| 2494 |
 |
Dev environment supports hot reloading
|
|
|
3y |
3y |
|
|
|
| 2430 |
 |
Policy Permit Privileges without brackets doesn't produce an error
|
|
|
3y |
3y |
|
kind/bug
|
|
| 2380 |
 |
Better handling of malformed Kubernetes service account token for Kubernetes authenticator
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
|
|
| 2245 |
 |
Add minimum thread count to puma configuration
|
|
|
4y |
4y |
4y |
|
recv
|
| 2181 |
 |
Kubernetes Authenticator Websocket Client doesn't support Server Name Indication (SNI)
|
|
|
4y |
5mo |
5mo |
kind/bug
kind/support
|
member-last send
|
| 2133 |
 |
Fix ApplicationController complexity
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
|
|
| 2117 |
 |
Fix all Conjur CC issues
|
|
|
4y |
4y |
4y |
kind/technical-debt
|
recv
|
| 2108 |
|
Update release workflow to include API version
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
|
|
| 2081 |
|
Add tests for no STDIN but `--password-from-stdin` option is provided
|
|
|
4y |
4y |
4y |
|
recv
|
| 2067 |
|
Non-empty policy variable values should apply and take precedence for Kubernetes authenticator
|
|
|
4y |
4y |
|
kind/bug
component/conjur
|
|
| 2062 |
 |
A test setup exists for testing simplified authn client config
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
contributor-last recv
|
| 2046 |
 |
Should raise informative log error in case role not exist in k8s inject_client_cert
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
|
assigned
|
| 2000 |
 |
Validation for restricted to setting while loading a policy
|
|
|
4y |
4y |
|
|
|
| 1980 |
 |
Update .dockerignore to include deb file exclusions
|
|
|
4y |
4y |
|
kind/cleanup
severity/medium
|
|
| 1964 |
|
Update upgrade process: separate schema and data restoration
|
|
|
5y |
4y |
5y |
kind/enhancement
component/conjur
|
contributor-last recv recv-q
|
| 1959 |
 |
There is a draft plan for improving Conjur sidecar automation in Kubernetes / OpenShift
|
|
|
5y |
5y |
5y |
component/k8s
kind/spike
|
contributor-last recv
|
| 1958 |
 |
Adding recursive permit statements
|
|
6
|
5y |
4y |
5y |
kind/enhancement
component/conjur
internal-contributor
|
recv
|
| 1956 |
 |
Support debugging authn-k8s in dev env
|
|
|
5y |
7mo |
|
kind/enhancement
component/conjur
rnd-boost
|
contributor-last open-milestone
|
| 1945 |
 |
Nil error in authn_k8s/inject_client_cert.rb
|
|
|
5y |
5y |
|
kind/bug
component/conjur
|
contributor-last recv-q
|
| 1922 |
 |
Variable Content Validation
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
|
|
| 1920 |
 |
Hosts can acquire valid password via password change
|
|
|
5y |
7mo |
|
kind/bug
component/conjur
|
|
| 1863 |
|
Support validating host annotations for authentication while loading a policy
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
Epic
|
contributor-last
|
| 1787 |
|
Conjur debian package is updated to exclude irrelevant files and directories
|
|
|
5y |
5y |
5y |
component/appliance
kind/enhancement
component/conjur
|
assigned contributor-last recv
|
| 1765 |
 |
Cucumber - Remove audit keyword from log step
|
|
|
5y |
4y |
|
component/authenticators
rnd-boost
|
open-milestone
|
| 1757 |
|
Authentication token available in OAuth format
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
|
|
| 1753 |
|
Conjur policy reload does not update annotations in APPEND mode
|
|
|
5y |
5y |
5y |
kind/bug
component/conjur
severity/critical
source/salesforce
|
recv recv-q
|
| 1718 |
 |
Configure SSL certs/keys and postgres ssl_mode
|
|
|
5y |
4y |
5y |
kind/enhancement
component/conjur
contributor
has-idea
|
recv recv-q
|
| 1700 |
|
CIDR Restriction - invalid cidr value DB Error
|
|
|
5y |
5y |
|
kind/bug
component/conjur
severity/low
support/moderate
|
|
| 1696 |
|
Consider refactoring request IP tests to smaller units under test
|
|
|
5y |
5y |
|
kind/technical-debt
kind/testing
|
|
| 1679 |
|
CIDR Support Proxy - Remove validate_origin from Authenticate
|
|
|
5y |
5y |
|
kind/technical-debt
|
|
| 1673 |
|
Migrate conjur-policy-parser locally
|
|
|
5y |
5mo |
5mo |
|
assigned member-last send
|
| 1651 |
 |
Conjur Account change to Space
|
|
|
5y |
2y |
|
Epic
|
|
| 1618 |
 |
Load empty policy cause to 403 in creating host from token
|
|
|
5y |
5y |
|
kind/bug
component/conjur
severity/high
|
open-milestone
|
| 1611 |
|
Implicit database dependency in credentials command classes
|
|
|
5y |
5y |
|
kind/technical-debt
|
|
| 1604 |
|
Update landing page jquery to 3.3.1-dfsg or higher
|
|
|
5y |
5y |
|
kind/technical-debt
severity/medium
|
|
| 1603 |
|
Update landing page bootstrap to 3.4.1 or later
|
|
|
5y |
5y |
|
kind/technical-debt
severity/high
|
|
| 1587 |
|
Refactor `./start`
|
|
|
5y |
5y |
5y |
kind/cleanup
|
recv
|
| 1562 |
|
Baseline functionality for "Testing Best Practices" has been established
|
|
|
5y |
4y |
4y |
kind/technical-debt
component/conjur
|
assigned member-last send
|
| 1557 |
|
Extend rake task to get next available trackable log message code
|
|
|
5y |
5y |
5y |
kind/enhancement
component/conjur
|
recv
|
| 1530 |
|
Separate orchestrator config from policy_version model
|
|
|
5y |
5y |
|
kind/cleanup
component/conjur
|
assigned
|
| 1524 |
|
Querying resources as a role without specifying the fully qualified ID leads to a 403 response
|
|
|
5y |
9mo |
9mo |
kind/bug
component/conjur
|
member-last send
|
| 1519 |
|
Adds info endpoint for server/follower ID and version for debugging
|
|
|
5y |
5y |
5y |
kind/enhancement
component/conjur
|
member-last send
|
| 1503 |
|
Update audit private enterprise number
|
|
|
5y |
5y |
|
kind/technical-debt
component/conjur
|
similar
|
| 1502 |
|
Update private enterprise number contact
|
|
|
5y |
5y |
|
|
similar
|
| 1488 |
|
CI pipeline never exercises "environments/production.rb"
|
|
|
5y |
4y |
5y |
kind/bug
component/conjur
rnd-boost
|
member-last open-milestone send
|
| 1478 |
|
Conjur CI workflow is documented
|
|
|
5y |
5y |
|
kind/technical-debt
|
|
| 1467 |
|
Improve security by permitting only expected params
|
|
|
5y |
5y |
5y |
kind/technical-debt
component/conjur
|
recv
|
| 1466 |
 |
fetchCertificate and pdf/fetchCertificate consist of hard coded path to httpclient
|
|
|
5y |
4y |
|
kind/bug
component/conjur
rnd-boost
|
open-milestone
|
| 1370 |
|
Cyberark DAP Host Policy docs are updated to include the `api_key_enabled` attribute
|
|
|
5y |
5y |
|
kind/documentation
component/conjur
support/serious
|
similar
|
| 1369 |
|
Cyberark DAP User Policy docs are updated to include the `api_key_enabled` attribute
|
|
|
5y |
5y |
|
kind/documentation
component/conjur
support/serious
|
similar
|
| 1368 |
|
Cyberark Conjur Host Policy docs are updated to include the `api_key_enabled` attribute
|
|
|
5y |
5y |
|
kind/documentation
component/conjur
support/serious
|
similar
|
| 1367 |
|
Cyberark Conjur User Policy docs are updated to include the `api_key_enabled` attribute
|
|
|
5y |
5y |
|
kind/documentation
component/conjur
support/serious
|
similar
|
| 1366 |
|
Changing a User/Host api_key_enabled attribute to true generates an API key
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
similar
|
| 1365 |
|
Changing a User/Host api_key_enabled attribute to false removes the API key
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
similar
|
| 1364 |
|
Logging into the default authenticator with a User/Host with disabled API keys fails
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
|
| 1363 |
|
Rotating a User/Host with disabled API key results in an error
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
|
| 1362 |
|
An API key is not generated when api_key_enabled attribute is true
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
similar
|
| 1361 |
|
An API key is generated when api_key_enabled attribute is true
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
similar
|
| 1327 |
|
Conjur README is clear and approachable
|
|
|
5y |
5mo |
5y |
kind/documentation
kind/technical-debt
good-first-issue
|
contributor-last recv
|
| 1269 |
 |
Test log output for application identity in GKE
|
|
|
5y |
4y |
|
component/authenticators
kind/enhancement
rnd-boost
|
assigned open-milestone
|
| 1265 |
|
Kubernetes authenticator supports container-level application identity
|
|
|
5y |
5y |
5y |
component/k8s
kind/enhancement
component/conjur
|
contributor-last recv
|
| 1258 |
|
Add GKE testing section to README
|
|
|
5y |
5y |
|
kind/documentation
kind/enhancement
|
|
| 1198 |
|
Audit atomicity
|
|
|
6y |
6y |
|
|
assigned
|
| 1191 |
 |
Architecture Diagram for DB off OpenShift
|
|
|
6y |
6y |
6y |
|
recv
|
| 1177 |
|
(GA) Test if encryptions of k8s secrets is working
|
|
|
6y |
4y |
|
component/k8s
kind/spike
rnd-boost
|
assigned open-milestone
|
| 1163 |
|
Switch UTs from Convey to testify in k8s authn client
|
|
|
6y |
4y |
|
component/k8s
kind/testing
rnd-boost
|
open-milestone
|
| 1161 |
|
(CA) Challenge conjur-map format and parsing
|
|
|
6y |
4y |
|
component/authenticators
component/k8s
kind/enhancement
rnd-boost
|
assigned open-milestone
|
| 1159 |
|
(CA) Add log level configuration
|
|
|
6y |
4y |
|
component/authenticators
component/k8s
kind/enhancement
rnd-boost
|
assigned open-milestone
|
| 1154 |
|
Tests a 504 response code in OIDC
|
|
|
6y |
4y |
|
component/authn-oidc
kind/testing
rnd-boost
|
open-milestone
|
| 1142 |
|
Conjur authn-k8s client user inputs can be provided as CMD args along as env vars
|
|
|
6y |
4y |
|
component/k8s
kind/enhancement
rnd-boost
|
open-milestone
|
| 1132 |
|
Audit batch retrieve secret should be performed on full success only
|
|
|
6y |
4y |
|
rnd-boost
|
open-milestone
|
| 1115 |
|
Logs in `production` env should include severity, timestamp & pid
|
|
|
6y |
5y |
|
kind/bug
component/conjur
severity/low
good-first-issue
|
open-milestone
|
| 1112 |
|
Executing docker run on Conjur image produces useful error
|
|
|
6y |
4y |
|
rnd-boost
|
open-milestone
|
| 1101 |
|
Decide on permissions to webservice
|
|
|
6y |
4y |
|
kind/enhancement
component/conjur
rnd-boost
|
open-milestone
|
| 1097 |
|
Authenticators API
|
|
|
6y |
6y |
|
Epic
|
|
| 1096 |
 |
A central location exists for Conjur Log docs
|
|
|
6y |
2y |
6y |
kind/developer-experience
|
assigned recv
|
| 1093 |
|
We understand the testing currently performed in the cyberark/conjur repo
|
|
|
6y |
6y |
|
|
|
| 1092 |
|
Value objects should not interact with the DB
|
|
|
6y |
6y |
|
component/authenticators
kind/enhancement
|
|
| 1089 |
|
Convert FetchOidcSecrets to OidcVariable
|
|
|
6y |
6y |
|
kind/enhancement
component/authn-oidc
|
|
| 1088 |
|
Convert Command class call methods to explicit mode
|
|
|
6y |
4y |
|
component/authenticators
kind/enhancement
rnd-boost
|
assigned open-milestone
|
| 1082 |
|
Investigate permission problems in master startup
|
|
|
6y |
5y |
5y |
component/k8s
kind/spike
|
assigned member-last send
|
| 1077 |
|
Map persistence locations in appliance image
|
|
|
6y |
4y |
|
component/k8s
kind/spike
rnd-boost
|
assigned open-milestone
|
| 1075 |
|
Replace deployment config with stateful set
|
|
|
6y |
6y |
|
component/k8s
kind/spike
|
assigned
|
| 1070 |
|
Play with master inside minishift
|
|
|
6y |
6y |
|
component/k8s
kind/spike
|
assigned
|
| 1066 |
|
OAuth 2 Device Grant - Spike
|
|
|
6y |
6y |
|
component/authenticators
kind/spike
|
assigned
|
| 1053 |
|
`/authenticators/available` API returns the authenticators which are available for configuration - DRAFT
|
|
|
6y |
6y |
|
component/authenticators
|
|
| 1051 |
|
`/authenticators` API returns authenticators that are ready for authentication
|
|
|
6y |
6y |
|
component/authenticators
|
|
| 984 |
|
No indication of missing rotator
|
|
|
6y |
6y |
6y |
|
member-last
|
| 943 |
|
Conjur Certificate Authorities support signing intermediate certificate authorities
|
|
|
6y |
6y |
|
kind/enhancement
component/conjur
blocked
component/pki
on-hold
in progress
|
assigned
|
| 930 |
 |
Can't load a delegation policy for a variable contains colon (:) in name
|
|
|
6y |
4y |
|
kind/bug
component/conjur
severity/low
rnd-boost
|
open-milestone
|
| 923 |
|
Conjur Certificate Authorities support signing SSH RSA public keys in PEM format
|
|
|
6y |
6y |
|
kind/enhancement
component/conjur
component/pki
on-hold
|
assigned
|
| 920 |
|
Add error injection to Command class in oidc
|
|
|
6y |
6y |
|
kind/enhancement
merged
component/authn-oidc
in progress
|
assigned
|
| 918 |
|
CommandClass can receive errors directly
|
|
|
6y |
6y |
|
|
assigned assignee-updated contributor-last
|
| 898 |
|
cucumber steps can be shared between profiles
|
|
|
6y |
6y |
|
kind/enhancement
component/cucumber
|
|
| 844 |
|
Policy reloading when an integration that auto-loads policy is used has passed XA
|
|
|
6y |
6y |
6y |
component/ldap-sync
component/pcf
kind/XA
|
contributor-last recv
|
| 843 |
|
Secrets can be retrieved with variable prefix
|
|
2
|
6y |
6y |
6y |
kind/enhancement
component/api
|
member-last
|
| 835 |
|
Replace Ruby Sass
|
|
|
6y |
8mo |
8mo |
|
member-last
|
| 824 |
|
Authenticate controller logs error message correctly
|
|
|
7y |
5y |
5y |
|
member-last send
|
| 813 |
|
Host Factory created hosts don't have the policy namespace of their layer
|
|
|
7y |
2y |
4y |
kind/bug
component/conjur
severity/medium
|
recv-q
|
| 812 |
 |
Conjur k8s tests can be run on minikube
|
|
|
7y |
7y |
7y |
kind/technical-debt
component/conjur
kind/developer-experience
|
recv
|
| 793 |
|
authn-k8s can't authenticate pods controlled by DeploymentConfig
|
|
|
7y |
4y |
|
kind/bug
component/openshift
severity/medium
|
|
| 746 |
|
Authenticator "origin" parameter should be more clearly named
|
|
|
7y |
4y |
|
kind/technical-debt
rnd-boost
|
contributor-last open-milestone
|
| 735 |
|
ci/test script referenes cucumber/cucumber.yml
|
|
|
7y |
4y |
|
rnd-boost
|
open-milestone
|
| 734 |
|
Sequel log level is set to :warn
|
|
|
7y |
4y |
|
rnd-boost
|
contributor-last open-milestone
|
| 690 |
|
Possible Future CA Development
|
|
|
7y |
7y |
|
|
|
| 688 |
|
Conjur CA Services are documented
|
|
|
7y |
7y |
|
kind/documentation
component/conjur
|
|
| 675 |
 |
OpenShift events are displayed in the UI's audit log
|
|
|
7y |
7y |
|
component/openshift
|
|
| 670 |
|
Conjur is tested under continuous loads
|
|
|
7y |
7y |
|
component/conjur
|
|
| 650 |
|
A K8s/OpenShift version support matrix is available
|
|
|
7y |
7y |
7y |
component/k8s
kind/epic
kind/documentation
|
assigned member-last send
|
| 649 |
|
Conjur can rotate Oracle database connections
|
|
|
7y |
7y |
|
component/rotators
component/conjur
|
|
| 648 |
|
SSH public key rotation exists in Conjur
|
|
|
7y |
7y |
|
component/rotators
component/conjur
|
|
| 647 |
|
SSH key pair rotation is available in Conjur
|
|
|
7y |
7y |
|
component/rotators
component/conjur
|
|
| 646 |
|
S3 based Host Factory Token rotation has been ported
|
|
|
7y |
7y |
|
component/rotators
component/conjur
|
|
| 645 |
|
GCP Service Account rotator has been ported
|
|
|
7y |
7y |
|
component/rotators
component/conjur
|
|
| 644 |
|
Rotators have been migrated from V4
|
|
|
7y |
6y |
|
component/rotators
kind/epic
component/conjur
|
|
| 640 |
|
Conjur Docker image follows the standard version naming convention
|
|
|
7y |
5y |
5y |
kind/enhancement
|
member-last send
|
| 621 |
|
Host CIDR restriction can be set using host factory token
|
|
|
7y |
7y |
|
|
|
| 620 |
|
CIDR Authentication Restriction for Users and Hosts is Documented
|
|
|
7y |
5y |
|
kind/documentation
component/conjur
source/salesforce
|
|
| 614 |
 |
Cucumber tests should run in random order
|
|
|
7y |
7y |
7y |
|
recv
|
| 607 |
|
A user sees the Audit events are visible to them
|
|
|
7y |
5y |
5y |
|
member-last send
|
| 599 |
|
Use of !include causes better error message
|
|
|
7y |
7y |
|
|
|
| 582 |
 |
Can't permit on a nested list of resources using policy
|
|
|
7y |
7y |
7y |
|
contributor-last recv
|
| 540 |
 |
Deprecate the route GET /resources/:account
|
|
|
7y |
6y |
7y |
component/conjur
|
member-last send
|
| 527 |
|
Multi-Domain LDAP Authentication
|
|
|
7y |
7y |
|
|
contributor-last
|
| 513 |
 |
64bit OS required for Docker on Linux, but Docker doesn't validate architecture and will pass `hello-world` successfully on 32bit
|
|
|
7y |
7y |
|
|
|
| 509 |
 |
Error msg unclear when loading policy with multiple unnamed hostfactory configurations
|
|
|
7y |
2y |
2y |
kind/enhancement
component/cli
component/conjur
|
member-last send
|
| 482 |
|
Document maximum policy size
|
|
|
8y |
5mo |
8y |
kind/documentation
good-first-issue
rnd-boost
|
open-milestone recv
|
| 426 |
|
Site assets are minified in production build
|
|
|
8y |
7mo |
|
|
|
| 181 |
|
String ids considered harmful
|
|
|
8y |
5y |
5y |
|
member-last send
|
| 1417 |
|
Running juxtaposer on release is automated
|
|
|
4y |
4y |
|
kind/enhancement
component/secretless-broker
|
|
| 1403 |
 |
provide ability to intercept sigquit (kill -3) to generate current execution stack snapshots for all active tasks
|
|
|
4y |
4y |
|
kind/enhancement
component/secretless-broker
|
|
| 1372 |
|
Error codes for improved troubleshooting
|
|
|
4y |
4y |
|
kind/enhancement
component/secretless-broker
|
|
| 1371 |
|
aws connector should have integration tests
|
|
|
4y |
4y |
|
kind/enhancement
component/secretless-broker
|
|
| 1348 |
 |
Release MacOS DMG file with compressed SecretlessBroker.app
|
|
|
5y |
5y |
|
kind/enhancement
component/secretless-broker
|
|
| 1347 |
|
Secretless component quality levels move from alpha/beta/GA to community/trusted/certified
|
|
|
5y |
5y |
5y |
kind/documentation
component/secretless-broker
|
recv
|
| 1342 |
|
Migrate to a new method for running the Secretless health check
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
contributor-last recv
|
| 1337 |
 |
Support multi-value dynamic credentials
|
|
6
|
5y |
4y |
5y |
kind/enhancement
component/secretless-broker
contributor
has-idea
|
send
|
| 1336 |
|
There should be capabilities in `secretless.yml` to supply custom settings to providers
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
contributor-last recv
|
| 1335 |
|
Support Vault AppRole auth method in provider
|
|
4
|
5y |
4y |
5y |
kind/enhancement
component/secretless-broker
implementing
contributor
has-idea
|
assigned assignee-updated send
|
| 1324 |
|
Generic HTTP Connector: OAuth1 supports different signature hashing methods
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
recv
|
| 1312 |
|
Create a Docker CLI Connector for Secretless
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
recv
|
| 1283 |
 |
There is an example generic HTTP connector config for Salesforce
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
recv similar
|
| 1279 |
|
There is an example generic HTTP connector config for the Kubernetes API
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-connectors
|
recv similar
|
| 1262 |
|
There is an example generic HTTP connector config for the Google Cloud SDK
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-connectors
|
recv
|
| 1252 |
|
Reconcile MSSQL and (MySQL+PG) integration testing strategies
|
|
|
5y |
5y |
|
kind/spike
component/secretless-broker
|
|
| 1251 |
|
better UX for test infrastructure
|
|
|
5y |
5y |
|
kind/enhancement
component/secretless-broker
|
|
| 1241 |
 |
There exists a Cassandra TCP Connector with username and password based authentication
|
|
|
5y |
5y |
5y |
kind/spike
component/secretless-broker
|
contributor-last recv recv-q
|
| 1229 |
|
A mechanism exists to redact sensitive values in logs
|
|
|
5y |
5y |
|
kind/enhancement
component/secretless-broker
|
|
| 1225 |
|
There is a central set of tests that validate the SSL configuration of the TLS connectors
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 1222 |
|
Secretless has a Cassandra DB connector
|
|
2
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
contributor-last recv similar
|
| 1213 |
|
Secretless has a DB2 connector
|
|
2
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
contributor-last recv recv-q similar
|
| 1205 |
|
TLS Connectors share a structure for connection details
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
contributor-last recv
|
| 1201 |
|
Determine how Secretless responds to DB server TLS renegotiation
|
|
|
5y |
5y |
5y |
kind/spike
component/secretless-broker
|
recv
|
| 1182 |
|
Secretless configuration files support ssl configuration information
|
|
|
5y |
5y |
5y |
kind/enhancement
|
contributor-last recv recv-q
|
| 1179 |
 |
Service Connector for MarkLogic
|
|
|
5y |
5y |
|
kind/enhancement
component/secretless-broker
good-first-issue
|
contributor-last
|
| 1171 |
|
Add Unix socket flow to Kubernetes tutorial
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
recv
|
| 1152 |
|
Proxyservice package is unit tested
|
|
|
5y |
5mo |
5y |
kind/enhancement
component/secretless-broker
kind/technical-debt
good-first-issue
kind/quality
|
recv
|
| 1132 |
|
JDBC Jar is built at runtime for integration tests
|
|
|
5y |
5y |
5y |
|
recv
|
| 1097 |
|
Database clients receive a meaningful error when a new connection request has bad credentials
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-connectors
|
recv
|
| 1094 |
|
Secretless has configurable connection timeouts for connectors
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
recv
|
| 1083 |
|
Example plugin uses Secretless logger
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/developer-experience
|
recv
|
| 1042 |
|
Conjur provider has improved automated tests
|
|
|
5y |
5y |
5y |
component/secretless-providers
kind/technical-debt
|
recv
|
| 1036 |
|
Unit tests validate service connector plugin error handling
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 1021 |
|
Add a Security Model to the connector plugin README
|
|
|
6y |
6y |
6y |
kind/documentation
kind/developer-experience
component/secretless-connectors
|
recv
|
| 1011 |
|
ForceSSL defaults to true
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
|
recv
|
| 994 |
|
Use our logger implementation for signal/reload listener
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/ux
|
recv
|
| 993 |
|
Use our logger implementation for health check output
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/ux
|
recv
|
| 992 |
|
Reintroduce back some logging messages we lost in refactoring
|
|
|
6y |
5y |
6y |
component/secretless-broker
kind/cleanup
component/secretless-plugins
kind/technical-debt
severity/medium
kind/ux
|
contributor-last recv
|
| 980 |
|
Secretless transmits packets after authentication without transforming them
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
|
recv
|
| 979 |
|
Add `--allow-builtin-plugin-overrides` CLI argument
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
component/secretless-plugins
security/low
|
recv
|
| 971 |
|
secretless plugin test harness exists
|
|
|
6y |
7mo |
|
kind/enhancement
component/secretless-connectors
|
contributor-last recv-q
|
| 957 |
|
Re-evaluate ConnectionManager API
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
component/secretless-plugins
kind/technical-debt
|
recv
|
| 941 |
|
Remove URL parsing logic from `internal/proxyservice/proxy_service.go`
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
defined
|
recv
|
| 940 |
|
Add better logic when we can't open a tcp socket
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
kind/ux
|
recv
|
| 937 |
|
Replace XXXFunc with values in AvailablePlugins UTs
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 934 |
|
Tests are added for external_plugins.go
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
kind/technical-debt
defined
|
recv
|
| 902 |
|
secretless.Logger is simplified with cleaner tests
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 875 |
|
Logger tests use mocks for simplicity
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 836 |
|
Improve support for configuration CRDs
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
|
contributor-last recv
|
| 834 |
|
Secretless supports plugin types besides connectors
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
|
recv
|
| 822 |
|
Make our plugin system work on windows
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
|
recv
|
| 774 |
|
Remove Secretless website from project and put in its own repository
|
|
|
6y |
6y |
|
kind/enhancement
component/secretless-broker
|
|
| 772 |
|
secretless can validate config files from CLI
|
|
|
6y |
5y |
|
kind/enhancement
component/secretless-broker
on-hold
|
assigned assignee-updated contributor-last
|
| 771 |
|
Reduce MySQL handler noise
|
|
|
6y |
6y |
6y |
kind/technical-debt
component/secretless-connectors
|
assigned assignee-updated contributor-last recv
|
| 715 |
|
CRDs are updated to use v2 configuration format
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
|
recv
|
| 704 |
|
fs_watcher has a goroutine leak
|
|
|
6y |
6y |
6y |
kind/bug
component/secretless-broker
|
recv
|
| 701 |
|
Best practices recommendations exist for writing new DB handlers
|
|
|
6y |
6y |
6y |
kind/epic
component/secretless-broker
|
recv
|
| 692 |
|
generalise SSL cert mounting instructions for postgres
|
|
|
6y |
6y |
|
kind/documentation
|
|
| 690 |
|
design document exists for supported and future handlers
|
|
|
6y |
6y |
|
kind/documentation
component/secretless-broker
|
|
| 686 |
|
evaluate http.Client timeout in secretless-broker and conjur provider
|
|
|
6y |
6y |
|
kind/technical-debt
good-first-issue
|
|
| 681 |
|
Tutorial progress bar position is fixed
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/XA
|
recv
|
| 680 |
|
Abstraction exists in tutorial to accept multiple tutorials as parameter
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/XA
|
recv
|
| 671 |
|
A good way to prevent log leaks has been agreed upon
|
|
|
6y |
6y |
6y |
kind/spike
component/secretless-broker
|
recv
|
| 657 |
|
K8s tutorial scripts use correct method for waiting on containers
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
| 645 |
|
Jekyll can create foldable content from markdown
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-site
|
contributor-last recv
|
| 640 |
|
Cleanup and document code for autogenerating test secretless.yml
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 629 |
|
A method exists for encoding HandshakeV10 as bytes
|
|
|
6y |
7mo |
|
in progress
component/mysql-handler
kind/technical-debt
on-hold
implementing
|
|
| 625 |
|
SSL util functions for handlers have correct interface and clean code
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 624 |
|
Use structured representation of options for Pg Handler
|
|
|
6y |
6y |
6y |
component/pg-handler
kind/technical-debt
|
recv similar
|
| 623 |
|
MySQL Handler has good code quality and all required tests
|
|
|
6y |
6y |
6y |
in progress
kind/epic
component/secretless-broker
kind/technical-debt
on-hold
|
recv
|
| 620 |
|
Comment mysql handler unit tests to increase readability
|
|
|
6y |
6y |
|
kind/documentation
component/mysql-handler
|
|
| 619 |
|
a test matrix exists with a variety of clients for any given handler
|
|
|
6y |
6y |
|
component/secretless-broker
kind/technical-debt
|
|
| 618 |
|
Use structured representation of options for MySQL Handler
|
|
|
6y |
5y |
|
component/mysql-handler
kind/technical-debt
|
similar
|
| 617 |
|
Credentials are consistently zeroized after use
|
|
|
6y |
6y |
6y |
kind/epic
component/secretless-broker
security/medium
|
recv
|
| 608 |
|
Improve dev flow on tests, test documentation, and test infrastructure
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
| 607 |
|
MySQL/PG/SSL tests have been refactored
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 592 |
|
Simplify ConfigureBackend in database handlers
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
kind/technical-debt
on-hold
|
contributor-last recv recv-q
|
| 591 |
|
Add README to the integration tests
|
|
|
6y |
6y |
6y |
kind/documentation
component/secretless-broker
kind/technical-debt
on-hold
good-first-issue
|
recv similar
|
| 585 |
|
An explicit test exists for TLS between secretless and backend
|
|
|
6y |
6y |
|
kind/enhancement
component/secretless-broker
kind/technical-debt
|
|
| 559 |
|
Build scripts and docker caching have been evaluated
|
|
|
7y |
6y |
|
component/secretless-broker
kind/technical-debt
|
|
| 558 |
|
Investigate the impact of TLS between Secretless and backend server
|
|
|
7y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
member-last
|
| 556 |
|
Evaluate support for multiple mysql auth plugins
|
|
|
7y |
7mo |
|
kind/enhancement
component/mysql-handler
component/secretless-broker
|
contributor-last recv-q
|
| 514 |
|
Providers retrieve secret values per connection in batches if possible
|
|
|
7y |
6y |
7y |
kind/enhancement
component/secretless-broker
|
recv
|
| 510 |
|
AWS Secrets credential provider has integration tests
|
|
|
7y |
6y |
7y |
kind/enhancement
component/secretless-broker
|
recv
|
| 507 |
|
Secretless has AWS Secrets Provider
|
|
|
7y |
6y |
7y |
kind/epic
|
recv
|
| 506 |
|
Config watcher is tested
|
|
|
7y |
6y |
7y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
| 505 |
|
Secretless watches for config file changes
|
|
|
7y |
6y |
7y |
kind/epic
component/secretless-broker
|
recv
|
| 498 |
|
Unit tests should not require mercurial
|
|
|
7y |
6y |
7y |
component/secretless-broker
kind/technical-debt
|
contributor-last recv recv-q
|
| 483 |
|
PostgreSQL handler protocol has unit tests
|
|
|
7y |
6y |
7y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 477 |
|
Secretless quick start demo instructions are clear about flow
|
|
|
7y |
7y |
7y |
kind/documentation
kind/enhancement
to do
component/demos
component/secretless-broker
|
recv
|
| 475 |
|
Make localhost socket use info more prominent
|
|
|
7y |
6y |
7y |
kind/documentation
component/secretless-broker
security/low
selected
|
assigned assignee-updated contributor-last recv recv-q
|
| 473 |
|
Secretless optionally retries connections
|
|
|
7y |
6y |
7y |
kind/enhancement
component/secretless-providers
component/secretless-broker
|
recv
|
| 467 |
 |
HTTP response times are measured
|
|
|
7y |
6y |
7y |
kind/enhancement
to do
component/secretless-broker
good-first-issue
|
recv
|
| 466 |
|
SSH throughput is measured
|
|
|
7y |
6y |
7y |
kind/enhancement
to do
component/secretless-broker
good-first-issue
|
recv
|
| 465 |
|
MySQL query response times are measured
|
|
|
7y |
6mo |
7y |
kind/enhancement
component/secretless-broker
on-hold
implementing
|
recv
|
| 409 |
|
Website has performance page
|
|
|
7y |
7y |
7y |
kind/documentation
to do
component/secretless-site
|
recv
|
| 404 |
|
a test suite exists for the generic sidecar injector
|
|
|
7y |
7y |
|
kind/enhancement
|
|
| 403 |
|
sidecar injector allows mounting a volume with statically compiled summon
|
|
|
7y |
6y |
|
kind/enhancement
component/summon
|
contributor-last
|
| 400 |
|
Broker documentation is improved
|
|
|
7y |
6y |
7y |
to do
kind/epic
component/secretless-broker
|
recv
|
| 383 |
|
Broker is secure
|
|
|
7y |
6y |
7y |
in progress
kind/enhancement
kind/epic
component/secretless-broker
|
recv
|
| 381 |
|
Broker has additional configuration options
|
|
|
7y |
6mo |
7y |
kind/enhancement
kind/epic
component/secretless-broker
|
recv
|
| 380 |
|
Broker is easy to develop for
|
|
|
7y |
6y |
7y |
kind/epic
component/secretless-broker
kind/technical-debt
|
assigned recv
|
| 379 |
|
Performance metrics are published
|
|
|
7y |
6y |
7y |
kind/enhancement
to do
kind/epic
component/secretless-broker
|
contributor-last recv
|
| 374 |
|
A pass-through listener exists
|
|
|
7y |
6mo |
7y |
kind/enhancement
to do
component/secretless-broker
kind/technical-debt
|
recv
|
| 354 |
|
Istio can be used with an external DB
|
|
|
7y |
7y |
7y |
kind/spike
to do
component/secretless-broker
|
assigned recv
|
| 342 |
|
sidecar-injector should allow sharing of secretless domain sockets via volume mounts
|
|
|
7y |
7y |
|
kind/enhancement
to do
|
|
| 270 |
|
SSH agent only keeps loaded keys for the duration of connection
|
|
|
7y |
6y |
7y |
kind/enhancement
component/secretless-broker
kind/technical-debt
security/low
on-hold
|
contributor-last recv
|
| 265 |
|
Secretless has option to configure response when provider fails to resolve a variable
|
|
|
7y |
6y |
7y |
component/secretless-broker
|
recv
|
| 264 |
|
Secretless optionally supports secrets caching
|
|
2
|
7y |
6y |
7y |
component/secretless-providers
component/secretless-broker
|
contributor-last recv recv-q
|
| 260 |
|
Add MongoDB handler/listener
|
|
6
|
7y |
7mo |
7y |
kind/enhancement
kind/epic
component/secretless-connectors
|
recv recv-q
|
| 249 |
|
Secrets do not remain in the sidecar memory
|
|
|
7y |
6y |
7y |
kind/epic
requested-by/cyberark-pm
|
assigned assignee-updated contributor-last recv recv-q
|
| 220 |
|
README should reflect GKE setup established initially in k8s demo dir
|
|
|
7y |
7y |
|
|
contributor-last recv-q
|
| 82 |
|
AWS handler has test suite with documentation
|
|
|
7y |
6y |
7y |
component/aws-handler
|
assigned recv
|
| 16 |
|
Helm charts are published to Helm artifact hub and helm/hub
|
|
|
5y |
5y |
5y |
|
recv
|
| 12 |
|
Helm charts repo is updated after new helm chart release
|
|
|
5y |
5y |
5y |
component/k8s
kind/enhancement
|
recv
|
| 1 |
 |
Add a code vulnerability checker
|
|
|
7mo |
7mo |
|
enhancement
|
|
| 177 |
 |
Conjur does not start with an external Postgres database due to OpenSSL internal error, assertion failed: Low level API call to digest SHA256 forbidden in FIPS mode
|
|
|
2y |
2y |
2y |
kind/bug
contributor
|
recv
|
| 167 |
 |
Add nodeSelector to list of Chart Parameters
|
|
|
4y |
4y |
4y |
kind/enhancement
contributor
|
recv
|
| 145 |
|
Static sub-resource names
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
|
|
| 142 |
|
Add check/warning for pre-existing ClusterRole in Kubernetes example scripts
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
recv
|
| 141 |
|
Clarify compatible database versions in README
|
|
|
4y |
4y |
4y |
component/conjur
kind/documentation
|
recv
|
| 136 |
|
Add option to auto-create a Conjur data encryption key
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
recv
|
| 135 |
|
Add deprecation warnings to NOTES.txt
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
recv
|
| 134 |
|
Deprecated features to consider for removal for next major release (3.0.0)
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
recv
|
| 133 |
|
Instructions fail when LoadBalancer service defines a hostname instead of an IP for the LB ingress
|
|
|
4y |
4y |
4y |
component/conjur
kind/bug
|
recv
|
| 132 |
|
Add authn-k8s demo app E2E test based on KinD GitHub actions
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
recv
|
| 131 |
|
Eliminate redundant Kubernetes service for Conjur
|
|
5
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
contributor-last recv
|
| 130 |
 |
Failure in Conjur schema migrations of external DB can't recover
|
|
|
4y |
4y |
4y |
component/conjur
kind/bug
|
recv
|
| 104 |
|
Reorganize README.md KinD example to make it more of a Getting Started guide
|
|
|
5y |
7mo |
5y |
kind/enhancement
component/conjur
good-first-issue
|
recv
|
| 86 |
|
Document use of or add subchart for bitnami/postgresql
|
|
|
5y |
5y |
5y |
kind/enhancement
component/conjur
|
recv
|
| 68 |
 |
Helm deployment instructions (README) include architecture diagrams
|
|
|
5y |
5y |
5y |
component/conjur
kind/bug
|
recv
|
| 61 |
|
Helm pipeline runs `helm package` on tags and auto-adds the artifact to a GitHub release
|
|
|
5y |
5y |
5y |
component/k8s
kind/infrastructure
|
contributor-last recv
|
| 57 |
|
Pipeline validates upgrade instructions
|
|
|
5y |
5y |
5y |
component/k8s
kind/infrastructure
|
recv
|
| 54 |
|
Automated end-to-end testing suite
|
|
|
5y |
5y |
5y |
kind/enhancement
kind/technical-debt
component/k8s
component/conjur
kind/quality
|
contributor-last recv recv-q
|
| 46 |
|
Adds TLS between Conjur and posgres pod
|
|
|
5y |
5y |
5y |
kind/enhancement
component/conjur
|
recv
|
| 28 |
|
Documentation is updated to clarify setup steps
|
|
|
6y |
6y |
6y |
good-first-issue
|
recv
|
| 27 |
|
The Helm chart supports custom value for the PostgreSQL container UID
|
|
|
6y |
6y |
|
kind/enhancement
component/k8s
component/openshift
|
|
| 9 |
|
CI pipeline runs kubesec
|
|
|
7y |
6y |
7y |
good-first-issue
|
recv
|
| 7 |
 |
Conjur Helm chart has published shasums
|
|
|
7y |
6y |
7y |
kind/enhancement
component/k8s
component/openshift
|
recv
|
| 183 |
 |
Conjur attempts to create .netrc file
|
|
|
2mo |
2mo |
2mo |
kind/bug
|
assigned assignee-updated member-last send
|
| 60 |
|
GoLang SDK correctly handles Users/Hosts with `api_key_enabled`
|
|
|
5y |
4mo |
4mo |
kind/enhancement
support/serious
|
member-last send similar
|
| 42 |
|
Add code coverage to conjur-api-java
|
|
|
5y |
3mo |
3mo |
kind/quality
|
member-last send
|
| 260 |
 |
Multi-line secrets.
|
|
|
7d |
7d |
7d |
kind/user-story
|
recv
|
| 259 |
 |
The `providers` link in the README 404s
|
|
|
4wk |
3wk |
3wk |
|
member-last send
|
| 29 |
|
The Keyring provider does not work on Windows
|
|
|
2y |
1d |
|
kind/bug
stale
|
|
| 7 |
|
Add CI pipeline
|
|
|
5y |
11d |
11d |
|
member-last send
|
| 5 |
|
Convert ring.py to Python 3
|
|
|
6y |
11d |
11d |
kind/technical-debt
component/summon
severity/medium
implementing
|
member-last send
|
| 48 |
|
Tests exist for `main.go`
|
|
|
4y |
11d |
11d |
kind/technical-debt
kind/enhancement
component/summon
|
member-last send
|
| 44 |
 |
Ability to specify versions of secrets to retrieve
|
|
|
5y |
2d |
5y |
kind/enhancement
component/summon
contributor
has-idea
stale
|
recv
|
| 17 |
 |
Option to base64 encode secrets values
|
|
|
6y |
2d |
6y |
stale
|
recv
|
| 22 |
 |
Apple silicon is not supported for this provider
|
|
|
3y |
11d |
11d |
kind/enhancement
contributor
|
member-last send
|
| 555 |
 |
secrets-provider breaks base64 encoded pkcs12 files stored in Conjur
|
|
|
3wk |
3wk |
3wk |
kind/bug
|
member-last send
|
| 549 |
 |
Secrets rotation improvements
|
|
|
8mo |
4d |
5wk |
kind/enhancement
|
assigned assignee-updated send
|
| 93 |
 |
TLS handshake error when following README in local cluster
|
|
|
2y |
14d |
6wk |
kind/bug
|
author-last recv
|
| 171 |
|
Close ports for the conjur follower
|
|
|
4y |
2d |
4y |
stale
|
recv
|
| 168 |
 |
Need to run retry mechanism for delete namespace command
|
|
|
4y |
2d |
|
component/jenkins
kind/infrastructure
team/palm-tree
rnd-boost
stale
|
open-milestone
|
| 162 |
 |
Openshift password should be given/pulled from summon
|
|
|
5y |
2d |
4y |
stale
|
send
|
| 161 |
|
Auto Enrollment Secrets Add should be part of the script
|
|
|
5y |
2d |
4y |
stale
|
send
|
| 160 |
|
Image pull backoff in OC4.5 because image url is external when using start.sh
|
|
|
5y |
2d |
|
stale
|
recv-q
|
| 119 |
|
Migrate secrets provider repo to use the helm chart for deploying conjur in automation
|
|
|
5y |
2d |
5y |
rnd-boost
stale
|
open-milestone recv-q
|
| 117 |
|
Unbound variable error on stop
|
|
|
5y |
2d |
5y |
stale
|
recv
|
| 116 |
|
Repo needs a CHANGELOG
|
|
|
5y |
2d |
5y |
kind/documentation
component/k8s
stale
|
recv
|
| 74 |
|
Deployment Flow with Seed Fetcher is tested in CI
|
|
|
6y |
1d |
|
component/demos
kind/technical-debt
on-hold
stale
|
|
| 62 |
|
Deploy Scripts don't work on current Minishift Version
|
|
|
6y |
1d |
|
kind/bug
component/demos
severity/medium
stale
|
|
| 61 |
|
Deploy can be performed w/ non-cluster admin user
|
|
|
6y |
1d |
|
stale
|
|
| 60 |
|
Standby and follower seeding encrypts key files
|
|
|
6y |
1d |
|
stale
|
|
| 48 |
|
Followers are configured to be distributed across nodes
|
|
|
6y |
1d |
|
component/openshift
component/k8s
stale
|
|
| 31 |
 |
the check dep script is checking for OSHIFT_CONJUR_ADMIN_USERNAME but the scripts are using OPSHIFT_CLUSTER_ADMIN_USERNAME
|
|
|
7y |
1d |
7y |
stale
|
recv
|
| 21 |
 |
configure nodePort for haproxy to provide external access to Conjur Master service
|
|
|
7y |
12h |
|
stale
|
|
| 20 |
|
add script to delete deployments
|
|
|
7y |
12h |
|
kind/developer-experience
good-first-issue
stale
|
|
| 19 |
|
developer user needs access to internal registry
|
|
|
7y |
12h |
|
stale
|
|
| 18 |
|
data key should be stored as a secret
|
|
|
7y |
12h |
7y |
ready
good-first-issue
stale
|
recv
|
| 135 |
|
Add validator host ID to allow authn-k8s config to be validated
|
|
|
4y |
2d |
4y |
kind/enhancement
component/demos
stale
|
recv
|
| 130 |
|
Automated tests only run against annotation-based identities
|
|
|
4y |
2d |
4y |
kind/enhancement
component/demos
stale
|
recv
|
| 115 |
|
Add DeploymentConfigs as app identity in Jenkins OpenShift CI
|
|
|
5y |
2d |
5y |
kind/enhancement
component/demos
stale
|
recv
|
| 113 |
|
Replace use of sed for yaml templating with Yaml.sh or helm charts
|
|
|
5y |
2d |
5y |
kind/enhancement
component/demos
stale
|
recv
|
| 89 |
|
Repo's use of bash-lib means you can't run the scripts individually
|
|
|
5y |
2d |
5y |
component/k8s
kind/bug
component/demos
stale
|
assigned open-milestone send
|
| 66 |
|
--dry-run option
|
|
|
6y |
2d |
|
component/k8s
kind/enhancement
component/openshift
component/demos
stale
|
|
| 52 |
|
CI takes too long
|
|
|
6y |
2d |
|
component/demos
component/pipeline
infra/pipelines
stale
|
|
| 38 |
|
Automated tests validate demos against Conjur OSS
|
|
|
6y |
2d |
6y |
component/k8s
kind/technical-debt
component/demos
component/pipeline
stale
|
recv
|
| 32 |
|
Scripts check conditions rather than sleeping
|
|
|
7y |
1d |
7y |
component/k8s
kind/technical-debt
component/demos
stale
|
recv
|
| 29 |
|
sidecar injector is incorporated into kubernetes-conjur-demo
|
|
|
7y |
1d |
|
component/k8s
kind/enhancement
component/demos
stale
|
|
| 11 |
|
conjur-authenticator rolebinding requires elevated privileges to create
|
|
|
7y |
1d |
7y |
component/k8s
kind/enhancement
stale
|
|
| 10 |
|
test app is deployed using helm chart
|
|
|
7y |
1d |
7y |
component/k8s
kind/enhancement
component/demos
stale
|
send
|
| 35 |
|
Demo has a CI pipeline for the tile
|
|
|
6y |
2d |
6y |
component/pcf
selected
infra/pipelines
stale
|
recv
|
| 22 |
|
Demo should run w/o internet access after it is built
|
|
|
7y |
2d |
|
stale
|
|
| 11 |
|
change to ./stop instead of ./bin/stop
|
|
|
7y |
2d |
|
stale
|
|
| 73 |
|
Certificates can easily be generated/regenerated for DAP cluster
|
|
|
5y |
5y |
|
|
|
| 61 |
|
Add jenkins conjur plugin test
|
|
|
5y |
5y |
5y |
kind/enhancement
component/demos
|
contributor-last recv recv-q
|
| 35 |
|
Review Follower Setup Instructions for AWS Cluster Demo
|
|
|
6y |
6y |
|
component/demos
kind/technical-debt
|
|
| 34 |
|
AWS Cluster Demo Script adhere to Shell Script Guidelines
|
|
|
6y |
6y |
|
component/demos
kind/developer-experience
|
|
| 31 |
|
The demo flows have automated tests
|
|
|
6y |
6y |
6y |
component/appliance
kind/enhancement
|
recv
|
| 22 |
|
A demo exists for host factory tokens
|
|
|
7y |
7y |
|
|
|
| 7 |
|
Auto-failover demo only shows cluster setup
|
|
|
7y |
7y |
|
|
|
| 215 |
 |
Using Git as an collection source fails, `VERSION` file missing
|
|
|
7wk |
7wk |
7wk |
kind/bug
|
assigned member-last send
|
| 210 |
 |
Validate compatibility with ansible-core 2.19
|
|
|
6mo |
6mo |
6mo |
|
assigned assignee-updated member-last send
|
| 202 |
 |
Retry in conjur_variable lookup not working for errors out of urllib_error.HTTPError or socket.timeout
|
|
|
2y |
9mo |
9mo |
kind/bug
|
assigned member-last send
|
| 191 |
 |
Unable to run cyberark.conjur.conjur_host_identity role.
|
|
|
2y |
2y |
2y |
kind/bug
|
author-last recv recv-q
|
| 146 |
 |
Support JWT Authentication for Ansible
|
|
|
3y |
2y |
|
kind/epic
team/Integration-Factory
ONYX-20594
|
|
| 145 |
|
Support JWT Authentication for Ansible
|
|
|
3y |
2y |
|
kind/epic
team/Integration-Factory
ONYX-20594
|
|
| 74 |
|
Bring ansible-conjur-collection to Certified level
|
|
|
3y |
2y |
|
kind/epic
ONYX-15057
team/Integration-Factory
|
|
| 73 |
|
Troubleshoot Ansible Conjur installation on 2.9
|
|
|
3y |
2y |
|
team/community-and-integrations
severity/low
kind/bug
ONYX-14387
Bugtype/
|
|
| 72 |
|
Troubleshoot Ansible Conjur installation on 2.9
|
|
|
3y |
2y |
|
team/community-and-integrations
severity/low
kind/bug
ONYX-14387
Bugtype/
|
|
| 56 |
|
Collection is published to Automation Hub
|
|
|
4y |
4y |
4y |
component/ansible
kind/enhancement
|
contributor-last recv
|
| 49 |
|
Add other ways to specify Conjur / DAP identity in `cyberark.conjur.conjur_variable`
|
|
|
5y |
5y |
5y |
component/ansible
kind/enhancement
|
recv
|
| 47 |
|
The UX of configuring the lookup plugin and role has been evaluated
|
|
|
5y |
5y |
5y |
|
recv
|
| 46 |
|
Roles are tested with Molecule
|
|
|
5y |
5y |
5y |
component/ansible
kind/enhancement
|
recv
|
| 45 |
|
The log output of the conjur-role without "no_log" set to true has been reviewed
|
|
|
5y |
4y |
5y |
component/ansible
kind/enhancement
kind/XA
|
recv
|
| 44 |
|
Roles and plugins share a build stage and test directory structure
|
|
|
5y |
5y |
5y |
kind/cleanup
component/ansible
kind/enhancement
|
contributor-last recv
|
| 43 |
|
Documentation is clear that input variable path should not be urlencoded
|
|
|
5y |
5y |
5y |
component/ansible
source/salesforce
kind/documentation
|
recv
|
| 42 |
|
Expand Ansible Collection to include Conjur Role
|
|
|
5y |
4y |
5y |
component/ansible
kind/enhancement
Epic
|
recv
|
| 37 |
|
There is a demo showing how to use this collection
|
|
|
5y |
5mo |
5mo |
component/ansible
on-hold
kind/demo
|
assigned assignee-updated member-last send
|
| 30 |
|
Migrate this Ansible role to the Conjur Ansible collection
|
|
|
5y |
7mo |
5y |
kind/enhancement
component/ansible
|
contributor-last recv recv-q
|
| 26 |
|
conjur_variable lookup plugin can be improved
|
|
|
5y |
7mo |
5y |
kind/enhancement
component/ansible
|
contributor-last recv recv-q
|
| 22 |
|
Add code coverage to ansible-conjur-host-identity
|
|
|
5y |
5y |
|
kind/quality
|
|
| 5 |
|
CA cert content is dumped to stdout
|
|
|
7y |
7y |
|
|
|
| 4 |
|
The parameter `conjur_ssl_certificate` requires cert as a string, not a file.
|
|
|
7y |
5y |
|
|
|
| 3 |
|
Parameter `conjur_validate_certs should be `True` by default
|
|
|
7y |
7y |
|
|
|
| 2 |
|
Deprecation warning when role is run
|
|
|
7y |
7y |
|
|
|
| 258 |
|
Error with self signed certificate
|
|
|
2y |
2y |
2y |
kind/bug
|
author-last recv
|
| 201 |
|
Investigate (and possibly implement) ability to check if we can validate that agent credentials are valid
|
|
|
5y |
5y |
5y |
component/puppet
kind/enhancement
kind/developer-experience
kind/XA
kind/community
|
contributor-last recv
|
| 65 |
|
Use OpenAPI spec to generate the client code
|
|
|
5y |
5mo |
5mo |
kind/technical-debt
component/puppet
kind/enhancement
kind/developer-experience
|
member-last send
|
| 29 |
|
WinCred resource and provider are separated to their own Puppet Module
|
|
|
6y |
6y |
|
component/puppet
kind/enhancement
|
|
| 138 |
 |
Support for Ephemeral Secrets
|
|
|
5mo |
4wk |
4wk |
kind/enhancement
|
member-last send
|
| 134 |
|
Documentation Bug in README in Build From Source section
|
|
|
2y |
2y |
|
kind/bug
|
|
| 132 |
 |
Add an ability to update Conjur secret
|
|
3
|
2y |
2y |
2y |
kind/enhancement
|
recv
|
| 99 |
|
Provider is not up to date and does not support CONJUR_AUTHN_TOKEN that is included in conjur-api-go
|
|
|
3y |
3y |
|
kind/bug
internal-contributor
|
|
| 94 |
|
Manifest example in provider's documentation is wrong.
|
|
3
|
4y |
4mo |
4mo |
component/terraform
kind/bug
internal-contributor
|
member-last send
|
| 60 |
|
Add unit tests
|
|
|
5y |
5mo |
5y |
component/terraform
kind/enhancement
good-first-issue
kind/quality
|
contributor-last recv
|
| 53 |
|
Add Windows instructions to README
|
|
|
5y |
5y |
5y |
component/terraform
kind/enhancement
|
recv
|
| 64 |
 |
Can the setup work using podman-compose?
|
|
|
6wk |
6wk |
6wk |
|
member-last send
|
