boundary

Commit Graph

Author	SHA1	Message	Date
dani	a7c1876d7b	remove deprecated option application-credential-source (#3728 ) Co-authored-by: Danielle Miu <29378233+DanielleMiu@users.noreply.github.com>	3 years ago
Sepehr	16d86d601a	Add additional observation tags, remove from version and authorized_action	3 years ago
Sepehr	14af8e8cd7	observation tags proto messages	3 years ago
Jim	d5411a26f6	chore: update protobuf dep (#3669 )	3 years ago
hashicorp-copywrite[bot]	29da0bcb92	[COMPLIANCE] License changes (#3567 ) * Adding explicit MPL license for sub-package. This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Updating the license from MPL to Business Source License Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at https://hashi.co/bsl-blog, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl. * Update copyright file headers to BUS-1.1 * Rerun make gen This will pick up the last of the license changes * Revert "Rerun make gen" This reverts commit `dbe0968bff`. * Remove copywrite from generation script The current version of copywrite is not sophisticated enough to only apply the copywrite changes to certain subdirectories, so to avoid accidentally relicensing our api and sdk modules, we will stop running the copywrite script until such time that it can do the right thing. * License protobuf API as MPL The protobuf API files are used to generate the SDK, since we want the SDK to be MPL, the protobuf files must also be MPL. This extends to all protobuf files whose sources end up in the SDK directory, including: - internal/proto/controller/api - internal/proto/controller/custom_options - internal/proto/plugin It also includes the generated service directory in internal/gen/controller/api/services, since they are generated from the protobuf sources used for the SDK. * Change website license file name This makes the naming scheme consistent with the rest of the repository. * Add note on licensing to README * Set copywrite license to BUSL * Revert "Add note on licensing to README" This reverts commit `4d865a91a7`. --------- Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com> Co-authored-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com>	3 years ago
Johan Brandhorst-Satzkorn	e4f49e1bb0	api: add classification to session recordings (#3300 )	3 years ago
Johan Brandhorst-Satzkorn	0c8177590f	Upgrade grpc-gateway dependency (#3257 ) * proto: correct classification of authz token The target authorization token had the invalid classification "private". Fortunately, classification is a fail-closed system, so this won't have exposed users authorization tokens, but we should still use the correct classification. Use "secret". * scripts: add Go script to remove gotags comments The new version of grpc-gateway includes our gotags comments in the generate swagger documentation. This script removes all mentions of these. * Upgrade grpc-gateway dependency Mainly we need this to fix generation of our docs side API docs, but it also includes a nice fix for the new Download RPC, i.e. it now contains the correct response schema (a binary stream).	3 years ago
Louis Ruch	8ea61054cd	feat(storage): Add support for Storage Bucket API	3 years ago
Todd	bc48f2d0e0	Add monitor session job proto and controller changes This adds a new Job type that is for generic session state monitoring. Monitoring sessions does not include any information about specific connections.	3 years ago
Todd	4c801cca18	update the recording msg type enums	3 years ago
Todd	dbe3473874	Add CreateChannel enum for upstream message handler	3 years ago
Todd	68dc4da50e	Add CloseConnectionRecording enums to the upstream message service	3 years ago
Johan Brandhorst-Satzkorn	7632143861	add session recording API definitions	3 years ago
Jim	b9cc441227	feature (handlers): add UpstreamMessageService and its oss impl. Define OSS protos for UpstreamMessageService rpc which defines a way to send an upstream message to a controller (across multi-hops if needed). Implement OSS versions of both workers and controllers for the UpstreamMessageService. The upstream requests/responses are encrypted using the originating worker's NodeCredential's key. The worker always forwards the request upstream. The controller attends to find a registered UpstreamMessageHandler to handle the msg; if none if found, then an Unimplemented status error is returned.	3 years ago
Jeff Mitchell	7bdbe8ab8e	Update changelog (#3250 )	3 years ago
Jeff Mitchell	c149bc4a79	Allow slashes in authorize-session when using target name (#3249 ) This requires specifying `**` as the selector in the proto, which will match any segments and simply requires that the verb is the last part of the URL, which it already is.	3 years ago
Jim	63a2b62b85	chore (deps): update GKW and protobuf; and run "make gen" (#3111 )	3 years ago
Jim	982c9c263c	chore: update buf version to 1.15.1 (#3102 )	3 years ago
Jim	86192f75eb	feature (auth/ldap): add LDAP auth method along with associated accounts and managed groups (#2912 ) * feature (auth): required schema changes for auth ldap method (#2669) chore (auth/ldap): move schema changes to next avail migration number * feature (auth/ldap): define AuthMethod and all its value objects (#2703) * feature (auth/ldap): storage protos * feature (auth/ldap): define AuthMethod and all its value objects * feature (auth/ldap): add repo and reading an auth method (#2718) * feature (auth/ldap): add Repository.CreateAuthMethod(...) and Repository.DeleteAuthMethod(...) (#2724) * feature (auth/ldap): add Repository.UpdateAuthMethod(...) (#2739) * feature (auth/ldap): add Account * feature (auth/ldap): add AuthMethod.EnableGroups * fix (auth/ldap): refactor AuthMethod.oplog to enforce proper constraints * feature (auth/ldap): add Account repo functions * refactor (auth/ldap): remove entry attributes from account Realized the entry attributes could have absolutely anything in them (including binary data) and since we absolutely don't have to have them there's just no reason to take on the risk. * feature (auth/ldap): add AuthMethod.UseTokenGroups * feature (auth/ldap): add Authenticate(...) * refactor (auth/ldap): ensure options take a context as the 1st parameter * feature (auth/ldap): add Account attribute maps * chore (auth/ldap): make fmt deltas * feature (auth/ldap): add managed groups (#2760) * tests (auth/ldap): add missing unit test to Repository.DeleteAccount(...) Add bits to test the delete operation when you're not able to generate oplog metadata * feature (auth/ldap): add managed groups fixup! feature (auth/ldap): add managed groups (#2760) * feature (auth/ldap): service proto definition (#2761) * feature (handlers/authmethods): add handlers for ldap auth method operations (#2794) * feature (auth/ldap): add Account attribute maps * chore (auth/ldap): update cap/ldap to latest version * feature (auth/ldap): add ldap api generation definitions * feature (authmethods): add ldap repo NewService(...) * feature (authmethods/ldap): add proper mask_mapping to protobufs * feature (authmethods): add support to get an ldap auth method * refactor (auth/ldap): export TestGenerateCA(...) * feature (authmethods): add support to create an ldap auth method * feature (authmethods): add support to delete an ldap auth method * feature (authmethods): add support to list ldap auth methods * refactor (auth/ldap): make urls optional for NewAuthMethod(...) * refactor (auth/ldap): export ldap.TestInvalidPem * chore: make fmt changes * fix (auth/ldap): properly handle group search config Add constraints and tests to ensure when an ldap AuthMethod.EnableGroups is true, and UseTokenGroups is false; that there's a GroupDn configured for finding a user's associated groups * feature (authmethods): add support to update an ldap auth methods * chore (db/ldap): tmp mv migrations so there's no conflict with ongoing work * feature (verifier): add ldap auth method to verifier bits * fix (controller): prevent panic when controller stops when there's no listener * feature (authmethods): add support to authenticate via ldap auth methods * chore (migrations): fix whitespace in stmt * chore: fmt fixup * tests (auth/ldap): invalid err msg * feature (cli/authmethods): add support for ldap auth-methods CRUD and authenticate (#2810) * feature (authmethods): add CLI support for ldap auth methods CRUD * tests (api/auth): ldap auth method classification tests * feature (authmethods): add CLI support for ldap auth authenticate * feature (auth/ldap): set request timeouts for ldap server connections * feature (handlers/authmethods): handle u_anon listing properly. * feature (account/handers): ldap account and managed group CRUDL APIs (#2852) * feature (auth/ldap) add repository Listing of ManagedGroupMemberAccount * feature (controller/handlers): add ldapRepoFn to accounts service * feature (auth/ldap) register ldap managed group subtype * feature (account/handlers): ldap account CRUDL APIs * feature (controller/handlers): add ldapRepo to managed groups service * feature (account/handlers): ldap managed group CRUDL APIs * docs (domain): add LDAP accounts, auth-methods and managed groups (#2857) * feature (ldap/cli) add ldap accounts and managed groups CRUDL commands (#2856) * fix (handlers/authmethods): fix ldap authorized actions (#2892) * feature (cli/ldap/authenticate): use primary auth method if none is provided (#2890) * fix (auth/ldap): support setting the state attribute * feature (cli/ldap/authenticate): use primary auth method if none is provided * feature (wh/ldap) add tests for new ldap auth method and accounts (#2919) * refactor (migrations/ldap): mv to correct directory * chore: add copyright headers * fix (api/authmethods/ldap): renumber new LdapAuthMethodAttributes field * fix (auth/ldap): allow the auth method state to be updated (#2951) * chore: update sdk and api versions for llb - this is tmp until merging * tests (managed groups): add required errContains for new test	3 years ago
Todd	fe5b554370	AuthorizedDownstreamWorkers now separated from AuthorizedWorkers to maintain API compatibility (#2957 ) * AuthorizedDownstreamWorkers now separated from AuthorizedWorkers to maintain API compatibility	3 years ago
Todd	1e89be1b1a	Downstream worker connections are tracked by worker id (#2949 ) When possible downstream workers will include their worker id information in the connections they establish with the upstream using the nodeenrollment library. The tracking listener now tracks connections that are connected in this same way instead of just connections of type *tls.Conn.	3 years ago
Johan Brandhorst-Satzkorn	3c29308673	chore: Add license headers to all files	3 years ago
Timothy Messier	1aaaf4af1d	feat(controller): Translate ssh certificate credentials for worker	3 years ago
Damian Debkowski	1d3930a711	feat(handlers): Support address field on a Target	3 years ago
Irena Rindos	24bbf57a19	AuthorizeConnection with filters (#2734 ) * AuthorizeConnection with filters	3 years ago
Todd	b6c0ccc1e8	Refactor proxy handler to separate connection and protocol handling (#2678 )	3 years ago
Johan Brandhorst-Satzkorn	edd323b73a	Key Rotation/Destruction (#2477 ) (#2607 ) * Key Rotation/Destruction (#2477) * fix: Correct kms.CreateKeys comment This method does not return anything. * feat(kms): Add new ListKeys method The new ListKeys method wraps the underlying KMS wrapper, returning all the keys in the scope specified. * feat(scopes): Add new scope actions for key management Adds list-keys, rotate-keys and revoke-keys actions for scopes. * feat(scopes): Add ListKeys API endpoint This new endpoint lists all keys in a scope * feat(api): Add ListKeys to Scopes client This has to be a custom function because it is a custom action and doesn't map well to any of the existing templates, or generalises well in a way that would make it reasonable to create a new template. * feat(cli): Add new scopes list-keys command * add RotateKeys function to the kms repository * Add Rotate Keys Endpoint to Scopes Api (#2360) * add rotate keys endpoint * add tests for RotateKeys endpoint * remove that one comment I forgot about * addressing more PR comments * Add Rotate Keys CLI Command (#2395) * add cli command and client * add bats tests * fix some info text and pr comments * write a new rotate keys description * Add Missing DEK Foreign Keys (#2408) * add missing fks * mark key as nullable in gorm * update tests to use a new wrapper with a real key_id * fix formatting in test and add keys for auth_token test * replace key values * revert postgres_40_01_test.go * style: reformat sql for readability * refactor: change type of key_id columns to kms_private_id * Store key_id and scope_id with oplog entries, re-type columns referencing data key version (#2431) * fix(db): Correct types of data key version referencers * fix(oplog): Fix missing error handling * feat(oplog): Store key_id and scope_id with oplog entries This migration truncates all existing oplog entries, as migrating existing data would have been complex and likely unnecessary. * Update view references * Always delete oplog entries when dropping keys * Fix rebase issues * Fix sql tests * Add schema for new kms destruction jobs (#2479) * feat: Add schema for new kms destruction jobs The schema lets us manage destruction jobs per-table while providing a guarantee that only one run is running at a time. * Apply suggestions from code review Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * Fix table reference and tests Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * update domain, api, and cli to all include key versions in outputs (#2472) * update domain, api, and cli to all include key versions in outputs * fix go sum * add migration to fix immutable error * fix final test issue as well as make gen issue * rebase and fix * address johan pr comments * make gen, didn't realize comments were included * update migrations based on new migration 55 file 03 * Move migrations to 56 * feat: Add key version rewrapping function registry (#2478) The new RegisterTableRewrapFn can be used by a domain to register a callback to use when rewrapping data in a specific table name. * feat(kms): Add scopeId to RewrapFn (#2539) This makes it much easier for rewrap functions to look up the correct wrapper and limit the number of rows searched. * Update Root Cert Proto Definition (#2542) * update root cert proto definition to properly identify public_key as the table primary key * add the test fix as well * Rewrap Functions for Encrypted Tables (#2532) * add oidc rewrap * add argon2 config rewrap * add auth token rewrapping * add worker auth cert rewrapping * check the err * add username password credential rewrapping * add ssh private key credential rewrapping * add vault client certificate rewrap function * add host catalog secret rewrap function * cleanup a little * add host vault token rewrap function * add session credential rewrap function * add session rewrap function * add worker auth rewrap function * update test to include full assert gamut * add session rewrap function TEST * bring all tests up to current standards, make more readable, and include full assert gamut * rework all rewrap functions to utilize scope id * update comments, queries, sql refs, etc, in response to PR comments * forgot a comment * remove hmac updates and fix a couple comments again * Rewrapping Registered Tables Test (#2555) * add the registered table test as well as the two missing rewrap functions * address pr comments, add db r/w conversions, cmp.diff, sql comment, remove (now) faulty immutable test * Add ability to list key version destruction jobs, recurring jobs and destroying key versions (#2498) * feat(kms): Add ability to list data key version destruction jobs * feat(scopes): Add ListKeyVersionDestructionJobs * feat(cli): Add list-key-version-destruction-jobs * feat(kms): Add recurring job that performs table rewrapping The new recurring job runs for each job table with a registered rewrapping callback. It attempts to become the running run and start its rewrapping, gracefully handling sudden interruptions by resuming it's work if it finds evidence of sudden interruption. * feat(kms): Add recurring job for destroying key versions The new job monitors the database for data key version destruction jobs that have finished rewrapping all its data, performing the final data key version revocation. * feat(kms): Add DestroyKeyVersion DestroyKeyVersion immediately destroys a key version if it is a root key version or a data key version which encrypts no data. If the data key version encrypts data which needs to be rewrapped, it queues an asynchronous job to complete the rewrapping operation. * feat(scopes): Add DestroyKeyVersion API endpoint * feat(cli): Add scopes destroy-key-version CLI command * Ensure all secret updates include key ID (#2556) * feat(all): Ensure all secret updates include key ID When updating a secret, it is paramount that the key ID is also updated, as it is the only means we have of ensuring that we only destroy keys once there is no more data associated with the key. * Remove fix to session repository for now This breaks the current private key derivation method * add new encrypt/decrypt funcs and made necessary proto changes (#2557) * add new encrypt/decrypt funcs and made necessary proto changes * address all PR comments * fix test panic * add param checking to rewraps * fix(schema): Correctly organize migrations again * Review comments part 1 * Review comments part 2 * Review comments part 3 * Store cert private key, encrypt tofu token (#2583) * fix(session): store cert private key, encrypt tofu token Previously, we would derive a session certificate private key from the session key used in each project, and not store the key. We would also encrypt the tofu token with the database key but not store a reference to this key in the database. This change fixes this by replacing our key derivation with a key generation step, and instead store the generated key, encrypted, in the database. We also ensure that any new tofu tokens are encrypted with the same key. To handle existing sessions, we lazily rewrite the sessions whenever a user lists them. There is a minor risk that a user could end up destroying the database key that encrypts the tofu token before that session has been rewrapped, but this is going to be rare and temporary. * feat(session): Allow the random source for secrets to be configured * Review comments * Minor fixes * More minor fixes * More small fixes Co-authored-by: Danielle Miu <dani.miu@hashicorp.com> Co-authored-by: Danielle <29378233+DanielleMiu@users.noreply.github.com> Co-authored-by: Michael Gaffney <mike@gaffney.cc> Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * fix(session): Unset session key ID when scope is deleted Unsetting the key ID allows the session to live beyond the lifetime of the scope, while allowing the scope to cascade delete its keys. * fix(migrations): Rewrite migration 56 tests These tests can no longer use the normal test helpers as they try to use the new oplog table structure, so we have to manually write all the interactions. * fix(migrations): Rename migration 58 file name This was the name used in the release branch, update it to the new migration number. * fix(e2e): Add some comments and debug to kms tests * fix(session): Handle empty project and user IDs in read When a project or user is deleted, the session is automatically canceled and the respective field on the session is unset. LookupSession did not handle this case gracefully, and would error on decryption in this state. Skip decrypting sessions that do not have either a user or project to avoid this error. The decrypted values are not used for a canceled session. * Fix worker test * Increase test timeout Co-authored-by: Danielle Miu <dani.miu@hashicorp.com> Co-authored-by: Danielle <29378233+DanielleMiu@users.noreply.github.com> Co-authored-by: Michael Gaffney <mike@gaffney.cc> Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com>	3 years ago
Todd	2a4ce02de6	Disconnect PKI workers from upstreams when they are no longer authorized (#2515 )	4 years ago
Hugo Vieira	d206635d74	fix(connection): Make bytes up and down a signed 64-bit integer This fixes a theoretical issue with database interaction. Because the fields in the database are signed 64-bit integers, it's theoretically possible to overflow them if we're using unsigned 64-bit integers in the application code.	4 years ago
Hugo Vieira	c81398cbf3	feat(worker): Report bytes up and down on Status updates With this commit, the Worker now sends BytesUp and BytesDown for each of the connections it handles to the Controller in the Status request. The Controller then persists these fields to the database. There is also a new trigger to prevent bytes_up and bytes_down to change after a connection has been closed, as the last update to a session_connection row should be the one that is performed as part of the connection closure process.	4 years ago
Louis Ruch	b7684a857a	feat(ssh): Use HostId as HostKeyAlias for connect ssh helper (#2490 )	4 years ago
Todd	06fd086004	Add health endpoint for worker (#2442 ) * Return worker process information in the health endpoint. Experimental: The worker_info and returned worker_process_info fields are experimental and can change or be removed without notice. When a user passes in "worker_info=1" or "worker_info=true" and a worker is running the returned json will be returned with a key named "worker_process_info" which value is a json object with information about the worker process.	4 years ago
Jeff Mitchell	53b5e532d5	Remove deprecated methods/fields on targets (#2393 )	4 years ago
Irena Rindos	fc0ead73e6	feat(workers): worker operational state (#2427 ) * feat(workers): worker operational state	4 years ago
Irena Rindos	18dff62b7b	Merge BYOW GA branch to main (#2398 ) * feat(workers): Add ability to read and reinitialize cert authority (#2312) * feat(workers): Return Release Version on worker list and read (#2377) * feat(cli): Read and reinitialize worker certificate authority (#2387)	4 years ago
Jeff Mitchell	01fb949d0b	Add controller-led worker auth flow (#2413 ) This adds an action to the API that allows pulling out an activation token that can be given to a worker in its config (directly or via env or file). The worker can pass this along with its normal request in place of its normal nonce and the server will automatically accept it. Co-authored-by: Irena Rindos <irenarindos@users.noreply.github.com>	4 years ago
Johan Brandhorst-Satzkorn	aef9073fa6	Upgrade to Go 1.19 (#2347 )	4 years ago
Johan Brandhorst-Satzkorn	222a935223	Update grpc-gateway dependency (#2311 ) * chore(deps): Update grpc-gateway dependency This fixes an issue which would allow an attacker to trigger a (recovered) panic in the gateway handler. * fix(server): Use cmp.Diff instead of assert.Equal Testify is not great at handling protobuf types, and was for some reason returning a diff here when in reality there is none. Switch to go-cmp for the comparison to remove the error.	4 years ago
Jeff Mitchell	02dd28f587	Add support for SSH private key passphrases (#2331 ) This adds support for encrypted SSH keys via passphrase. Co-authored-by: Louis Ruch <louisruch@gmail.com> Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com>	4 years ago
Louis Ruch	a17e973712	feat(credentials): Refactor credential purposes (#2260 ) * feat(credentials): Refactor credential purposes * Application credentials have been refactored to Brokered credentials * Egress credentials have been refactored to Injected Application credentials Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>	4 years ago
Louis Ruch	ef5ac07f02	Add ssh_private_key support for Vault libraries and targets (#2263 ) * Add support for ssh_private_key credential type in Vault libraries * Add support for ssh_private_key credential type * Support jsonpointer for Vault library mapping overrides	4 years ago
Haotian	28f53a64b4	feat(workers): implement worker service add/set/remove api tags	4 years ago
Jeff Mitchell	fb3b2209e5	Add WithType to worker listing (#2252 )	4 years ago
Jeff Mitchell	6b48346bf3	Add managed worker address fetching (#2244 )	4 years ago
Todd	155c5f578b	Create session manager for workers to use to interact with sessions (#2235 )	4 years ago
Damian Debkowski	3e9c99c217	refactor(user_password) rename all references of user_password to username_password (#2232 )	4 years ago
Todd	9af6c09c36	Move generated pb.go file in to the internal/gen directory (#2225 )	4 years ago
Todd	19b549c44a	Rename package servers to server (#2222 )	4 years ago
Louis Ruch	9671daf6e0	Revert "refactor(user_passsword) change all references of user_password into username_password (#2189 )" This reverts commit `ab58b24142`.	4 years ago
Damian Debkowski	ab58b24142	refactor(user_passsword) change all references of user_password into username_password (#2189 ) * (refactor) change all sql references of user_password to username_password * refactor(pkg) renamed pkg userpassword to usernamepassword * refactor(proto) updated protocol buffers to use UsernamePassword * refactor(code) updated references from UserPassword to UsernamePassword in golang files * refactor(test) updated unit tests to reference UsernamePassword changes * refactor(ddtest) updated references in dbtests to use UsernamePassword * chore(sql-test) fixed spelling issue * chore(sql) added and updated comments in migartion & tables. fixed indentations * chore(proto) updated comments to reflect username_password changes * refactor(tests) updated unit tests to replace user-password with username-password * refactor(cmd) updated cmd help text to use username * chore(tests) update test name & comments * fix(cmd) fixed cmd usage definition for credentials update * refactor(tests) removed out of scope changes * fix(sql) incremented sql migration id & updated migration comments	4 years ago
Jim	bd167da7d1	fix (worker): send workerId when authorizing session (#2207 ) * fix (worker): send workerId when authorizing session Send the workerId returned from the last success worker status when authorizing a session. * fixup! fix (worker): send workerId when authorizing session * fixup! fix (worker): send workerId when authorizing session * refactor (worker): deprecate workerId in ActivateSessionRequest It wasn't being used anywho * fixup! fix (worker): send workerId when authorizing session * Update LookupSessionRequest Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>	4 years ago
Jeff Mitchell	704d68848c	Merge remote-tracking branch 'origin/main' into llb-byow	4 years ago
Louis Ruch	68eb6e2bed	chore(targets): remove deprecated credential libraries on target resources (#1533 )	4 years ago
Louis Ruch	58d546cdd4	feat(credential): Add static credential store and username_password credential	4 years ago
Jim	9dde83aea7	feature (byow): classify status msg data (#2181 ) Classifying the data allows it to appropriately included in audit events	4 years ago
Jeff Mitchell	5d3facf561	Merge remote-tracking branch 'origin/main' into llb-byow	4 years ago
irenarindos	16d95262a6	feature(worker): add workerKeyId to status	4 years ago
Timothy Messier	e79714e93f	feat(session): Add include_termianted option to list endpoint	4 years ago
Jim	37cc61e4c9	feature (worker): Add audit data classification to CreateWorker(...) api (#2153 )	4 years ago
Jim	fdf43fc4fe	feature (worker): add CreateWorker(...) service (aka API) (#2143 )	4 years ago
Haotian	1830605a7e	refact(servers) Update api for new worker and controller server tables (#2101 ) * Discontinue support for old Server message in ServerCoordinationService. Split message into ServerWorkerStatus and UpstreamServer (which currently contains controller addresses). Remove unnecessary fields. Modify workerStatusServer to use new fields. Co-authored-by: Todd <github@quaddi.com>	4 years ago
Todd	fa2efe9878	Create the Worker API resource and the CRUDL operation definitions for a worker. (#2114 )	4 years ago
irenarindos	9e27605213	refact(servers): Split server table into worker and controller	4 years ago
Johan Brandhorst-Satzkorn	f69fbf2255	feat(proto): Format protobuf files with buf (#2033 ) Formats all protobuf files with buf format. This ensures a consistent style across all our protobuf files, similar to gofumpt.	4 years ago
Timothy Messier	3be5c44907	feat(target): Classify resources for audit events	4 years ago
Johan Brandhorst-Satzkorn	8c452b0991	feat(authmethods): Add classification to all fields	4 years ago
Timothy Messier	2ade7f34a8	feat(users): Classify resources for audit events	4 years ago
Timothy Messier	006fa3a85a	feat(session): Classify resources for audit events	4 years ago
Timothy Messier	38a3960047	feat(role): Classify resources for audit events	4 years ago
Timothy Messier	6ad9aba505	feat(credentialstore): Classify resources for audit events	4 years ago
Timothy Messier	9d3a57cbb0	refact(credentialstore): Switch subtype attributes to oneof This updates the credential store resources to use a oneof for attributes. This allows requests to the credential store service to leverage the new subtypes.AttributeTransformerInterceptor so that attributes are strongly typed prior to the service handler.	4 years ago
Timothy Messier	00e57b20a2	feat(credentiallibrary): Classify resources for audit events	4 years ago
Timothy Messier	3d4ba0389e	refact(credentiallibrary): Switch subtype attributes to oneof This updates the credential library resources to use a oneof for attributes. This allows requests to the credential library service to leverage the new subtypes.AttributeTransformerInterceptor so that attributes are strongly typed prior to the service handler.	4 years ago
Timothy Messier	95315a3e0a	feat(groups): Classify resources for audit events	4 years ago
Timothy Messier	e2eca03d26	feat(managedgroups): Classify resources for audit events	4 years ago
Timothy Messier	5d6cb0009d	refact(managed-groups): Switch subtype attributes to oneof This updates the credential store resources to use a oneof for attributes. This allows requests to the credential store service to leverage the new subtypes.AttributeTransformerInterceptor so that attributes are strongly typed prior to the service handler.	4 years ago
Johan Brandhorst-Satzkorn	fc6cddfc7f	feat(authtokens): Add classification to all fields (#1996 )	4 years ago
Johan Brandhorst-Satzkorn	d51ce41db8	feat(hostsets): Classify all proto fields	4 years ago
Johan Brandhorst-Satzkorn	8fa3e8dee0	feat(hostcatalogs): Classify all proto fields	4 years ago
Johan Brandhorst-Satzkorn	5440195cce	feat(hosts): Classify host proto fields	4 years ago
Johan Brandhorst-Satzkorn	a2bff4efdf	feat(authmethods): Add typed attributes to authenticate request and response The AuthenticateRequest and AuthenticateResponse types have a complex mapping rule system, which requires a pair of custom callback functions.	4 years ago
Johan Brandhorst-Satzkorn	53481146fd	feat(authmethods): add well typed attribute options (#1972 ) Add well typed attribute options to the authmethods proto definitions, while hiding them from being rendered in the openapiv2 spec.	4 years ago
Timothy Messier	e76c48ad36	feat(account): Mark auth_method_id as a source id for subtypes	4 years ago
Johan Brandhorst-Satzkorn	6e6efeee71	feat(account): Add gotags classification Add gotag classification to all account proto and service definitions.	4 years ago
Johan Brandhorst-Satzkorn	6a37bd9710	Upgrade grpc-gateway version to v2.10.0 (#1954 ) This new version will let us hide fields from the OpenAPI output	4 years ago
Johan Brandhorst-Satzkorn	80b2c9230f	refact(authmethods): Add top level token type to Authenticate (#2010 ) Other parts of the system make use of a "type" field, while the AuthenticateResponse sets a "token_type" on the response attributes directly. Rename this field to "type", and move it up to the response level, to be more consistent with other RPCs. Also adds a new field to the AuthenticateRequest, "type" which will replace the "token_type" field over time.	4 years ago
Johan Brandhorst-Satzkorn	b1d6a1da9a	Switch to buf for protobuf generation (#1944 ) * Install buf with go install This reduces the impact of using buf on our dependency closure, which was significant. It also avoids potential issues with building buf given our own internal dependency constraints. This has caused issues (including crashes!) in the past. See https://github.com/cockroachdb/cockroach/issues/67216#issuecomment-874176186 for more discussion on using tool dependencies generally, and https://github.com/bufbuild/buf/issues/52 for an example of where this sort of thing caused an issue for a user. * Upgrade buf version We should migrate to v1 sooner rather than later, as it has some breaking changes from v0. * Change buf lint/breaking commands These commands were moved up one level for v1 * Migrate to buf.yaml to v1 * Remove unused imports These were uncovered by using "buf lint". * Use buf v1.3.1 * Depend on googleapis and grpc-gateway via BSR * Switch to buf for proto generation * Remove third party dependency * Remove unused tools and scripts * Move local protos up one level * Temporarily don't fail on breaking changes * Generate CI config * Fix generation of controller.json * Replace use of deprecated flag * Remove unused import, regenerate files * Remove temporary skipping over breaking check	4 years ago
Hugo	244237cd2f	feat(controller): Add health endpoint (#1882 ) * feat(controller): New health service and server This change also implements a new listener purpose, `ops`. `ops` (short for operations) is a new listener purpose that is responsible for serving Boundary's operations endpoints, like health and possibly metrics. At Startup: `ops` listeners get configured as late as possible to catch any errors with the startup process; At Shutdown: If the health endpoint has been set-up, we introduce a configurable delay in the process. This is to enable the health endpoint to report unhealthy for that amount of time. `ops` listeners are also the last listeners to be shutdown.	4 years ago
Louis Ruch	425a56179f	feat(worker): Implement egress credentials Egress credentials Issued during AuthorizeSession are stored in the session repo. These credentials are retrieved and stored in-memory on the worker during the LookupSession call. Each proxy handler will need to handle the credentials as required.	4 years ago
Jim	baa1d88f1f	feature: Add client ip to inbound request information (#1678 ) * feature: Add client ip to inbound request information * feature (workers): Add the user's client IP to a session's connection information (#1749)	4 years ago
Todd Knight	884e1f2d18	Merge branch 'main' into plugin-hostcatalogs # Conflicts: # go.mod # sdk/go.mod	5 years ago
Jim	048fceaf54	feature (workers): Add audit events for worker requests (#1681 ) * feature (audit events): Add interceptor for auditing worker requests * feature (events): Add default deny filter for worker status events * feature (worker audit events): Add tags to SessionService req/resp	5 years ago
Jeff Mitchell	80d41b9044	Merge branch 'main' into plugin-hostcatalogs	5 years ago
Timothy Messier	36f1ae75f7	feat(sdk): Add support for egress credentials to target service	5 years ago
Jim	8ae6e9892f	feature (events/audit): Add auth info to audit events (#1644 )	5 years ago
Jeff Mitchell	b1a72bd445	Merge remote-tracking branch 'origin/main' into plugin-hostcatalogs	5 years ago
Jim	a679300b50	feature (events): Classify auth method request/resp messages for audit events. (#1640 ) * refactor (oidc): Stop emitting error for not found token id Stop emitting errors when authtoken repo.IssueAuthToken is called and there's if no pending token. It's not an "normal" state and not an error condition. * feature (audit tagging): Add tags for auth method requests/responses Including testing functions for asserting audit events created when a service is called	5 years ago
Jim	99d6da4121	feature (events): Add audit request interceptors (#1620 )	5 years ago
Jeff Mitchell	0fd906d964	Merge branch 'main' into plugin-hostcatalogs	5 years ago
Jim	769416c2ff	refactor (controller): Use a grpc server for the grpc-gateway (#1576 ) * refactor (controller): Use a grpc server for the grpc-gateway This starts a grpc server for the grpc-gateway. The new gateway server uses an in-memory listener which also supports "dialing", so the http proxy can connect to the in-memory listener. This change allows us to use all grpc server features and was in part motivated by a need for an interceptor of inbound requests. With that said, having a "proper" grpc server for the gateway will provide a lot more flexibility and capabilities moving forward. The request context will still be verified via middleware in the http proxy (see wrapHandlerWithCommonFuncs). This verified context will be serialized into a protobuf and sent along to the grpc-gateway via metadata where an interceptor will add the verified request info to the request's context (see requestCtxInterceptor). The interceptor will verify the serialized request info via a shared ticket with it's companion in-memory http proxy. FYI: the ticket is simply random base62 string (see db.NewPrivateId). This change also necessitated a minor change to services. We need to return an empty response instead of nil, nil when there are no errors and the response is empty. * refactor (handlers): Rename gRPC Gateway filter Originally, this was called an OutgoingInterceptor, which is an unfortunate name since it's not an interceptor. Now that we're refactoring the gateway stuff and have proper interceptors, renaming this should remove ambiguity * refactor: Rework how 204 with empty msg is handled Recent changes to grpc gateway has necessitated a change to how 204s are handled by the gateway * tests (bats): Check status codes for delete operations	5 years ago

1 2 3 4 5 ...

308 Commits (c2bc19c71fac7c3ccf106b3cdf0c19fb7ecf899d)