Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

openbao-2.1.0-1.1 RPM for aarch64

From OpenSuSE Ports Tumbleweed for aarch64

Name: openbao Distribution: openSUSE Tumbleweed
Version: 2.1.0 Vendor: openSUSE
Release: 1.1 Build date: Fri Nov 29 21:20:11 2024
Group: Productivity/Security Build host: reproducible
Size: 109320805 Source RPM: openbao-2.1.0-1.1.src.rpm
Packager: http://bugs.opensuse.org
Url: https://github.com/openbao/openbao
Summary: Manage, store, and distribute sensitive data
OpenBao exists to provide a software solution to manage, store, and distribute
sensitive data including secrets, certificates, and keys. The OpenBao community
intends to provide this software under an OSI-approved open-source license, led
by a community run under open governance principles.

A modern system requires access to a multitude of secrets: database
credentials, API keys for external services, credentials for service-oriented
architecture communication, etc. Understanding who is accessing what secrets is
already very difficult and platform-specific. Adding on key rolling, secure
storage, and detailed audit logs is almost impossible without a custom
solution. This is where OpenBao steps in.

The key features of OpenBao are:

* Secure Secret Storage: Arbitrary key/value secrets can be stored in OpenBao.
  OpenBao encrypts these secrets prior to writing them to persistent storage,
  so gaining access to the raw storage isn't enough to access your secrets.
  OpenBao can write to disk, Consul, and more.
* Dynamic Secrets: OpenBao can generate secrets on-demand for some systems,
  such as AWS or SQL databases. For example, when an application needs to
  access an S3 bucket, it asks OpenBao for credentials, and OpenBao will
  generate an AWS keypair with valid permissions on demand. After creating
  these dynamic secrets, OpenBao will also automatically revoke them after the
  lease is up.
* Data Encryption: OpenBao can encrypt and decrypt data without storing it.
  This allows security teams to define encryption parameters and developers to
  store encrypted data in a location such as a SQL database without having to
  design their own encryption methods.
* Leasing and Renewal: All secrets in OpenBao have a lease associated with
  them. At the end of the lease, OpenBao will automatically revoke that secret.
  Clients are able to renew leases via built-in renew APIs.
* Revocation: OpenBao has built-in support for secret revocation. OpenBao can
  revoke not only single secrets, but a tree of secrets, for example, all
  secrets read by a specific user, or all secrets of a particular type.
  Revocation assists in key rolling as well as locking down systems in the case
  of an intrusion.

Provides

Requires

License

MPL-2.0

Changelog

* Fri Nov 29 2024 opensuse_buildservice@ojkastl.de
  - Update to version 2.1.0:
    * Note:
    - This release does not ship with the UI enabled. The UI will
      be available in the future. #129
    - OpenBao does not provide support for Vault Enterprise
      features. If there is an enterprise feature you would like to
      see added to the project, please open a feature request.
    - OpenBao is fully API compatible with Vault 1.14.9, and seal
      compatible with the plugins the project supports. Plugin
      support for OpenBao can be found here.
    * New Features:
    - Remove Mount Table Limits: Using transactional storage, we've
      split the
    - auth and secret mount tables into separate storage entires,
      removing the
    - requirement that the entire table fit into a single storage
      entry limited by
    - max_entry_size. This allows potentially hundreds of thousands
      of mounts on
    - a single scaled-up server. [GH-622]
    - Transactional Storage: Plugin developers can now take
      advantage of safe
    - storage modification APIs when the underlying physical
      storage supports
    - them. The physical.TransactionalBackend and
      logical.TransactionalStorage
    - types allow developers to begin read-only and writable
      transactions,
    - committing or rolling back the desired changes. [GH-292]
    - Transit: Support PKI CSR and certificate storage alongside
      key material. This allows callers to securely create keys and
      submit requests for certificates without the key material
      leaving Transit. Storage of the certificate on the key avoids
      the need for an additional K/V mount. Rotation of this
      certificate and its chain is also supported. [GH-536]
    - auth/oidc: Add a new callback_mode role option value device
      to use the oidc device flow instead of a callback, add a new
      poll_interval role option to control how often to poll for a
      response, and add a new callbackmode=device option to the
      oidc login method in the cli. [GH-319]
    - auth/oidc: Add new callback_mode=direct role option to cause
      the oidc callback to be direct to the server instead of the
      client, and add a callbackmode=direct option to the oidc
      login method in the cli. [GH-318]
    - physical/postgres: Reintroduce Postgres database for OpenBao
      storage, implementing paginated list support. This feature is
      currently in preview and breaking changes may occur. [GH-467]
    * Changelog
    - 93609bf: Add changelog for v2.1.0 GA (#772) (@cipherboy)
    - d083548: Bump go-kms-wrapping, openbao-template prior to
      release (#770) (@cipherboy)
    - Full changelog see
      https://github.com/openbao/openbao/releases/tag/v2.1.0
      https://github.com/openbao/openbao/releases/tag/v2.1.0-beta20241114.3
* Tue Nov 19 2024 opensuse_buildservice@ojkastl.de
  - Update to version 2.0.3:
    * This release does not ship with the UI enabled. The UI will be
      available in the future. #129
    * OpenBao does not provide support for Vault Enterprise features.
      If there is an enterprise feature you would like to see added
      to the project, please open a feature request.
    * OpenBao is fully API compatible with Vault 1.14.9, and seal
      compatible with the plugins the project supports. Plugin
      support for OpenBao can be found
      [here](https://github.com/orgs/openbao/discussions/64).
    * Add v2.0.3 to CHANGELOG.md (#728)
    * Bump golang.org/x/net (#692) (#726)
    * Bump github.com/go-jose/go-jose/v3 to v3.0.3 (#693) (#727)
    * Bump go version to 1.22.9 for v2.0.3 release (#725)
    * Fix goreleaser prerelease status (#713) (#721)
    * Replace github.com/mholt/archiver/v3 with stdlib (#611) (#714)
    * Update to UBI 9.5 (#701) (#719)
    * Fix root namespace permission elevation (#695) (#718)
    * Bump github.com/golang-jwt/jwt/v4 (#691) (#717)
    * Compute raft peer bootstrap challenge via HKDF (#690) (#716)
    * Exclude changelog directory from release archive (#641) (#715)
    * Update goreleaser config version to 2 (#709) (#720)
* Sun Oct 06 2024 opensuse_buildservice@ojkastl.de
  - Update to version 2.0.2:
    * This release does not ship with the UI enabled. The UI will be
      available in the future. #129
    * OpenBao does not provide support for Vault Enterprise features.
      If there is an enterprise feature you would like to see added
      to the project, please open a feature request.
    * OpenBao is fully API compatible with Vault 1.14.9, and seal
      compatible with the plugins the project supports. Plugin
      support for OpenBao can be found
      [here](https://github.com/orgs/openbao/discussions/64).
    * use correct Alpine version (#589)
    * release: v2.0.2 (#586)
    * Bump to go 1.22.8 (#588)
    * Deny empty valid_principals during SSH issuance (#561)
    * Correctly handle IPv6 for HTTP-01 (#559)
    * add vault symlink to Docker images (#548)
    * Fix k8s registration variables (#527)
    * Fix aliasNameFromLoginRequest panic (#512)
    * fix command `vault print token` to `bao print token` in curl
      string generated by `buildCurlString()`  (#511)
* Tue Sep 10 2024 opensuse_buildservice@ojkastl.de
  - Update to version 2.0.1:
    * This release does not ship with the UI enabled. The UI will be
      available in the future. #129
    * OpenBao does not provide support for Vault Enterprise features.
      If there is an enterprise feature you would like to see added
      to the project, please open a feature request.
    * OpenBao is fully API compatible with Vault 1.14.9, and seal
      compatible with the plugins the project supports. Plugin
      support for OpenBao can be found
      [here](https://github.com/orgs/openbao/discussions/64).
    * Changelog
    - Disable UI tests (#479) (@cipherboy)
    - Fix Ed25519 Pointer in PKI Existing handling (#461)
      (@cipherboy)
    - Fix api, sdk modules with v2.0.1 (#425) (@cipherboy)
    - Fix bao cli login success message (#452) (@sadikkuzu)
    - Fix broken zlint test (#458) (@cipherboy)
    - Pass BAO_ADDR to the token helper (#348) (@ruuda)
    - Update Docker dependency (#505) (@cipherboy)
    - Update to Go 1.22.6 toolchain for v2.0.1 (#504) (@cipherboy)
    - fix: variable name collision in docker-entrypoint (#446)
      (@jackhodgkiss)
    - labels use openbao as prefix instead of vault (#416)
      (@finkandreas)
    - release: v2.0.1 (@JanMa)
  - build using CGO_ENABLED=0 on i586, s390x and armv7l
* Thu Jul 18 2024 opensuse_buildservice@ojkastl.de
  - Update to version 2.0.0:
    * This release does not ship with the UI enabled. The UI will be
      available in the future. #129
    * This release provides initial support for artifact signing.
    * OpenBao does not provide support for Vault Enterprise features.
      If there is an enterprise feature you would like to see added
      to the project, please open a feature request.
    * OpenBao is fully API compatible with Vault 1.14.9, and seal
      compatible with the plugins the project supports. Plugin
      support for OpenBao can be found here.
    * Changelog
    - Gate Docker steps behind GOOS (#412)
    - Add GOOS matrix to release workflow (#411)
    - Update Go version, changelog, modules for GA (#410)
    - set bao binary version info with Goreleaser (#401)
    - Remove cross-cluster revocation from PKI (#365)
    - Update docs to include mlock removal RFC (#391)
    - Bump actions/upload-artifact from 4.3.3 to 4.3.4 (#395)
    - Clarify fork point in FAQ (#392)
    - docs: recreate images and diagrams (#397)
    - Bump test-summary/action from 2.2 to 2.4 (#387)
    - Remove mlock and replace with cgroups (#363)
    - Downgrade test-summary/action from 2.3 to 2.2 (#381)
    - Bump test-summary/action from 2.1 to 2.3 (#199)
    - Bump browser-actions/setup-chrome from 1.5.0 to 1.7.1 (#377)
    - Bump actions/github-script from 6.4.1 to 7.0.1 (#198)
    - Bump actions/upload-artifact from 3.1.2 to 4.3.3 (#376)
    - fix release asset parsing for download page (#378)
    - update website dependencies (#368)
    - docs(token): document the token format (#372)
    - Fix artifact signing, use default runner
    - Bump actions/configure-pages from 4 to 5 (#370)
* Sun Feb 04 2024 Johannes Kastl <opensuse_buildservice@ojkastl.de>
  - new package openbao: provide a software solution to manage,
    store, and distribute sensitive data including secrets,
    certificates, and keys (open source fork of Hashicorp Vault)

Files

/usr/bin/openbao
/usr/share/doc/packages/openbao
/usr/share/doc/packages/openbao/README.md
/usr/share/licenses/openbao
/usr/share/licenses/openbao/LICENSE


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Jan 24 23:52:04 2025