a CGO based one 2023-01-26 16:52:19 -08:00
Herman Slatman
7c632629dd
Merge branch 'master' into herman/acme-da-subject-check 2023-01-26 15:52:45 +01:00
Herman Slatman
ed61c5df5f
Cleanup some leftover debug statements 2023-01-26 15:36:15 +01:00
Herman Slatman
60a9e41c1c
Remove Identifier from top level ACME Errors 2023-01-26 14:59:08 +01:00
Herman Slatman
edee01c80c
Refactor debug utility 2023-01-26 13:41:01 +01:00
Herman Slatman
1c38113e44
Add ACME Subproblem for more detailed ACME client-side errors
When validating an ACME challenge (`device-attest-01` in this case,
but it's also true for others), and validation fails, the CA didn't
return a lot of information about why the challenge had failed. By
introducing the ACME `Subproblem` type, an ACME `Error` can include
some additional information about what went wrong when validating
the challenge.

This is a WIP commit. The `Subproblem` isn't created in many code
paths yet, just for the `step` format at the moment. Will probably
follow up with some more improvements to how the ACME error is
handled. Also need to cleanup some debug things (q.Q)
2023-01-26 13:29:31 +01:00
Mariano Cano
4bb25d4a52
Merge pull request #1240 from smallstep/remove-deprecated-binaries
Remove deprecated binaries
2023-01-24 11:16:50 -08:00
Mariano Cano
39f46d31b9
Remove deprecated binaries
This commit removes the following deprecated binaries:

 - step-awskms-init
 - step-cloudkms-init
 - step-pkcs11-init
 - step-yubikey-init

From now on step and step-kms-plugin should be used to initialize the
PKI in AWS KMS, GCP KMS, PKCS#11 modules or YubiKeys.

A future commit will add step-kms-plugin to the docker images of
step-ca.

Fixes #1046
2023-01-23 16:30:55 -08:00
Herman Slatman
f1724ea8c5
Merge branch 'master' into herman/acme-da-tpm 2023-01-23 22:52:56 +01:00
Max
fc452e560c
Merge pull request #1236 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.3
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
2023-01-23 12:15:22 -08:00
Max
4621b95f38
Merge pull request #1237 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.12
Bump github.com/urfave/cli from 1.22.11 to 1.22.12
2023-01-23 12:12:38 -08:00
Max
2d174472e7
Merge pull request #1238 from smallstep/dependabot/go_modules/google.golang.org/api-0.108.0
Bump google.golang.org/api from 0.107.0 to 0.108.0
2023-01-23 12:07:26 -08:00
Max
3a6e90498c
Merge pull request #1239 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.8.3
Bump github.com/hashicorp/vault/api from 1.8.2 to 1.8.3
2023-01-23 12:06:47 -08:00
dependabot[bot]
cb8a2ee69f
Bump github.com/hashicorp/vault/api from 1.8.2 to 1.8.3
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:07:04 +00:00
dependabot[bot]
626a3a87b4
Bump google.golang.org/api from 0.107.0 to 0.108.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.107.0 to 0.108.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.107.0...v0.108.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:54 +00:00
dependabot[bot]
925a228656
Bump github.com/urfave/cli from 1.22.11 to 1.22.12
Bumps [github.com/urfave/cli](https://github.com/urfave/cli) from 1.22.11 to 1.22.12.
- [Release notes](https://github.com/urfave/cli/releases)
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/urfave/cli/compare/v1.22.11...v1.22.12)

---
updated-dependencies:
- dependency-name: github.com/urfave/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:37 +00:00
dependabot[bot]
07fd03c3f3
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.20.2 to 3.20.3.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.2...v3.20.3)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:26 +00:00
Herman Slatman
64d9ad7b38
Validate Subject Common Name for Orders with Permanent Identifier 2023-01-20 16:54:55 +01:00
Max
5bab65aa49
Merge pull request #1232 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.11
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
2023-01-18 14:09:29 -08:00
Max
925f32e82f
Merge pull request #1231 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.52.0
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
2023-01-18 14:08:53 -08:00
Max
466fe8280e
Merge pull request #1230 from smallstep/dependabot/go_modules/google.golang.org/api-0.107.0
Bump google.golang.org/api from 0.106.0 to 0.107.0
2023-01-18 14:08:31 -08:00
dependabot[bot]
fb39fccf6a
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
Bumps [github.com/urfave/cli](https://github.com/urfave/cli) from 1.22.10 to 1.22.11.
- [Release notes](https://github.com/urfave/cli/releases)
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/urfave/cli/compare/v1.22.10...v1.22.11)

---
updated-dependencies:
- dependency-name: github.com/urfave/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:56:04 +00:00
dependabot[bot]
29deb4befa
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.51.0 to 1.52.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.51.0...v1.52.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:54:27 +00:00
dependabot[bot]
98cb439b41
Bump google.golang.org/api from 0.106.0 to 0.107.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.106.0 to 0.107.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.106.0...v0.107.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:51:18 +00:00
Carl Tashian
cc6b87d1a4
Merge pull request #1228 from smallstep/carl/entrypoint-boolean-fix
Only pass --admin-subject if --remote-management is true; fix  boolean handling
2023-01-11 11:27:59 -08:00
Carl Tashian
2ab9483952
Only pass --admin-subject if --remote-management is true; fix overall boolean handling 2023-01-11 11:19:39 -08:00
Mariano Cano
e4073270f3
Merge pull request #1225 from smallstep/0.23.1-changelog
Upgrade changelog for v0.23.1
2023-01-11 00:40:52 +01:00
Max
627506b519
Merge pull request #1207 from smallstep/max/admin-check
Add IsEnabled method in AdminClient for checking admin API availability
2023-01-10 15:17:00 -08:00
max furman
fd921e5b26
successful isEnabled check should not return error 2023-01-10 15:02:23 -08:00
max furman
0b26698e72
Add IsEnabled method in AdminClient for checking admin API availability 2023-01-10 14:56:36 -08:00
Mariano Cano
bab77f257a
Add changelog line for smallstep/certificates#1223 2023-01-10 12:42:28 -08:00
Carl Tashian
a78ddc7cc5
Merge pull request #1223 from smallstep/carl/docker-pwd
Docker: Generate and use independent provisioner and private key passwords
2023-01-10 12:34:56 -08:00
Mariano Cano
2e86a392a8
Add proper PR links 2023-01-10 12:21:41 -08:00
Mariano Cano
2cd5708103
Upgrade changelog for v0.23.1 2023-01-10 12:15:11 -08:00
Mariano Cano
ad8a95cc10
Merge pull request #1206 from smallstep/oidc-principals
Ignore principals validations with OIDC
2023-01-10 20:33:52 +01:00
Carl Tashian
dc8b196823
Print admin username and pw after init 2023-01-10 09:57:47 -08:00
Carl Tashian
328276eaeb
Shred provisioner password 2023-01-09 18:01:14 -08:00
Carl Tashian
ad5cbd9a0e
Print and delete provisioner password on setup 2023-01-09 17:59:33 -08:00
Carl Tashian
a017238874
No need for PROVISIONER_PWDPATH 2023-01-09 17:23:47 -08:00
Carl Tashian
313bf2354b
Check for existance of pwdpath before copying 2023-01-09 17:08:24 -08:00
Carl Tashian
640bd0b7c7
Tabs to spaces 2023-01-09 16:51:36 -08:00
Carl Tashian
c836c7ab40
Backward compatibility 2023-01-09 16:48:31 -08:00
Carl Tashian
8242895909
Update hsm dockerfile as well 2023-01-09 16:39:34 -08:00
Carl Tashian
844cfd3bad
Generate and use independent provisioner and private key passwords 2023-01-09 16:36:00 -08:00
Max
ac4d5e63ab
Merge pull request #1221 from smallstep/dependabot/go_modules/google.golang.org/api-0.106.0
Bump google.golang.org/api from 0.105.0 to 0.106.0
2023-01-09 09:27:00 -08:00
Max
985a0e4858
Merge pull request #1220 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.5.0
Bump golang.org/x/crypto from 0.4.0 to 0.5.0
2023-01-09 09:26:27 -08:00
Max
762ce06d84
Merge pull request #1219 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.11.0
Bump cloud.google.com/go/security from 1.10.0 to 1.11.0
2023-01-09 09:25:46 -08:00
dependabot[bot]
34dc119cf7
Bump google.golang.org/api from 0.105.0 to 0.106.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.105.0 to 0.106.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.105.0...v0.106.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 17:21:18 +00:00
Max
9cc35d1505
Merge branch 'master' into dependabot/go_modules/golang.org/x/crypto-0.5.0 2023-01-09 09:20:07 -08:00
dependabot[bot]
e7a4a1f43c
Bump cloud.google.com/go/security from 1.10.0 to 1.11.0
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.10.0...asset/v1.11.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 17:19:52 +00:00