Commit Graph

645 Commits

Author SHA1 Message Date
Mark Paluch
59f555c8a1 Polishing.
Add author tag. Fix tests.

Resolves gh-617.
Original pull request: gh-618.
2021-02-16 15:41:44 +01:00
Bruno Rodrigues
cc2f78a426 Add required scope to GCP SignJwt credentials.
Resolves gh-617.
Original pull request: gh-618.
2021-02-16 15:23:16 +01:00
Mark Paluch
54f55d9b9b Update license headers for 2021.
Closes gh-624.
2021-02-16 15:19:01 +01:00
Mark Paluch
9b280b7cb2 Apply updated code formatting rules.
See gh-623.
2021-02-09 09:53:19 +01:00
Mark Paluch
ad683a252d Wrap ThreadPoolTaskScheduler with TaskSchedulerWrapper.
We now expose a wrapped ThreadPoolTaskScheduler to not expose the bean to the context directly to avoid interference with other components requiring a properly configured ThreadPoolTaskScheduler for e.g. AtAsync usage. We remove the risk of accidentally exhausting the pool and in consequence, ensuring the pool has sufficient capacity to handle Vault background jobs.

Resolves gh-623.
2021-02-09 09:52:55 +01:00
Mark Paluch
1e453ebba5 Migrate off deprecated WebClient.exchange(…)
We now use exchangeToMono(…) for a safe release of the body.

Closes gh-612
2021-01-15 09:45:41 +01:00
Mark Paluch
873e33764e Polishing
Add author and since tags.

Related ticket: gh-614
Original pull request: gh-615
2021-01-15 09:31:30 +01:00
Willi Schönborn
f233f30779 Added VMSS support to Azure MSI Authentication
Fixes gh-614
Original pull request: gh-615
2021-01-15 09:31:24 +01:00
Mark Paluch
27dc7c038d Prepare next development iteration
See gh-608
2020-12-22 10:10:34 +01:00
Mark Paluch
397d28435e Use Artifactory plugin to deploy docs
See gh-608
2020-12-22 10:07:00 +01:00
Mark Paluch
d74c86d7c3 [maven-release-plugin] prepare for next development iteration 2020-12-22 09:25:15 +01:00
Mark Paluch
097996e6ca [maven-release-plugin] prepare release 2.3.0 2020-12-22 09:25:14 +01:00
Mark Paluch
d1f1c95455 Update changelog
See gh-608
2020-12-22 09:23:50 +01:00
Mark Paluch
b3e28c89de Upgrade to Vault 1.6.1
Closes gh-610
2020-12-22 09:16:52 +01:00
Mark Paluch
7ff3a53271 Upgrade dependencies
* netty 4.1.56.Final
* AWS SDK 1.11.924
* google-auth-library-oauth2-http 0.22.2
* json-path 2.5.0

Closes gh-609
2020-12-22 09:14:26 +01:00
Mark Paluch
ba409680e9 [maven-release-plugin] prepare for next development iteration 2020-12-10 11:59:40 +01:00
Mark Paluch
8b7f127a84 [maven-release-plugin] prepare release 2.3.0-RC1 2020-12-10 11:59:40 +01:00
Mark Paluch
7842a84e2d Polishing
Skip build forking for Javadoc generation. Upgrade to next doc resources.
2020-12-10 11:58:02 +01:00
Mark Paluch
3f01b7f8ab Polishing
Maven Deploy plugin 3.0 M1 doesn't resolve properly alt repositories so rolling back to 2.8.2
2020-12-10 11:51:16 +01:00
Mark Paluch
c0a8a305ec Upgrade dependencies
* HttpClient 4.5.13
* HttpCore 4.4.14
* Jetty Reactive Httpclient 1.1.4
* Jackson Databind 2.12.0
* AWS SDK 1.11.916
* Google API Services v1-rev20201112-1.31.0
* Google Oauth 0.22.1
* BouncyCastle 1.67
* AssertJ 3.18.1
* JUnit 5.7.0
* Kotlin 1.4.21
* Kotlin Coroutines 1.4.2
* Mockito 3.6.28
* Spring Framework 5.3.2
* Spring Data 2020.0.2
* Spring Security 5.4.2
* Reactor Dysprosium 2020.0.2

Closes gh-607
2020-12-10 11:36:21 +01:00
Mark Paluch
49d78f6b76 Update to Vault 1.6
Closes gh-604
2020-12-10 10:57:09 +01:00
Mark Paluch
4783e24dfe Update changelog
See gh-603
2020-12-10 10:52:19 +01:00
Mark Paluch
3ec52f4b21 Skip secret rotation for non-renewable leases with zero TTL
We now skip secret rotation for secrets that have a zero TTL, typically kv1/kv2 secrets that don't have a TTL configured to avoid excessive Vault calls.

Closes gh-601.
See also spring-cloud/spring-cloud-vault#391
2020-12-02 14:20:38 +01:00
Mark Paluch
dc09166d7a Polishing
Add whitespace to exception message
2020-12-02 13:59:03 +01:00
Mark Paluch
ff57fe73d2 Publish single rotated on secrets rotation for atomic propertysource updates
We now publish a single SecretLeaseRotatedEvent instead of publishing two events (SecretLeaseExpiredEvent and SecretLeaseCreatedEvent) to atomically update notify listeners such as LeaseAwareVaultPropertySource for atomic updates.

Closes gh-594.
2020-12-02 12:02:20 +01:00
Mark Paluch
6b2da56d50 Change default SecretLeaseContainer.leaseEndpoints from Legacy to Leases
Closes gh-589.
2020-12-01 17:51:04 +01:00
Mark Paluch
25c3bf8fc0 Eagerly initialize Netty4ClientHttpRequestFactory
Avoid a null SSLContext.

Closes gh-597
2020-12-01 17:49:00 +01:00
Mark Paluch
927134fcf8 Eagerly initialize Netty4ClientHttpRequestFactory
Avoid a null SSLContext.

Closes gh-597
2020-12-01 17:48:53 +01:00
Mark Paluch
ecb419f185 Polishing
Add author tag.

Closes gh-599.
2020-12-01 17:20:24 +01:00
Iouri Goussev
19bf83f505 Logger is not passed required parameter
We should either not log the token and remove %s or log the token.

Original pull request: gh-599.
2020-12-01 17:20:15 +01:00
Mark Paluch
6a98bc1f50 Reformat readme
See gh-591.
2020-12-01 17:01:27 +01:00
adeinega
ea78180982 Polishing
Original pull request: gh-591.
2020-12-01 17:00:40 +01:00
Mark Paluch
3a80e1c664 Polishing
Add author and since tags. Cleanup warnings. Add missing license header.

Closes gh-588, closes gh-590
2020-12-01 16:58:17 +01:00
Thomas Kåsene
a04bf304d2 Replaced usages of deprecated method Mockito.verifyZeroInteractions
See gh-588.
Original pull request: gh-590.
2020-12-01 16:47:45 +01:00
Thomas Kåsene
fbbf9fca68 Enabled Vault clients to revoke leases using the revoke-prefix endpoint.
- Added a new constant to LeaseEndpoints, SysLeasesUsingRevokePrefix
- Adjusted the JavaDoc for LeaseEndpoints.SysLeases
- Refactored common code to helper methods to reduce duplication

Closes gh-588.

Original pull request: gh-590.
2020-12-01 16:47:39 +01:00
Mark Paluch
f46ca3d0f1 Polishing
Reformat code, convert spaces to tabs, add license and author headers. Reorder methods. Introduce secret path to SecretNotFoundException.

Translate cas failure exception into boolean return state. Create patch body map instead of reusing body response.

See gh-585
Original pull request gh-587
2020-10-01 17:28:30 +02:00
Younghwan Jang
bc3ff1d47d Adding support of KV Patch operation
Closes gh-585
Original pull request gh-587
2020-10-01 17:27:05 +02:00
Mark Paluch
7274675483 Polishing
Reorder methods according to their call sequence.

See gh-586.
2020-09-24 10:50:24 +02:00
Mark Paluch
e00a27120d Remove resource caching from PCF and Kubernetes authentication methods
Since AuthenticationStepsOperator is now able to use non-blocking I/O for resource access, there's no need to cache the instance keys/tokens.

See gh-586.
2020-09-24 10:43:50 +02:00
Mark Paluch
672fb86260 Extend AuthenticationStepsOperator for non-blocking resource access
AuthenticationStepsOperator now uses DataBufferUtils to load credentials from a Resource for Suppliers that are instance of ResourceCredentialSupplier. Generic suppliers are called on the boundedElastic Scheduler to offload potentially blocking calls to a different thread.

Resolves gh-586.
2020-09-24 10:40:56 +02:00
Mark Paluch
2c0102f549 Remove throws Exception from SecretLeaseContainer.afterPropertiesSet
It's not required so we can drop throws Exception from the method declaration.

Closes gh-584
2020-09-21 08:55:29 +02:00
Mark Paluch
a6435b5f93 [maven-release-plugin] prepare for next development iteration
See gh-582
2020-09-15 16:30:55 +02:00
Mark Paluch
0606663ebe [maven-release-plugin] prepare release 2.3.0-M1
See gh-582
2020-09-15 16:30:55 +02:00
Mark Paluch
4bee9aef17 Polishing
See gh-582.
2020-09-15 16:28:46 +02:00
Mark Paluch
e8e5e0ad03 Run integration tests separate from unit tests
See gh-582.
2020-09-15 16:26:30 +02:00
Mark Paluch
03234ac3d9 Update changelog
See gh-582.
2020-09-15 16:20:04 +02:00
Mark Paluch
900e562f71 Upgrade dependencies
* Jetty Reactive HTTP Client 1.1.2 -> 1.1.4
* Netty 4.1.50.Final
* Jackson 2.10.0 -> 2.11.2
* AWS SDK 1.11.785 -> 1.11.861
* google-api-services-iam v1-rev20200221-1.30.9 -> v1-rev20200827-1.30.10
* google-auth-library-oauth2-http 0.20.0 -> 0.21.1
* bcpkix-jdk15on 1.65 -> 1.66
* AssertJ 3.16.1 -> 3.17.2
* JUnit 5.6.2 -> 5.7.0
* Kotlin 1.3.61 -> 1.3.72
* Kotlin Coroutines 1.3.3 -> 1.3.8
* Mockito 3.3.3 -> 3.5.10
* Spring Framework 5.2.6.RELEASE -> 5.2.9.RELEASE
* Spring Data Neumann GA -> Neumann SR3
* Spring Security 5.3.2.RELEASE -> 5.4.0
* Reactor Dysprosium SR7 -> Dysprosium SR12

Resolves gh-581.
2020-09-15 16:07:51 +02:00
Mark Paluch
1dec9f542d Incorporate review feedback
See gh-574.
2020-09-15 09:52:35 +02:00
Mark Paluch
e1def38217 Add documentation for KeyValue, PKI, Token, and Transit backend usage
Resolves gh-574.
2020-09-15 09:52:31 +02:00
Mark Paluch
8011a21bcc Introduce overloaded methods to Plaintext to configure the Charset to use
See gh-574.
2020-09-15 09:52:29 +02:00