Commit graph

3289 commits

Author SHA1 Message Date
Mariano Cano
fcfd2b9bdc
Return an appropriate error when requests fail
If an http client Do method fails, it always returns an *url.URL error,
this change generalizes all those errors in one common method instead of
returning an fake HTTP error.

Fixes smallstep/cli#738
2022-11-10 14:49:16 -08:00
Herman Slatman
1f19b8ec5e
Merge pull request #1172 from smallstep/herman/remove-acme-cert-charset
Remove `charset=utf-8` from ACME certificate requests
2022-11-10 23:32:48 +01:00
Mariano Cano
ffc30f49b1
Merge pull request #1174 from smallstep/fix-cli-730
Set dialer local address with STEP_CLIENT_ADDR
2022-11-10 10:29:19 -08:00
Mariano Cano
a800ffe447
Merge pull request #1173 from smallstep/fix-1047
Create context for automatic RAs
2022-11-09 17:27:57 -08:00
Mariano Cano
47bd5a80d9
Set dialer local address with STEP_CLIENT_ADDR
The environment variable STEP_CLIENT_ADDR can be used to set the local
address to use when dialing an address. This can be useful when step
is behind an CIDR-based ACL.

Fixes smallstep/cli#730
2022-11-09 15:49:19 -08:00
Mariano Cano
fa8d0a68c4
Merge pull request #1169 from smallstep/root-bundle
Allow root and federated root bundles
2022-11-09 12:34:22 -08:00
Mariano Cano
893147d23a
Create context for automatic RAs
It creates a new context with the given name if the flags --token
and --context are passed, and the context does not exist.

Fixes #1047
2022-11-09 12:06:45 -08:00
Herman Slatman
817edcbba5
Remove charset=utf-8 from ACME certificate requests 2022-11-09 19:57:50 +01:00
Mariano Cano
ddd5057f63
Allow root and federated root bundles
This commit changes the parsing of root and federated roots to support
a bundle of certificates, this makes easier to configure a root rotation
when using helm charts, just appending the old root.
2022-11-08 17:06:22 -08:00
Mariano Cano
e0215e7243
Merge pull request #1167 from smallstep/linked-ra-renewal
Add support for linked RA renewals
2022-11-08 14:34:21 -08:00
Max
ca6f4514fd
Merge pull request #1166 from smallstep/max/remove-docs
Remove deprecated docs directory
2022-11-08 14:30:17 -08:00
Mariano Cano
07c56f577a
Add support for linked RA renewals 2022-11-08 14:25:54 -08:00
Mariano Cano
3a89428b0f
Merge pull request #1165 from smallstep/upgrade-crypto
Upgrade go.step.sm/crypto
2022-11-08 10:17:55 -08:00
Mariano Cano
b31cf1fc18
Fix merge and use last version of linkedca 2022-11-08 10:12:19 -08:00
Mariano Cano
2b928b1afd
Merge branch 'master' into upgrade-crypto 2022-11-08 10:10:34 -08:00
Herman Slatman
c169defc73
Merge pull request #1136 from smallstep/herman/ignore-empty-acme-meta 2022-11-08 09:56:00 +01:00
max furman
dde9330244
Remove deprecated docs directory 2022-11-07 20:18:42 -08:00
Mariano Cano
75ac5d3889
Add ra renewal to the changelog 2022-11-07 17:59:33 -08:00
Mariano Cano
3ef73fa66b
Upgrade go.step.sm/crypto 2022-11-07 17:51:19 -08:00
Max
80cbcb652b
Merge pull request #1164 from smallstep/max/bad-comment
Correct bad comment on NotImplementedError.Error()
2022-11-07 15:38:46 -08:00
max furman
57c1c2071d
Correct bad comment on NotImplementedError.Error() 2022-11-07 15:37:39 -08:00
Mariano Cano
e8726d24fa
Merge pull request #1156 from smallstep/ra-renew
Add support for renew when using stepcas
2022-11-07 15:36:01 -08:00
Max
202b17c3f2
Merge pull request #1159 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.10.0
Bump cloud.google.com/go/security from 1.9.0 to 1.10.0
2022-11-07 14:23:42 -08:00
dependabot[bot]
ae684a557a
Bump cloud.google.com/go/security from 1.9.0 to 1.10.0
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.9.0...asset/v1.10.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 22:16:22 +00:00
Max
7354e6e905
Merge pull request #1163 from smallstep/max/longrunning
Updates for deprecated google cloud security APIs
2022-11-07 14:14:28 -08:00
Herman Slatman
920c4f02c5
Add additional properties to provisioner converters 2022-11-07 22:34:35 +01:00
max furman
e351bd90dc
Run make generate with mockgen@v1.6.0 2022-11-07 13:14:23 -08:00
Herman Slatman
a7b2f5f27d
Upgrade linkedca to v0.19.0-rc.4 2022-11-07 22:14:10 +01:00
max furman
8f7fae585c
Add mockgen commands for cloudcas_test 2022-11-07 13:09:07 -08:00
Herman Slatman
1c4aa6ad79
Merge branch 'master' into herman/ignore-empty-acme-meta 2022-11-07 22:07:41 +01:00
max furman
d4e81723ee
Updates for deprecated google cloud security APIs 2022-11-07 11:31:57 -08:00
Max
55a684fe5a
Merge pull request #1162 from smallstep/dependabot/go_modules/google.golang.org/api-0.102.0
Bump google.golang.org/api from 0.101.0 to 0.102.0
2022-11-07 11:21:59 -08:00
Max
4fcfc9481b
Merge pull request #1160 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.0
Bump github.com/newrelic/go-agent/v3 from 3.19.2 to 3.20.0
2022-11-07 09:28:51 -08:00
dependabot[bot]
656b9ab217
Bump google.golang.org/api from 0.101.0 to 0.102.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.101.0 to 0.102.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.101.0...v0.102.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 15:28:35 +00:00
Herman Slatman
9cbee4da33
Merge pull request #1158 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.23.0
Bump go.step.sm/crypto from 0.22.0 to 0.23.0
2022-11-07 16:27:03 +01:00
dependabot[bot]
88febefbcf
Bump github.com/newrelic/go-agent/v3 from 3.19.2 to 3.20.0
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.19.2 to 3.20.0.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.19.2...v3.20.0)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 15:05:48 +00:00
dependabot[bot]
2891f6b397
Bump go.step.sm/crypto from 0.22.0 to 0.23.0
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 15:04:59 +00:00
Herman Slatman
3eae04928f
Add tests for ACME Meta object 2022-11-07 15:35:42 +01:00
Herman Slatman
02d679e160
Merge branch 'master' into herman/ignore-empty-acme-meta 2022-11-07 14:03:01 +01:00
Mariano Cano
c7f226bcec
Add support for renew when using stepcas
It supports renewing X.509 certificates when an RA is configured with stepcas.
This will only work when the renewal uses a token, and it won't work with mTLS.

The audience cannot be properly verified when an RA is used, to avoid this we
will get from the database if an RA was used to issue the initial certificate
and we will accept the renew token.

Fixes #1021 for stepcas
2022-11-04 16:42:07 -07:00
Mariano Cano
068a2dae8e
Merge pull request #1155 from smallstep/acme-port-flags
Use the same style of flags
2022-11-04 10:41:30 -07:00
Mariano Cano
e00781873e
Update commands/app.go
Co-authored-by: Max <mx.furman@gmail.com>
2022-11-04 10:41:06 -07:00
Mariano Cano
bae9a0c152
Use the same style of flags
It changes the new step-ca flags to use a standard style.
2022-11-04 10:31:11 -07:00
Mariano Cano
6c0cb23125
Merge pull request #1153 from smallstep/acme-port
Add support for custom acme ports
2022-11-03 20:53:48 -07:00
Mariano Cano
e27c6c529b
Add support for custom acme ports
This change adds the flags --acme-http-port, --acme-tls-port, that
combined with --insecure can be used to set custom ports for ACME
http-01 and tls-alpn-01 challenges. These flags should only be used
for testing purposes.

Fixes #1015
2022-11-03 16:58:25 -07:00
Max
9d90d0cef3
Merge pull request #1152 from smallstep/max/cosign-experimental
[action] Add COSIGN_EXPERIMENTAL env var to cosign release docs
2022-11-02 09:58:51 -07:00
max furman
3728cee02a
[action] Add COSIGN_EXPERIMENTAL env var to cosign release docs 2022-11-01 18:50:12 -07:00
Max
be8c0b4531
Merge pull request #1151 from smallstep/max/gomod
go.mod syntax
2022-10-31 12:04:03 -07:00
max furman
4ccc9a0c32
go.mod syntax 2022-10-31 12:01:18 -07:00
Max
6136dbb196
Merge pull request #1147 from smallstep/dependabot/go_modules/cloud.google.com/go-0.105.0
Bump cloud.google.com/go from 0.104.0 to 0.105.0
2022-10-31 12:00:28 -07:00