dependabot[bot]
4e077f997e
Bump cloud.google.com/go/security from 1.8.0 to 1.9.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.8.0...asset/v1.9.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Max
995b6d1b6c
Merge pull request #1142 from smallstep/max/keyless-cosign
...
[action] keyless cosign for all release artifacts
2 years ago
max furman
c36b36f070
[action] cosign over docker image digest
2 years ago
Mariano Cano
3e0b603eb4
Merge pull request #731 from unreality/crl-support
...
Support for CRL
2 years ago
Mariano Cano
2d582e5694
Remove use of time.Duration.Abs
...
time.Duration.Abs() was added in Go 1.19
2 years ago
Mariano Cano
89c8c6d0a0
Fix package name in tls test
2 years ago
Mariano Cano
f066ac3d40
Remove buggy logic on GetRevokedCertificates()
2 years ago
Mariano Cano
51c7f56030
Truncate time to the second
2 years ago
Mariano Cano
6d4fd7d016
Update changelog with CRL support
2 years ago
Mariano Cano
812fee7630
Start crl generator before setting initOnce
2 years ago
Mariano Cano
59775fff0c
Merge branch 'master' into crl-support
2 years ago
Mariano Cano
8200d19894
Improve CRL implementation
...
This commit adds some changes to PR #731 , some of them are:
- Add distribution point to the CRL
- Properly stop the goroutine that generates the CRLs
- CRL config validation
- Remove expired certificates from the CRL
- Require enable set to true to generate a CRL
This last point is the principal change in behaviour from the previous
implementation. The CRL will not be generated if it's not enabled, and
if it is enabled it will always be regenerated at some point, not only
if there is a revocation.
2 years ago
max furman
c43d59a69a
[action] keyless cosign for all release artifacts
2 years ago
Herman Slatman
0af15a0538
Merge pull request #1140 from smallstep/herman/remote-management-helm
...
Add provisioner and super admin subject output to `ca init`
2 years ago
Herman Slatman
a9359522e6
Add provisioner and super admin subject output to `ca init`
...
When initializing a CA with `--remote-management`, it wasn't made
clear that the default JWK provisioner is used when authenticating
for administration purposes and that a default `step` user is
created to login with. This commit adds some additional information
to the CLI output on completion of `ca init`.
2 years ago
Herman Slatman
a718359b7f
Merge pull request #1075 from smallstep/herman/remote-management-helm
...
Add `enableAdmin` and `enableACME` to Helm values.yml generation
2 years ago
Mariano Cano
2e39b6305e
Merge pull request #1139 from smallstep/update-pkcs7
...
Upgrade pkcs7 to the latest patches branch
2 years ago
Herman Slatman
b9f238ad4d
Add additional ACME `meta` properties to provisioner configuration
2 years ago
Mariano Cano
aed1738ad0
Upgrade pkcs7 to the latest patches branch
...
smallstep/pkcs7@patches includes now support for generic Decrypter
methods, so KMS can be used instead of a key in disk with SCIM
2 years ago
Max
c407354c70
Merge pull request #1137 from smallstep/dependabot/go_modules/google.golang.org/api-0.100.0
...
Bump google.golang.org/api from 0.99.0 to 0.100.0
2 years ago
Max
25340c2bf6
Merge pull request #1138 from smallstep/dependabot/go_modules/github.com/stretchr/testify-1.8.1
...
Bump github.com/stretchr/testify from 1.8.0 to 1.8.1
2 years ago
dependabot[bot]
3e96113162
Bump github.com/stretchr/testify from 1.8.0 to 1.8.1
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.0...v1.8.1 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
016973fd2b
Bump google.golang.org/api from 0.99.0 to 0.100.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.99.0 to 0.100.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.99.0...v0.100.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Herman Slatman
e90fe4bfa0
Update CHANGELOG.md with provisioner migration
2 years ago
Herman Slatman
9d04e7d1dc
Remove period in log output
2 years ago
Herman Slatman
54c560f620
Improve configuration file initialization log output
2 years ago
Herman Slatman
fd38dd34f9
Fix PR comments
2 years ago
Herman Slatman
c9793561ff
Make `meta` object optional in ACME directory response
...
Harware appliances from Kemp seem to validate the contents of the
`meta` object, even if none of the properties in the `meta` object
is set. According to the RFC, the `meta` object, as well as its
properties are optional, so technically this should be fixed by
the manufacturer.
This commit is to see if we validation of the `meta` object is
skipped if it's not available in the response.
2 years ago
Herman Slatman
49718f1bbb
Fix some comments
2 years ago
Herman Slatman
70da534893
Merge branch 'master' into herman/remote-management-helm
2 years ago
Mariano Cano
398213af51
Merge pull request #1123 from smallstep/renew-raw-subject
...
Use RawSubject on renew and rekey
2 years ago
Mariano Cano
caf0628b8c
Merge pull request #1122 from smallstep/fix-1114
...
Split build and download in Dockerfiles
2 years ago
Mariano Cano
aefdfc7be7
Use RawSubject on renew and rekey
...
Renew was not replicating exactly the subject because extra names
gets decoded into pkix.Name.Names, the non-default ones should be
added to pkix.Name.ExtraNames. Instead of doing that, this commit
sets the RawSubject that will also keep the order.
Fixes #1106
2 years ago
Mariano Cano
18555a3cb2
Split build and download in Dockerfiles
...
On systems with low resources the command `go mod download` can fail.
This causes long builds of the docker images. This change adds a new
layer in the docker build splitting the build and download in two
steps.
Fixes #1114
2 years ago
Mariano Cano
53f2ecdad9
Merge pull request #1121 from smallstep/fix-1115
...
Use sh instead of bash in .version.sh script
2 years ago
Mariano Cano
d07c9accea
Use sh instead of bash in .version.sh script
...
Fixes #1115
2 years ago
Max
7b45968198
Merge pull request #1119 from smallstep/max/common-triage
2 years ago
max furman
91775f6d67
[action] move oss triage wofkow to common workflows
2 years ago
Max
361e2b2907
Merge pull request #1116 from smallstep/max/docs-revocation-link
...
Update revocation docs link
2 years ago
Max
c103458ee9
Merge pull request #1110 from smallstep/dependabot/go_modules/google.golang.org/api-0.99.0
...
Bump google.golang.org/api from 0.98.0 to 0.99.0
2 years ago
max furman
e436c36f8b
Update revocation docs link
2 years ago
dependabot[bot]
b83f268b4d
Bump google.golang.org/api from 0.98.0 to 0.99.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.98.0 to 0.99.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.98.0...v0.99.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Max
f410ef6628
Merge pull request #1112 from smallstep/dependabot/go_modules/github.com/googleapis/gax-go/v2-2.6.0
...
Bump github.com/googleapis/gax-go/v2 from 2.5.1 to 2.6.0
2 years ago
dependabot[bot]
c3f6dcf7e7
Bump github.com/googleapis/gax-go/v2 from 2.5.1 to 2.6.0
...
Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go ) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/googleapis/gax-go/releases )
- [Commits](https://github.com/googleapis/gax-go/compare/v2.5.1...v2.6.0 )
---
updated-dependencies:
- dependency-name: github.com/googleapis/gax-go/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Herman Slatman
f7d153efa7
Merge pull request #1109 from smallstep/herman/remove-acme-revoke-authorization-todo
...
Remove TODO and clarify ACME revoke authorization method docs
2 years ago
Max
70828b882f
Merge pull request #1111 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.8.1
...
Bump github.com/hashicorp/vault/api from 1.8.0 to 1.8.1
2 years ago
Max
a7db13d47b
Merge pull request #1113 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.50.1
...
Bump google.golang.org/grpc from 1.50.0 to 1.50.1
2 years ago
dependabot[bot]
9ee11fd850
Bump google.golang.org/grpc from 1.50.0 to 1.50.1
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.50.0 to 1.50.1.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.0...v1.50.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
3676c59599
Bump github.com/hashicorp/vault/api from 1.8.0 to 1.8.1
...
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault ) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.0...v1.8.1 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Herman Slatman
cbc0864370
Remove TODO and clarify ACME revoke authorization method docs
2 years ago