Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport of pki: add subject key identifier to read key response into release/1.13.x #20658

Merged
merged 4 commits into from
May 19, 2023
Merged

Backport of pki: add subject key identifier to read key response into release/1.13.x #20658

merged 4 commits into from
May 19, 2023

Conversation

hc-github-team-secure-vault-core
Copy link
Contributor

Backport

This PR is auto-generated from #20642 to be assessed for backporting due to the inclusion of the label backport/1.13.x.

🚨

Warning automatic cherry-pick of commits failed. If the first commit failed,
you will see a blank no-op commit below. If at least one commit succeeded, you
will see the cherry-picked commits up to, not including, the commit where
the merge conflict occurred.

The person who merged in the original PR is:
@stevendpclark
This person should manually cherry-pick the original PR into a new backport PR,
and close this one when the manual backport PR is merged in.

merge conflict error: POST https://api.github.com/repos/hashicorp/vault/merges: 409 Merge conflict []

The below text is copied from the body of the original PR.

This will be helpful for the Terraform Vault Provider to detect migration of pre-1.11 exported keys (from CA generation) into post-1.11 Vault.

Overview of commits

@hc-github-team-secure-vault-core hc-github-team-secure-vault-core force-pushed the backport/VAULT-16251/pki/public-key-info/hopefully-national-humpback branch from 4d5cc9b to b728801 Compare May 18, 2023 16:49
@hashicorp-cla
Copy link

hashicorp-cla commented May 18, 2023
edited
Loading

CLA assistant check
All committers have signed the CLA.

@cipherboy cipherboy self-assigned this May 18, 2023
@fairclothjm @cipherboy
pki: add subject key identifier to read key response (#20642)
d452a5e 
* pki: add subject key identifier to read key response

This will be helpful for the Terraform Vault Provider to detect
migration of pre-1.11 exported keys (from CA generation) into post-1.11
Vault.

* add changelog

* Update builtin/logical/pki/path_fetch_keys.go

Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>

* check for managed key first

* Validate the SKID matches on root CAs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Validate SKID matches on int CAs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix formatting of tests

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
@fairclothjm fairclothjm force-pushed the backport/VAULT-16251/pki/public-key-info/hopefully-national-humpback branch from 7e05a97 to d452a5e Compare May 18, 2023 19:43
@fairclothjm fairclothjm marked this pull request as ready for review May 18, 2023 19:44
@fairclothjm fairclothjm requested a review from a team May 18, 2023 19:44
@fairclothjm fairclothjm enabled auto-merge (squash) May 18, 2023 19:52
@fairclothjm fairclothjm added this to the 1.13.3 milestone May 18, 2023
@fairclothjm fairclothjm merged commit 5e0cc29 into release/1.13.x May 19, 2023
@fairclothjm fairclothjm deleted the backport/VAULT-16251/pki/public-key-info/hopefully-national-humpback branch May 19, 2023 12:20
@fopina-ci fopina-ci mentioned this pull request Jun 8, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cipherboy cipherboy cipherboy approved these changes

@fairclothjm fairclothjm Awaiting requested review from fairclothjm

Assignees

@cipherboy cipherboy

Labels
None yet
Projects
None yet
Milestone
1.13.3
Development

Successfully merging this pull request may close these issues.
4 participants
@hc-github-team-secure-vault-core @hashicorp-cla @cipherboy @fairclothjm