diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b64a65c4fc..95e5103378 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -48,7 +48,7 @@ jobs: echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" cache: false @@ -108,7 +108,7 @@ jobs: repository: boundary version: ${{ needs.set-product-version.outputs.product-version }} product: ${{ env.PKG_NAME }} - - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: metadata.json path: ${{ steps.generate-metadata-file.outputs.filepath }} @@ -139,7 +139,7 @@ jobs: steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ matrix.go }} cache: false @@ -163,7 +163,7 @@ jobs: id: set-sha run: echo "sha=$(head -n1 internal/ui/VERSION | cut -d ' ' -f1)" >> "$GITHUB_OUTPUT" - name: Download UI artifact - uses: dawidd6/action-download-artifact@20319c5641d495c8a52e688b7dc5fada6c3a9fbc # v8 + uses: dawidd6/action-download-artifact@80620a5d27ce0ae443b965134db88467fc607b43 # v7 with: workflow: build-admin-ui.yaml commit: ${{ steps.set-sha.outputs.sha }} @@ -209,7 +209,7 @@ jobs: - name: Set up Git run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com" - name: Set up Go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ matrix.go }} cache: false @@ -231,7 +231,7 @@ jobs: id: set-sha run: echo "sha=$(head -n1 internal/ui/VERSION | cut -d ' ' -f1)" >> "$GITHUB_OUTPUT" - name: Download UI artifact - uses: dawidd6/action-download-artifact@20319c5641d495c8a52e688b7dc5fada6c3a9fbc # v8 + uses: dawidd6/action-download-artifact@80620a5d27ce0ae443b965134db88467fc607b43 # v7 with: workflow: build-admin-ui.yaml commit: ${{ steps.set-sha.outputs.sha }} @@ -279,12 +279,12 @@ jobs: echo "RPM_PACKAGE=$(basename out/*.rpm)" >> "$GITHUB_ENV" echo "DEB_PACKAGE=$(basename out/*.deb)" >> "$GITHUB_ENV" - name: Upload RPM package - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ env.RPM_PACKAGE }} path: out/${{ env.RPM_PACKAGE }} - name: Upload DEB package - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ env.DEB_PACKAGE }} path: out/${{ env.DEB_PACKAGE }} @@ -309,7 +309,7 @@ jobs: steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ matrix.go }} cache: false @@ -331,7 +331,7 @@ jobs: id: set-sha run: echo "sha=$(head -n1 internal/ui/VERSION | cut -d ' ' -f1)" >> "$GITHUB_OUTPUT" - name: Download UI artifact - uses: dawidd6/action-download-artifact@20319c5641d495c8a52e688b7dc5fada6c3a9fbc # v8 + uses: dawidd6/action-download-artifact@80620a5d27ce0ae443b965134db88467fc607b43 # v7 with: workflow: build-admin-ui.yaml commit: ${{ steps.set-sha.outputs.sha }} diff --git a/.github/workflows/enos-run.yml b/.github/workflows/enos-run.yml index f7639a9349..b042c88190 100644 --- a/.github/workflows/enos-run.yml +++ b/.github/workflows/enos-run.yml @@ -38,7 +38,7 @@ jobs: with: fetch-depth: '0' - name: Set up Go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ inputs.go-version }} cache: false @@ -110,7 +110,7 @@ jobs: - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ inputs.go-version }} cache: false @@ -234,7 +234,7 @@ jobs: run: | mv ${{ steps.download-docker.outputs.download-path }}/*.tar enos/support/boundary_docker_image.tar - name: Set up Node.js - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 if: contains(matrix.filter, 'e2e_ui') with: node-version: '16.x' @@ -282,7 +282,7 @@ jobs: SCENARIO=$(echo "${{ matrix.filter }}" | cut -d' ' -f1,3 | sed 's/:/_/g') echo fragment="${SCENARIO}" >> "$GITHUB_OUTPUT" - name: Upload e2e tests output - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: test-${{ steps.split.outputs.fragment }} path: enos/*.log @@ -295,7 +295,7 @@ jobs: docker logs database - name: Upload e2e UI tests debug info if: contains(matrix.filter, 'e2e_ui') && steps.run.outcome == 'failure' - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: test-e2e-ui-debug path: enos/support/src/boundary-ui/ui/admin/tests/e2e/artifacts/test-failures @@ -308,7 +308,7 @@ jobs: enos scenario launch --timeout 60m0s --chdir ./enos ${{ matrix.filter }} - name: Upload Debug Data if: ${{ always() && steps.run_retry.outcome == 'failure' }} - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: # The name of the artifact is the same as the matrix scenario name with the spaces replaced with underscores and colons replaced by equals. name: ${{ steps.prepare_scenario.outputs.debug_data_artifact_name }} diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml index 743a0e6217..d78287e8fa 100644 --- a/.github/workflows/fuzz.yml +++ b/.github/workflows/fuzz.yml @@ -42,14 +42,14 @@ jobs: run: | echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" - shell: bash run: go test ./internal/perms -fuzz=FuzzParse -fuzztime=30s - name: Upload fuzz failure seed corpus as run artifact if: failure() - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: fuzz-corpus path: ./internal/perms/testdata/fuzz diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index c7a0fe7468..2accb79d60 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -24,7 +24,7 @@ jobs: echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" - name: Install Dependencies diff --git a/.github/workflows/make-gen-delta.yml b/.github/workflows/make-gen-delta.yml index 9f0eed44b4..9ab0d99daf 100644 --- a/.github/workflows/make-gen-delta.yml +++ b/.github/workflows/make-gen-delta.yml @@ -23,7 +23,7 @@ jobs: echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" - name: Running go mod tidy diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index 999a92f83d..e5d7806711 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -28,7 +28,7 @@ jobs: echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" cache: false @@ -79,7 +79,7 @@ jobs: repository: "$PWD" - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@7e3036b9cd87fc26dd06747b7aa4b96c27aaef3a # codeql-bundle-v2.20.3 + uses: github/codeql-action/upload-sarif@3096afedf9873361b2b2f65e1445b13272c83eb8 # codeql-bundle-v2.20.0 with: sarif_file: results.sarif diff --git a/.github/workflows/test-cli-ui_oss.yml b/.github/workflows/test-cli-ui_oss.yml index bba9a2dad5..93c651bca3 100644 --- a/.github/workflows/test-cli-ui_oss.yml +++ b/.github/workflows/test-cli-ui_oss.yml @@ -36,7 +36,7 @@ jobs: path: /tmp/bats-cli-ui-deps key: enos-bats-cli-ui-deps-jq-1.6-password-store-1.7.4-vault-1.12.2 - name: Set up Node for Bats install - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: 16 - name: Install Bats via NPM diff --git a/.github/workflows/test-race.yml b/.github/workflows/test-race.yml index 12d47c29bb..a31c78962f 100644 --- a/.github/workflows/test-race.yml +++ b/.github/workflows/test-race.yml @@ -36,7 +36,7 @@ jobs: echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" cache: false @@ -95,7 +95,7 @@ jobs: steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "${{ needs.setup.outputs.go-version }}" cache: false @@ -127,7 +127,7 @@ jobs: ulimit -Ha - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "${{ needs.setup.outputs.go-version }}" cache: false diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index cdc39c8506..f2dc8563e0 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -36,7 +36,7 @@ jobs: echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" cache: false @@ -95,7 +95,7 @@ jobs: steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "${{ needs.setup.outputs.go-version }}" cache: false @@ -127,7 +127,7 @@ jobs: ulimit -Ha - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up go - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "${{ needs.setup.outputs.go-version }}" cache: false diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl index da2c1a239d..db033ac545 100644 --- a/.release/security-scan.hcl +++ b/.release/security-scan.hcl @@ -5,6 +5,16 @@ container { dependencies = true alpine_secdb = true secrets = false + + # Triage items that are _safe_ to ignore here. Note that this list should be + # periodically cleaned up to remove items that are no longer found by the scanner. + triage { + suppress { + vulnerabilities = [ + "CVE-2024-13176", # openssl@3.3.2-r4 + ] + } + } } binary { @@ -13,4 +23,15 @@ binary { osv = true oss_index = true nvd = true + + # Triage items that are _safe_ to ignore here. Note that this list should be + # periodically cleaned up to remove items that are no longer found by the scanner. + triage { + suppress { + vulnerabilities = [ + "GO-2025-3408", # yamux@v0.1.1 + "GHSA-29qp-crvh-w22m", # yamux@v0.1.1 + ] + } + } } diff --git a/CHANGELOG.md b/CHANGELOG.md index b3a4d8a43e..4238e254d0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -62,49 +62,9 @@ maintainability of worker queries, and improve DB performance. ([PR](https://git * Go Cryptography dependency update to address CVE-2024-45337 ([PR](https://github.com/hashicorp/boundary/pull/5354)). -## 0.18.3 (2025/02/10) (Enterprise only) -### Bug fixes - -* Fix bug where database transactions were not using the correct reader & writer functions - and context. - ([PR](https://github.com/hashicorp/boundary/pull/5522)). -* Remove unnecessary subquery from alias refresh - ([PR](https://github.com/hashicorp/boundary/pull/5481)). - -### Security - -* Go Networking dependency update to address CVE-2024-45338 and GO-2024-3333 - ([PR])(https://github.com/hashicorp/boundary/pull/5406). -* Go Cryptography dependency update to address CVE-2024-45337 - ([PR](https://github.com/hashicorp/boundary/pull/5365)). - -## 0.17.4 (2025/02/10) (Enterprise only) -### Bug fixes - -* Fix bug where database transactions were not using the correct reader & writer functions - and context. - ([PR](https://github.com/hashicorp/boundary/pull/5522)). -* Remove unnecessary subquery from alias refresh - ([PR](https://github.com/hashicorp/boundary/pull/5481)). - -### Security - -* Go Networking dependency update to address CVE-2024-45338 and GO-2024-3333 - ([PR])(https://github.com/hashicorp/boundary/pull/5528). -* Go Cryptography dependency update to address CVE-2024-45337 - ([PR](https://github.com/hashicorp/boundary/pull/5366)). - ## 0.18.2 (2024/12/12) ### Bug fixes -* Fixed an issue where session recordings would fail when large numbers of - sessions were created around the same time. ([PR](https://github.com/hashicorp/boundary-plugin-aws/pull/55)) -* Fixed an issue where the controller would incorrectly handle HTTP requests - and stop prematurely. ([PR](https://github.com/hashicorp/boundary/pull/5304)) - -## 0.17.3 (2024/12/12) -### Bug fixes - * Fixed an issue where session recordings would fail when large numbers of sessions were created around the same time. ([PR](https://github.com/hashicorp/boundary-plugin-aws/pull/55)) * Fixed an issue where the controller would incorrectly handle HTTP requests diff --git a/CODEOWNERS b/CODEOWNERS index c307950dda..2520668fd3 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -2,15 +2,6 @@ # the repo, unless a later match takes precedence. * @hashicorp/boundary -# engineering and web presence get notified of, and can approve changes to, web tooling, but not content. +# web presence and education -/website/ @hashicorp/web-presence @hashicorp/boundary -/website/data/ -/website/public/ -/website/content/ - -# education and engineering get notified of, and can approve changes to web content. - -/website/data/ @hashicorp/boundary-education-approvers @hashicorp/boundary -/website/public/ @hashicorp/boundary-education-approvers @hashicorp/boundary -/website/content/ @hashicorp/boundary-education-approvers @hashicorp/boundary +/website/ @hashicorp/boundary-education-approvers @hashicorp/web-presence @hashicorp/boundary \ No newline at end of file diff --git a/enos/README.md b/enos/README.md index 7511d97695..476e651ddf 100644 --- a/enos/README.md +++ b/enos/README.md @@ -57,16 +57,6 @@ See [enos.vars.hcl](./enos.vars.hcl) for complete descriptions of each variable. You can either modify `enos.vars.hcl` directly or create your own copy at `enos-local.vars.hcl` which gets ignored by git. -### System File Modifications - -For docker-based scenarios, you will need to modify `/etc/hosts` to include the -following lines -``` -127.0.0.1 localhost boundary -127.0.0.1 localhost worker -127.0.0.1 localhost vault -``` - ## Executing Scenarios From the `enos` directory: diff --git a/go.mod b/go.mod index 279d0e6954..89f56b1f5e 100644 --- a/go.mod +++ b/go.mod @@ -16,8 +16,8 @@ require ( github.com/google/go-cmp v0.6.0 github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 - github.com/hashicorp/boundary/api v0.0.54 - github.com/hashicorp/boundary/sdk v0.0.50 + github.com/hashicorp/boundary/api v0.0.50 + github.com/hashicorp/boundary/sdk v0.0.48 github.com/hashicorp/cap v0.5.1-0.20240315182732-faa330bfb8df github.com/hashicorp/dawdle v0.5.0 github.com/hashicorp/eventlogger v0.2.9 diff --git a/internal/cmd/commands/database/funcs.go b/internal/cmd/commands/database/funcs.go index 0ab80316a7..2e667982fb 100644 --- a/internal/cmd/commands/database/funcs.go +++ b/internal/cmd/commands/database/funcs.go @@ -46,13 +46,11 @@ func migrateDatabase(ctx context.Context, ui cli.Ui, dialect, u string, initiali // This is an advisory lock on the DB which is released when the DB session ends. if err := man.ExclusiveLock(ctx); err != nil { ui.Error("Unable to capture a lock on the database.") - _ = man.Close(ctx) return noop, 2 } unlock := func() { // We don't report anything since this should resolve itself anyways. _ = man.ExclusiveUnlock(ctx) - _ = man.Close(ctx) } st, err := man.CurrentState(ctx) diff --git a/internal/db/schema/migrations/oss/testing.go b/internal/db/schema/migrations/oss/testing.go index c7b5fc3645..3c17567ab2 100644 --- a/internal/db/schema/migrations/oss/testing.go +++ b/internal/db/schema/migrations/oss/testing.go @@ -19,7 +19,6 @@ func ApplyMigration(t *testing.T, ctx context.Context, d *sql.DB, migrationId in schema.TestCreatePartialEditions(schema.Dialect(dialect), schema.PartialEditions{"oss": migrationId}), )) require.NoError(t, err) - t.Cleanup(func() { m.Close(context.Background()) }) _, err = m.ApplyMigrations(ctx) require.NoError(t, err) state, err := m.CurrentState(ctx) diff --git a/internal/db/schema/schema.go b/internal/db/schema/schema.go index 039991762c..bf12da1e54 100644 --- a/internal/db/schema/schema.go +++ b/internal/db/schema/schema.go @@ -25,7 +25,6 @@ func MigrateStore(ctx context.Context, dialect Dialect, url string, opt ...Optio if err != nil { return false, errors.Wrap(ctx, err, op) } - defer sMan.Close(ctx) st, err := sMan.CurrentState(ctx) if err != nil { diff --git a/internal/gen/controller.swagger.json b/internal/gen/controller.swagger.json index f4d8e62c9a..72a32a3daa 100644 --- a/internal/gen/controller.swagger.json +++ b/internal/gen/controller.swagger.json @@ -3,7 +3,7 @@ "info": { "title": "Boundary controller HTTP API", "description": "Welcome to the Boundary controller HTTP API documentation. This page provides a reference guide for using the Boundary controller API, a JSON-based HTTP API. The API implements commonly seen HTTP API patterns for status codes, paths, and errors. See the [API overview](https://developer.hashicorp.com/boundary/docs/api-clients/api) for more information.\n\nBefore you read this page, it is useful to understand Boundary's [domain model](https://developer.hashicorp.com/boundary/docs/concepts/domain-model) and to be aware of the terminology used here. To get started, search for the service you want to interact with in the sidebar to the left. Each resource in Boundary, such as accounts and credential stores, has its own service. Each service contains all the API endpoints for the resource.\n## Status codes\n- `2XX`: Boundary returns a code between `200` and `299` on success. Generally this is `200`, but implementations should be prepared to accept any `2XX` status code as indicating success. If a call returns a `2XX` code that is not `200`, it follows well-understood semantics for those status codes.\n- `400`: Boundary returns `400` when a command cannot be completed due to invalid user input, except for a properly-formatted identifier that does not map to an existing resource, which returns a `404` as discussed below.\n- `401`: Boundary returns `401` if no authentication token is provided or if the provided token is invalid. A valid token that simply does not have permission for a resource returns a `403` instead. A token that is invalid or missing, but where the anonymous user (`u_anon`) is able to successfully perform the action, will not return a `401` but instead will return the result of the action.\n- `403`: Boundary returns `403` if a provided token was valid but does not have the grants required to perform the requested action.\n- `404`: Boundary returns `404` if a resource cannot be found. Note that this happens _prior_ to authentication/authorization checking in nearly all cases as the resource information (such as its scope, available actions, etc.) is a required part of that check. As a result, an action against a resource that does not exist returns a `404` instead of a `401` or `403`. While this could be considered an information leak, since IDs are randomly generated and this only discloses whether an ID is valid, it's tolerable as it allows for far simpler and more robust client implementation.\n- `405`: Boundary returns a `405` to indicate that the method (HTTP verb or custom action) is not implemented for the given resource.\n- `429`: Boundary returns a `429` if any of the API rate limit quotas have been exhausted for the resource and action. It includes the `Retry-After` header so that the client knows how long to wait before making a new request.\n- `500`: Boundary returns `500` if an error occurred that is not (directly) tied to invalid user input. If a `500` is generated, information about the error is logged to Boundary's server log but is not generally provided to the client.\n- `503`: Boundary returns a `503` if it is unable to store a quota due to the API rate limit being exceeded. It includes the `Retry-After` header so that the client knows how long to wait before making a new request.\n## List pagination\nBoundary uses [API pagination](https://developer.hashicorp.com/boundary/docs/api-clients/api/pagination) to support searching and filtering large lists of results efficiently.", - "version": "0.19.0", + "version": "0.19.1", "contact": { "name": "HashiCorp Boundary", "url": "https://www.boundaryproject.io/" diff --git a/internal/oplog/testing.go b/internal/oplog/testing.go index f5f5ba5845..18509cafbc 100644 --- a/internal/oplog/testing.go +++ b/internal/oplog/testing.go @@ -125,7 +125,6 @@ func testInitStore(t testing.TB, cleanup func() error, url string) { require.NoError(t, err) sm, err := schema.NewManager(ctx, schema.Dialect(dialect), d) require.NoError(t, err) - t.Cleanup(func() { sm.Close(context.Background()) }) _, err = sm.ApplyMigrations(ctx) require.NoError(t, err) } diff --git a/version/VERSION b/version/VERSION index 3f46c4d182..4559101363 100644 --- a/version/VERSION +++ b/version/VERSION @@ -1 +1 @@ -0.19.0 \ No newline at end of file +0.19.1 \ No newline at end of file