Herman Slatman
d981b9e0dc
Add `--admin-subject` flag to `ca init`
...
The first super admin subject can now be provided through the
`--admin-subject` flag when initializing a CA.
It's not yet possible to configure the subject of the first
super admin when provisioners are migrated from `ca.json` to the
database. This effectively limits usage of the flag to scenarios
in which the provisioners are written to the database immediately,
so when `--remote-management` is enabled. It currently also doesn't
work with Helm deployments, because there's no mechanism yet to
pass this type of option to the Helm chart.
This commit partially addresses https://github.com/smallstep/cli/issues/697
2 years ago
Herman Slatman
57001168a5
Add default `SSHPOP` provisioner to Helm template output
2 years ago
Herman Slatman
c423e2f664
Improve Helm test data to be more realistic
2 years ago
Herman Slatman
459bfc4c4f
Add gibberish test key bytes to Helm tests
2 years ago
Herman Slatman
3262ffd43b
Add X.509 intermedaite and root certificates to Helm tests
2 years ago
Herman Slatman
1a5523f5c0
Add default JWK to the Helm tests
2 years ago
Herman Slatman
da5d2b405c
Merge branch 'master' into herman/remote-management-helm
2 years ago
Max
65b5a636df
Merge pull request #1104 from smallstep/max/err-assert
...
Fix err assert linter warnings - upgrade outdated package
2 years ago
max furman
7203739369
Fix err assert linter warnings - upgrade outdated package
2 years ago
Herman Slatman
6516384160
Trigger CI
2 years ago
Mariano Cano
e0994bed9d
Merge pull request #1102 from smallstep/yubikey-no-ca
...
Add test simulating YubiKey v5.2.4
2 years ago
Mariano Cano
a7e597450a
Update acme/challenge_test.go
...
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
2 years ago
Herman Slatman
317efa4568
Add some TODOs for improvingin PKI initialization maintainability
2 years ago
Herman Slatman
8616d3160f
Add tests for writing the Helm template
2 years ago
Herman Slatman
674206320c
Write updated CA configuration after migrating provisioners
2 years ago
Herman Slatman
b5837f20c9
Merge branch 'master' into herman/remote-management-helm
2 years ago
Herman Slatman
c9ee4a9f9d
Disable initialization log output if started with `--quiet`
2 years ago
Mariano Cano
7a78c76199
Add test simulating YubiKey v5.2.4
...
There are YubiKeys v5.2.4 where the attestation intermediate (f9)
does not have a basic constraint extension, so that certificate
is not marked as a CA. The test and CA in this commit imitates
that use case. Currently the test case returns an error as we
don't support it. But if we change the verification to support
this use case, the test should change accordingly.
2 years ago
Max
b142fc70f7
Merge pull request #1099 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.50.0
...
Bump google.golang.org/grpc from 1.49.0 to 1.50.0
2 years ago
Max
32edc54946
Merge pull request #1100 from smallstep/dependabot/go_modules/github.com/sirupsen/logrus-1.9.0
...
Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
2 years ago
Max
8598ff6a1c
Merge pull request #1101 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.21.0
...
Bump go.step.sm/crypto from 0.20.0 to 0.21.0
2 years ago
dependabot[bot]
b27d36d556
Bump go.step.sm/crypto from 0.20.0 to 0.21.0
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.20.0...v0.21.0 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
2522efe27a
Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
...
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus ) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/sirupsen/logrus/releases )
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0 )
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
2ee4218a69
Bump google.golang.org/grpc from 1.49.0 to 1.50.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.49.0 to 1.50.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.49.0...v1.50.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Herman Slatman
90cdcdd2eb
Merge pull request #1097 from smallstep/herman/update-nosql-v0.5.0
...
Update `github.com/smallstep/nosql` to v0.5.0
2 years ago
Herman Slatman
aa4e5bed76
Update changelog with `smallstep/nosql@v0.5.0` fixes
2 years ago
Herman Slatman
764b7bb02f
Update `github.com/smallstep/nosql` to v0.5.0
...
This version of `nosql` includes some fixes for MySQL DSNs. The
tag is backdated a bit, as to not include the most recent
changes, which may have a bigger impact.
Also ran `go mod tidy`, `go mod vendor`
2 years ago
Raal Goff
f7df865687
refactor crl config, add some tests
2 years ago
Mariano Cano
a8f9b07aae
Merge pull request #1096 from smallstep/attestation-info
...
Attestation data
2 years ago
Mariano Cano
bd1938b0da
Add support for storing or sending attestation data to linkedca
2 years ago
Herman Slatman
cebb7d7ef0
Add automatic migration of provisioners
...
Provisioners stored in the CA configuration file are
automatically migrated to the database.
Currently no cleanup of the provisioners in the
configuration file yet. In certain situations this
may not work as expected, for example if the CA can't
write to the file. But it's probalby good to try it, so
that we can keep the configuration state of the CA consistent.
2 years ago
Herman Slatman
939e60b378
Merge branch 'master' into herman/remote-management-helm
2 years ago
Max
139e115f6f
Merge pull request #1091 from smallstep/max/pat
...
[action] replace secrets.PAT with more specific secrets
2 years ago
max furman
c66218330a
[action] replace secrets.PAT with more specific secrets
2 years ago
Max
a258ea3e2d
Merge pull request #1090 from smallstep/max/contextcheck
...
No longer need to ignore context warnings when context in request
2 years ago
max furman
66858a3870
No longer need to ignore context warnings when context in request
...
- after upgrade to golangci-lint 1.50.0
2 years ago
Max
72b6cb6d31
Merge pull request #1081 from smallstep/max/action-update
...
[action] updates and first pass at goreleaser deb
2 years ago
max furman
97cc09e26c
Remove deprecated binaries for awskms and cloudkms
2 years ago
max furman
4c687efb17
[action] updates and first pass at goreleaser deb
2 years ago
Mariano Cano
818dffe6fe
Merge pull request #1089 from smallstep/attestation-error
...
Revert ValidatedAt
2 years ago
Mariano Cano
21666ba887
Revert "Set timestamp when marking an acme challenge invalid"
...
This reverts commit 5f130895f3
.
2 years ago
Mariano Cano
8538ff06b7
Add missing error case.
2 years ago
Max
37e80964ae
Merge pull request #1088 from smallstep/max/secrets
...
[action] remove gitleaks secret, add codecov secret and inheritance
2 years ago
Mariano Cano
c071907cd1
Merge pull request #1087 from smallstep/acme-validated-at
...
Set Challenge ValidateAt
2 years ago
max furman
505c411a67
[action] remove gitleaks secret, add codecov secret and inheritance
2 years ago
Mariano Cano
5f130895f3
Set timestamp when marking an acme challenge invalid
2 years ago
Max
a4f6b1ba0f
Merge pull request #1086 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/kubernetes-0.3.0
...
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.1.0 to 0.3.0
2 years ago
Max
87079a87d6
Merge pull request #1085 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.8.0
...
Bump cloud.google.com/go/security from 1.7.0 to 1.8.0
2 years ago
dependabot[bot]
3abb42dd1d
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.1.0 to 0.3.0
...
Bumps [github.com/hashicorp/vault/api/auth/kubernetes](https://github.com/hashicorp/vault ) from 0.1.0 to 0.3.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.1.0...v0.3.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/kubernetes
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Max
b1c396c829
Merge pull request #1083 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.19.2
...
Bump github.com/newrelic/go-agent/v3 from 3.18.0 to 3.19.2
2 years ago