Herman Slatman
52bc96760b
Add SCEP certificate issuance notification webhook
10 months ago
Herman Slatman
a3c9dd796a
Merge branch 'herman/scep-provisioner-decrypter' of github.com:smallstep/certificates into herman/scep-provisioner-decrypter
10 months ago
Herman Slatman
69a53eec33
Merge branch 'master' into herman/scep-provisioner-decrypter
10 months ago
Dominic Evans
231b5d8406
chore(deps): upgrade github.com/go-chi/chi to v5
...
Upgrade chi to the v5 module path to avoid deprecation warning about v4
and earlier on the old module path.
See https://github.com/go-chi/chi/blob/v4.1.3/go.mod#L1-L4
Signed-off-by: Dominic Evans <dominic.evans@uk.ibm.com>
10 months ago
Herman Slatman
09cc834ffa
Merge pull request #1541 from smallstep/herman/fix-go-tpm-0.9.0
...
Upgrade go-tpm to v0.9.0
10 months ago
Herman Slatman
4ef093dc4b
Fix broken tests relying on `Sign` in mocks
10 months ago
Herman Slatman
9e3807eaa3
Use `SignWithContext` in the critical paths
10 months ago
Herman Slatman
4e06bdbc51
Add `SignWithContext` method to authority and mocks
10 months ago
Herman Slatman
b2301ea127
Remove the webhook `Do` method
10 months ago
Herman Slatman
f3229d3e3c
Propagate (original) request ID to webhook requests
...
Technically the webhook request is a new request, so maybe the
`X-Request-ID` should not be set to the value of the original
request? But then the original request ID should be propageted
in the webhook request body, or using a different header.
The way the request ID is used in this functionality is actually
more like a tracing ID, so that may be an option too.
10 months ago
Herman Slatman
ea7c508fbb
Upgrade to `go.step.sm/crypto` v0.35.1
10 months ago
Herman Slatman
c3572281ad
Upgrade `github.com/smallstep/go-attestation` to fix legacy `tpm2`
10 months ago
Herman Slatman
f2993c4c3b
Use the legacy `tpm2` package import
10 months ago
dependabot[bot]
18d1b21a66
Bump github.com/google/go-tpm from 0.3.3 to 0.9.0
...
Bumps [github.com/google/go-tpm](https://github.com/google/go-tpm ) from 0.3.3 to 0.9.0.
- [Release notes](https://github.com/google/go-tpm/releases )
- [Commits](https://github.com/google/go-tpm/compare/v0.3.3...v0.9.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-tpm
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
10 months ago
github-actions[bot]
70533f55a4
Merge pull request #1538 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/kubernetes-0.5.0
...
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.4.1 to 0.5.0
10 months ago
github-actions[bot]
b63276cc04
Merge pull request #1539 from smallstep/dependabot/go_modules/google.golang.org/api-0.141.0
...
Bump google.golang.org/api from 0.138.0 to 0.141.0
10 months ago
dependabot[bot]
d05f030452
Bump google.golang.org/api from 0.138.0 to 0.141.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.138.0 to 0.141.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.138.0...v0.141.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
10 months ago
github-actions[bot]
1a6301e977
Merge pull request #1540 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.58.1
...
Bump google.golang.org/grpc from 1.58.0 to 1.58.1
10 months ago
dependabot[bot]
a73617150e
Bump google.golang.org/grpc from 1.58.0 to 1.58.1
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.58.0 to 1.58.1.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.58.0...v1.58.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
10 months ago
dependabot[bot]
75132d94f3
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.4.1 to 0.5.0
...
Bumps [github.com/hashicorp/vault/api/auth/kubernetes](https://github.com/hashicorp/vault ) from 0.4.1 to 0.5.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG-v0.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.4.1...v0.5.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/kubernetes
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
10 months ago
github-actions[bot]
fda0bdb0c7
Merge pull request #1531 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.58.0
...
Bump google.golang.org/grpc from 1.57.0 to 1.58.0
10 months ago
dependabot[bot]
77eeb7e2c5
Bump google.golang.org/grpc from 1.57.0 to 1.58.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.57.0 to 1.58.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.57.0...v1.58.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
10 months ago
github-actions[bot]
828591c61b
Merge pull request #1530 from smallstep/dependabot/go_modules/golang.org/x/net-0.15.0
...
Bump golang.org/x/net from 0.14.0 to 0.15.0
10 months ago
github-actions[bot]
1a4203edc0
Merge pull request #1533 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/approle-0.5.0
...
Bump github.com/hashicorp/vault/api/auth/approle from 0.4.1 to 0.5.0
10 months ago
dependabot[bot]
23cc1c71ee
Bump golang.org/x/net from 0.14.0 to 0.15.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/net/compare/v0.14.0...v0.15.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
10 months ago
github-actions[bot]
fc1b720f35
Merge pull request #1532 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.13.0
...
Bump golang.org/x/crypto from 0.12.0 to 0.13.0
10 months ago
Max
67a41dca83
Remove db datasource from error msg to prevent leaking of secrets ( #1528 )
10 months ago
dependabot[bot]
ea40de159c
Bump github.com/hashicorp/vault/api/auth/approle from 0.4.1 to 0.5.0
...
Bumps [github.com/hashicorp/vault/api/auth/approle](https://github.com/hashicorp/vault ) from 0.4.1 to 0.5.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG-v0.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.4.1...v0.5.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/approle
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
10 months ago
dependabot[bot]
b330c63df8
Bump golang.org/x/crypto from 0.12.0 to 0.13.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/crypto/compare/v0.12.0...v0.13.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
10 months ago
Max
b7c4ed26fb
Use provisioner name in error message ( #1524 )
10 months ago
Herman Slatman
4cc4bba7e9
Merge pull request #1523 from smallstep/herman/scep-webhook-csr
...
Add CSR to `SCEPCHALLENGE` webhook request body
10 months ago
Herman Slatman
33e661ce7d
Add a dummy CSR to SCEP request body tests
10 months ago
Carl Tashian
09ccb22c4b
Merge pull request #1521 from smallstep/carl/winget
...
Winget: Only make PRs on releases, not release candidates
10 months ago
Herman Slatman
36f1dd70bf
Add CSR to `SCEPCHALLENGE` webhook request body
10 months ago
Herman Slatman
98d015b5c3
Fix linting issues
10 months ago
Herman Slatman
d9f56cdbdc
Merge branch 'master' into herman/scep-provisioner-decrypter
10 months ago
Herman Slatman
9d3b78ae49
Add `excludeIntermediate` to SCEP provisioner
10 months ago
Carl Tashian
db369ddc23
Only make PRs on releases, not release candidates
10 months ago
Carl Tashian
83e5d4222d
Merge pull request #1519 from smallstep/carl/winget
...
Add Winget release automation
10 months ago
Max
e22166c628
provisionerOptionsToLinkedCA missing template and templateData ( #1520 )
10 months ago
Carl Tashian
73d765d1a9
Add Winget release automation
10 months ago
Max
116ff8ed65
bump go.mod to go1.20 and associated linter fixes ( #1518 )
10 months ago
github-actions[bot]
d727f228ff
Merge pull request #1517 from smallstep/dependabot/go_modules/github.com/google/uuid-1.3.1
...
Bump github.com/google/uuid from 1.3.0 to 1.3.1
10 months ago
dependabot[bot]
8d26a6c832
Bump github.com/google/uuid from 1.3.0 to 1.3.1
...
Bumps [github.com/google/uuid](https://github.com/google/uuid ) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases )
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/uuid/compare/v1.3.0...v1.3.1 )
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
10 months ago
github-actions[bot]
ddabd453bd
Merge pull request #1513 from smallstep/dependabot/go_modules/google.golang.org/api-0.138.0
...
Bump google.golang.org/api from 0.136.0 to 0.138.0
11 months ago
github-actions[bot]
fc0edb4c90
Merge pull request #1514 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.35.0
...
Bump go.step.sm/crypto from 0.34.0 to 0.35.0
11 months ago
dependabot[bot]
dccbe9f845
Bump go.step.sm/crypto from 0.34.0 to 0.35.0
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.34.0 to 0.35.0.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.34.0...v0.35.0 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
11 months ago
dependabot[bot]
1ca2353160
Bump google.golang.org/api from 0.136.0 to 0.138.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.136.0 to 0.138.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.136.0...v0.138.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
11 months ago
Mariano Cano
9ea1e64a0a
Merge pull request #1511 from smallstep/fix-cbor-error
...
Fix error string in tests
11 months ago
Mariano Cano
d739aab345
Define BaseContext before starting the server in tests
...
If the http.Server BaseContext is not define before the start of the
server, it might not be properly set depending on the goroutine
scheduler. This was causing random errors on CI.
11 months ago