dependabot[bot]
ef75d4f3c6
Bump go.step.sm/cli-utils from 0.7.4 to 0.7.5
...
Bumps [go.step.sm/cli-utils](https://github.com/smallstep/cli-utils ) from 0.7.4 to 0.7.5.
- [Release notes](https://github.com/smallstep/cli-utils/releases )
- [Commits](https://github.com/smallstep/cli-utils/compare/v0.7.4...v0.7.5 )
---
updated-dependencies:
- dependency-name: go.step.sm/cli-utils
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
3faa8717b3
Bump google.golang.org/api from 0.96.0 to 0.98.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.96.0 to 0.98.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.96.0...v0.98.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
0027f93fb9
Bump github.com/google/go-cmp from 0.5.8 to 0.5.9
...
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp ) from 0.5.8 to 0.5.9.
- [Release notes](https://github.com/google/go-cmp/releases )
- [Commits](https://github.com/google/go-cmp/compare/v0.5.8...v0.5.9 )
---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Andrew Reed
7101fbb0ee
Provisioner webhooks ( #1001 )
2 years ago
dependabot[bot]
132b32b5a5
Bump github.com/urfave/cli from 1.22.4 to 1.22.10
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.4 to 1.22.10.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.4...v1.22.10 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
7420172d63
Bump github.com/slackhq/nebula from 1.5.2 to 1.6.1
...
Bumps [github.com/slackhq/nebula](https://github.com/slackhq/nebula ) from 1.5.2 to 1.6.1.
- [Release notes](https://github.com/slackhq/nebula/releases )
- [Changelog](https://github.com/slackhq/nebula/blob/master/CHANGELOG.md )
- [Commits](https://github.com/slackhq/nebula/compare/v1.5.2...v1.6.1 )
---
updated-dependencies:
- dependency-name: github.com/slackhq/nebula
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Mariano Cano
906c5067b9
Include attestation roots on provisioner converters
2 years ago
max furman
1e0ea6f958
more linting fixes
2 years ago
Mariano Cano
191d9e8629
Use go.step.sm/crypto to set the permanent identifier
2 years ago
Brandon Weeks
de5b0ef5c2
Verify key authorization is contained within the TPM quote extraData field
2 years ago
Brandon Weeks
248da10f32
Implement TPM attestation statement verification
2 years ago
Brandon Weeks
6f2b4d3042
Add ACME permanent-identifier identifier type
2 years ago
Herman Slatman
25cbe02b9e
Add provisioner template validation
...
Fixes #1012
2 years ago
Mariano Cano
df975122a0
Upgrade linkedca and add entry to changelog
2 years ago
Mariano Cano
bb0210e875
Fix typo in linkedca variable
2 years ago
Mariano Cano
66407139e5
Add methods to convert attestation formats
2 years ago
Mariano Cano
a2749ca8ed
Merge branch 'master' into device-attestation
2 years ago
Mariano Cano
45af68b244
Upgrade go.step.sm/crypto
2 years ago
Mariano Cano
6db631df51
Upgrade go.step.sm/crypto@attest
2 years ago
Mariano Cano
a893d6e7f7
Upgrade go.step.sm/cli-utils
...
Fixes issue with step path
2 years ago
Mariano Cano
1938b1bb34
Merge branch 'master' into herman/fix-template-validation
2 years ago
Mariano Cano
1d1e024b84
Upgrade to go.step.sm/crypto v0.18.0
2 years ago
Mariano Cano
bca311b05e
Add acme property to enable challenges
...
Fixes #1027
2 years ago
Herman Slatman
6b7b989988
Add provisioner template validation
...
Fixes #1012
2 years ago
Mariano Cano
693dc39481
Merge branch 'master' into device-attestation
2 years ago
Mariano Cano
6cab4d328e
Add a middleware to automatically route HEAD requests to GET
...
Fixes #992
2 years ago
Mariano Cano
0c7467ceb2
Allow to automatically configure and linked RA
2 years ago
Mariano Cano
5df1694250
Add endpoint id for the RA certificate
...
In a linked RA mode, send an endpoint id to group the server
certificates.
2 years ago
Mariano Cano
2f7cb9225f
Use go.step.sm/crypto to set the permanent identifier
2 years ago
Mariano Cano
369b8f81c3
Use go.step.sm/crypto/kms
...
Fixes #975
2 years ago
Mariano Cano
e02a190fa7
Merge branch 'master' into device-attestation
2 years ago
Mariano Cano
8445c29db6
Change actions to build using Go 1.19
...
Fixes #998
2 years ago
Mariano Cano
38fb92452f
Merge pull request #993 from smallstep/ra-ids
...
RA provisioner IDs
2 years ago
Mariano Cano
821743f71e
Upgrade newrelic to v3
2 years ago
Aaron Bieber
135c481893
Update deps to bring in support for OpenBSD
...
OpenBSD support was added to the following deps:
- github.com/go-piv/piv-go in https://github.com/go-piv/piv-go/pull/101
- github.com/newrelic/go-agent in https://github.com/newrelic/go-agent/pull/455
- github.com/miekg/pkcs11 in https://github.com/miekg/pkcs11/pull/140
With these deps bumped, tests all pass on OpenBSD amd64.
2 years ago
Mariano Cano
a2f7766943
Use released version of linkedca
2 years ago
Mariano Cano
64744562c6
Send RA provisioner to linkedca.
2 years ago
Brandon Weeks
77c6d10fd6
Verify key authorization is contained within the TPM quote extraData field
2 years ago
Brandon Weeks
e1ec31c0ed
Implement TPM attestation statement verification
2 years ago
Brandon Weeks
2ac8b69da2
Add ACME permanent-identifier identifier type
2 years ago
Mariano Cano
2adf8caac7
Fix Dependabot warning on an indirect dependency
2 years ago
Erik De Lamarter
dec1067add
vault kubernetes auth
2 years ago
Herman Slatman
d1ab1d5431
Merge branch 'master' into herman/update-crypto-0.16.2
2 years ago
Herman Slatman
b75ce3acbd
Update to go.step.sm/crypto v0.16.2
...
This patch release of go.step.sm/crypto fixes an issue with
not all `Subject` names being available for usage in a template
as `ExtraNames`.
2 years ago
Herman Slatman
7030dbb7a1
Use github.com/smallstep/pkcs7 fork with patches applied
2 years ago
Herman Slatman
ed231d29e2
Update to go.step.sm/linkedca@v0.16.1
2 years ago
Herman Slatman
f0272dc717
Fix import replacement of linkedca
2 years ago
Herman Slatman
60d8b22d89
Change context retrievers to MustTFromContext
2 years ago
Herman Slatman
f2f9cb899e
Add conditional defaults to policy protobuf request bodies
2 years ago
Herman Slatman
647538e9e8
Merge branch 'herman/allow-deny' into herman/allow-deny-options
2 years ago
Herman Slatman
ad2de16299
Merge branch 'master' into herman/allow-deny
2 years ago
Herman Slatman
7f9034d22a
Add additional policy options
2 years ago
Mariano Cano
fe9c3cf753
Merge branch 'master' into ahmet2mir-feat/vault
2 years ago
Herman Slatman
d6be9450be
Merge branch 'master' into herman/allow-deny
3 years ago
Mariano Cano
674dc3c844
Rename unreleased claim to allowRenewalAfterExpiry for consistency.
3 years ago
Mariano Cano
26e40068c8
Remove unnecessary dependencies.
3 years ago
Mariano Cano
37b521ec6c
Merge branch 'master' into feat/vault
3 years ago
Mariano Cano
d4013f0df6
Update linkedca
3 years ago
Herman Slatman
7df52dbb76
Add ACME EAB policy
3 years ago
Herman Slatman
235a2c9d04
Pin to specific version of go.step.sm/linkedca
3 years ago
Herman Slatman
5daa9fc0b1
Merge branch 'master' into herman/allow-deny
3 years ago
Mariano Cano
f5bf46b950
Upgrade go.step.sm/crypto
3 years ago
Herman Slatman
2fbdf7d5b0
Merge branch 'master' into herman/allow-deny
3 years ago
Herman Slatman
1dbaa62740
Update cloud.google.com/go/kms
3 years ago
Herman Slatman
dc23fd23bf
Merge branch 'master' into herman/allow-deny-next
3 years ago
Herman Slatman
81b0c6c37c
Add API implementation for authority and provisioner policy
3 years ago
Mariano Cano
c903f00cd4
Rename claim to allowRenewAfterExpiry.
3 years ago
Mariano Cano
616490a9c6
Refactor renew after expiry token authorization
...
This changes adds a new authority method that authorizes the
renew after expiry tokens.
3 years ago
Mariano Cano
3fb5e57f12
Upgrade nosql package
...
The new version of the package allows filtering out database drivers
using Go tags.
3 years ago
Mariano Cano
6f46cdb432
Merge pull request #829 from vijayjt/new-azure-token-authz-options
...
Add subscription and object ID validation options to Azure provisioner
3 years ago
vijayjt
7a32c312bf
Update linkedca dependency version
3 years ago
max furman
9d885e6914
bump nosql for postgres support
3 years ago
Mariano Cano
c0525381eb
Merge branch 'master' into feat/vault
3 years ago
Herman Slatman
c7c5c3c94e
Merge branch 'master' into herman/scep-macos-renewal-fixes
3 years ago
Mariano Cano
09a9b3e1c8
Upgrade go.step.sm/crypto
3 years ago
Herman Slatman
3b72d241e0
Add LinkedCA integration for improved SCEP provisioner
3 years ago
Ahmet DEMIR
d957a57e24
fix: apply mariano suggestions and fixes
...
* use json.RawMessage to remote mapstructure in options
* use vault secretid structure to support multiple source aka string, file and env
* remove log prefix
* return raw cert on error on newline for cert and csr
* clean sans, commonName in createCertificate (bad copy/paste from StepCAS)
* verify authority fingerprint
* convert serial on revoke to bigint, bytes and vault dashed representation
3 years ago
Ahmet DEMIR
16390694e1
feat(vault): adding hashicorp vault cas
3 years ago
Mariano Cano
01a76445ea
Upgrade go.step.sm/crypto
3 years ago
Mariano Cano
98044cf08d
Use a tagged version of linkedca
3 years ago
Mariano Cano
6a1d0cb9f8
Add linkedca conversions.
3 years ago
Mariano Cano
9ec0276887
Update certificate set with new api.
3 years ago
Mariano Cano
32390a2964
Add initial implementation of a nebula provisioner.
...
A nebula provisioner will generate a X509 or SSH certificate with
the identities in the nebula certificate embedded in the token.
The token is signed with the private key of the nebula certificate.
3 years ago
Herman Slatman
06bb97c91e
Add logic for Account authorizations and improve tests
3 years ago
max furman
7fac8c96c3
Merge branch 'master' into max/context
3 years ago
max furman
196f6b45c9
bump cli-utils to 0.7.0
3 years ago
max furman
b5bf79b84e
bump nosql library
3 years ago
max furman
555431448c
bump version ofcli-utils
3 years ago
max furman
da74fa2eb9
Rename FullSnippet to Fragment and remove unused replace in go.mod
3 years ago
max furman
741ac64c61
change name of package cli-utils/config to cli-utils/step
3 years ago
Herman Slatman
2c05f488f6
Remove support for Go 1.15
3 years ago
Mariano Cano
62a20c7db5
Upgrade cli-utils with latest version of promptui
3 years ago
Mariano Cano
9958e0645f
Replace promptui with apache-compatible fork.
...
Promptui depends on github.com/juju/ansiterm that is licensed under
LGPL. The fork replaces ansiterm.TabWriter with the one in the
standard library.
3 years ago
Mariano Cano
0927e0d22a
Upgrade go.step.sm/crypto dependency
...
The new version removes "env" and "expandenv" sprig functions.
3 years ago
Mariano Cano
edd475b81b
Allow to configure azurekms using the URI
...
With an URI, azurekms can be configured with client credentials,
and it can define a default vault and protection level.
3 years ago
Mariano Cano
e15b5faf7d
Merge branch 'master' into keyvault
3 years ago
Mariano Cano
d8720c3723
Update linkedca package.
3 years ago
Mariano Cano
48549bf317
Initialize windows terminal on all binaries.
3 years ago
Mariano Cano
6389100325
Add unit tests for azurekms.
3 years ago
Mariano Cano
392a18465f
Add initial implementation of Azure Key Vault KMS.
...
Fixes #462
3 years ago