Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: openbao | Distribution: openSUSE Tumbleweed |
Version: 2.1.0 | Vendor: openSUSE |
Release: 1.1 | Build date: Fri Nov 29 21:20:11 2024 |
Group: Productivity/Security | Build host: reproducible |
Size: 109320805 | Source RPM: openbao-2.1.0-1.1.src.rpm |
Packager: http://bugs.opensuse.org | |
Url: https://github.com/openbao/openbao | |
Summary: Manage, store, and distribute sensitive data |
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. The OpenBao community intends to provide this software under an OSI-approved open-source license, led by a community run under open governance principles. A modern system requires access to a multitude of secrets: database credentials, API keys for external services, credentials for service-oriented architecture communication, etc. Understanding who is accessing what secrets is already very difficult and platform-specific. Adding on key rolling, secure storage, and detailed audit logs is almost impossible without a custom solution. This is where OpenBao steps in. The key features of OpenBao are: * Secure Secret Storage: Arbitrary key/value secrets can be stored in OpenBao. OpenBao encrypts these secrets prior to writing them to persistent storage, so gaining access to the raw storage isn't enough to access your secrets. OpenBao can write to disk, Consul, and more. * Dynamic Secrets: OpenBao can generate secrets on-demand for some systems, such as AWS or SQL databases. For example, when an application needs to access an S3 bucket, it asks OpenBao for credentials, and OpenBao will generate an AWS keypair with valid permissions on demand. After creating these dynamic secrets, OpenBao will also automatically revoke them after the lease is up. * Data Encryption: OpenBao can encrypt and decrypt data without storing it. This allows security teams to define encryption parameters and developers to store encrypted data in a location such as a SQL database without having to design their own encryption methods. * Leasing and Renewal: All secrets in OpenBao have a lease associated with them. At the end of the lease, OpenBao will automatically revoke that secret. Clients are able to renew leases via built-in renew APIs. * Revocation: OpenBao has built-in support for secret revocation. OpenBao can revoke not only single secrets, but a tree of secrets, for example, all secrets read by a specific user, or all secrets of a particular type. Revocation assists in key rolling as well as locking down systems in the case of an intrusion.
MPL-2.0
* Fri Nov 29 2024 opensuse_buildservice@ojkastl.de - Update to version 2.1.0: * Note: - This release does not ship with the UI enabled. The UI will be available in the future. #129 - OpenBao does not provide support for Vault Enterprise features. If there is an enterprise feature you would like to see added to the project, please open a feature request. - OpenBao is fully API compatible with Vault 1.14.9, and seal compatible with the plugins the project supports. Plugin support for OpenBao can be found here. * New Features: - Remove Mount Table Limits: Using transactional storage, we've split the - auth and secret mount tables into separate storage entires, removing the - requirement that the entire table fit into a single storage entry limited by - max_entry_size. This allows potentially hundreds of thousands of mounts on - a single scaled-up server. [GH-622] - Transactional Storage: Plugin developers can now take advantage of safe - storage modification APIs when the underlying physical storage supports - them. The physical.TransactionalBackend and logical.TransactionalStorage - types allow developers to begin read-only and writable transactions, - committing or rolling back the desired changes. [GH-292] - Transit: Support PKI CSR and certificate storage alongside key material. This allows callers to securely create keys and submit requests for certificates without the key material leaving Transit. Storage of the certificate on the key avoids the need for an additional K/V mount. Rotation of this certificate and its chain is also supported. [GH-536] - auth/oidc: Add a new callback_mode role option value device to use the oidc device flow instead of a callback, add a new poll_interval role option to control how often to poll for a response, and add a new callbackmode=device option to the oidc login method in the cli. [GH-319] - auth/oidc: Add new callback_mode=direct role option to cause the oidc callback to be direct to the server instead of the client, and add a callbackmode=direct option to the oidc login method in the cli. [GH-318] - physical/postgres: Reintroduce Postgres database for OpenBao storage, implementing paginated list support. This feature is currently in preview and breaking changes may occur. [GH-467] * Changelog - 93609bf: Add changelog for v2.1.0 GA (#772) (@cipherboy) - d083548: Bump go-kms-wrapping, openbao-template prior to release (#770) (@cipherboy) - Full changelog see https://github.com/openbao/openbao/releases/tag/v2.1.0 https://github.com/openbao/openbao/releases/tag/v2.1.0-beta20241114.3 * Tue Nov 19 2024 opensuse_buildservice@ojkastl.de - Update to version 2.0.3: * This release does not ship with the UI enabled. The UI will be available in the future. #129 * OpenBao does not provide support for Vault Enterprise features. If there is an enterprise feature you would like to see added to the project, please open a feature request. * OpenBao is fully API compatible with Vault 1.14.9, and seal compatible with the plugins the project supports. Plugin support for OpenBao can be found [here](https://github.com/orgs/openbao/discussions/64). * Add v2.0.3 to CHANGELOG.md (#728) * Bump golang.org/x/net (#692) (#726) * Bump github.com/go-jose/go-jose/v3 to v3.0.3 (#693) (#727) * Bump go version to 1.22.9 for v2.0.3 release (#725) * Fix goreleaser prerelease status (#713) (#721) * Replace github.com/mholt/archiver/v3 with stdlib (#611) (#714) * Update to UBI 9.5 (#701) (#719) * Fix root namespace permission elevation (#695) (#718) * Bump github.com/golang-jwt/jwt/v4 (#691) (#717) * Compute raft peer bootstrap challenge via HKDF (#690) (#716) * Exclude changelog directory from release archive (#641) (#715) * Update goreleaser config version to 2 (#709) (#720) * Sun Oct 06 2024 opensuse_buildservice@ojkastl.de - Update to version 2.0.2: * This release does not ship with the UI enabled. The UI will be available in the future. #129 * OpenBao does not provide support for Vault Enterprise features. If there is an enterprise feature you would like to see added to the project, please open a feature request. * OpenBao is fully API compatible with Vault 1.14.9, and seal compatible with the plugins the project supports. Plugin support for OpenBao can be found [here](https://github.com/orgs/openbao/discussions/64). * use correct Alpine version (#589) * release: v2.0.2 (#586) * Bump to go 1.22.8 (#588) * Deny empty valid_principals during SSH issuance (#561) * Correctly handle IPv6 for HTTP-01 (#559) * add vault symlink to Docker images (#548) * Fix k8s registration variables (#527) * Fix aliasNameFromLoginRequest panic (#512) * fix command `vault print token` to `bao print token` in curl string generated by `buildCurlString()` (#511) * Tue Sep 10 2024 opensuse_buildservice@ojkastl.de - Update to version 2.0.1: * This release does not ship with the UI enabled. The UI will be available in the future. #129 * OpenBao does not provide support for Vault Enterprise features. If there is an enterprise feature you would like to see added to the project, please open a feature request. * OpenBao is fully API compatible with Vault 1.14.9, and seal compatible with the plugins the project supports. Plugin support for OpenBao can be found [here](https://github.com/orgs/openbao/discussions/64). * Changelog - Disable UI tests (#479) (@cipherboy) - Fix Ed25519 Pointer in PKI Existing handling (#461) (@cipherboy) - Fix api, sdk modules with v2.0.1 (#425) (@cipherboy) - Fix bao cli login success message (#452) (@sadikkuzu) - Fix broken zlint test (#458) (@cipherboy) - Pass BAO_ADDR to the token helper (#348) (@ruuda) - Update Docker dependency (#505) (@cipherboy) - Update to Go 1.22.6 toolchain for v2.0.1 (#504) (@cipherboy) - fix: variable name collision in docker-entrypoint (#446) (@jackhodgkiss) - labels use openbao as prefix instead of vault (#416) (@finkandreas) - release: v2.0.1 (@JanMa) - build using CGO_ENABLED=0 on i586, s390x and armv7l * Thu Jul 18 2024 opensuse_buildservice@ojkastl.de - Update to version 2.0.0: * This release does not ship with the UI enabled. The UI will be available in the future. #129 * This release provides initial support for artifact signing. * OpenBao does not provide support for Vault Enterprise features. If there is an enterprise feature you would like to see added to the project, please open a feature request. * OpenBao is fully API compatible with Vault 1.14.9, and seal compatible with the plugins the project supports. Plugin support for OpenBao can be found here. * Changelog - Gate Docker steps behind GOOS (#412) - Add GOOS matrix to release workflow (#411) - Update Go version, changelog, modules for GA (#410) - set bao binary version info with Goreleaser (#401) - Remove cross-cluster revocation from PKI (#365) - Update docs to include mlock removal RFC (#391) - Bump actions/upload-artifact from 4.3.3 to 4.3.4 (#395) - Clarify fork point in FAQ (#392) - docs: recreate images and diagrams (#397) - Bump test-summary/action from 2.2 to 2.4 (#387) - Remove mlock and replace with cgroups (#363) - Downgrade test-summary/action from 2.3 to 2.2 (#381) - Bump test-summary/action from 2.1 to 2.3 (#199) - Bump browser-actions/setup-chrome from 1.5.0 to 1.7.1 (#377) - Bump actions/github-script from 6.4.1 to 7.0.1 (#198) - Bump actions/upload-artifact from 3.1.2 to 4.3.3 (#376) - fix release asset parsing for download page (#378) - update website dependencies (#368) - docs(token): document the token format (#372) - Fix artifact signing, use default runner - Bump actions/configure-pages from 4 to 5 (#370) * Sun Feb 04 2024 Johannes Kastl <opensuse_buildservice@ojkastl.de> - new package openbao: provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys (open source fork of Hashicorp Vault)
/usr/bin/openbao /usr/share/doc/packages/openbao /usr/share/doc/packages/openbao/README.md /usr/share/licenses/openbao /usr/share/licenses/openbao/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Jan 24 23:52:04 2025