Alexander Scheel
Alexander Scheel
## Description This reverts various Vault Enterprise documentation removals that referenced namespaces. I opted to leave https://developer.hashicorp.com/vault/docs/enterprise/namespaces/create-admin-namespace (which exited in [`fork-point`](https://github.com/openbao/openbao/tree/fork-point)) alone and not restore it, as we do not...
## Description When the OCSP server does not indicate that it caches responses, we should not cache responses either to always ensure up-to-date information. This fixes a bug where certificate...
See various related discussions: - https://gitlab.com/gitlab-org/cloud-native/charts/openbao/-/issues/17#note_2699115443 - https://github.com/hashicorp/vault/issues/6487 - https://github.com/hashicorp/vault/issues/15070 - https://discuss.hashicorp.com/t/inquiries-about-api-addr-cluster-addr-of-the-vault-cluster/43143 `cluster_addr` and `api_addr` are per-listener, but often we need to have different values depending on context. I'd like...
Calling into CEL should largely be standardized: CEL programs, as viewed by OpenBao have two main components: 1. Some environment provided by the plugin, and 2. Dynamic execution by the...
# OpenBao Direction Proposal (2025-2026) In September of 2024, this community put together our first [project direction and roadmap](https://github.com/openbao/openbao/issues/569) proposal. After a year of growth and execution, it is has...
In v2.4.2, the nightly release pipeline failed due to disk space issues. Sadly, I was not patient enough and pushed the `v2.4.2` tag prior to it failing. We have a...
There's a lot of usage of `atomic.Store*(...)` where proper atomic types exist: ``` builtin/credential/approle/path_tidy_user_id.go:71: defer atomic.StoreUint32(b.tidySecretIDCASGuard, 0) builtin/logical/pki/path_tidy.go:841: atomic.StoreUint32(b.tidyCancelCAS, 0) builtin/logical/pki/path_tidy.go:842: defer atomic.StoreUint32(b.tidyCASGuard, 0) builtin/logical/kv/upgrade.go:101: atomic.StoreUint32(b.upgrading, 0) builtin/logical/kv/upgrade.go:115: atomic.StoreUint32(b.upgrading, 0)...
`github.com/cenkalti/backoff/v5` is the latest version of backoff, which introduces some new API related changes. This would be good to upgrade to so that `dependabot` can keep us on the latest...
Currently sys backend is a singleton; I think this might be a holdover of Vault Enterprise and we may consider if it makes sense to split it: 1. We can...