Bump github.com/hashicorp/vault from 1.3.2 to 1.10.2

[dependabot[bot]]

Bumps github.com/hashicorp/vault from 1.3.2 to 1.10.2.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.10.2

No release notes provided.

v1.10.1

No release notes provided.

v1.10.0

1.10.0

March 23, 2022

CHANGES:

• core: Changes the unit of default_lease_ttl and max_lease_ttl values returned by the /sys/config/state/sanitized endpoint from nanoseconds to seconds. [GH-14206]
• core: Bump Go version to 1.17.7. [GH-14232]
• plugin/database: The return value from POST /database/config/:name has been updated to "204 No Content" [GH-14033]
• secrets/azure: Changes the configuration parameter use_microsoft_graph_api to use the Microsoft Graph API by default. [GH-14130]
• storage/etcd: Remove support for v2. [GH-14193]
• ui: Upgrade Ember to version 3.24 [GH-13443]

FEATURES:

• Database plugin multiplexing: manage multiple database connections with a single plugin process [GH-14033]
• Login MFA: Single and two phase MFA is now available when authenticating to Vault. [GH-14025]
• Mount Migration: Vault supports moving secrets and auth mounts both within and across namespaces.
• Postgres in the UI: Postgres DB is now supported by the UI [GH-12945]
• Report in-flight requests: Adding a trace capability to show in-flight requests, and a new gauge metric to show the total number of in-flight requests [GH-13024]
• Server Side Consistent Tokens: Service tokens have been updated to be longer (a minimum of 95 bytes) and token prefixes for all token types are updated from s., b., and r. to hvs., hvb., and hvr. for service, batch, and recovery tokens respectively. Vault clusters with integrated storage will now have read-after-write consistency by default. [GH-14109]
• Transit SHA-3 Support: Add support for SHA-3 in the Transit backend. [GH-13367]
• Transit Time-Based Key Autorotation: Add support for automatic, time-based key rotation to transit secrets engine, including in the UI. [GH-13691]
• UI Client Count Improvements: Restructures client count dashboard, making use of billing start date to improve accuracy. Adds mount-level distribution and filtering. [GH-client-counts]
• Agent Telemetry: The Vault Agent can now collect and return telemetry information at the /agent/v1/metrics endpoint.

IMPROVEMENTS:

• agent: Adds ability to configure specific user-assigned managed identities for Azure auto-auth. [GH-14214]
• agent: The agent/v1/quit endpoint can now be used to stop the Vault Agent remotely [GH-14223]
• api: Allow cloning api.Client tokens via api.Config.CloneToken or api.Client.SetCloneToken(). [GH-13515]
• api: Define constants for X-Vault-Forward and X-Vault-Inconsistent headers [GH-14067]
• api: Implements Login method in Go client libraries for GCP and Azure auth methods [GH-13022]
• api: Implements Login method in Go client libraries for LDAP auth methods [GH-13841]
• api: Trim newline character from wrapping token in logical.Unwrap from the api package [GH-13044]
• api: add api method for modifying raft autopilot configuration [GH-12428]
• api: respect WithWrappingToken() option during AppRole login authentication when used with secret ID specified from environment or from string [GH-13241]
• audit: The audit logs now contain the port used by the client [GH-12790]
• auth/aws: Enable region detection in the CLI by specifying the region as auto [GH-14051]
• auth/cert: Add certificate extensions as metadata [GH-13348]
• auth/jwt: The Authorization Code flow makes use of the Proof Key for Code Exchange (PKCE) extension. [GH-13365]
• auth/kubernetes: Added support for dynamically reloading short-lived tokens for better Kubernetes 1.21+ compatibility [GH-13595]

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault's changelog.

1.10.2

April 29, 2022

BUG FIXES:

• raft: fix Raft TLS key rotation panic that occurs if active key is more than 24 hours old [GH-15156]
• sdk: Fix OpenApi spec generator to properly convert TypeInt64 to OAS supported int64 [GH-15104]

1.10.1

April 22, 2022

CHANGES:

• core: A request that fails path validation due to relative path check will now be responded to with a 400 rather than 500. [GH-14328]
• core: Bump Go version to 1.17.9. [GH-15044]

IMPROVEMENTS:

• agent: Upgrade hashicorp/consul-template version for sprig template functions and improved writeTo function [GH-15092]
• auth: enforce a rate limit for TOTP passcode validation attempts [GH-14864]
• cli/vault: warn when policy name contains upper-case letter [GH-14670]
• cockroachdb: add high-availability support [GH-12965]
• sentinel (enterprise): Upgrade sentinel to v0.18.5 to avoid potential naming collisions in the remote installer

BUG FIXES:

• Fixed panic when adding or modifying a Duo MFA Method in Enterprise
• agent: Fix log level mismatch between ERR and ERROR [GH-14424]
• api/sys/raft: Update RaftSnapshotRestore to use net/http client allowing bodies larger than allocated memory to be streamed [GH-14269]
• api: Respect increment value in grace period calculations in LifetimeWatcher [GH-14836]
• auth/approle: Add maximum length for input values that result in SHA56 HMAC calculation [GH-14746]
• auth: forward requests subject to login MFA from perfStandby to Active node [GH-15009]
• cassandra: Update gocql Cassandra client to fix "no hosts available in the pool" error [GH-14973]
• cli: Fix panic caused by parsing key=value fields whose value is a single backslash [GH-14523]
• core (enterprise): Allow local alias create RPCs to persist alias metadata [GH-changelog:_2747]
• core/managed-keys (enterprise): Allow PKCS#11 managed keys to use 0 as a slot number
• core/metrics: Fix incorrect table size metric for local mounts [GH-14755]
• core: Fix panic caused by parsing JSON integers for fields defined as comma-delimited integers [GH-15072]
• core: Fix panic caused by parsing JSON integers for fields defined as comma-delimited strings [GH-14522]
• core: Fix panic caused by parsing policies with empty slice values. [GH-14501]
• core: Fix panic for help request URL paths without /v1/ prefix [GH-14704]
• core: fixing excessive unix file permissions [GH-14791]
• core: fixing excessive unix file permissions on dir, files and archive created by vault debug command [GH-14846]
• core: report unused or redundant keys in server configuration [GH-14752]
• core: time.After() used in a select statement can lead to memory leak [GH-14814]
• raft: Ensure initialMmapSize is set to 0 on Windows [GH-14977]
• replication (enterprise): fix panic due to missing entity during invalidation of local aliases. [GH-14622]
• secrets/database: Ensure that a connection_url password is redacted in all cases. [GH-14744]
• secrets/pki: Fix handling of "any" key type with default zero signature bits value. [GH-14875]
• secrets/pki: Fixed bug where larger SHA-2 hashes were truncated with shorter ECDSA CA certificates [GH-14943]

... (truncated)

Commits

• 9432586 Backport of Vault documentation: updated docs to include a note about seal re...
• e034d5f Backport of Add upgrade note for #15147. into release/1.10.x (#15162)
• 95bb6a3 Backport of fix raft tls key rotation panic when rotation time in past into r...
• 2767a72 Backport of [VAULT-5887] TypeInt64 support added to OpenApi Spec generation i...
• f2fb678 Import SDK for 1.10.2 version (#15140)
• a7cef09 Update to 1.10.2 (#15137)
• 4c6c28e backport of commit d9f7e11cf0af48ec356ca03c2654d981c4b43146 (#15131)
• 1c90503 Backport of Elaborate the correlation between CLI and API into release/1.10.x...
• 4a93213 Backport of docs/agent: merge template and template config into release/1.10....
• 39c0e64 backport of commit faedd7584518f36cc2e9f55a46b9de6b7861d6f3 (#15115)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Dependabot tried to add @jippi and @burdandrei as reviewers to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/seatgeek/hashi-helper/pulls/271/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the seatgeek/hashi-helper repository. // See: https://docs.github.com/rest/reference/pulls#request-reviewers-for-a-pull-request

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.