1.13.4
June 21, 2023
BREAKING CHANGES:
- secrets/pki: Maintaining running count of certificates will be turned off by default.
To re-enable keeping these metrics available on the tidy status endpoint, enable
maintain_stored_certificate_counts on tidy-config, to also publish them to the
metrics consumer, enable publish_stored_certificate_count_metrics . [GH-18186]
CHANGES:
- core: Bump Go version to 1.20.5.
FEATURES:
- Automated License Utilization Reporting: Added automated license
utilization reporting, which sends minimal product-license metering
data
to HashiCorp without requiring you to manually collect and report them. - core (enterprise): Add background worker for automatic reporting of billing
information. [GH-19625]
IMPROVEMENTS:
- api: GET ... /sys/internal/counters/activity?current_billing_period=true now
results in a response which contains the full billing period [GH-20694] - api:
/sys/internal/counters/configendpoint now contains read-only
minimum_retention_months. [GH-20150] - api:
/sys/internal/counters/configendpoint now contains read-only
reporting_enabledandbilling_start_timestampfields. [GH-20086] - core (enterprise): add configuration for license reporting [GH-19891]
- core (enterprise): license updates trigger a reload of reporting and the activity log [GH-20680]
- core (enterprise): support reloading configuration for automated reporting via SIGHUP [GH-20680]
- core (enterprise): vault server command now allows for opt-out of automated
reporting via theOPTOUT_LICENSE_REPORTINGenvironment variable. [GH-3939] - core/activity: error when attempting to update retention configuration below the minimum [GH-20078]
- core/activity: refactor the activity log's generation of precomputed queries [GH-20073]
- ui: updates clients configuration edit form state based on census reporting configuration [GH-20125]
BUG FIXES:
- agent: Fix bug with 'cache' stanza validation [GH-20934]
- core (enterprise): Don't delete backend stored data that appears to be filterable
on this secondary if we don't have a corresponding mount entry. - core: Change where we evaluate filtered paths as part of mount operations; this is part of an enterprise bugfix that will
have its own changelog entry. Fix wrong lock used in ListAuths link meta interface implementation. [GH-21260] - core: Do not cache seal configuration to fix a bug that resulted in sporadic auto unseal failures. [GH-21223]
- core: Don't exit just because we think there's a potential deadlock. [GH-21342]
- core: Fix panic in sealed nodes using raft storage trying to emit raft metrics [GH-21249]
- identity: Fixes duplicate groups creation with the same name but unique IDs. [GH-20964]
- replication (enterprise): Fix a race condition with update-primary that could result in data loss after a DR failover
- replication (enterprise): Fix path filters deleting data right after it's written by backend Initialize funcs
- replication (enterprise): Fix regression causing token creation against a role
with a new entity alias to be incorrectly forwarded from perf standbys. [GH-21100] - storage/raft: Fix race where new follower joining can get pruned by dead server cleanup. [GH-20986]