Goldfish Versions Save

A HashiCorp Vault UI written with VueJS and Vault native Go API

v0.9.0

6 years ago

Summary:

The deployment config file has slightly changed. The certificate information has been moved to its own struct. Check this wiki page for samples, or the sample config file

Goldfish now also accepts non-approle tokens for deployment. They still must be wrapped. The procedures for bootstrapping are identical, goldfish will determine whether the token is approle or not. The recommended bootstrap method is still an approle token, and therefore deployment instructions on wiki pages will remain in approle fashion.

Fixes:

  • 1718640 Fixed a bug in token creator regarding periodic TTLs
  • e63d3e1 PKI integration now includes the issuing_ca field, for a full certificate chain

Features:

  • 9c75ad5 Allow custom login paths (#185)
  • ca3d9a0 Support for Vault with custom CA certs (#220)
  • 089caa6 Support for bootstrapping with a non-approle wrapped token (#222)
  • 143f6f3 Support ip_sans and alt_names fields to PKI integration (#223)
  • 5280814 Added explicit common_name field to PKI integration
  • ee66442 Allow for multi-line pastes in secret input boxes (#234)
  • f64ef16 Added warning notification for users when their token is about to expire
  • dd2576b Added a revoke-self button on login page

Misc:

  • 35184cc Fixed misaligned footer on low-resolution screens
  • 344fca9 Secrets page inputs made monospace (#235)
  • ad4d0ce Corrected sort triangle orientation (#236)
  • 803e758 Vault API updated to v0.9.3
  • 888c28b Added self-compile instructions
  • cf72faa Updated VueJS to v2.5.13
  • 0de45b3 Minor text changes

Verifications:

SHA256 sum of binaries:

  • goldfish-linux-amd64: a716db6277afcac21a404b6155d0c52b1d633f27d39fba240aae4b9d67d70943
  • goldfish-windows-amd64.exe: 1a270bda441168e17d96952c78a24725ccd40c637b702e8e27e3ab5d664de10b

v0.8.0

6 years ago

Summary:

v0.8.0 brings some security updates and new features to the frontend. Deployment steps remain the same.

Notes:

  • TLS1.0, TLS1.1 have been disabled (#205)
  • DES/3DES ciphersuites have been disabled (#205)
  • Goldfish can now fetch its certificates from vault's PKI backend (#143)

Fixes:

  • f9ef8c6 Fixed a bug with editing non-string secret values
  • 6d893df Disabled TLS1.0 and TLS1.1, and disabled deprecated ciphersuites (#205)
  • 8e4b003 Fixed non-critical panics when an authentication backend is empty

Features:

  • b693f7d Allow using certificates from PKI backend (#143)
  • 3d5cc83 Allow sorting secrets alphabetically (#200)
  • e1e22a8 Updated frontend to Bulma v0.6.1 (Color-scheme changed as a result)
  • 250c15a User (tokens, userpass, etc.) page modal views have been filled out with details (#210)
  • 2914960 Line-by-line diff views added to policy requests
    • Syntax highlight and diff don't play ball together. Pull requests are welcome (#192)
  • 7762cba Smart search (policies page) got a lot smarter (#212)
    • Goldfish now borrows Vault's core code to check for a policy's capabilities on a path

Misc:

  • c7a17b8 Fixed icon alignments (#182)
  • 47a4a8a Favicon added (#168)
  • ceef80c Added screenshots and very basic frontend integration testing with Chromeless (#184)
  • 3caaed9 Secrets (key and value) boxes have been made monospace (#189)
  • 40632e2 Added confirmation to deleting multiple secrets (#196)
  • 715de22 Fixed typos
  • abc52a5 Frontend assets are now built with node v8.2.0+
  • 2cf9d6d Added confirmations for deleting single secret
  • c37d8ff Vault API updated to v0.9.0

v0.8.0-rc1

6 years ago

This is a release candidate only! Deployment steps remain the same.

Notes:

  • TLS1.0, TLS1.1 have been disabled (#205)
  • DES/3DES ciphersuites have been disabled (#205)
  • Goldfish can now fetch its certificates from vault's PKI backend (#143)
    • This feature requires a vault token (i.e. bootstrapping) to be provided at launch time
    • See the sample config file for usage

Fixes:

  • f9ef8c6 Fixed a bug with editing non-string secret values
  • 6d893df Disabled TLS1.0 and TLS1.1, and disabled deprecated ciphersuites (#205)

Features:

  • b693f7d Allow using certificates from PKI backend (#143)
  • 3d5cc83 Allow sorting secrets by type and name (#200)

Misc:

  • c7a17b8 Fixed icon alignments (#182)
  • 47a4a8a Favicon added (#168)
  • ceef80c Added screenshots and very basic frontend integration testing with Chromeless (#184)
  • 3caaed9 Secrets (key and value) boxes have been made monospace (#189)
  • 40632e2 Added confirmation to deleting multiple secrets (#196)
  • 715de22 Fixed typos

v0.7.4

6 years ago

Deployment steps are unchanged. Simply change your URL's version number and redeploy.

Fixes:

  • e865e47 ce1a5db 6f4c208 Fixed LDAP parsing on Vault servers v0.8.3 and up (#169)

Features:

  • 7c2d31c Multi-line values to secrets can be viewed and inserted (#165)

Misc:

  • c8fa70a Vault API library updated to v0.8.3
  • 2df80c2 Reworded "unseal tokens" to "unseal keys" for clarity

v0.7.3

6 years ago

Deployment steps are unchanged. Simply change your URL's version number and redeploy.

Fixes:

  • a678754 Fixed a bug in secrets page where up button would sometimes be unresponsive (#163)

v0.7.2

6 years ago

Deployment steps are unchanged. Simply change your URL's version number and redeploy.

Fixes:

  • 894505c Fixed a bug in secrets page where manual path entries would fail to update (#160)

v0.7.1

6 years ago

Deployment steps are unchanged. Simply change your URL's version number and redeploy.

Fixes:

  • 0bf4e9f Fixed decoding on token requests
  • 2c2cf30 Fixed Github login error
  • 0d24c91 Fixed leaking file descriptor
  • 3b46f0f Fixed #159

Major:

  • 0f3ae97 Added support for nomad bootstrap file
  • 0b00478 Requested tokens are orphaned by default
  • 21933d5 Allow multi-select on secrets page - #153
  • c1dc09e Allow multi-delete on secrets page - #153
  • 76f0496 4294d93 Secrets page navigation changed to query parameters in url - #151
    • This allows for back & forward button navigation, and for URLs to load secrets directly

Minor:

  • da44e3b Removed demo link in footer that led nowhere
  • 832b1fb Removed deprecated files
  • ea8aeb1 Removed deprecated code
  • 6f9b49a Quality of life updates to requests page

v0.7.1-rc1

6 years ago

This is a release candidate only! Deployment steps are unchanged

Fixes:

  • 0bf4e9f Fixed decoding on token requests
  • 2c2cf30 Fixed Github login error
  • 0d24c91 Fixed leaking file descriptor

Major:

  • 0f3ae97 Added support for nomad bootstrap file
  • 0b00478 Requested tokens are orphaned by default
  • 21933d5 Allow multi-select on secrets page - #153
  • c1dc09e Allow multi-delete on secrets page - #153
  • 76f0496 4294d93 Secrets page navigation changed to query parameters in url - #151
    • This allows for back & forward button navigation, and for URLs to load secrets directly

Minor:

  • da44e3b Removed demo link in footer that led nowhere
  • 832b1fb Removed deprecated files
  • ea8aeb1 Removed deprecated code
  • 6f9b49a Quality of life updates to requests page

v0.7.0

6 years ago

v0.7.0 brings an expanded requests system. Users can now request for:

  • Creating a new policy
  • Deleting an existing policy
  • Creating a vault token (must be wrapped)
    • This means you can generate a root token in seconds!

Deployment steps are identical to that of v0.6.0

Fixes:

  • 64d74d4 Granular mutexes added to request system to prevent race condition
  • 5cfebf0 Fixed 404 in renew button in nav bar
  • 19c536c Fixed periodic entry in token creator
  • cddc6f6 Fixed the too many open files error #149

Major:

  • dba9ca5 Revamped request system
    • There are 20+ commits for this, unlisted for conciseness
  • 390ec54 Added policy deletion request
  • 01a86da Added policy creation request
  • 5c8962a bd767ad Added token creation to requests system
    • Accessible in token creator page
  • 9bc367c Add orphan option to token creator #138
  • 197a3eb Okta login support #146

Minor:

  • da8b0c0 Updated VueJS to 2.4.2
  • e011a1c Added confirmation button to deleting secrets
  • 8e7869f Added goldfish version update checks from GitHub
  • 21880fe Development script launches vault with 5 unseal keys instead of 1
  • 5033594 Added a reset button to dependencies page
  • a028612 Viewing Users page will no longer load the first page of tokens immediately

v0.7.0-rc1

6 years ago

v0.7.0 brings an expanded requests system. Users can now request for:

  • Creating a new policy
  • Deleting an existing policy
  • Creating a vault token (must be wrapped)
    • This means you can generate a root token in seconds!

Deployment steps are identical to that of v0.6.0

Fixes:

  • 64d74d4 Granular mutexes added to request system to prevent race condition
  • 5cfebf0 Fixed 404 in renew button in nav bar

Major:

  • dba9ca5 Revamped request system
    • There are 20+ commits for this, unlisted for conciseness
  • 390ec54 Added policy deletion request
  • 01a86da Added policy creation request
  • 5c8962a bd767ad Added token creation to requests system
    • Accessible in token creator page
  • 9bc367c Add orphan option to token creator #138

Minor:

  • da8b0c0 Updated VueJS to 2.4.2
  • e011a1c Added confirmation button to deleting secrets
  • 8e7869f Added goldfish version update checks from GitHub
  • 21880fe Development script launches vault with 5 unseal keys instead of 1
  • 5033594 Added a reset button to dependencies page