boundary

Commit Graph

Author	SHA1	Message	Date
Todd	fe5b554370	AuthorizedDownstreamWorkers now separated from AuthorizedWorkers to maintain API compatibility (#2957 ) * AuthorizedDownstreamWorkers now separated from AuthorizedWorkers to maintain API compatibility	3 years ago
Todd	1e89be1b1a	Downstream worker connections are tracked by worker id (#2949 ) When possible downstream workers will include their worker id information in the connections they establish with the upstream using the nodeenrollment library. The tracking listener now tracks connections that are connected in this same way instead of just connections of type *tls.Conn.	3 years ago
Johan Brandhorst-Satzkorn	3c29308673	chore: Add license headers to all files	3 years ago
Timothy Messier	1aaaf4af1d	feat(controller): Translate ssh certificate credentials for worker	3 years ago
Damian Debkowski	1d3930a711	feat(handlers): Support address field on a Target	3 years ago
Irena Rindos	24bbf57a19	AuthorizeConnection with filters (#2734 ) * AuthorizeConnection with filters	3 years ago
Todd	b6c0ccc1e8	Refactor proxy handler to separate connection and protocol handling (#2678 )	3 years ago
Johan Brandhorst-Satzkorn	edd323b73a	Key Rotation/Destruction (#2477 ) (#2607 ) * Key Rotation/Destruction (#2477) * fix: Correct kms.CreateKeys comment This method does not return anything. * feat(kms): Add new ListKeys method The new ListKeys method wraps the underlying KMS wrapper, returning all the keys in the scope specified. * feat(scopes): Add new scope actions for key management Adds list-keys, rotate-keys and revoke-keys actions for scopes. * feat(scopes): Add ListKeys API endpoint This new endpoint lists all keys in a scope * feat(api): Add ListKeys to Scopes client This has to be a custom function because it is a custom action and doesn't map well to any of the existing templates, or generalises well in a way that would make it reasonable to create a new template. * feat(cli): Add new scopes list-keys command * add RotateKeys function to the kms repository * Add Rotate Keys Endpoint to Scopes Api (#2360) * add rotate keys endpoint * add tests for RotateKeys endpoint * remove that one comment I forgot about * addressing more PR comments * Add Rotate Keys CLI Command (#2395) * add cli command and client * add bats tests * fix some info text and pr comments * write a new rotate keys description * Add Missing DEK Foreign Keys (#2408) * add missing fks * mark key as nullable in gorm * update tests to use a new wrapper with a real key_id * fix formatting in test and add keys for auth_token test * replace key values * revert postgres_40_01_test.go * style: reformat sql for readability * refactor: change type of key_id columns to kms_private_id * Store key_id and scope_id with oplog entries, re-type columns referencing data key version (#2431) * fix(db): Correct types of data key version referencers * fix(oplog): Fix missing error handling * feat(oplog): Store key_id and scope_id with oplog entries This migration truncates all existing oplog entries, as migrating existing data would have been complex and likely unnecessary. * Update view references * Always delete oplog entries when dropping keys * Fix rebase issues * Fix sql tests * Add schema for new kms destruction jobs (#2479) * feat: Add schema for new kms destruction jobs The schema lets us manage destruction jobs per-table while providing a guarantee that only one run is running at a time. * Apply suggestions from code review Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * Fix table reference and tests Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * update domain, api, and cli to all include key versions in outputs (#2472) * update domain, api, and cli to all include key versions in outputs * fix go sum * add migration to fix immutable error * fix final test issue as well as make gen issue * rebase and fix * address johan pr comments * make gen, didn't realize comments were included * update migrations based on new migration 55 file 03 * Move migrations to 56 * feat: Add key version rewrapping function registry (#2478) The new RegisterTableRewrapFn can be used by a domain to register a callback to use when rewrapping data in a specific table name. * feat(kms): Add scopeId to RewrapFn (#2539) This makes it much easier for rewrap functions to look up the correct wrapper and limit the number of rows searched. * Update Root Cert Proto Definition (#2542) * update root cert proto definition to properly identify public_key as the table primary key * add the test fix as well * Rewrap Functions for Encrypted Tables (#2532) * add oidc rewrap * add argon2 config rewrap * add auth token rewrapping * add worker auth cert rewrapping * check the err * add username password credential rewrapping * add ssh private key credential rewrapping * add vault client certificate rewrap function * add host catalog secret rewrap function * cleanup a little * add host vault token rewrap function * add session credential rewrap function * add session rewrap function * add worker auth rewrap function * update test to include full assert gamut * add session rewrap function TEST * bring all tests up to current standards, make more readable, and include full assert gamut * rework all rewrap functions to utilize scope id * update comments, queries, sql refs, etc, in response to PR comments * forgot a comment * remove hmac updates and fix a couple comments again * Rewrapping Registered Tables Test (#2555) * add the registered table test as well as the two missing rewrap functions * address pr comments, add db r/w conversions, cmp.diff, sql comment, remove (now) faulty immutable test * Add ability to list key version destruction jobs, recurring jobs and destroying key versions (#2498) * feat(kms): Add ability to list data key version destruction jobs * feat(scopes): Add ListKeyVersionDestructionJobs * feat(cli): Add list-key-version-destruction-jobs * feat(kms): Add recurring job that performs table rewrapping The new recurring job runs for each job table with a registered rewrapping callback. It attempts to become the running run and start its rewrapping, gracefully handling sudden interruptions by resuming it's work if it finds evidence of sudden interruption. * feat(kms): Add recurring job for destroying key versions The new job monitors the database for data key version destruction jobs that have finished rewrapping all its data, performing the final data key version revocation. * feat(kms): Add DestroyKeyVersion DestroyKeyVersion immediately destroys a key version if it is a root key version or a data key version which encrypts no data. If the data key version encrypts data which needs to be rewrapped, it queues an asynchronous job to complete the rewrapping operation. * feat(scopes): Add DestroyKeyVersion API endpoint * feat(cli): Add scopes destroy-key-version CLI command * Ensure all secret updates include key ID (#2556) * feat(all): Ensure all secret updates include key ID When updating a secret, it is paramount that the key ID is also updated, as it is the only means we have of ensuring that we only destroy keys once there is no more data associated with the key. * Remove fix to session repository for now This breaks the current private key derivation method * add new encrypt/decrypt funcs and made necessary proto changes (#2557) * add new encrypt/decrypt funcs and made necessary proto changes * address all PR comments * fix test panic * add param checking to rewraps * fix(schema): Correctly organize migrations again * Review comments part 1 * Review comments part 2 * Review comments part 3 * Store cert private key, encrypt tofu token (#2583) * fix(session): store cert private key, encrypt tofu token Previously, we would derive a session certificate private key from the session key used in each project, and not store the key. We would also encrypt the tofu token with the database key but not store a reference to this key in the database. This change fixes this by replacing our key derivation with a key generation step, and instead store the generated key, encrypted, in the database. We also ensure that any new tofu tokens are encrypted with the same key. To handle existing sessions, we lazily rewrite the sessions whenever a user lists them. There is a minor risk that a user could end up destroying the database key that encrypts the tofu token before that session has been rewrapped, but this is going to be rare and temporary. * feat(session): Allow the random source for secrets to be configured * Review comments * Minor fixes * More minor fixes * More small fixes Co-authored-by: Danielle Miu <dani.miu@hashicorp.com> Co-authored-by: Danielle <29378233+DanielleMiu@users.noreply.github.com> Co-authored-by: Michael Gaffney <mike@gaffney.cc> Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * fix(session): Unset session key ID when scope is deleted Unsetting the key ID allows the session to live beyond the lifetime of the scope, while allowing the scope to cascade delete its keys. * fix(migrations): Rewrite migration 56 tests These tests can no longer use the normal test helpers as they try to use the new oplog table structure, so we have to manually write all the interactions. * fix(migrations): Rename migration 58 file name This was the name used in the release branch, update it to the new migration number. * fix(e2e): Add some comments and debug to kms tests * fix(session): Handle empty project and user IDs in read When a project or user is deleted, the session is automatically canceled and the respective field on the session is unset. LookupSession did not handle this case gracefully, and would error on decryption in this state. Skip decrypting sessions that do not have either a user or project to avoid this error. The decrypted values are not used for a canceled session. * Fix worker test * Increase test timeout Co-authored-by: Danielle Miu <dani.miu@hashicorp.com> Co-authored-by: Danielle <29378233+DanielleMiu@users.noreply.github.com> Co-authored-by: Michael Gaffney <mike@gaffney.cc> Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com>	3 years ago
Todd	2a4ce02de6	Disconnect PKI workers from upstreams when they are no longer authorized (#2515 )	4 years ago
Hugo Vieira	d206635d74	fix(connection): Make bytes up and down a signed 64-bit integer This fixes a theoretical issue with database interaction. Because the fields in the database are signed 64-bit integers, it's theoretically possible to overflow them if we're using unsigned 64-bit integers in the application code.	4 years ago
Hugo Vieira	c81398cbf3	feat(worker): Report bytes up and down on Status updates With this commit, the Worker now sends BytesUp and BytesDown for each of the connections it handles to the Controller in the Status request. The Controller then persists these fields to the database. There is also a new trigger to prevent bytes_up and bytes_down to change after a connection has been closed, as the last update to a session_connection row should be the one that is performed as part of the connection closure process.	4 years ago
Louis Ruch	b7684a857a	feat(ssh): Use HostId as HostKeyAlias for connect ssh helper (#2490 )	4 years ago
Todd	06fd086004	Add health endpoint for worker (#2442 ) * Return worker process information in the health endpoint. Experimental: The worker_info and returned worker_process_info fields are experimental and can change or be removed without notice. When a user passes in "worker_info=1" or "worker_info=true" and a worker is running the returned json will be returned with a key named "worker_process_info" which value is a json object with information about the worker process.	4 years ago
Jeff Mitchell	53b5e532d5	Remove deprecated methods/fields on targets (#2393 )	4 years ago
Irena Rindos	fc0ead73e6	feat(workers): worker operational state (#2427 ) * feat(workers): worker operational state	4 years ago
Irena Rindos	18dff62b7b	Merge BYOW GA branch to main (#2398 ) * feat(workers): Add ability to read and reinitialize cert authority (#2312) * feat(workers): Return Release Version on worker list and read (#2377) * feat(cli): Read and reinitialize worker certificate authority (#2387)	4 years ago
Jeff Mitchell	01fb949d0b	Add controller-led worker auth flow (#2413 ) This adds an action to the API that allows pulling out an activation token that can be given to a worker in its config (directly or via env or file). The worker can pass this along with its normal request in place of its normal nonce and the server will automatically accept it. Co-authored-by: Irena Rindos <irenarindos@users.noreply.github.com>	4 years ago
Johan Brandhorst-Satzkorn	aef9073fa6	Upgrade to Go 1.19 (#2347 )	4 years ago
Johan Brandhorst-Satzkorn	222a935223	Update grpc-gateway dependency (#2311 ) * chore(deps): Update grpc-gateway dependency This fixes an issue which would allow an attacker to trigger a (recovered) panic in the gateway handler. * fix(server): Use cmp.Diff instead of assert.Equal Testify is not great at handling protobuf types, and was for some reason returning a diff here when in reality there is none. Switch to go-cmp for the comparison to remove the error.	4 years ago
Jeff Mitchell	02dd28f587	Add support for SSH private key passphrases (#2331 ) This adds support for encrypted SSH keys via passphrase. Co-authored-by: Louis Ruch <louisruch@gmail.com> Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com>	4 years ago
Louis Ruch	a17e973712	feat(credentials): Refactor credential purposes (#2260 ) * feat(credentials): Refactor credential purposes * Application credentials have been refactored to Brokered credentials * Egress credentials have been refactored to Injected Application credentials Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>	4 years ago
Louis Ruch	ef5ac07f02	Add ssh_private_key support for Vault libraries and targets (#2263 ) * Add support for ssh_private_key credential type in Vault libraries * Add support for ssh_private_key credential type * Support jsonpointer for Vault library mapping overrides	4 years ago
Haotian	28f53a64b4	feat(workers): implement worker service add/set/remove api tags	4 years ago
Jeff Mitchell	fb3b2209e5	Add WithType to worker listing (#2252 )	4 years ago
Jeff Mitchell	6b48346bf3	Add managed worker address fetching (#2244 )	4 years ago
Todd	155c5f578b	Create session manager for workers to use to interact with sessions (#2235 )	4 years ago
Damian Debkowski	3e9c99c217	refactor(user_password) rename all references of user_password to username_password (#2232 )	4 years ago
Todd	9af6c09c36	Move generated pb.go file in to the internal/gen directory (#2225 )	4 years ago
Todd	19b549c44a	Rename package servers to server (#2222 )	4 years ago
Louis Ruch	9671daf6e0	Revert "refactor(user_passsword) change all references of user_password into username_password (#2189 )" This reverts commit `ab58b24142`.	4 years ago
Damian Debkowski	ab58b24142	refactor(user_passsword) change all references of user_password into username_password (#2189 ) * (refactor) change all sql references of user_password to username_password * refactor(pkg) renamed pkg userpassword to usernamepassword * refactor(proto) updated protocol buffers to use UsernamePassword * refactor(code) updated references from UserPassword to UsernamePassword in golang files * refactor(test) updated unit tests to reference UsernamePassword changes * refactor(ddtest) updated references in dbtests to use UsernamePassword * chore(sql-test) fixed spelling issue * chore(sql) added and updated comments in migartion & tables. fixed indentations * chore(proto) updated comments to reflect username_password changes * refactor(tests) updated unit tests to replace user-password with username-password * refactor(cmd) updated cmd help text to use username * chore(tests) update test name & comments * fix(cmd) fixed cmd usage definition for credentials update * refactor(tests) removed out of scope changes * fix(sql) incremented sql migration id & updated migration comments	4 years ago
Jim	bd167da7d1	fix (worker): send workerId when authorizing session (#2207 ) * fix (worker): send workerId when authorizing session Send the workerId returned from the last success worker status when authorizing a session. * fixup! fix (worker): send workerId when authorizing session * fixup! fix (worker): send workerId when authorizing session * refactor (worker): deprecate workerId in ActivateSessionRequest It wasn't being used anywho * fixup! fix (worker): send workerId when authorizing session * Update LookupSessionRequest Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>	4 years ago
Jeff Mitchell	704d68848c	Merge remote-tracking branch 'origin/main' into llb-byow	4 years ago
Louis Ruch	68eb6e2bed	chore(targets): remove deprecated credential libraries on target resources (#1533 )	4 years ago
Louis Ruch	58d546cdd4	feat(credential): Add static credential store and username_password credential	4 years ago
Jim	9dde83aea7	feature (byow): classify status msg data (#2181 ) Classifying the data allows it to appropriately included in audit events	4 years ago
Jeff Mitchell	5d3facf561	Merge remote-tracking branch 'origin/main' into llb-byow	4 years ago
irenarindos	16d95262a6	feature(worker): add workerKeyId to status	4 years ago
Timothy Messier	e79714e93f	feat(session): Add include_termianted option to list endpoint	4 years ago
Jim	37cc61e4c9	feature (worker): Add audit data classification to CreateWorker(...) api (#2153 )	4 years ago
Jim	fdf43fc4fe	feature (worker): add CreateWorker(...) service (aka API) (#2143 )	4 years ago
Haotian	1830605a7e	refact(servers) Update api for new worker and controller server tables (#2101 ) * Discontinue support for old Server message in ServerCoordinationService. Split message into ServerWorkerStatus and UpstreamServer (which currently contains controller addresses). Remove unnecessary fields. Modify workerStatusServer to use new fields. Co-authored-by: Todd <github@quaddi.com>	4 years ago
Todd	fa2efe9878	Create the Worker API resource and the CRUDL operation definitions for a worker. (#2114 )	4 years ago
irenarindos	9e27605213	refact(servers): Split server table into worker and controller	4 years ago
Johan Brandhorst-Satzkorn	f69fbf2255	feat(proto): Format protobuf files with buf (#2033 ) Formats all protobuf files with buf format. This ensures a consistent style across all our protobuf files, similar to gofumpt.	4 years ago
Timothy Messier	3be5c44907	feat(target): Classify resources for audit events	4 years ago
Johan Brandhorst-Satzkorn	8c452b0991	feat(authmethods): Add classification to all fields	4 years ago
Timothy Messier	2ade7f34a8	feat(users): Classify resources for audit events	4 years ago
Timothy Messier	006fa3a85a	feat(session): Classify resources for audit events	4 years ago
Timothy Messier	38a3960047	feat(role): Classify resources for audit events	4 years ago
Timothy Messier	6ad9aba505	feat(credentialstore): Classify resources for audit events	4 years ago
Timothy Messier	9d3a57cbb0	refact(credentialstore): Switch subtype attributes to oneof This updates the credential store resources to use a oneof for attributes. This allows requests to the credential store service to leverage the new subtypes.AttributeTransformerInterceptor so that attributes are strongly typed prior to the service handler.	4 years ago
Timothy Messier	00e57b20a2	feat(credentiallibrary): Classify resources for audit events	4 years ago
Timothy Messier	3d4ba0389e	refact(credentiallibrary): Switch subtype attributes to oneof This updates the credential library resources to use a oneof for attributes. This allows requests to the credential library service to leverage the new subtypes.AttributeTransformerInterceptor so that attributes are strongly typed prior to the service handler.	4 years ago
Timothy Messier	95315a3e0a	feat(groups): Classify resources for audit events	4 years ago
Timothy Messier	e2eca03d26	feat(managedgroups): Classify resources for audit events	4 years ago
Timothy Messier	5d6cb0009d	refact(managed-groups): Switch subtype attributes to oneof This updates the credential store resources to use a oneof for attributes. This allows requests to the credential store service to leverage the new subtypes.AttributeTransformerInterceptor so that attributes are strongly typed prior to the service handler.	4 years ago
Johan Brandhorst-Satzkorn	fc6cddfc7f	feat(authtokens): Add classification to all fields (#1996 )	4 years ago
Johan Brandhorst-Satzkorn	d51ce41db8	feat(hostsets): Classify all proto fields	4 years ago
Johan Brandhorst-Satzkorn	8fa3e8dee0	feat(hostcatalogs): Classify all proto fields	4 years ago
Johan Brandhorst-Satzkorn	5440195cce	feat(hosts): Classify host proto fields	4 years ago
Johan Brandhorst-Satzkorn	a2bff4efdf	feat(authmethods): Add typed attributes to authenticate request and response The AuthenticateRequest and AuthenticateResponse types have a complex mapping rule system, which requires a pair of custom callback functions.	4 years ago
Johan Brandhorst-Satzkorn	53481146fd	feat(authmethods): add well typed attribute options (#1972 ) Add well typed attribute options to the authmethods proto definitions, while hiding them from being rendered in the openapiv2 spec.	4 years ago
Timothy Messier	e76c48ad36	feat(account): Mark auth_method_id as a source id for subtypes	4 years ago
Johan Brandhorst-Satzkorn	6e6efeee71	feat(account): Add gotags classification Add gotag classification to all account proto and service definitions.	4 years ago
Johan Brandhorst-Satzkorn	6a37bd9710	Upgrade grpc-gateway version to v2.10.0 (#1954 ) This new version will let us hide fields from the OpenAPI output	4 years ago
Johan Brandhorst-Satzkorn	80b2c9230f	refact(authmethods): Add top level token type to Authenticate (#2010 ) Other parts of the system make use of a "type" field, while the AuthenticateResponse sets a "token_type" on the response attributes directly. Rename this field to "type", and move it up to the response level, to be more consistent with other RPCs. Also adds a new field to the AuthenticateRequest, "type" which will replace the "token_type" field over time.	4 years ago
Johan Brandhorst-Satzkorn	b1d6a1da9a	Switch to buf for protobuf generation (#1944 ) * Install buf with go install This reduces the impact of using buf on our dependency closure, which was significant. It also avoids potential issues with building buf given our own internal dependency constraints. This has caused issues (including crashes!) in the past. See https://github.com/cockroachdb/cockroach/issues/67216#issuecomment-874176186 for more discussion on using tool dependencies generally, and https://github.com/bufbuild/buf/issues/52 for an example of where this sort of thing caused an issue for a user. * Upgrade buf version We should migrate to v1 sooner rather than later, as it has some breaking changes from v0. * Change buf lint/breaking commands These commands were moved up one level for v1 * Migrate to buf.yaml to v1 * Remove unused imports These were uncovered by using "buf lint". * Use buf v1.3.1 * Depend on googleapis and grpc-gateway via BSR * Switch to buf for proto generation * Remove third party dependency * Remove unused tools and scripts * Move local protos up one level * Temporarily don't fail on breaking changes * Generate CI config * Fix generation of controller.json * Replace use of deprecated flag * Remove unused import, regenerate files * Remove temporary skipping over breaking check	4 years ago
Hugo	244237cd2f	feat(controller): Add health endpoint (#1882 ) * feat(controller): New health service and server This change also implements a new listener purpose, `ops`. `ops` (short for operations) is a new listener purpose that is responsible for serving Boundary's operations endpoints, like health and possibly metrics. At Startup: `ops` listeners get configured as late as possible to catch any errors with the startup process; At Shutdown: If the health endpoint has been set-up, we introduce a configurable delay in the process. This is to enable the health endpoint to report unhealthy for that amount of time. `ops` listeners are also the last listeners to be shutdown.	4 years ago
Louis Ruch	425a56179f	feat(worker): Implement egress credentials Egress credentials Issued during AuthorizeSession are stored in the session repo. These credentials are retrieved and stored in-memory on the worker during the LookupSession call. Each proxy handler will need to handle the credentials as required.	4 years ago
Jim	baa1d88f1f	feature: Add client ip to inbound request information (#1678 ) * feature: Add client ip to inbound request information * feature (workers): Add the user's client IP to a session's connection information (#1749)	4 years ago
Todd Knight	884e1f2d18	Merge branch 'main' into plugin-hostcatalogs # Conflicts: # go.mod # sdk/go.mod	5 years ago
Jim	048fceaf54	feature (workers): Add audit events for worker requests (#1681 ) * feature (audit events): Add interceptor for auditing worker requests * feature (events): Add default deny filter for worker status events * feature (worker audit events): Add tags to SessionService req/resp	5 years ago
Jeff Mitchell	80d41b9044	Merge branch 'main' into plugin-hostcatalogs	5 years ago
Timothy Messier	36f1ae75f7	feat(sdk): Add support for egress credentials to target service	5 years ago
Jim	8ae6e9892f	feature (events/audit): Add auth info to audit events (#1644 )	5 years ago
Jeff Mitchell	b1a72bd445	Merge remote-tracking branch 'origin/main' into plugin-hostcatalogs	5 years ago
Jim	a679300b50	feature (events): Classify auth method request/resp messages for audit events. (#1640 ) * refactor (oidc): Stop emitting error for not found token id Stop emitting errors when authtoken repo.IssueAuthToken is called and there's if no pending token. It's not an "normal" state and not an error condition. * feature (audit tagging): Add tags for auth method requests/responses Including testing functions for asserting audit events created when a service is called	5 years ago
Jim	99d6da4121	feature (events): Add audit request interceptors (#1620 )	5 years ago
Jeff Mitchell	0fd906d964	Merge branch 'main' into plugin-hostcatalogs	5 years ago
Jim	769416c2ff	refactor (controller): Use a grpc server for the grpc-gateway (#1576 ) * refactor (controller): Use a grpc server for the grpc-gateway This starts a grpc server for the grpc-gateway. The new gateway server uses an in-memory listener which also supports "dialing", so the http proxy can connect to the in-memory listener. This change allows us to use all grpc server features and was in part motivated by a need for an interceptor of inbound requests. With that said, having a "proper" grpc server for the gateway will provide a lot more flexibility and capabilities moving forward. The request context will still be verified via middleware in the http proxy (see wrapHandlerWithCommonFuncs). This verified context will be serialized into a protobuf and sent along to the grpc-gateway via metadata where an interceptor will add the verified request info to the request's context (see requestCtxInterceptor). The interceptor will verify the serialized request info via a shared ticket with it's companion in-memory http proxy. FYI: the ticket is simply random base62 string (see db.NewPrivateId). This change also necessitated a minor change to services. We need to return an empty response instead of nil, nil when there are no errors and the response is empty. * refactor (handlers): Rename gRPC Gateway filter Originally, this was called an OutgoingInterceptor, which is an unfortunate name since it's not an interceptor. Now that we're refactoring the gateway stuff and have proper interceptors, renaming this should remove ambiguity * refactor: Rework how 204 with empty msg is handled Recent changes to grpc gateway has necessitated a change to how 204s are handled by the gateway * tests (bats): Check status codes for delete operations	5 years ago
Jeff Mitchell	158ab09952	Merge branch 'main' into plugin-hostcatalogs	5 years ago
Jim	c8b29ded1c	Events: Add outbound detail protobufs, request status code, and update event encrypt filter. (#1569 ) * feat (events): Add status code to audit events * feat (events): Add the resp proto msg to every audit event * chore (events): Update eventlogger dep This latest version will redact any map and/or map field which isn't explicitly classified via a Taggable interface * feat (events): Begin to add tagging to response proto msgs	5 years ago
Jeff Mitchell	7d71618df0	Add more host-catalog and host-set CLI support (#1567 ) Add more host-catalog and host-set CLI support Co-authored-by: Todd <T.Alan.Knight@gmail.com>	5 years ago
Todd	a4ea99047f	Remove Prefix Id and Plugin Name fields (#1563 ) * Remove Prefix Id and Plugin Name fields. Creating catalogs now require either the plugin id or the name of the plugin resource (but not both). Host Catalogs and Host Sets API resources now have a read only plugin field populated with plugin info. Host Catalogs have a plugin id field as a top level field.	5 years ago
Todd	0ba217cbfa	Run `make tools` and `make gen` now that the dependencies have been updated. (#1552 )	5 years ago
Louis Ruch	6000f20ae5	chore(authenticate): remove deprecated authenticate:login and credentials field (#1534 ) * chore(authenticate): remove deprecated authenticate:login * Update changelog	5 years ago
Jeff Mitchell	7fc712de44	Bump protoc	5 years ago
Jeff Mitchell	2649d1b966	Move protooptions to sdk/pbs (#1486 ) This prevents a reverse dependency from sdk on the main module.	5 years ago
Jeff Mitchell	b13975cb6a	Move API resource pbs to new location (#1484 ) This moves the generated pb files to the `sdk` module. This allows third parties to make use of them if desired (e.g. in upcoming plugins) and moves away from the `gen` nomenclature in the directory, since we are going to be adding some extra interface functions to the messages.	5 years ago
Louis Ruch	31af49e76d	refactor(worker): Move tcp_proxy into its own package (#1458 ) * refactor(worker): Move tcp_proxy into its own package This refactors: - the tcp_proxy.go into worker/proxy/tcp - add a missing unit test for the HandleTcpProxyV1 - refactors session.go into worker/session, needed to avoid import cycle - adds a baseline for a mock controller session client - go lint fixes * Add sleep between spinning listener goroutine and dialing Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>	5 years ago
Todd Knight	39cc245966	Make gen after make tools. Includes make fmt of existing non generated files. (#1438 )	5 years ago
Jeff Mitchell	f8a51b987c	Migrate target host sets -> host sources (#1424 ) This follows the same model as https://github.com/hashicorp/boundary/pull/1413 See there and CHANGELOG for more details.	5 years ago
Jeff Mitchell	ab6f3eaeb4	Migrate credential-library nomenclature around targets to credential-source (#1413 ) See the CHANGELOG entry for more information. Co-authored-by: Jim <jlambert@hashicorp.com> Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com>	5 years ago
Jeff Mitchell	528d54b4ad	Add token/userinfo claims to account read output (#1419 ) This is very useful when trying to write managed groups filters as you can directly look at the structure of the claims for the accounts you're trying to filter. The output of the claims in text format on the CLI currently leaves something to be desired. I started revamping some of the formatting functions and it quickly got very fragile. Fundamentally at this point we're likely better off -- now that we have a good idea what our output format/standards are like -- rewriting the formatting code. I'll take that as a tasker as I have a lot of ideas...	5 years ago
Jeff Mitchell	7c3d5be4f6	Update format of secret to return both raw and decoded when possible (#1372 )	5 years ago
Jeff Mitchell	86c9a90554	Update target credential library service, API, SDK, CLI (#1343 )	5 years ago
Michael Gaffney	df35699c4e	Integrate with Vault to retrieve and manage per session credentials (#1308 ) * Fix down migrations * Udpates due to merge * Sentinel values only have to be greater than 0 * Create credential related sdk structs and methods. * Post merge interface updating. * Removing scratch code that was not cleaned up. * updates * Convert client certificate and client certificate keys into pem blocks and validate. * Add newline at end of file. * Faster check for "s" at the end of a resource name when generating from templates. * make fmt * updates * Add dynamic credentials to a session * Refactor: move contents of file * updates * Updates * Add InvalidDynamicCredential error * Assign credentials * Allow updating client certificates seperate from the client certificate key. * Replace application purpose string with enum value * PR feedback / fix go test . * Delete dead code * Use common view * Refactor: extract interface and rename method * Refactor: move code to eliminate privPurpLibrary * Add comment to requestMap * Refactor: do not export methods on an unexported struct * Update internal/db/schema/migrations/postgres/10/03_vault_credential.up.sql Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * Add comments to credential Purpose constants * Reorder switch statements to handle errors first * PR feedback * update * fix merge * Organizing the scheduler code and extract the individual store creation test helper function. * Run 'make fmt' * Create certificate when creating store. Allow vault address to be passed in as option * Refactor: rename database views and associated structs This change renames two database views and associated go structs to use a consistent naming pattern. Views ending in 'private' contain encrypted credentials needed for connecting to Vault. Views ending in 'public' mirror the 'private' views but do not include any encrypted values. This change does not include any changes to functionality or behavior. * Adding SAD target operations for credential libraries to the SDK. * Add status field and enumeration table for credential status * Refactor: rename Status to TokenStatus * Add status to vault credentials * Creating the template for the CLI and helper functions. * Add private database view for vault credentials * Add scope_id to view and cleanup TODO comment * Reformat embedded sql queries * Add vault client helpers * updates * white space * Add LookupLease test * CLI commands for Store work. Renamed fields in proto w/ vault prefix. * Test issue credentials with client TLS * Add additional checks to vault ping * Add an error for vault token capabilities and create a VaultToken error kind * Add support for working with Vault policies * Use Vault 1.7.2 for testing * Add testing helper for creating a vault client with a non-root token * Fix Vault renew lease test The Vault renew lease endpoint accepts an optional duration parameter for requesting the number of seconds to extend the lease by. However, Vault is not required to honor this request. * Add a var for the required capabilities of a boundary Vault token * Enhance the test helper for adding a policy to Vault * Allow the test role in postgresql to revoke credentials * Remove out of date comments * Enhance Vault test helpers for the database secrets engine * Reformat comments * Add a method for getting the capabilities of the current Vault token * Add revoke lease to internal Vault client * Reformat: combine err return line with check for nil line * Remove redundant checks in test code Remove checks in test code that are redundant with checks in the test harness. * Refactor CreateToken test helper to return the secret and the token * Fix build failures caused by signature change in vault.CreateToken * Fix Vault version and Vault API link in comments * ran `make gen` after merging from mgaffney-vault. * Remove Vault prefix from attribute fields in API, create a base CLI option for adding field prefixes. format now uses that prefix for error reporting. * Template now allows attaching attribute field prefixes. * Credential store uses PrefixAttributeFieldErrorsWithSubactionPrefix. * Fixing naming of vault flags and helper flags. * Updating more references to generated api methods. * Make the capabilities String method more readable * Add comment outlining PrintApiError usage of Options. * Refactor test to move declarations closer to first use * Fix comment * Implement revoke method on vault repository * Tests now verify certs, CA, and tokens, addresses can be updated in a store. * Added test for creating store with pk/cert in same field. * Allo updating certificates seperate from private key. Only contact backing vault service when updating token. * Fixing bad tests and removing unused code. * Adding tests for various ways of updating tokens. * Add private credential * Add token revocation job and cred renewal/revocation job * Regen after merge. * Fixing field mask related merge error. * Create Library CLI. Removes vault prefix from path. Adds a WithoutCleanup testOption for vault. * Set all credentials to revoked when a token is revoked * Fixing missed renaming update. * fix copy/paste error. * Fixing code generation errors after merge. * make gen after merge. * Update internal/cmd/commands/credentialstorescmd/vault_funcs.go Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * Update internal/cmd/commands/credentialstorescmd/vault_funcs.go Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * Update internal/cmd/commands/credentialstorescmd/vault_funcs.go Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * Refactor: move migrations from 10 to 12 * Removing logic from transaction. * wrapping client errors in the calling op for CredentialStore's client() method. * Redact token * redact client key * updates * Add trigger to revoke credentials when session is canceled or terminated * Fixing some help text for some flags. * Add ability to load values from files (file://) or environment variables (env://). * Updating comments * fix bad merge * feedback * Adding issued credentials to sessions. * Error on capabilities * updates * Expose NewVaulTestServer * Add godoc * Adding generated SessionCredential struct for API. * Progress on building handler test for Authorize Session. * feedback * Update policies * Add 'revoke' as a status for Vault Tokens * Add delete_time to vault credential store * Create dynamic credentials at session creation time. * Tests pass with credentials attached to AuthorizedSession result. * Only call issue if there are credentials to issue. * Fixing output only issues. Adding type to credential library. * Fix test to clear un/pw generated. confirm generated un/pw changes from 1 authorize session call to another. * Update lookupTokenError * Add delete_time to private credential store * Refactor: move private store to separate file * Fixing tests for AuthorizeSession and verifying error cases. * Only create the credential repo if there are credentials to issue. * Rename Library field to CredentialLibrary. * Fixing missing change of Library to CredentialLibrary. * Removing Default SDK functions for fields which are required and update CLI to match. * Replace resource specific id variables with "id" and the input parmater for paths to be just a single string and the resource name as it should show up in the path. * Soft delete vault credential stores * Prevent new SQL functions from silently overwriting existing functions * Rename "Hmac" to "HMAC" in the human readable cli response table. * Fix tests * Add vault database cleanup jobs * Add ability to set the token period in the vault test harness * updates * Add not_null_columns func test * remove unused struct * Up no output timeout * Validate current vault token on addr update * Fix client cert change test * add cert test * Update revocation job where * Fix comment * Use Vault's default port in CLI help strings * Remove down migrations * Increase migration file numbers by 1 * Run make migrations * Move migrations from 12 to 10 * Increase Circle CI timeout for acceptance tests * Fix spelling mistake in error messages * ASD cmds for Target and returning credentials to AuthSession request (#1338) * Add Add/Set/Remove commands for libraries on Targets. Return credentials on AuthorizeSession request. Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> Co-authored-by: Louis Ruch <louisruch@gmail.com> Co-authored-by: Todd Knight <T.Alan.Knight@gmail.com> Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>	5 years ago
Jeff Mitchell	5c8a8c3998	Merge remote-tracking branch 'origin/main' into ICU-1573	5 years ago
Michael Gaffney	094bdcdd2b	protobuf: remove unused imports (#1267 ) This removes unused imports in the protobuf files which are reported as warnings by the protoc compiler.	5 years ago

1 2 3 4 5 ...

289 Commits (d9c6de4e8b01d246fd3974ea65c5077df9e261cf)