Max
2ef5c98384
Merge pull request #1067 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.10
...
Bump github.com/urfave/cli from 1.22.4 to 1.22.10
2 years ago
dependabot[bot]
5f0fa57844
Bump cloud.google.com/go/security from 1.7.0 to 1.8.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.7.0...redis/v1.8.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
211b1c01c0
Bump github.com/hashicorp/vault/api/auth/approle from 0.1.1 to 0.3.0
...
Bumps [github.com/hashicorp/vault/api/auth/approle](https://github.com/hashicorp/vault ) from 0.1.1 to 0.3.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.1.1...v0.3.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/approle
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
510122f026
Bump github.com/rs/xid from 1.2.1 to 1.4.0
...
Bumps [github.com/rs/xid](https://github.com/rs/xid ) from 1.2.1 to 1.4.0.
- [Release notes](https://github.com/rs/xid/releases )
- [Commits](https://github.com/rs/xid/compare/v1.2.1...v1.4.0 )
---
updated-dependencies:
- dependency-name: github.com/rs/xid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Max
70abbdfc70
Merge pull request #1068 from smallstep/dependabot/go_modules/go.step.sm/cli-utils-0.7.5
...
Bump go.step.sm/cli-utils from 0.7.4 to 0.7.5
2 years ago
Max
8139179084
Merge pull request #1069 from smallstep/dependabot/go_modules/github.com/google/go-cmp-0.5.9
...
Bump github.com/google/go-cmp from 0.5.8 to 0.5.9
2 years ago
Max
af4183df18
Merge pull request #1077 from smallstep/dependabot/go_modules/google.golang.org/api-0.98.0
...
Bump google.golang.org/api from 0.96.0 to 0.98.0
2 years ago
Max
e5c5b0cb49
Merge pull request #1070 from smallstep/dependabot/go_modules/github.com/slackhq/nebula-1.6.1
...
Bump github.com/slackhq/nebula from 1.5.2 to 1.6.1
2 years ago
dependabot[bot]
ef75d4f3c6
Bump go.step.sm/cli-utils from 0.7.4 to 0.7.5
...
Bumps [go.step.sm/cli-utils](https://github.com/smallstep/cli-utils ) from 0.7.4 to 0.7.5.
- [Release notes](https://github.com/smallstep/cli-utils/releases )
- [Commits](https://github.com/smallstep/cli-utils/compare/v0.7.4...v0.7.5 )
---
updated-dependencies:
- dependency-name: go.step.sm/cli-utils
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
3faa8717b3
Bump google.golang.org/api from 0.96.0 to 0.98.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.96.0 to 0.98.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.96.0...v0.98.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
0027f93fb9
Bump github.com/google/go-cmp from 0.5.8 to 0.5.9
...
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp ) from 0.5.8 to 0.5.9.
- [Release notes](https://github.com/google/go-cmp/releases )
- [Commits](https://github.com/google/go-cmp/compare/v0.5.8...v0.5.9 )
---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Andrew Reed
7101fbb0ee
Provisioner webhooks ( #1001 )
2 years ago
dependabot[bot]
132b32b5a5
Bump github.com/urfave/cli from 1.22.4 to 1.22.10
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.4 to 1.22.10.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.4...v1.22.10 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
7420172d63
Bump github.com/slackhq/nebula from 1.5.2 to 1.6.1
...
Bumps [github.com/slackhq/nebula](https://github.com/slackhq/nebula ) from 1.5.2 to 1.6.1.
- [Release notes](https://github.com/slackhq/nebula/releases )
- [Changelog](https://github.com/slackhq/nebula/blob/master/CHANGELOG.md )
- [Commits](https://github.com/slackhq/nebula/compare/v1.5.2...v1.6.1 )
---
updated-dependencies:
- dependency-name: github.com/slackhq/nebula
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Mariano Cano
906c5067b9
Include attestation roots on provisioner converters
2 years ago
max furman
1e0ea6f958
more linting fixes
2 years ago
Mariano Cano
191d9e8629
Use go.step.sm/crypto to set the permanent identifier
2 years ago
Brandon Weeks
de5b0ef5c2
Verify key authorization is contained within the TPM quote extraData field
2 years ago
Brandon Weeks
248da10f32
Implement TPM attestation statement verification
2 years ago
Brandon Weeks
6f2b4d3042
Add ACME permanent-identifier identifier type
2 years ago
Mariano Cano
746ee2b6db
Upgrade go.step.sm/cli-utils
...
Fixes issue with step path
2 years ago
Mariano Cano
a795f4281c
Upgrade to go.step.sm/crypto v0.18.0
2 years ago
Herman Slatman
25cbe02b9e
Add provisioner template validation
...
Fixes #1012
2 years ago
Mariano Cano
df975122a0
Upgrade linkedca and add entry to changelog
2 years ago
Mariano Cano
bb0210e875
Fix typo in linkedca variable
2 years ago
Mariano Cano
66407139e5
Add methods to convert attestation formats
2 years ago
Mariano Cano
a2749ca8ed
Merge branch 'master' into device-attestation
2 years ago
Mariano Cano
45af68b244
Upgrade go.step.sm/crypto
2 years ago
Mariano Cano
6db631df51
Upgrade go.step.sm/crypto@attest
2 years ago
Mariano Cano
a893d6e7f7
Upgrade go.step.sm/cli-utils
...
Fixes issue with step path
2 years ago
Mariano Cano
1938b1bb34
Merge branch 'master' into herman/fix-template-validation
2 years ago
Mariano Cano
1d1e024b84
Upgrade to go.step.sm/crypto v0.18.0
2 years ago
Mariano Cano
2a44972830
Run go mod tidy
2 years ago
Mariano Cano
bca311b05e
Add acme property to enable challenges
...
Fixes #1027
2 years ago
Herman Slatman
6b7b989988
Add provisioner template validation
...
Fixes #1012
2 years ago
Mariano Cano
693dc39481
Merge branch 'master' into device-attestation
2 years ago
Mariano Cano
6cab4d328e
Add a middleware to automatically route HEAD requests to GET
...
Fixes #992
2 years ago
Mariano Cano
0c7467ceb2
Allow to automatically configure and linked RA
2 years ago
Mariano Cano
5df1694250
Add endpoint id for the RA certificate
...
In a linked RA mode, send an endpoint id to group the server
certificates.
2 years ago
Mariano Cano
2f7cb9225f
Use go.step.sm/crypto to set the permanent identifier
2 years ago
Mariano Cano
369b8f81c3
Use go.step.sm/crypto/kms
...
Fixes #975
2 years ago
Mariano Cano
e02a190fa7
Merge branch 'master' into device-attestation
2 years ago
Mariano Cano
8445c29db6
Change actions to build using Go 1.19
...
Fixes #998
2 years ago
Mariano Cano
38fb92452f
Merge pull request #993 from smallstep/ra-ids
...
RA provisioner IDs
2 years ago
Mariano Cano
821743f71e
Upgrade newrelic to v3
2 years ago
Aaron Bieber
135c481893
Update deps to bring in support for OpenBSD
...
OpenBSD support was added to the following deps:
- github.com/go-piv/piv-go in https://github.com/go-piv/piv-go/pull/101
- github.com/newrelic/go-agent in https://github.com/newrelic/go-agent/pull/455
- github.com/miekg/pkcs11 in https://github.com/miekg/pkcs11/pull/140
With these deps bumped, tests all pass on OpenBSD amd64.
2 years ago
Mariano Cano
a2f7766943
Use released version of linkedca
2 years ago
Mariano Cano
64744562c6
Send RA provisioner to linkedca.
2 years ago
Brandon Weeks
77c6d10fd6
Verify key authorization is contained within the TPM quote extraData field
2 years ago
Brandon Weeks
e1ec31c0ed
Implement TPM attestation statement verification
2 years ago
Brandon Weeks
2ac8b69da2
Add ACME permanent-identifier identifier type
2 years ago
Mariano Cano
2adf8caac7
Fix Dependabot warning on an indirect dependency
2 years ago
Erik De Lamarter
dec1067add
vault kubernetes auth
2 years ago
Herman Slatman
d1ab1d5431
Merge branch 'master' into herman/update-crypto-0.16.2
2 years ago
Herman Slatman
b75ce3acbd
Update to go.step.sm/crypto v0.16.2
...
This patch release of go.step.sm/crypto fixes an issue with
not all `Subject` names being available for usage in a template
as `ExtraNames`.
2 years ago
Herman Slatman
7030dbb7a1
Use github.com/smallstep/pkcs7 fork with patches applied
2 years ago
Herman Slatman
ed231d29e2
Update to go.step.sm/linkedca@v0.16.1
2 years ago
Herman Slatman
f0272dc717
Fix import replacement of linkedca
2 years ago
Herman Slatman
60d8b22d89
Change context retrievers to MustTFromContext
2 years ago
Herman Slatman
ad2de16299
Merge branch 'master' into herman/allow-deny
2 years ago
Mariano Cano
fe9c3cf753
Merge branch 'master' into ahmet2mir-feat/vault
2 years ago
Herman Slatman
d6be9450be
Merge branch 'master' into herman/allow-deny
2 years ago
Mariano Cano
674dc3c844
Rename unreleased claim to allowRenewalAfterExpiry for consistency.
3 years ago
Mariano Cano
9134bad22c
Run go mod tidy.
3 years ago
Mariano Cano
37b521ec6c
Merge branch 'master' into feat/vault
3 years ago
Herman Slatman
9797b3350e
Merge branch 'master' into herman/allow-deny
3 years ago
Mariano Cano
d4013f0df6
Update linkedca
3 years ago
Herman Slatman
7df52dbb76
Add ACME EAB policy
3 years ago
Herman Slatman
235a2c9d04
Pin to specific version of go.step.sm/linkedca
3 years ago
Herman Slatman
5daa9fc0b1
Merge branch 'master' into herman/allow-deny
3 years ago
Mariano Cano
f5bf46b950
Upgrade go.step.sm/crypto
3 years ago
Herman Slatman
2fbdf7d5b0
Merge branch 'master' into herman/allow-deny
3 years ago
Herman Slatman
1dbaa62740
Update cloud.google.com/go/kms
3 years ago
Herman Slatman
dc23fd23bf
Merge branch 'master' into herman/allow-deny-next
3 years ago
Herman Slatman
6b620c8e9c
Improve protobuf unmarshaling error handling
3 years ago
Herman Slatman
81b0c6c37c
Add API implementation for authority and provisioner policy
3 years ago
Mariano Cano
c903f00cd4
Rename claim to allowRenewAfterExpiry.
3 years ago
Mariano Cano
616490a9c6
Refactor renew after expiry token authorization
...
This changes adds a new authority method that authorizes the
renew after expiry tokens.
3 years ago
Mariano Cano
3fb5e57f12
Upgrade nosql package
...
The new version of the package allows filtering out database drivers
using Go tags.
3 years ago
Mariano Cano
6f46cdb432
Merge pull request #829 from vijayjt/new-azure-token-authz-options
...
Add subscription and object ID validation options to Azure provisioner
3 years ago
vijayjt
7a32c312bf
Update linkedca dependency version
3 years ago
max furman
9d885e6914
bump nosql for postgres support
3 years ago
Mariano Cano
c0525381eb
Merge branch 'master' into feat/vault
3 years ago
Ahmet DEMIR
ab5197500c
fix: a certificat must excldue the root and you should use verified chained intermediate
3 years ago
Herman Slatman
c7c5c3c94e
Merge branch 'master' into herman/scep-macos-renewal-fixes
3 years ago
Mariano Cano
09a9b3e1c8
Upgrade go.step.sm/crypto
3 years ago
Herman Slatman
3b72d241e0
Add LinkedCA integration for improved SCEP provisioner
3 years ago
Ahmet DEMIR
d957a57e24
fix: apply mariano suggestions and fixes
...
* use json.RawMessage to remote mapstructure in options
* use vault secretid structure to support multiple source aka string, file and env
* remove log prefix
* return raw cert on error on newline for cert and csr
* clean sans, commonName in createCertificate (bad copy/paste from StepCAS)
* verify authority fingerprint
* convert serial on revoke to bigint, bytes and vault dashed representation
3 years ago
Ahmet DEMIR
16390694e1
feat(vault): adding hashicorp vault cas
3 years ago
Mariano Cano
01a76445ea
Upgrade go.step.sm/crypto
3 years ago
Mariano Cano
98044cf08d
Use a tagged version of linkedca
3 years ago
Mariano Cano
6a1d0cb9f8
Add linkedca conversions.
3 years ago
Mariano Cano
9ec0276887
Update certificate set with new api.
3 years ago
Mariano Cano
32390a2964
Add initial implementation of a nebula provisioner.
...
A nebula provisioner will generate a X509 or SSH certificate with
the identities in the nebula certificate embedded in the token.
The token is signed with the private key of the nebula certificate.
3 years ago
max furman
7fac8c96c3
Merge branch 'master' into max/context
3 years ago
max furman
196f6b45c9
bump cli-utils to 0.7.0
3 years ago
max furman
b5bf79b84e
bump nosql library
3 years ago
max furman
555431448c
bump version ofcli-utils
3 years ago
Herman Slatman
2c05f488f6
Remove support for Go 1.15
3 years ago
Mariano Cano
62a20c7db5
Upgrade cli-utils with latest version of promptui
3 years ago