| 2841 |
 |
Extracting `restricted_to` into a reference to an array of strings
|
|
|
2y |
3mo |
3mo |
kind/bug
|
member-last send
|
| 2494 |
 |
Dev environment supports hot reloading
|
|
|
3y |
3y |
|
|
|
| 2430 |
 |
Policy Permit Privileges without brackets doesn't produce an error
|
|
|
3y |
3y |
|
kind/bug
|
|
| 2380 |
 |
Better handling of malformed Kubernetes service account token for Kubernetes authenticator
|
|
|
3y |
3y |
|
kind/enhancement
component/conjur
|
|
| 2245 |
 |
Add minimum thread count to puma configuration
|
|
|
4y |
4y |
4y |
|
recv
|
| 2181 |
 |
Kubernetes Authenticator Websocket Client doesn't support Server Name Indication (SNI)
|
|
|
4y |
2wk |
2wk |
kind/bug
kind/support
|
member-last send
|
| 2133 |
 |
Fix ApplicationController complexity
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
|
|
| 2117 |
 |
Fix all Conjur CC issues
|
|
|
4y |
4y |
4y |
kind/technical-debt
|
recv
|
| 2108 |
|
Update release workflow to include API version
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
|
|
| 2081 |
|
Add tests for no STDIN but `--password-from-stdin` option is provided
|
|
|
4y |
4y |
4y |
|
recv
|
| 2067 |
|
Non-empty policy variable values should apply and take precedence for Kubernetes authenticator
|
|
|
4y |
4y |
|
kind/bug
component/conjur
|
|
| 2062 |
 |
A test setup exists for testing simplified authn client config
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
contributor-last recv
|
| 2046 |
 |
Should raise informative log error in case role not exist in k8s inject_client_cert
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
|
assigned
|
| 2000 |
 |
Validation for restricted to setting while loading a policy
|
|
|
4y |
4y |
|
|
|
| 1980 |
 |
Update .dockerignore to include deb file exclusions
|
|
|
4y |
4y |
|
kind/cleanup
severity/medium
|
|
| 1964 |
|
Update upgrade process: separate schema and data restoration
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
contributor-last recv recv-q
|
| 1959 |
 |
There is a draft plan for improving Conjur sidecar automation in Kubernetes / OpenShift
|
|
|
4y |
4y |
4y |
component/k8s
kind/spike
|
contributor-last recv
|
| 1958 |
 |
Adding recursive permit statements
|
|
6
|
4y |
4y |
4y |
kind/enhancement
component/conjur
internal-contributor
|
recv
|
| 1956 |
 |
Support debugging authn-k8s in dev env
|
|
|
4y |
2mo |
|
kind/enhancement
component/conjur
rnd-boost
|
contributor-last open-milestone
|
| 1945 |
 |
Nil error in authn_k8s/inject_client_cert.rb
|
|
|
4y |
4y |
|
kind/bug
component/conjur
|
contributor-last recv-q
|
| 1922 |
 |
Variable Content Validation
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
|
|
| 1920 |
 |
Hosts can acquire valid password via password change
|
|
|
4y |
2mo |
|
kind/bug
component/conjur
|
|
| 1863 |
|
Support validating host annotations for authentication while loading a policy
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
Epic
|
contributor-last
|
| 1801 |
 |
User warning for annotations that equal attribute names in policy
|
|
|
4y |
4d |
17d |
kind/enhancement
good-first-issue
|
assigned member-last send
|
| 1787 |
|
Conjur debian package is updated to exclude irrelevant files and directories
|
|
|
4y |
4y |
4y |
component/appliance
kind/enhancement
component/conjur
|
assigned contributor-last recv
|
| 1765 |
 |
Cucumber - Remove audit keyword from log step
|
|
|
4y |
4y |
|
component/authenticators
rnd-boost
|
open-milestone
|
| 1757 |
|
Authentication token available in OAuth format
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
|
|
| 1753 |
|
Conjur policy reload does not update annotations in APPEND mode
|
|
|
4y |
4y |
4y |
kind/bug
component/conjur
severity/critical
source/salesforce
|
recv recv-q
|
| 1718 |
 |
Configure SSL certs/keys and postgres ssl_mode
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
contributor
has-idea
|
recv recv-q
|
| 1700 |
|
CIDR Restriction - invalid cidr value DB Error
|
|
|
4y |
4y |
|
kind/bug
component/conjur
severity/low
support/moderate
|
|
| 1696 |
|
Consider refactoring request IP tests to smaller units under test
|
|
|
4y |
4y |
|
kind/technical-debt
kind/testing
|
|
| 1679 |
|
CIDR Support Proxy - Remove validate_origin from Authenticate
|
|
|
4y |
4y |
|
kind/technical-debt
|
|
| 1673 |
|
Migrate conjur-policy-parser locally
|
|
|
4y |
2wk |
2wk |
|
assigned member-last send
|
| 1651 |
 |
Conjur Account change to Space
|
|
|
5y |
2y |
|
Epic
|
|
| 1618 |
 |
Load empty policy cause to 403 in creating host from token
|
|
|
5y |
4y |
|
kind/bug
component/conjur
severity/high
|
open-milestone
|
| 1611 |
|
Implicit database dependency in credentials command classes
|
|
|
5y |
5y |
|
kind/technical-debt
|
|
| 1604 |
|
Update landing page jquery to 3.3.1-dfsg or higher
|
|
|
5y |
5y |
|
kind/technical-debt
severity/medium
|
|
| 1603 |
|
Update landing page bootstrap to 3.4.1 or later
|
|
|
5y |
5y |
|
kind/technical-debt
severity/high
|
|
| 1602 |
|
Tags and successful image publishes trigger builds of downstream projects
|
|
|
5y |
5y |
5y |
triage/needs-info
kind/technical-debt
component/suite
|
recv
|
| 1587 |
|
Refactor `./start`
|
|
|
5y |
5y |
5y |
kind/cleanup
|
recv
|
| 1562 |
|
Baseline functionality for "Testing Best Practices" has been established
|
|
|
5y |
4y |
4y |
kind/technical-debt
component/conjur
|
assigned member-last send
|
| 1559 |
 |
authn_k8s:inject_client_cert: Make client cert path configurable
|
|
4
15
|
5y |
4y |
4y |
component/k8s
triage/needs-info
kind/enhancement
contributor
has-idea
|
recv-q send
|
| 1557 |
|
Extend rake task to get next available trackable log message code
|
|
|
5y |
5y |
5y |
kind/enhancement
component/conjur
|
recv
|
| 1530 |
|
Separate orchestrator config from policy_version model
|
|
|
5y |
5y |
|
kind/cleanup
component/conjur
|
assigned
|
| 1524 |
|
Querying resources as a role without specifying the fully qualified ID leads to a 403 response
|
|
|
5y |
3mo |
3mo |
kind/bug
component/conjur
|
member-last send
|
| 1519 |
|
Adds info endpoint for server/follower ID and version for debugging
|
|
|
5y |
4y |
4y |
kind/enhancement
component/conjur
|
member-last send
|
| 1503 |
|
Update audit private enterprise number
|
|
|
5y |
5y |
|
kind/technical-debt
component/conjur
|
similar
|
| 1502 |
|
Update private enterprise number contact
|
|
|
5y |
5y |
|
|
similar
|
| 1488 |
|
CI pipeline never exercises "environments/production.rb"
|
|
|
5y |
4y |
5y |
kind/bug
component/conjur
rnd-boost
|
member-last open-milestone send
|
| 1478 |
|
Conjur CI workflow is documented
|
|
|
5y |
5y |
|
kind/technical-debt
|
|
| 1467 |
|
Improve security by permitting only expected params
|
|
|
5y |
5y |
5y |
kind/technical-debt
component/conjur
|
recv
|
| 1466 |
 |
fetchCertificate and pdf/fetchCertificate consist of hard coded path to httpclient
|
|
|
5y |
4y |
|
kind/bug
component/conjur
rnd-boost
|
open-milestone
|
| 1370 |
|
Cyberark DAP Host Policy docs are updated to include the `api_key_enabled` attribute
|
|
|
5y |
5y |
|
kind/documentation
component/conjur
support/serious
|
similar
|
| 1369 |
|
Cyberark DAP User Policy docs are updated to include the `api_key_enabled` attribute
|
|
|
5y |
5y |
|
kind/documentation
component/conjur
support/serious
|
similar
|
| 1368 |
|
Cyberark Conjur Host Policy docs are updated to include the `api_key_enabled` attribute
|
|
|
5y |
5y |
|
kind/documentation
component/conjur
support/serious
|
similar
|
| 1367 |
|
Cyberark Conjur User Policy docs are updated to include the `api_key_enabled` attribute
|
|
|
5y |
5y |
|
kind/documentation
component/conjur
support/serious
|
similar
|
| 1366 |
|
Changing a User/Host api_key_enabled attribute to true generates an API key
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
similar
|
| 1365 |
|
Changing a User/Host api_key_enabled attribute to false removes the API key
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
similar
|
| 1364 |
|
Logging into the default authenticator with a User/Host with disabled API keys fails
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
|
| 1363 |
|
Rotating a User/Host with disabled API key results in an error
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
|
| 1362 |
|
An API key is not generated when api_key_enabled attribute is true
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
similar
|
| 1361 |
|
An API key is generated when api_key_enabled attribute is true
|
|
|
5y |
5y |
|
kind/enhancement
component/conjur
support/serious
|
similar
|
| 1327 |
|
Conjur README is clear and approachable
|
|
|
5y |
17d |
5y |
kind/documentation
kind/technical-debt
good-first-issue
|
contributor-last recv
|
| 1269 |
 |
Test log output for application identity in GKE
|
|
|
5y |
4y |
|
component/authenticators
kind/enhancement
rnd-boost
|
assigned open-milestone
|
| 1265 |
|
Kubernetes authenticator supports container-level application identity
|
|
|
5y |
5y |
5y |
component/k8s
kind/enhancement
component/conjur
|
contributor-last recv
|
| 1258 |
|
Add GKE testing section to README
|
|
|
5y |
5y |
|
kind/documentation
kind/enhancement
|
|
| 1213 |
|
No indication for the user when providing a wrong Conjur data key
|
|
|
5y |
3d |
|
triage/support
component/conjur
good-first-issue
kind/quality
rnd-boost
|
assigned open-milestone
|
| 1198 |
|
Audit atomicity
|
|
|
5y |
5y |
|
|
assigned
|
| 1191 |
 |
Architecture Diagram for DB off OpenShift
|
|
|
5y |
5y |
5y |
|
recv
|
| 1177 |
|
(GA) Test if encryptions of k8s secrets is working
|
|
|
5y |
4y |
|
component/k8s
kind/spike
rnd-boost
|
assigned open-milestone
|
| 1163 |
|
Switch UTs from Convey to testify in k8s authn client
|
|
|
5y |
4y |
|
component/k8s
kind/testing
rnd-boost
|
open-milestone
|
| 1161 |
|
(CA) Challenge conjur-map format and parsing
|
|
|
5y |
4y |
|
component/authenticators
component/k8s
kind/enhancement
rnd-boost
|
assigned open-milestone
|
| 1159 |
|
(CA) Add log level configuration
|
|
|
5y |
4y |
|
component/authenticators
component/k8s
kind/enhancement
rnd-boost
|
assigned open-milestone
|
| 1154 |
|
Tests a 504 response code in OIDC
|
|
|
5y |
4y |
|
component/authn-oidc
kind/testing
rnd-boost
|
open-milestone
|
| 1142 |
|
Conjur authn-k8s client user inputs can be provided as CMD args along as env vars
|
|
|
5y |
4y |
|
component/k8s
kind/enhancement
rnd-boost
|
open-milestone
|
| 1132 |
|
Audit batch retrieve secret should be performed on full success only
|
|
|
5y |
4y |
|
rnd-boost
|
open-milestone
|
| 1115 |
|
Logs in `production` env should include severity, timestamp & pid
|
|
|
5y |
4y |
|
kind/bug
component/conjur
severity/low
good-first-issue
|
open-milestone
|
| 1112 |
|
Executing docker run on Conjur image produces useful error
|
|
|
5y |
4y |
|
rnd-boost
|
open-milestone
|
| 1101 |
|
Decide on permissions to webservice
|
|
|
5y |
4y |
|
kind/enhancement
component/conjur
rnd-boost
|
open-milestone
|
| 1097 |
|
Authenticators API
|
|
|
5y |
5y |
|
Epic
|
|
| 1096 |
 |
A central location exists for Conjur Log docs
|
|
|
5y |
2y |
5y |
kind/developer-experience
|
assigned recv
|
| 1093 |
|
We understand the testing currently performed in the cyberark/conjur repo
|
|
|
5y |
5y |
|
|
|
| 1092 |
|
Value objects should not interact with the DB
|
|
|
5y |
5y |
|
component/authenticators
kind/enhancement
|
|
| 1089 |
|
Convert FetchOidcSecrets to OidcVariable
|
|
|
5y |
5y |
|
kind/enhancement
component/authn-oidc
|
|
| 1088 |
|
Convert Command class call methods to explicit mode
|
|
|
5y |
4y |
|
component/authenticators
kind/enhancement
rnd-boost
|
assigned open-milestone
|
| 1082 |
|
Investigate permission problems in master startup
|
|
|
5y |
5y |
5y |
component/k8s
kind/spike
|
assigned member-last send
|
| 1077 |
|
Map persistence locations in appliance image
|
|
|
6y |
4y |
|
component/k8s
kind/spike
rnd-boost
|
assigned open-milestone
|
| 1075 |
|
Replace deployment config with stateful set
|
|
|
6y |
6y |
|
component/k8s
kind/spike
|
assigned
|
| 1070 |
|
Play with master inside minishift
|
|
|
6y |
6y |
|
component/k8s
kind/spike
|
assigned
|
| 1066 |
|
OAuth 2 Device Grant - Spike
|
|
|
6y |
6y |
|
component/authenticators
kind/spike
|
assigned
|
| 1053 |
|
`/authenticators/available` API returns the authenticators which are available for configuration - DRAFT
|
|
|
6y |
5y |
|
component/authenticators
|
|
| 1051 |
|
`/authenticators` API returns authenticators that are ready for authentication
|
|
|
6y |
6y |
|
component/authenticators
|
|
| 984 |
|
No indication of missing rotator
|
|
|
6y |
6y |
6y |
|
member-last
|
| 943 |
|
Conjur Certificate Authorities support signing intermediate certificate authorities
|
|
|
6y |
6y |
|
kind/enhancement
component/conjur
blocked
component/pki
on-hold
in progress
|
assigned
|
| 930 |
 |
Can't load a delegation policy for a variable contains colon (:) in name
|
|
|
6y |
4y |
|
kind/bug
component/conjur
severity/low
rnd-boost
|
open-milestone
|
| 923 |
|
Conjur Certificate Authorities support signing SSH RSA public keys in PEM format
|
|
|
6y |
6y |
|
kind/enhancement
component/conjur
component/pki
on-hold
|
assigned
|
| 920 |
|
Add error injection to Command class in oidc
|
|
|
6y |
6y |
|
kind/enhancement
merged
component/authn-oidc
in progress
|
assigned
|
| 918 |
|
CommandClass can receive errors directly
|
|
|
6y |
6y |
|
|
assigned assignee-updated contributor-last
|
| 898 |
|
cucumber steps can be shared between profiles
|
|
|
6y |
6y |
|
kind/enhancement
component/cucumber
|
|
| 843 |
|
Secrets can be retrieved with variable prefix
|
|
2
|
6y |
6y |
6y |
kind/enhancement
component/api
|
member-last
|
| 840 |
|
Kubernetes authenticator has a service account token option
|
|
|
6y |
6y |
6y |
component/k8s
triage/needs-info
kind/enhancement
|
recv
|
| 835 |
|
Replace Ruby Sass
|
|
|
6y |
3mo |
3mo |
|
member-last
|
| 824 |
|
Authenticate controller logs error message correctly
|
|
|
6y |
5y |
5y |
|
member-last send
|
| 813 |
|
Host Factory created hosts don't have the policy namespace of their layer
|
|
|
6y |
2y |
3y |
kind/bug
component/conjur
severity/medium
|
recv-q
|
| 812 |
 |
Conjur k8s tests can be run on minikube
|
|
|
6y |
6y |
6y |
kind/technical-debt
component/conjur
kind/developer-experience
|
recv
|
| 806 |
|
LDAP Authenticator behavior is verified for users loaded to policy locations other than root
|
|
|
6y |
6y |
|
component/appliance
component/ldap-sync
component/authenticators
triage/needs-info
kind/technical-debt
|
|
| 793 |
|
authn-k8s can't authenticate pods controlled by DeploymentConfig
|
|
|
6y |
4y |
|
kind/bug
component/openshift
severity/medium
|
|
| 780 |
|
LDAP Authenticator supports mutual TLS
|
|
|
6y |
6y |
6y |
triage/duplicate
component/authenticators
kind/enhancement
|
member-last send
|
| 746 |
|
Authenticator "origin" parameter should be more clearly named
|
|
|
6y |
4y |
|
kind/technical-debt
rnd-boost
|
contributor-last open-milestone
|
| 735 |
|
ci/test script referenes cucumber/cucumber.yml
|
|
|
6y |
4y |
|
rnd-boost
|
open-milestone
|
| 734 |
|
Sequel log level is set to :warn
|
|
|
6y |
4y |
|
rnd-boost
|
contributor-last open-milestone
|
| 690 |
|
Possible Future CA Development
|
|
|
6y |
6y |
|
|
|
| 688 |
|
Conjur CA Services are documented
|
|
|
6y |
6y |
|
kind/documentation
component/conjur
|
|
| 678 |
 |
authenticator prints useful error on 400 response
|
|
|
6y |
4y |
5y |
component/openshift
component/k8s
triage/needs-info
rnd-boost
|
member-last open-milestone send
|
| 677 |
|
docs mention SPIFFE
|
|
|
6y |
6y |
|
component/openshift
component/k8s
triage/needs-info
kind/documentation
|
|
| 675 |
|
OpenShift events are displayed in the UI's audit log
|
|
|
6y |
6y |
|
component/openshift
|
|
| 670 |
|
Conjur is tested under continuous loads
|
|
|
6y |
6y |
|
component/conjur
|
|
| 650 |
|
A K8s/OpenShift version support matrix is available
|
|
|
6y |
6y |
6y |
component/k8s
kind/epic
kind/documentation
|
assigned member-last send
|
| 649 |
|
Conjur can rotate Oracle database connections
|
|
|
6y |
6y |
|
component/rotators
component/conjur
|
|
| 648 |
|
SSH public key rotation exists in Conjur
|
|
|
6y |
6y |
|
component/rotators
component/conjur
|
|
| 647 |
|
SSH key pair rotation is available in Conjur
|
|
|
6y |
6y |
|
component/rotators
component/conjur
|
|
| 646 |
|
S3 based Host Factory Token rotation has been ported
|
|
|
6y |
6y |
|
component/rotators
component/conjur
|
|
| 645 |
|
GCP Service Account rotator has been ported
|
|
|
6y |
6y |
|
component/rotators
component/conjur
|
|
| 644 |
|
Rotators have been migrated from V4
|
|
|
6y |
6y |
|
component/rotators
kind/epic
component/conjur
|
|
| 640 |
|
Conjur Docker image follows the standard version naming convention
|
|
|
6y |
5y |
5y |
kind/enhancement
|
member-last send
|
| 621 |
|
Host CIDR restriction can be set using host factory token
|
|
|
6y |
6y |
|
|
|
| 620 |
|
CIDR Authentication Restriction for Users and Hosts is Documented
|
|
|
6y |
5y |
|
kind/documentation
component/conjur
source/salesforce
|
|
| 614 |
 |
Cucumber tests should run in random order
|
|
|
6y |
6y |
6y |
|
recv
|
| 607 |
|
A user sees the Audit events are visible to them
|
|
|
7y |
5y |
5y |
|
member-last send
|
| 599 |
|
Use of !include causes better error message
|
|
|
7y |
7y |
|
|
|
| 582 |
 |
Can't permit on a nested list of resources using policy
|
|
|
7y |
6y |
7y |
|
contributor-last recv
|
| 540 |
 |
Deprecate the route GET /resources/:account
|
|
|
7y |
6y |
6y |
component/conjur
|
member-last send
|
| 527 |
|
Multi-Domain LDAP Authentication
|
|
|
7y |
6y |
|
|
contributor-last
|
| 513 |
 |
64bit OS required for Docker on Linux, but Docker doesn't validate architecture and will pass `hello-world` successfully on 32bit
|
|
|
7y |
7y |
|
|
|
| 509 |
 |
Error msg unclear when loading policy with multiple unnamed hostfactory configurations
|
|
|
7y |
2y |
2y |
kind/enhancement
component/cli
component/conjur
|
member-last send
|
| 482 |
|
Document maximum policy size
|
|
|
7y |
17d |
7y |
kind/documentation
good-first-issue
rnd-boost
|
open-milestone recv
|
| 426 |
|
Site assets are minified in production build
|
|
|
7y |
2mo |
|
|
|
| 181 |
|
String ids considered harmful
|
|
|
7y |
5y |
5y |
|
member-last send
|
| 844 |
|
Policy reloading when an integration that auto-loads policy is used has passed XA
|
|
|
6y |
6y |
6y |
component/ldap-sync
component/pcf
kind/XA
|
contributor-last recv
|
| 1417 |
|
Running juxtaposer on release is automated
|
|
|
3y |
3y |
|
kind/enhancement
component/secretless-broker
|
|
| 1403 |
 |
provide ability to intercept sigquit (kill -3) to generate current execution stack snapshots for all active tasks
|
|
|
4y |
4y |
|
kind/enhancement
component/secretless-broker
|
|
| 1372 |
|
Error codes for improved troubleshooting
|
|
|
4y |
4y |
|
kind/enhancement
component/secretless-broker
|
|
| 1371 |
|
aws connector should have integration tests
|
|
|
4y |
4y |
|
kind/enhancement
component/secretless-broker
|
|
| 1348 |
 |
Release MacOS DMG file with compressed SecretlessBroker.app
|
|
|
4y |
4y |
|
kind/enhancement
component/secretless-broker
|
|
| 1347 |
|
Secretless component quality levels move from alpha/beta/GA to community/trusted/certified
|
|
|
4y |
4y |
4y |
kind/documentation
component/secretless-broker
|
recv
|
| 1342 |
|
Migrate to a new method for running the Secretless health check
|
|
|
4y |
4y |
4y |
kind/enhancement
component/secretless-broker
|
contributor-last recv
|
| 1337 |
 |
Support multi-value dynamic credentials
|
|
6
|
4y |
4y |
4y |
kind/enhancement
component/secretless-broker
contributor
has-idea
|
send
|
| 1336 |
|
There should be capabilities in `secretless.yml` to supply custom settings to providers
|
|
|
4y |
4y |
4y |
kind/enhancement
component/secretless-broker
|
contributor-last recv
|
| 1335 |
|
Support Vault AppRole auth method in provider
|
|
4
|
4y |
4y |
4y |
kind/enhancement
component/secretless-broker
implementing
contributor
has-idea
|
assigned assignee-updated send
|
| 1324 |
|
Generic HTTP Connector: OAuth1 supports different signature hashing methods
|
|
|
4y |
4y |
4y |
kind/enhancement
component/secretless-broker
|
recv
|
| 1312 |
|
Create a Docker CLI Connector for Secretless
|
|
|
4y |
4y |
4y |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
recv
|
| 1283 |
 |
There is an example generic HTTP connector config for Salesforce
|
|
|
5y |
4y |
5y |
kind/enhancement
component/secretless-broker
|
recv similar
|
| 1279 |
|
There is an example generic HTTP connector config for the Kubernetes API
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-connectors
|
recv similar
|
| 1262 |
|
There is an example generic HTTP connector config for the Google Cloud SDK
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-connectors
|
recv
|
| 1252 |
|
Reconcile MSSQL and (MySQL+PG) integration testing strategies
|
|
|
5y |
5y |
|
kind/spike
component/secretless-broker
|
|
| 1251 |
|
better UX for test infrastructure
|
|
|
5y |
5y |
|
kind/enhancement
component/secretless-broker
|
|
| 1241 |
 |
There exists a Cassandra TCP Connector with username and password based authentication
|
|
|
5y |
5y |
5y |
kind/spike
component/secretless-broker
|
contributor-last recv recv-q
|
| 1229 |
|
A mechanism exists to redact sensitive values in logs
|
|
|
5y |
5y |
|
kind/enhancement
component/secretless-broker
|
|
| 1225 |
|
There is a central set of tests that validate the SSL configuration of the TLS connectors
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 1222 |
|
Secretless has a Cassandra DB connector
|
|
2
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
contributor-last recv similar
|
| 1213 |
|
Secretless has a DB2 connector
|
|
2
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
contributor-last recv recv-q similar
|
| 1205 |
|
TLS Connectors share a structure for connection details
|
|
|
5y |
4y |
5y |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
contributor-last recv
|
| 1201 |
|
Determine how Secretless responds to DB server TLS renegotiation
|
|
|
5y |
5y |
5y |
kind/spike
component/secretless-broker
|
recv
|
| 1182 |
|
Secretless configuration files support ssl configuration information
|
|
|
5y |
5y |
5y |
kind/enhancement
|
contributor-last recv recv-q
|
| 1179 |
 |
Service Connector for MarkLogic
|
|
|
5y |
5y |
|
kind/enhancement
component/secretless-broker
good-first-issue
|
contributor-last
|
| 1178 |
|
Secretless optionally supports encryption for the client-to-Secretless connection
|
|
|
5y |
5y |
5y |
triage/needs-info
kind/enhancement
component/secretless-broker
|
recv
|
| 1171 |
|
Add Unix socket flow to Kubernetes tutorial
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
recv
|
| 1152 |
|
Proxyservice package is unit tested
|
|
|
5y |
2wk |
5y |
kind/enhancement
component/secretless-broker
kind/technical-debt
good-first-issue
kind/quality
|
recv
|
| 1132 |
|
JDBC Jar is built at runtime for integration tests
|
|
|
5y |
5y |
5y |
|
recv
|
| 1112 |
|
MSSQL connector reports "unsupported version" when backend can't be contacted
|
|
|
5y |
5y |
5y |
kind/bug
triage/scoping
component/secretless-broker
component/secretless-plugins
triage/needs-epic
severity/low
|
member-last send
|
| 1097 |
|
Database clients receive a meaningful error when a new connection request has bad credentials
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-connectors
|
recv
|
| 1094 |
|
Secretless has configurable connection timeouts for connectors
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
recv
|
| 1083 |
|
Example plugin uses Secretless logger
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/developer-experience
|
recv
|
| 1065 |
|
Broker can delegate basic sanity checks on `credentials` keys to plugins
|
|
|
5y |
5y |
5y |
kind/enhancement
triage/scoping
component/secretless-broker
component/secretless-plugins
triage/needs-epic
kind/ux
|
recv
|
| 1063 |
|
Broker does early verification of plugin parameters
|
|
|
5y |
5y |
5y |
kind/enhancement
triage/scoping
component/secretless-broker
component/secretless-plugins
triage/needs-epic
severity/medium
kind/developer-experience
kind/ux
|
contributor-last recv
|
| 1042 |
|
Conjur provider has improved automated tests
|
|
|
5y |
5y |
5y |
component/secretless-providers
kind/technical-debt
|
recv
|
| 1036 |
|
Unit tests validate service connector plugin error handling
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 1021 |
|
Add a Security Model to the connector plugin README
|
|
|
5y |
5y |
5y |
kind/documentation
kind/developer-experience
component/secretless-connectors
|
recv
|
| 1011 |
|
ForceSSL defaults to true
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
recv
|
| 994 |
|
Use our logger implementation for signal/reload listener
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/ux
|
recv
|
| 993 |
|
Use our logger implementation for health check output
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/ux
|
recv
|
| 992 |
|
Reintroduce back some logging messages we lost in refactoring
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/cleanup
component/secretless-plugins
kind/technical-debt
severity/medium
kind/ux
|
contributor-last recv
|
| 980 |
|
Secretless transmits packets after authentication without transforming them
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
recv
|
| 979 |
|
Add `--allow-builtin-plugin-overrides` CLI argument
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
component/secretless-plugins
security/low
|
recv
|
| 971 |
|
secretless plugin test harness exists
|
|
|
5y |
2mo |
|
kind/enhancement
component/secretless-connectors
|
contributor-last recv-q
|
| 957 |
|
Re-evaluate ConnectionManager API
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
component/secretless-plugins
kind/technical-debt
|
recv
|
| 941 |
|
Remove URL parsing logic from `internal/proxyservice/proxy_service.go`
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/technical-debt
defined
|
recv
|
| 940 |
|
Add better logic when we can't open a tcp socket
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
kind/ux
|
recv
|
| 937 |
|
Replace XXXFunc with values in AvailablePlugins UTs
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 934 |
|
Tests are added for external_plugins.go
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
kind/technical-debt
defined
|
recv
|
| 902 |
|
secretless.Logger is simplified with cleaner tests
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 875 |
|
Logger tests use mocks for simplicity
|
|
|
5y |
5y |
5y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 836 |
|
Improve support for configuration CRDs
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
contributor-last recv
|
| 834 |
|
Secretless supports plugin types besides connectors
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
recv
|
| 822 |
|
Make our plugin system work on windows
|
|
|
5y |
5y |
5y |
kind/enhancement
component/secretless-broker
|
recv
|
| 774 |
|
Remove Secretless website from project and put in its own repository
|
|
|
6y |
6y |
|
kind/enhancement
component/secretless-broker
|
|
| 772 |
|
secretless can validate config files from CLI
|
|
|
6y |
5y |
|
kind/enhancement
component/secretless-broker
on-hold
|
assigned assignee-updated contributor-last
|
| 771 |
|
Reduce MySQL handler noise
|
|
|
6y |
5y |
6y |
kind/technical-debt
component/secretless-connectors
|
assigned assignee-updated contributor-last recv
|
| 721 |
|
Rename `TempFactory` to `TempFileFactory`
|
|
|
6y |
5y |
6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
assigned recv
|
| 715 |
|
CRDs are updated to use v2 configuration format
|
|
|
6y |
5y |
6y |
kind/enhancement
component/secretless-broker
|
recv
|
| 704 |
|
fs_watcher has a goroutine leak
|
|
|
6y |
6y |
6y |
kind/bug
component/secretless-broker
|
recv
|
| 701 |
|
Best practices recommendations exist for writing new DB handlers
|
|
|
6y |
6y |
6y |
kind/epic
component/secretless-broker
|
recv
|
| 692 |
|
generalise SSL cert mounting instructions for postgres
|
|
|
6y |
6y |
|
kind/documentation
|
|
| 690 |
|
design document exists for supported and future handlers
|
|
|
6y |
6y |
|
kind/documentation
component/secretless-broker
|
|
| 686 |
|
evaluate http.Client timeout in secretless-broker and conjur provider
|
|
|
6y |
5y |
|
kind/technical-debt
good-first-issue
|
|
| 681 |
|
Tutorial progress bar position is fixed
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/XA
|
recv
|
| 680 |
|
Abstraction exists in tutorial to accept multiple tutorials as parameter
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/XA
|
recv
|
| 671 |
|
A good way to prevent log leaks has been agreed upon
|
|
|
6y |
6y |
6y |
kind/spike
component/secretless-broker
|
recv
|
| 657 |
|
K8s tutorial scripts use correct method for waiting on containers
|
|
|
6y |
5y |
6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
| 645 |
|
Jekyll can create foldable content from markdown
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-site
|
contributor-last recv
|
| 640 |
|
Cleanup and document code for autogenerating test secretless.yml
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 629 |
|
A method exists for encoding HandshakeV10 as bytes
|
|
|
6y |
2mo |
|
in progress
component/mysql-handler
kind/technical-debt
on-hold
implementing
|
|
| 625 |
|
SSL util functions for handlers have correct interface and clean code
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 624 |
|
Use structured representation of options for Pg Handler
|
|
|
6y |
6y |
6y |
component/pg-handler
kind/technical-debt
|
recv similar
|
| 623 |
|
MySQL Handler has good code quality and all required tests
|
|
|
6y |
6y |
6y |
in progress
kind/epic
component/secretless-broker
kind/technical-debt
on-hold
|
recv
|
| 620 |
|
Comment mysql handler unit tests to increase readability
|
|
|
6y |
6y |
|
kind/documentation
component/mysql-handler
|
|
| 619 |
|
a test matrix exists with a variety of clients for any given handler
|
|
|
6y |
6y |
|
component/secretless-broker
kind/technical-debt
|
|
| 618 |
|
Use structured representation of options for MySQL Handler
|
|
|
6y |
4y |
|
component/mysql-handler
kind/technical-debt
|
similar
|
| 617 |
|
Credentials are consistently zeroized after use
|
|
|
6y |
6y |
6y |
kind/epic
component/secretless-broker
security/medium
|
recv
|
| 608 |
|
Improve dev flow on tests, test documentation, and test infrastructure
|
|
|
6y |
5y |
6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
| 607 |
|
MySQL/PG/SSL tests have been refactored
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 592 |
|
Simplify ConfigureBackend in database handlers
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
kind/technical-debt
on-hold
|
contributor-last recv recv-q
|
| 591 |
|
Add README to the integration tests
|
|
|
6y |
5y |
6y |
kind/documentation
component/secretless-broker
kind/technical-debt
on-hold
good-first-issue
|
recv similar
|
| 585 |
|
An explicit test exists for TLS between secretless and backend
|
|
|
6y |
6y |
|
kind/enhancement
component/secretless-broker
kind/technical-debt
|
|
| 559 |
|
Build scripts and docker caching have been evaluated
|
|
|
6y |
6y |
|
component/secretless-broker
kind/technical-debt
|
|
| 558 |
|
Investigate the impact of TLS between Secretless and backend server
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
member-last
|
| 556 |
|
Evaluate support for multiple mysql auth plugins
|
|
|
6y |
2mo |
|
kind/enhancement
component/mysql-handler
component/secretless-broker
|
contributor-last recv-q
|
| 546 |
|
Stories should have acceptance criteria for security
|
|
|
6y |
6y |
|
kind/enhancement
component/secretless-broker
triage/needs-epic
|
contributor-last recv-q
|
| 514 |
|
Providers retrieve secret values per connection in batches if possible
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
|
recv
|
| 510 |
|
AWS Secrets credential provider has integration tests
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
|
recv
|
| 507 |
|
Secretless has AWS Secrets Provider
|
|
|
6y |
6y |
6y |
kind/epic
|
recv
|
| 506 |
|
Config watcher is tested
|
|
|
6y |
5y |
6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
| 505 |
|
Secretless watches for config file changes
|
|
|
6y |
5y |
6y |
kind/epic
component/secretless-broker
|
recv
|
| 498 |
|
Unit tests should not require mercurial
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
contributor-last recv recv-q
|
| 493 |
 |
Conjur authentication logic is removed from the provider
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
triage/needs-epic
|
recv
|
| 483 |
|
PostgreSQL handler protocol has unit tests
|
|
|
6y |
6y |
6y |
component/secretless-broker
kind/technical-debt
|
recv
|
| 477 |
|
Secretless quick start demo instructions are clear about flow
|
|
|
6y |
6y |
6y |
kind/documentation
kind/enhancement
to do
component/demos
component/secretless-broker
|
recv
|
| 475 |
|
Make localhost socket use info more prominent
|
|
|
6y |
6y |
6y |
kind/documentation
component/secretless-broker
security/low
selected
|
assigned assignee-updated contributor-last recv recv-q
|
| 473 |
|
Secretless optionally retries connections
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-providers
component/secretless-broker
|
recv
|
| 467 |
|
HTTP response times are measured
|
|
|
6y |
5y |
6y |
kind/enhancement
to do
component/secretless-broker
good-first-issue
|
recv
|
| 466 |
|
SSH throughput is measured
|
|
|
6y |
5y |
6y |
kind/enhancement
to do
component/secretless-broker
good-first-issue
|
recv
|
| 465 |
|
MySQL query response times are measured
|
|
|
6y |
4wk |
6y |
kind/enhancement
component/secretless-broker
on-hold
implementing
|
recv
|
| 451 |
|
Secretless has an Azure Key Vault credential provider
|
|
|
6y |
6y |
6y |
triage/scoping
kind/epic
component/secretless-providers
|
recv
|
| 449 |
 |
Microsoft Love - Support for Microsoft/Azure tools
|
|
2
|
6y |
6y |
6y |
triage/needs-epic
|
contributor-last recv recv-q
|
| 409 |
|
Website has performance page
|
|
|
6y |
6y |
6y |
kind/documentation
to do
component/secretless-site
|
recv
|
| 404 |
|
a test suite exists for the generic sidecar injector
|
|
|
6y |
6y |
|
kind/enhancement
|
|
| 403 |
|
sidecar injector allows mounting a volume with statically compiled summon
|
|
|
6y |
5y |
|
kind/enhancement
component/summon
|
contributor-last
|
| 400 |
|
Broker documentation is improved
|
|
|
6y |
6y |
6y |
to do
kind/epic
component/secretless-broker
|
recv
|
| 383 |
|
Broker is secure
|
|
|
6y |
6y |
6y |
in progress
kind/enhancement
kind/epic
component/secretless-broker
|
recv
|
| 381 |
|
Broker has additional configuration options
|
|
|
6y |
4wk |
6y |
kind/enhancement
kind/epic
component/secretless-broker
|
recv
|
| 380 |
|
Broker is easy to develop for
|
|
|
6y |
6y |
6y |
kind/epic
component/secretless-broker
kind/technical-debt
|
assigned recv
|
| 379 |
|
Performance metrics are published
|
|
|
6y |
5y |
6y |
kind/enhancement
to do
kind/epic
component/secretless-broker
|
contributor-last recv
|
| 374 |
|
A pass-through listener exists
|
|
|
6y |
4wk |
6y |
kind/enhancement
to do
component/secretless-broker
kind/technical-debt
|
recv
|
| 354 |
|
Istio can be used with an external DB
|
|
|
6y |
6y |
6y |
kind/spike
to do
component/secretless-broker
|
assigned recv
|
| 342 |
|
sidecar-injector should allow sharing of secretless domain sockets via volume mounts
|
|
|
6y |
6y |
|
kind/enhancement
to do
|
|
| 325 |
|
Secretless can be deployed with a sidecar injector
|
|
|
6y |
6y |
6y |
triage/scoping
kind/epic
|
assigned recv
|
| 270 |
|
SSH agent only keeps loaded keys for the duration of connection
|
|
|
6y |
6y |
6y |
kind/enhancement
component/secretless-broker
kind/technical-debt
security/low
on-hold
|
contributor-last recv
|
| 265 |
|
Secretless has option to configure response when provider fails to resolve a variable
|
|
|
6y |
6y |
6y |
component/secretless-broker
|
recv
|
| 264 |
|
Secretless optionally supports secrets caching
|
|
2
|
6y |
5y |
6y |
component/secretless-providers
component/secretless-broker
|
contributor-last recv recv-q
|
| 260 |
|
Add MongoDB handler/listener
|
|
6
|
6y |
2mo |
6y |
kind/enhancement
kind/epic
component/secretless-connectors
|
recv recv-q
|
| 249 |
|
Secrets do not remain in the sidecar memory
|
|
|
6y |
6y |
6y |
kind/epic
requested-by/cyberark-pm
|
assigned assignee-updated contributor-last recv recv-q
|
| 220 |
|
README should reflect GKE setup established initially in k8s demo dir
|
|
|
6y |
6y |
|
|
contributor-last recv-q
|
| 82 |
|
AWS handler has test suite with documentation
|
|
|
7y |
6y |
7y |
component/aws-handler
|
assigned recv
|
| 31 |
|
Use a dot foo.bar scheme to access nested data from HashiCorp Vault
|
|
|
7y |
6y |
7y |
component/vault-provider
triage/needs-epic
|
recv
|
| 17 |
|
define and create new Summon format (post secretsyml)
|
|
|
7y |
6y |
|
triage/needs-epic
|
|
| 16 |
|
use viper for standardised configuration (12 factor)
|
|
|
7y |
5y |
|
triage/needs-epic
good-first-issue
|
contributor-last
|
| 16 |
|
Helm charts are published to Helm artifact hub and helm/hub
|
|
|
4y |
4y |
4y |
|
recv
|
| 12 |
|
Helm charts repo is updated after new helm chart release
|
|
|
5y |
5y |
5y |
component/k8s
kind/enhancement
|
recv
|
| 177 |
 |
Conjur does not start with an external Postgres database due to OpenSSL internal error, assertion failed: Low level API call to digest SHA256 forbidden in FIPS mode
|
|
|
2y |
2y |
2y |
kind/bug
contributor
|
recv
|
| 167 |
 |
Add nodeSelector to list of Chart Parameters
|
|
|
3y |
3y |
3y |
kind/enhancement
contributor
|
recv
|
| 145 |
|
Static sub-resource names
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur
|
|
| 142 |
|
Add check/warning for pre-existing ClusterRole in Kubernetes example scripts
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
recv
|
| 141 |
|
Clarify compatible database versions in README
|
|
|
4y |
4y |
4y |
component/conjur
kind/documentation
|
recv
|
| 139 |
 |
Make conjur proxy container optional and configurable
|
|
2
|
4y |
4y |
4y |
kind/enhancement
triage/needs-info
component/conjur
|
author-last recv
|
| 136 |
|
Add option to auto-create a Conjur data encryption key
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
recv
|
| 135 |
|
Add deprecation warnings to NOTES.txt
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
recv
|
| 134 |
|
Deprecated features to consider for removal for next major release (3.0.0)
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
recv
|
| 133 |
|
Instructions fail when LoadBalancer service defines a hostname instead of an IP for the LB ingress
|
|
|
4y |
4y |
4y |
component/conjur
kind/bug
|
recv
|
| 132 |
|
Add authn-k8s demo app E2E test based on KinD GitHub actions
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
recv
|
| 131 |
|
Eliminate redundant Kubernetes service for Conjur
|
|
5
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
contributor-last recv
|
| 130 |
 |
Failure in Conjur schema migrations of external DB can't recover
|
|
|
4y |
4y |
4y |
component/conjur
kind/bug
|
recv
|
| 104 |
|
Reorganize README.md KinD example to make it more of a Getting Started guide
|
|
|
4y |
2mo |
4y |
kind/enhancement
component/conjur
good-first-issue
|
recv
|
| 86 |
|
Document use of or add subchart for bitnami/postgresql
|
|
|
4y |
4y |
4y |
kind/enhancement
component/conjur
|
recv
|
| 68 |
 |
Helm deployment instructions (README) include architecture diagrams
|
|
|
4y |
4y |
4y |
component/conjur
kind/bug
|
recv
|
| 61 |
|
Helm pipeline runs `helm package` on tags and auto-adds the artifact to a GitHub release
|
|
|
5y |
5y |
5y |
component/k8s
kind/infrastructure
|
contributor-last recv
|
| 57 |
|
Pipeline validates upgrade instructions
|
|
|
5y |
5y |
5y |
component/k8s
kind/infrastructure
|
recv
|
| 54 |
|
Automated end-to-end testing suite
|
|
|
5y |
5y |
5y |
kind/enhancement
kind/technical-debt
component/k8s
component/conjur
kind/quality
|
contributor-last recv recv-q
|
| 46 |
|
Adds TLS between Conjur and posgres pod
|
|
|
5y |
5y |
5y |
kind/enhancement
component/conjur
|
recv
|
| 28 |
|
Documentation is updated to clarify setup steps
|
|
|
6y |
5y |
6y |
good-first-issue
|
recv
|
| 27 |
|
The Helm chart supports custom value for the PostgreSQL container UID
|
|
|
6y |
6y |
|
kind/enhancement
component/k8s
component/openshift
|
|
| 9 |
|
CI pipeline runs kubesec
|
|
|
6y |
5y |
6y |
good-first-issue
|
recv
|
| 7 |
 |
Conjur Helm chart has published shasums
|
|
|
6y |
6y |
6y |
kind/enhancement
component/k8s
component/openshift
|
recv
|
| 219 |
|
Kong Examples no longer run
|
|
|
3y |
3y |
|
kind/bug
|
|
| 213 |
|
Allow scripts to deploy Conjur either as latest or edge versions
|
|
|
3y |
3y |
|
kind/enhancement
|
|
| 207 |
|
Update k8's inject cert test to run against latest Conjur Image
|
|
|
3y |
3y |
|
kind/bug
component/conjur-sdk
|
|
| 197 |
|
Fix flaky API contract tests
|
|
|
4y |
4y |
|
kind/bug
component/conjur-sdk
|
|
| 150 |
|
Implement Route Checking for Conjur
|
|
|
4y |
4y |
|
component/conjur
kind/enhancement
|
|
| 107 |
|
Move to using either latest or stable image for OpenAPI generator
|
|
|
4y |
4y |
|
kind/enhancement
component/conjur-sdk
|
|
| 28 |
|
Automatically generate Sphinx documentation for python client code
|
|
|
4y |
4y |
|
kind/documentation
kind/enhancement
component/api/python
|
|
| 186 |
|
Migrate client configuration from `conjur-cli` gem to this gem
|
|
|
4y |
4y |
4y |
component/api/ruby
kind/enhancement
|
recv
|
| 162 |
|
Ruby API gem correctly handles Users/Hosts with `api_key_enabled`
|
|
|
5y |
5y |
|
kind/enhancement
support/serious
|
similar
|
| 148 |
 |
Ruby client library tests are run against the EE
|
|
|
6y |
6y |
6y |
component/api/ruby
selected
|
assigned recv
|
| 145 |
|
Allow using multiple independent API connections
|
|
|
6y |
6y |
6y |
|
recv
|
| 134 |
|
add support for CONJUR_AUTHN_TOKEN_FILE
|
|
|
7y |
7y |
|
|
contributor-last
|
| 128 |
|
Token expiration should be aware of the "exp" field in new style tokens
|
|
|
7y |
7y |
7y |
|
recv
|
| 60 |
|
GoLang SDK correctly handles Users/Hosts with `api_key_enabled`
|
|
|
5y |
4mo |
4mo |
kind/enhancement
support/serious
|
member-last send similar
|
| 124 |
 |
JAX-RS implementation JavaEE (javax) vs JakartaEE (jakarta)
|
|
|
4d |
3d |
3d |
kind/enhancement
|
member-last send
|
| 103 |
|
java.lang.RuntimeException: java.lang.ClassNotFoundException: Class 'org.glassfish.jersey.client.JerseyClientBuilder' was not found
|
|
|
4y |
1mo |
4y |
component/api/java
kind/bug
internal-contributor
|
send
|
| 102 |
|
Add ability to pass in CONJUR_APPLIANCE_URL and CONJUR_ACCOUNT into Conjur class
|
|
|
4y |
4y |
4y |
component/api/java
kind/enhancement
internal-contributor
|
recv
|
| 99 |
|
Unit tests exist for each class
|
|
|
4y |
4y |
4y |
component/api/java
kind/enhancement
|
recv
|
| 65 |
|
Code climate issues have been resolved
|
|
|
5y |
17d |
5y |
kind/technical-debt
component/conjur-sdk
|
recv
|
| 55 |
|
Add unit tests
|
|
|
5y |
17d |
5y |
good-first-issue
|
recv
|
| 54 |
|
Java SDK correctly handles Users/Hosts with `api_key_enabled`
|
|
|
5y |
5y |
|
kind/enhancement
support/serious
|
similar
|
| 42 |
|
Add code coverage to conjur-api-java
|
|
|
5y |
5y |
|
kind/quality
|
|
| 35 |
|
Add API use-case ex in Docker to docs
|
|
|
6y |
17d |
6y |
kind/documentation
component/api/java
kind/developer-experience
good-first-issue
defined
|
assigned recv
|
| 33 |
 |
Is javadoc published anywhere on the web?
|
|
|
6y |
17d |
6y |
kind/documentation
kind/developer-experience
|
recv
|
| 25 |
|
Support for watching authentication token file
|
|
|
6y |
6y |
|
component/api/java
kind/enhancement
|
|
| 22 |
|
Allow reading the auth token provided by Kubernetes/OpenShift sidecar
|
|
|
6y |
6y |
6y |
kind/enhancement
merged
|
assigned member-last send
|
| 16 |
 |
NullPointerException when using single Conjur instance to retrieve multiple secrets
|
|
|
7y |
5y |
7y |
good-first-issue
|
contributor-last recv
|
| 13 |
|
Load Conjur identity & conf from files(/etc/, ~/.conjurrc) in addition to environment variables
|
|
|
7y |
7y |
|
|
|
| 5 |
|
Generate a JAR file for consumption
|
|
|
7y |
7y |
|
|
|
| 56 |
|
Add integration tests
|
|
|
5y |
4mo |
4mo |
kind/technical-debt
kind/enhancement
kind/quality
component/conjur-sdk
|
member-last send similar
|
| 49 |
|
Add Batch Secret Retrieval
|
|
|
5y |
4mo |
4mo |
kind/enhancement
component/conjur-sdk
|
member-last send
|
| 47 |
|
Retrieving Environment Variables for Authentication
|
|
|
5y |
4mo |
4mo |
kind/enhancement
component/conjur-sdk
|
member-last send
|
| 38 |
|
.NET SDK correctly handles Users/Hosts with `api_key_enabled`
|
|
|
5y |
5mo |
5mo |
kind/enhancement
support/serious
|
member-last send similar
|
| 24 |
|
Library is compatible with both .Net Core and Framework
|
|
|
6y |
4mo |
4mo |
kind/enhancement
|
member-last send
|
| 17 |
|
API wrapper library is available through NuGet
|
|
3
|
7y |
5mo |
|
kind/enhancement
component/conjur-sdk
|
assigned recv-q
|
| 251 |
 |
Default not supported for `gopass`
|
|
|
1y |
1y |
1y |
kind/enhancement
|
recv
|
| 238 |
 |
Add templating support for ephemeral cred/config files
|
|
|
2y |
2y |
|
kind/enhancement
internal-contributor
|
|
| 199 |
|
Make list of environment variable names available in child process
|
|
|
4y |
4y |
|
kind/enhancement
component/summon
|
contributor-last
|
| 153 |
|
Multiple `-e` environments can be supported
|
|
|
5y |
5y |
5y |
kind/enhancement
component/summon
|
recv
|
| 152 |
|
Clean up empty tempdirs
|
|
|
5y |
2mo |
5y |
kind/bug
kind/cleanup
component/summon
good-first-issue
|
recv
|
| 151 |
|
Add more information about `!file` handling
|
|
|
5y |
2mo |
5y |
kind/documentation
kind/enhancement
component/summon
good-first-issue
|
recv
|
| 149 |
 |
Summon has examples of unofficial "provider wrappers" somewhere (e.g. `gopass`)
|
|
|
5y |
4y |
5y |
kind/enhancement
component/summon
triage/scoping
kind/developer-experience
contributor
has-idea
|
recv recv-q
|
| 135 |
|
Zeroize all vars right after start of child process
|
|
|
5y |
13d |
5y |
kind/enhancement
component/summon
kind/security
|
recv
|
| 104 |
|
fix: substitution variable format interferes with provider key resolution
|
|
|
6y |
2wk |
2wk |
kind/bug
|
member-last send
|
| 93 |
 |
Docs: `common` section and root vars injection rules should be better documented
|
|
2
|
6y |
2y |
6y |
triage/needs-info
good-first-issue
|
contributor-last recv recv-q
|
| 83 |
|
Better error message when appliance_url doesn't match machine address in .netrc or conjur.identity
|
|
|
4y |
2mo |
|
kind/enhancement
component/summon
good-first-issue
internal-contributor
|
|
| 33 |
|
Docs is updated to address conjurized requirement
|
|
|
6y |
5y |
|
triage/needs-info
good-first-issue
|
|
| 29 |
|
The Keyring provider does not work on Windows
|
|
|
1y |
1y |
|
kind/bug
|
|
| 17 |
|
Ensure documentation is accurate
|
|
|
5y |
5y |
5y |
triage/needs-info
kind/technical-debt
component/summon
kind/documentation
|
recv
|
| 7 |
|
Add CI pipeline
|
|
|
5y |
5y |
|
|
contributor-last
|
| 5 |
|
Convert ring.py to Python 3
|
|
|
5y |
5y |
|
kind/technical-debt
component/summon
severity/medium
implementing
|
|
| 48 |
|
Tests exist for `main.go`
|
|
|
4y |
4y |
4y |
kind/technical-debt
kind/enhancement
component/summon
|
recv
|
| 44 |
 |
Ability to specify versions of secrets to retrieve
|
|
|
4y |
4y |
4y |
kind/enhancement
component/summon
contributor
has-idea
|
recv
|
| 17 |
 |
Option to base64 encode secrets values
|
|
|
5y |
5y |
5y |
|
recv
|
| 22 |
 |
Apple silicon is not supported for this provider
|
|
|
2y |
2y |
2y |
kind/enhancement
contributor
|
recv
|
| 529 |
 |
CAKC017 error does not remove "client.pem" causing continual failures
|
|
|
2y |
11d |
2y |
kind/bug
stale
|
send
|
| 329 |
|
K8s Authenticator Quickstart: Make KinD optional
|
|
|
4y |
11d |
|
component/k8s
kind/demo
stale
|
|
| 327 |
|
Document client errors
|
|
|
4y |
11d |
4y |
kind/documentation
triage/needs-info
stale
|
recv
|
| 320 |
 |
E2E Workflow Scripts: Remove platform specific script branches
|
|
|
4y |
11d |
3y |
component/k8s
kind/enhancement
stale
|
send
|
| 317 |
|
E2E Workflow Scripts: Workflow should detect which flavor of Conjur has been deployed to the cluster
|
|
|
4y |
11d |
3y |
component/k8s
kind/enhancement
stale
|
send
|
| 316 |
|
E2E Workflow Scripts: Conditionally validate sample applications' authentication with their backends
|
|
|
4y |
11d |
|
component/k8s
kind/enhancement
stale
|
similar
|
| 315 |
|
E2E Workflow Scripts: Conditionally deploy MySQL sample application backend
|
|
|
4y |
11d |
|
component/k8s
kind/enhancement
stale
|
similar
|
| 310 |
|
Kubernetes test automation and demo materials are revised
|
|
|
4y |
11d |
4y |
component/k8s
kind/technical-debt
Epic
stale
|
recv
|
| 305 |
|
Add get-conjur-cert.sh and test-helm scripts to release artifacts
|
|
|
4y |
10d |
4y |
component/k8s
kind/enhancement
stale
|
recv
|
| 302 |
|
E2E Workflow Scripts: Test app injects Summon into shared volume
|
|
|
4y |
10d |
3y |
component/k8s
kind/quality
stale
|
send
|
| 291 |
|
The Namespace prep helm test uses validator Host ID to validate the Kubernetes authenticator is functional
|
|
|
4y |
10d |
4y |
component/k8s
kind/enhancement
stale
|
recv
|
| 290 |
|
The Namespace helm test queries the /info endpoint for validation
|
|
|
4y |
10d |
4y |
component/k8s
kind/enhancement
stale
|
recv
|
| 289 |
|
There is an initial framework for the Namespace prep Helm test
|
|
|
4y |
10d |
4y |
component/k8s
kind/enhancement
stale
|
recv
|
| 228 |
|
There is a helm test for the cluster prep helm chart
|
|
|
4y |
10d |
4y |
component/k8s
Epic
kind/user-story
stale
|
recv
|
| 222 |
|
Enable cloud provided authentication methods in sidecar
|
|
|
4y |
10d |
4y |
component/k8s
kind/enhancement
internal-contributor
stale
|
recv
|
| 188 |
|
Add UTs for response util methods
|
|
|
4y |
10d |
|
component/k8s
kind/enhancement
good-first-issue
rnd-boost
stale
|
open-milestone
|
| 172 |
|
Enable use of system CA store for Conjur's SSL certificate verification
|
|
|
4y |
9d |
4y |
component/k8s
kind/bug
stale
|
recv
|
| 169 |
|
Add Info log with configuration
|
|
|
4y |
9d |
|
stale
|
|
| 162 |
|
Enhance env var utils to accept min and max values
|
|
|
4y |
9d |
|
component/k8s
kind/enhancement
stale
|
|
| 159 |
|
Extract backoff loop from main.go into a util
|
|
|
4y |
9d |
4y |
component/k8s
kind/enhancement
good-first-issue
stale
|
|
| 116 |
|
Challenge the way integration tests run on authn-client
|
|
|
5y |
8d |
|
rnd-boost
stale
|
open-milestone
|
| 54 |
 |
Consider setting automation to work with latests scripts/DAP/Conjur
|
|
|
5y |
8d |
5y |
component/k8s
kind/technical-debt
component/authenticators
kind/infrastructure
stale
|
recv
|
| 25 |
|
unit test suites exists
|
|
|
6y |
7d |
|
kind/technical-debt
good-first-issue
stale
|
recv-q
|
| 9 |
|
Authenticator gets pod name / namespace using Kubernetes API
|
|
|
6y |
4y |
6y |
rnd-boost
|
open-milestone recv
|
| 7 |
|
Authenticator has configurable logging levels
|
|
|
6y |
5y |
|
kind/developer-experience
good-first-issue
|
contributor-last
|
| 549 |
 |
Secrets rotation improvements
|
|
|
3mo |
2mo |
2mo |
kind/enhancement
|
assigned assignee-updated author-last recv
|
| 530 |
 |
retryCountLimit not evaluated in helm deployment
|
|
|
2y |
2y |
2y |
kind/bug
|
recv
|
| 289 |
|
Add optional hostAliases to values.yaml
|
|
|
4y |
4y |
4y |
component/k8s
kind/enhancement
|
author-last recv recv-q
|
| 270 |
|
Tests automate fetching version from values.yml instead of hardcoding it
|
|
|
4y |
4y |
4y |
kind/technical-debt
component/k8s
|
recv
|
| 251 |
|
Release automation - Push Helm Chart to helm-charts repo
|
|
|
4y |
4y |
4y |
rnd-boost
|
assigned assignee-updated contributor-last open-milestone recv recv-q
|
| 239 |
|
Add GH action for dispatching release event
|
|
|
4y |
4wk |
4y |
component/k8s
kind/enhancement
|
contributor-last recv
|
| 138 |
|
Enhancement: Remove use of downward API from manifest
|
|
|
4y |
4y |
4y |
|
assigned recv
|
| 106 |
 |
Add tests to verify our logs
|
|
|
5y |
4y |
|
severity/low
swarm/testing
component/jenkins
rnd-boost
|
open-milestone
|
| 93 |
 |
TLS handshake error when following README in local cluster
|
|
|
2y |
2y |
2y |
kind/bug
|
author-last recv recv-q
|
| 56 |
|
Sidecar containers images configurable at runtime
|
|
|
4y |
4y |
|
kind/enhancement
component/dev-tools
|
|
| 41 |
|
A "What is this section" exists in the README
|
|
|
5y |
5y |
|
kind/enhancement
component/dev-tools
|
|
| 38 |
|
Update cross compilation goreleaser image to public
|
|
|
5y |
5y |
|
kind/enhancement
component/dev-tools
|
|
| 31 |
|
Upgrade instructions exist
|
|
|
5y |
5y |
|
kind/enhancement
component/dev-tools
|
|
| 24 |
|
Add troubleshooting section for missing annotations
|
|
|
5y |
5y |
|
kind/enhancement
component/dev-tools
source/salesforce
|
|
| 8 |
|
Plz be consistent w/ access token file name
|
|
|
5y |
5y |
|
|
|
| 171 |
|
Close ports for the conjur follower
|
|
|
4y |
4y |
4y |
|
recv
|
| 168 |
|
Need to run retry mechanism for delete namespace command
|
|
|
4y |
4y |
|
component/jenkins
kind/infrastructure
team/palm-tree
rnd-boost
|
open-milestone
|
| 162 |
 |
Openshift password should be given/pulled from summon
|
|
|
4y |
4y |
4y |
|
member-last send
|
| 161 |
|
Auto Enrollment Secrets Add should be part of the script
|
|
|
4y |
4y |
4y |
|
member-last send
|
| 160 |
|
Image pull backoff in OC4.5 because image url is external when using start.sh
|
|
|
4y |
4y |
|
|
contributor-last recv-q
|
| 119 |
|
Migrate secrets provider repo to use the helm chart for deploying conjur in automation
|
|
|
5y |
4y |
5y |
rnd-boost
|
contributor-last open-milestone recv-q
|
| 117 |
|
Unbound variable error on stop
|
|
|
5y |
5y |
5y |
|
recv
|
| 116 |
|
Repo needs a CHANGELOG
|
|
|
5y |
5y |
5y |
kind/documentation
component/k8s
|
recv
|
| 99 |
|
Don't use separate yamls for OC and K8s where possible
|
|
|
5y |
5y |
5y |
triage/scoping
kind/technical-debt
kind/enhancement
component/k8s
kind/cleanup
triage/needs-epic
kind/developer-experience
good-first-issue
|
recv
|
| 74 |
|
Deployment Flow with Seed Fetcher is tested in CI
|
|
|
5y |
4y |
|
component/demos
kind/technical-debt
on-hold
|
|
| 62 |
|
Deploy Scripts don't work on current Minishift Version
|
|
|
6y |
5y |
|
kind/bug
component/demos
severity/medium
|
|
| 61 |
|
Deploy can be performed w/ non-cluster admin user
|
|
|
6y |
6y |
|
|
|
| 60 |
|
Standby and follower seeding encrypts key files
|
|
|
6y |
6y |
|
|
|
| 55 |
|
Tests include coverage of master deployment to both GKE and OpenShift
|
|
|
6y |
6y |
6y |
component/openshift
kind/enhancement
component/k8s
kind/cleanup
triage/needs-epic
severity/low
kind/developer-experience
|
recv
|
| 48 |
|
Followers are configured to be distributed across nodes
|
|
|
6y |
6y |
|
component/openshift
component/k8s
|
|
| 31 |
 |
the check dep script is checking for OSHIFT_CONJUR_ADMIN_USERNAME but the scripts are using OPSHIFT_CLUSTER_ADMIN_USERNAME
|
|
|
6y |
6y |
6y |
|
recv
|
| 25 |
|
update deploy / demo scripts for v5 OSS
|
|
|
6y |
6y |
|
triage/needs-info
component/k8s
|
contributor-last
|
| 21 |
|
configure nodePort for haproxy to provide external access to Conjur Master service
|
|
|
6y |
6y |
|
|
|
| 20 |
|
add script to delete deployments
|
|
|
6y |
5y |
|
kind/developer-experience
good-first-issue
|
|
| 19 |
|
developer user needs access to internal registry
|
|
|
6y |
6y |
|
|
|
| 18 |
|
data key should be stored as a secret
|
|
|
6y |
17d |
6y |
ready
good-first-issue
|
recv
|
| 135 |
|
Add validator host ID to allow authn-k8s config to be validated
|
|
|
4y |
4y |
4y |
kind/enhancement
component/demos
|
recv
|
| 130 |
|
Automated tests only run against annotation-based identities
|
|
|
4y |
4y |
4y |
kind/enhancement
component/demos
|
recv
|
| 115 |
|
Add DeploymentConfigs as app identity in Jenkins OpenShift CI
|
|
|
4y |
4y |
4y |
kind/enhancement
component/demos
|
recv
|
| 113 |
|
Replace use of sed for yaml templating with Yaml.sh or helm charts
|
|
|
4y |
4y |
4y |
kind/enhancement
component/demos
|
recv
|
| 89 |
|
Repo's use of bash-lib means you can't run the scripts individually
|
|
|
5y |
4y |
4y |
component/k8s
kind/bug
component/demos
|
assigned member-last open-milestone send
|
| 66 |
|
--dry-run option
|
|
|
6y |
6y |
|
component/k8s
kind/enhancement
component/openshift
component/demos
|
|
| 52 |
|
CI takes too long
|
|
|
6y |
6y |
|
component/demos
component/pipeline
infra/pipelines
|
|
| 38 |
|
Automated tests validate demos against Conjur OSS
|
|
|
6y |
6y |
6y |
component/k8s
kind/technical-debt
component/demos
component/pipeline
|
recv
|
| 32 |
|
Scripts check conditions rather than sleeping
|
|
|
6y |
6y |
6y |
component/k8s
kind/technical-debt
component/demos
|
recv
|
| 29 |
|
sidecar injector is incorporated into kubernetes-conjur-demo
|
|
|
6y |
6y |
|
component/k8s
kind/enhancement
component/demos
|
|
| 11 |
|
conjur-authenticator rolebinding requires elevated privileges to create
|
|
|
6y |
6y |
6y |
component/k8s
kind/enhancement
|
member-last
|
| 10 |
|
test app is deployed using helm chart
|
|
|
6y |
6y |
6y |
component/k8s
kind/enhancement
component/demos
|
member-last send
|
| 91 |
|
Users can determine buildpack version from Cloud Foundry
|
|
|
4y |
4y |
4y |
component/pcf
kind/enhancement
|
recv
|
| 82 |
|
The secrets.yml check in the supply script uses different logic than the `conjur-env` binary to find the secrets.yml
|
|
|
4y |
4y |
4y |
component/pcf
kind/bug
internal-contributor
|
recv
|
| 80 |
|
Secrets.yml configuration can be supplied as an environment variable
|
|
3
|
4y |
4y |
4y |
kind/enhancement
component/conjur-sdk
|
contributor-last recv recv-q
|
| 60 |
|
conjur-env binary uses batch secret retrieval
|
|
|
5y |
4y |
|
kind/enhancement
component/conjur-sdk
|
|
| 52 |
|
Add code coverage for cloudfoundry-conjur-buildpack
|
|
|
5y |
4y |
|
component/pcf
kind/quality
|
|
| 21 |
|
Docs includes instructions for decorator buildpack
|
|
|
6y |
6y |
|
kind/documentation
component/pcf
|
|
| 52 |
|
Add CI pipeline
|
|
|
5y |
5y |
|
|
|
| 48 |
|
Update the demo app ruby version
|
|
|
5y |
5y |
|
|
|
| 47 |
|
Remove unnecessary dependencies from demo app
|
|
|
5y |
5y |
|
|
|
| 36 |
|
Demo has a CI pipeline for the local flow
|
|
|
6y |
6y |
6y |
component/pcf
infra/pipelines
|
recv
|
| 35 |
|
Demo has a CI pipeline for the tile
|
|
|
6y |
6y |
6y |
component/pcf
selected
infra/pipelines
|
recv
|
| 22 |
|
Demo should run w/o internet access after it is built
|
|
|
6y |
6y |
|
|
|
| 11 |
|
change to ./stop instead of ./bin/stop
|
|
|
7y |
6y |
|
|
contributor-last
|
| 210 |
 |
Validate compatibility with ansible-core 2.19
|
|
|
5wk |
4wk |
4wk |
|
assigned assignee-updated member-last send
|
| 207 |
 |
Conjur lookup plugin fails to verify TLS certificate - works ok in role and Conjur Go CLI
|
|
|
4mo |
2wk |
4mo |
kind/documentation
kind/bug
|
member-last send
|
| 202 |
 |
Retry in conjur_variable lookup not working for errors out of urllib_error.HTTPError or socket.timeout
|
|
|
1y |
3mo |
3mo |
kind/bug
|
assigned member-last send
|
| 191 |
 |
Unable to run cyberark.conjur.conjur_host_identity role.
|
|
|
2y |
1y |
2y |
kind/bug
|
author-last recv recv-q
|
| 187 |
 |
Consider using true/false for all booleans in docs
|
|
|
2y |
2wk |
2y |
good first issue
good-first-issue
contributor
|
recv
|
| 146 |
 |
Support JWT Authentication for Ansible
|
|
|
3y |
2y |
|
kind/epic
team/Integration-Factory
ONYX-20594
|
|
| 145 |
|
Support JWT Authentication for Ansible
|
|
|
3y |
2y |
|
kind/epic
team/Integration-Factory
ONYX-20594
|
|
| 74 |
|
Bring ansible-conjur-collection to Certified level
|
|
|
3y |
2y |
|
kind/epic
ONYX-15057
team/Integration-Factory
|
|
| 73 |
|
Troubleshoot Ansible Conjur installation on 2.9
|
|
|
3y |
2y |
|
team/community-and-integrations
severity/low
kind/bug
ONYX-14387
Bugtype/
|
|
| 72 |
|
Troubleshoot Ansible Conjur installation on 2.9
|
|
|
3y |
2y |
|
team/community-and-integrations
severity/low
kind/bug
ONYX-14387
Bugtype/
|
|
| 56 |
|
Collection is published to Automation Hub
|
|
|
4y |
4y |
4y |
component/ansible
kind/enhancement
|
contributor-last recv
|
| 49 |
|
Add other ways to specify Conjur / DAP identity in `cyberark.conjur.conjur_variable`
|
|
|
4y |
4y |
4y |
component/ansible
kind/enhancement
|
recv
|
| 47 |
|
The UX of configuring the lookup plugin and role has been evaluated
|
|
|
4y |
4y |
4y |
|
recv
|
| 46 |
|
Roles are tested with Molecule
|
|
|
4y |
4y |
4y |
component/ansible
kind/enhancement
|
recv
|
| 45 |
|
The log output of the conjur-role without "no_log" set to true has been reviewed
|
|
|
4y |
4y |
4y |
component/ansible
kind/enhancement
kind/XA
|
recv
|
| 44 |
|
Roles and plugins share a build stage and test directory structure
|
|
|
4y |
4y |
4y |
kind/cleanup
component/ansible
kind/enhancement
|
contributor-last recv
|
| 43 |
|
Documentation is clear that input variable path should not be urlencoded
|
|
|
4y |
4y |
4y |
component/ansible
source/salesforce
kind/documentation
|
recv
|
| 42 |
|
Expand Ansible Collection to include Conjur Role
|
|
|
4y |
4y |
4y |
component/ansible
kind/enhancement
Epic
|
recv
|
| 37 |
|
There is a demo showing how to use this collection
|
|
|
4y |
4y |
4y |
component/ansible
on-hold
kind/demo
|
assigned assignee-updated member-last send
|
| 30 |
|
Migrate this Ansible role to the Conjur Ansible collection
|
|
|
5y |
2mo |
5y |
kind/enhancement
component/ansible
|
contributor-last recv recv-q
|
| 26 |
|
conjur_variable lookup plugin can be improved
|
|
|
5y |
2mo |
5y |
kind/enhancement
component/ansible
|
contributor-last recv recv-q
|
| 22 |
|
Add code coverage to ansible-conjur-host-identity
|
|
|
5y |
5y |
|
kind/quality
|
|
| 5 |
|
CA cert content is dumped to stdout
|
|
|
7y |
7y |
|
|
|
| 4 |
|
The parameter `conjur_ssl_certificate` requires cert as a string, not a file.
|
|
|
7y |
5y |
|
|
|
| 3 |
|
Parameter `conjur_validate_certs should be `True` by default
|
|
|
7y |
7y |
|
|
|
| 2 |
|
Deprecation warning when role is run
|
|
|
7y |
7y |
|
|
|
| 258 |
|
Error with self signed certificate
|
|
|
2y |
2y |
2y |
kind/bug
|
author-last recv
|
| 235 |
|
Investigate if `puppetlabs-registry` dependency is still needed
|
|
|
4y |
4y |
4y |
blocked
triage/needs-info
kind/cleanup
component/puppet
|
assigned assignee-updated contributor-last recv
|
| 201 |
|
Investigate (and possibly implement) ability to check if we can validate that agent credentials are valid
|
|
|
4y |
4y |
4y |
component/puppet
kind/enhancement
kind/developer-experience
kind/XA
kind/community
|
contributor-last recv
|
| 65 |
|
Use OpenAPI spec to generate the client code
|
|
|
5y |
2wk |
2wk |
kind/technical-debt
component/puppet
kind/enhancement
kind/developer-experience
|
member-last send
|
| 29 |
|
WinCred resource and provider are separated to their own Puppet Module
|
|
|
6y |
6y |
|
component/puppet
kind/enhancement
|
|
| 134 |
|
Documentation Bug in README in Build From Source section
|
|
|
1y |
1y |
|
kind/bug
|
|
| 132 |
 |
Add an ability to update Conjur secret
|
|
2
|
1y |
1y |
1y |
kind/enhancement
|
recv
|
| 99 |
|
Provider is not up to date and does not support CONJUR_AUTHN_TOKEN that is included in conjur-api-go
|
|
|
3y |
3y |
|
kind/bug
internal-contributor
|
|
| 94 |
|
Manifest example in provider's documentation is wrong.
|
|
3
|
3y |
2mo |
3y |
component/terraform
kind/bug
internal-contributor
|
member-last send
|
| 60 |
|
Add unit tests
|
|
|
5y |
2wk |
5y |
component/terraform
kind/enhancement
good-first-issue
kind/quality
|
contributor-last recv
|
| 53 |
|
Add Windows instructions to README
|
|
|
5y |
5y |
5y |
component/terraform
kind/enhancement
|
recv
|
