Releases: hvac/hvac
Releases · hvac/hvac
v0.7.1
IMPROVEMENTS:
- Support for the Okta auth method. GH-341
BUG FIXES:
- Simplify redirect handling in
Adapterclass to fix issues following location headers with fully qualified URLs. Note: hvac now converts//to/within any paths. GH-348 - Fixed a bug where entity and group member IDs were not being passed in to Identity secrets engine group creation / updates. GH-346
- Ensure all types of responses for the
read_health_status()system backend method can be retrieved without exceptions being raised. GH-347 - Fix
read_seal_status()inClientclass'sseal_statusproperty. GH-354
DOCUMENTATION UPDATES:
- Example GCP auth method
login()call with google-api-python-client usage added: Example with google-api-python-client Usage. GH-350
MISCELLANEOUS:
- Note: Starting after release 0.7.0,
developis the main integration branch for the hvac project. Themasterbranch is now intended to capture the state of the most recent release. - Test cases for hvac are no longer included in the release artifacts published to PyPi. GH-334
- The
create_or_update_policysystem backend method now supports a "pretty_print" argument for different JSON formatting. This allows create more viewable policy documents when retrieve existing policies (e.g., from within the Vault UI interface). GH-342 - Explicit support for Vault v0.8.3 dropped. CI/CD tests updated to run against Vault v1.0.0. GH-344
v0.7.0
DEPRECATION NOTICES:
- All auth method classes are now accessible under the
authproperty on thehvac.Clientclass. GH-310. (E.g. thegithub,ldap, andmfaClient properties' methods are now accessible underClient.auth.github, etc.) - All secrets engines classes are now accessible under the
secretsproperty on thehvac.Clientclass. GH-311 (E.g. thekv, Client property's methods are now accessible underClient.secrets.kv) - All system backend classes are now accessible under the
sysproperty on thehvac.Clientclass. GH-314 ([GH-314] through [GH-325]) E.g. methods such asenable_secret_backend()under the Client class are now accessible underClient.sys.enable_secrets_engine(), etc.
IMPROVEMENTS:
- Support for Vault Namespaces. GH-268
- Support for the Identity secrets engine. GH-269
- Support for the GCP auth method. GH-240
- Support for the Azure auth method. GH-286
- Support for the Azure secrets engine. GH-287
- Expanded Transit secrets engine support. GH-303
Thanks to @tiny-dancer, @jacquat, @deejay1, @MJ111, @jasonarewhy, and @alexandernst for their lovely contributions.
v0.6.4
IMPROVEMENTS:
- New KV secret engine-related classes added. See the KV documentation under hvac's readthedocs.io site for usage / examples. GH-257 / GH-260
MISCELLANEOUS:
- Language classifiers are now being included with the distribution. GH-247
- Token no longer being sent in URL path for the
Client.renew_tokenmethod. GH-250 - Support for the response structure in newer versions of Vault within the
Client.get_policymethod. GH-254 configandplugin_nameparameters added to theClient.enable_auth_backendmethod. GH-253
Thanks to @ijl, @rastut, @seuf, @downeast for their lovely contributions.
v0.6.3
DEPRECATION NOTICES:
- The
auth_github()method within thehvac.Clientclass has been marked as deprecated and will be removed in hvac v0.8.0 (or later). Please update any callers of this method to use thehvac.Client.github.login()instead. - The
auth_ldap()method within thehvac.Clientclass has been marked as deprecated and will be removed in hvac v0.8.0 (or later). Please update any callers of this method to use thehvac.Client.ldap.login()instead.
IMPROVEMENTS:
- New Github auth method class added. See the documentation for usage / examples. GH-242
- New Ldap auth method class added. See the documentation for usage / examples. GH-244
- New Mfa auth method class added. See the documentation for usage / examples. GH-255
auth_aws_iam()method updated to include "region" parameter for deployments in different AWS regions. GH-243
DOCUMENTATION UPDATES:
- Additional guidance for how to configure hvac's
Clientclass to leverage self-signed certificates / private CA bundles has been added at: Making Use of Private CA. GH-230 - Docstring for
verifyClientparameter corrected and expanded. GH-238
MISCELLANEOUS:
- Automated PyPi deploys via travis-ci removed. GH-226
- Repository transferred to the new "hvac" GitHub organization; thanks @ianunruh! GH-227
- Codecov (automatic code coverage reports) added. GH-229 / GH-228
- Tests subdirectory reorganized; now broken up by integration versus unit tests with subdirectories matching the module path for the code under test. GH-236
Thanks to @otakup0pe, @FabianFrank, @andrewheald for their lovely contributions.
v0.6.2
BACKWARDS COMPATIBILITY NOTICE:
- With the newly added
hvac.adapters.Requestclass, request kwargs can no longer be directly modified via the_kwargsattribute on theClientclass. If runtime modifications to this dictionary are required, callers either need to explicitly pass in a newadapterinstance with the desired settings via theadapterpropery on theClientclass or access the_kwargsproperty via theadapterproperty on theClientclass.
See the Advanced Usage section of this module's documentation for additional details.
IMPROVEMENTS:
- sphinx documentation and readthedocs.io project added. GH-222
- README.md included in setuptools metadata. GH-222
- All
tune_secret_backend()parameters now accepted. GH-215 - Add
read_lease()method GH-218 - Added adapter module with
Requestclass to abstract HTTP requests away from theClientclass. GH-223
Thanks to @bbayszczak, @jvanbrunschot-coolblue for their lovely contributions.
v0.6.1
IMPROVEMENTS:
- Update
unwrap()method to match current Vault versions [GH-149] - Initial support for Kubernetes authentication backend [GH-210]
- Initial support for Google Cloud Platform (GCP) authentication backend [GH-206]
- Update enable_secret_backend function to support kv version 2 [GH-201]
BUG FIXES:
- Change URL parsing to allow for routes in the base Vault address (e.g.,
https://example.com/vault) [GH-212].
Thanks to @mracter, @cdsf, @sin, @seanmalloy, for their lovely contributions.
v0.6.0
BACKWARDS COMPATIBILITY NOTICE:
- Token revocation now sends the token in the request payload. Requires Vault >0.6.5
- Various methods have new and/or re-ordered keyword arguments. Code calling these methods with positional arguments
may need to be modified.
IMPROVEMENTS:
- Ensure mount_point Parameter for All AWS EC2 Methods [GH-195]
- Add Methods for Auth Backend Tuning [GH-193]
- Customizable approle path / mount_point [GH-190]
- Add more methods for the userpass backend [GH-175]
- Add transit signature_algorithm parameter [GH-174]
- Add auth_iam_aws() method [GH-170]
- lookup_token function POST token not GET [GH-164]
- Create_role_secret_id with wrap_ttl & fix get_role_secret_id_accessor [GH-159]
- Fixed json() from dict bug and added additional arguments on auth_ec2() method [GH-157]
- Support specifying period when creating EC2 roles [GH-140]
- Added support for /sys/generate-root endpoint [GH-131] / [GH-199]
- Added "auth_cubbyhole" method [GH-119]
- Send token/accessor as a payload to avoid being logged [GH-117]
- Add AppRole delete_role method [GH-112]
BUG FIXES:
- Always Specify auth_type In create_ec2_role [GH-197]
- Fix "double parasing" of JSON response in auth_ec2 method [GH-181]
Thanks to @freimer, @ramiamar, @marcoslopes, @ianwestcott, @marc-sensenich, @sunghyun-lee, @jnaulty, @sijis,
@Myles-Steinhauser-Bose, @oxmane, @ltm, @bchannak, @tkinz27, @crmulliner, for their lovely contributions.
v0.5.0
v0.4.0
v0.3.0
This is just the highlights, there have been a bunch of changes!
IMPROVEVEMENTS:
BUG FIXES
Thanks to @ianwestcott, @s3u, @mracter, @intgr, @jkdihenkar, @gaelL,
@henriquegemignani, @bfeeser, @nicr9, @mwielgoszewski, @mtougeron
for their contributions!