summaryrefslogtreecommitdiffstats
path: root/ansible_collections/community/hashi_vault/docs/docsite
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-18 05:52:35 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-18 05:52:35 +0000
commit7fec0b69a082aaeec72fee0612766aa42f6b1b4d (patch)
treeefb569b86ca4da888717f5433e757145fa322e08 /ansible_collections/community/hashi_vault/docs/docsite
parentReleasing progress-linux version 7.7.0+dfsg-3~progress7.99u1. (diff)
downloadansible-7fec0b69a082aaeec72fee0612766aa42f6b1b4d.tar.xz
ansible-7fec0b69a082aaeec72fee0612766aa42f6b1b4d.zip
Merging upstream version 9.4.0+dfsg.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/community/hashi_vault/docs/docsite')
-rw-r--r--ansible_collections/community/hashi_vault/docs/docsite/rst/CHANGELOG.rst97
-rw-r--r--ansible_collections/community/hashi_vault/docs/docsite/rst/user_guide.rst11
2 files changed, 98 insertions, 10 deletions
diff --git a/ansible_collections/community/hashi_vault/docs/docsite/rst/CHANGELOG.rst b/ansible_collections/community/hashi_vault/docs/docsite/rst/CHANGELOG.rst
index 5223d4a97..4362dc7f0 100644
--- a/ansible_collections/community/hashi_vault/docs/docsite/rst/CHANGELOG.rst
+++ b/ansible_collections/community/hashi_vault/docs/docsite/rst/CHANGELOG.rst
@@ -1,9 +1,99 @@
-===================================
-community.hashi_vault Release Notes
-===================================
+====================================
+community.hashi\_vault Release Notes
+====================================
.. contents:: Topics
+v6.2.0
+======
+
+Release Summary
+---------------
+
+This release contains a dozen+ new modules for working with Vault's database secrets engine and some new ``vars`` entries for specifying public and private keys in ``cert`` auth.
+
+Minor Changes
+-------------
+
+- cert auth - add option to set the ``cert_auth_public_key`` and ``cert_auth_private_key`` parameters using the variables ``ansible_hashi_vault_cert_auth_public_key`` and ``ansible_hashi_vault_cert_auth_private_key`` (https://github.com/ansible-collections/community.hashi_vault/issues/428).
+
+New Modules
+-----------
+
+- vault_database_connection_configure - Configures the database engine
+- vault_database_connection_delete - Delete a Database Connection
+- vault_database_connection_read - Returns the configuration settings for a O(connection_name)
+- vault_database_connection_reset - Closes a O(connection_name) and its underlying plugin and restarts it with the configuration stored
+- vault_database_connections_list - Returns a list of available connections
+- vault_database_role_create - Creates or updates a (dynamic) role definition
+- vault_database_role_delete - Delete a role definition
+- vault_database_role_read - Queries a dynamic role definition
+- vault_database_roles_list - Returns a list of available (dynamic) roles
+- vault_database_rotate_root_credentials - Rotates the root credentials stored for the database connection. This user must have permissions to update its own password.
+- vault_database_static_role_create - Create or update a static role
+- vault_database_static_role_get_credentials - Returns the current credentials based on the named static role
+- vault_database_static_role_read - Queries a static role definition
+- vault_database_static_role_rotate_credentials - Trigger the credential rotation for a static role
+- vault_database_static_roles_list - Returns a list of available static roles
+
+v6.1.0
+======
+
+Release Summary
+---------------
+
+This release addresses some breaking changes in core that were backported.
+
+Major Changes
+-------------
+
+- requirements - the ``requests`` package which is required by ``hvac`` now has a more restrictive range for this collection in certain use cases due to breaking security changes in ``ansible-core`` that were backported (https://github.com/ansible-collections/community.hashi_vault/pull/416).
+
+v6.0.0
+======
+
+Release Summary
+---------------
+
+This major version of the collection has no functional changes from the previous version, however the minimum versions of ``hvac`` and ``ansible-core`` have been raised. While the collection may still work with those earlier versions, future changes will not test against them.
+
+Breaking Changes / Porting Guide
+--------------------------------
+
+- The minimum required version of ``hvac`` is now ``1.2.1`` (https://docs.ansible.com/ansible/devel/collections/community/hashi_vault/docsite/user_guide.html#hvac-version-specifics).
+
+Removed Features (previously deprecated)
+----------------------------------------
+
+- The minimum supported version of ``ansible-core`` is now ``2.14``, support for ``2.13`` has been dropped (https://github.com/ansible-collections/community.hashi_vault/pull/403).
+
+v5.0.1
+======
+
+Release Summary
+---------------
+
+This release fixes a bug in ``vault_write`` ahead of the collection's next major release.
+
+Bugfixes
+--------
+
+- vault_write - the ``vault_write`` lookup and module were not able to write data containing keys named ``path`` or ``wrap_ttl`` due to a bug in the ``hvac`` library. These plugins have now been updated to take advantage of fixes in ``hvac>=1.2`` to address this (https://github.com/ansible-collections/community.hashi_vault/issues/389).
+
+v5.0.0
+======
+
+Release Summary
+---------------
+
+This version makes some relatively minor but technically breaking changes. Support for ``ansible-core`` versions ``2.11`` and ``2.12`` have been dropped, and there is now a minimum supported version of ``hvac`` which will be updated over time. A warning in the ``hashi_vault`` lookup on duplicate option specifications in the term string has been changed to a fatal error.
+
+Breaking Changes / Porting Guide
+--------------------------------
+
+- Support for ``ansible-core`` 2.11 and 2.12 has been removed (https://github.com/ansible-collections/community.hashi_vault/issues/340).
+- The minimum version of ``hvac`` for ``community.hashi_vault`` is now ``1.1.0`` (https://github.com/ansible-collections/community.hashi_vault/issues/324).
+- hashi_vault lookup - duplicate option entries in the term string now raises an exception instead of a warning (https://github.com/ansible-collections/community.hashi_vault/issues/356).
v4.2.1
======
@@ -601,4 +691,3 @@ Release Summary
---------------
Our first release matches the ``hashi_vault`` lookup functionality provided by ``community.general`` version ``1.3.0``.
-
diff --git a/ansible_collections/community/hashi_vault/docs/docsite/rst/user_guide.rst b/ansible_collections/community/hashi_vault/docs/docsite/rst/user_guide.rst
index a3f417800..badf7f8da 100644
--- a/ansible_collections/community/hashi_vault/docs/docsite/rst/user_guide.rst
+++ b/ansible_collections/community/hashi_vault/docs/docsite/rst/user_guide.rst
@@ -29,19 +29,18 @@ The content in ``community.hashi_vault`` requires the `hvac <https://hvac.readth
``hvac`` version specifics
--------------------------
-In general, we recommend using the latest version of ``hvac`` that is supported for your given Python version because that is what we test against. Where possible we will try to list version-specific restrictions here, but this list may not be exhaustive.
+In general, we recommend using the latest version of ``hvac`` that is supported for your given Python version because that is what we test against.
-* ``hvac`` 0.7.0+ (for Azure auth and namespace support)
-* ``hvac`` 0.9.6+ (to avoid most deprecation warnings)
-* ``hvac`` 0.10.5+ (for JWT auth)
-* ``hvac`` 0.10.6+ (to avoid deprecation warning for AppRole)
-* ``hvac`` 0.10.12+ (for cert auth)
+As of ``community.hashi_vault`` version ``5.0.0`` we are setting a minimum supported version of ``hvac``.
+
+**The current required minimum** ``hvac`` **version is** ``1.2.1``.
Other requirements
------------------
* ``boto3`` (only if loading credentials from a boto session, for example using an AWS profile or IAM role credentials)
* ``azure-identity`` (only if using a service principal or managed identity)
+* ``requests`` — with ``requests>=2.28,<2.29``, setting certain options (``token``, ``namespace``) to values that come from lookups will raise an exception, do to Ansible's marking of the values as "unsafe" for templating. We recommend using ``requests>=2.29``, which won't work with Python 3.6.
Retrying failed requests
========================