mirror of
https://github.com/hashicorp/vault.git
synced 2026-05-28 04:10:44 -04:00
030bba4e68
* Pulls in github.com/go-secure-stdlib/plugincontainer@v0.3.0 which exposes a new `Config.Rootless` option to opt in to extra container configuration options that allow establishing communication with a non-root plugin within a rootless container runtime. * Adds a new "rootless" option for plugin runtimes, so Vault needs to be explicitly told whether the container runtime on the machine is rootless or not. It defaults to false as rootless installs are not the default. * Updates `run_config.go` to use the new option when the plugin runtime is rootless. * Adds new `-rootless` flag to `vault plugin runtime register`, and `rootless` API option to the register API. * Adds rootless Docker installation to CI to support tests for the new functionality. * Minor test refactor to minimise the number of test Vault cores that need to be made for the external plugin container tests. * Documentation for the new rootless configuration and the new (reduced) set of restrictions for plugin containers. * As well as adding rootless support, we've decided to drop explicit support for podman for now, but there's no barrier other than support burden to adding it back again in future so it will depend on demand. |
||
|---|---|---|
| .. | ||
| agent-and-proxy | ||
| audit | ||
| auth | ||
| commands | ||
| concepts | ||
| configuration | ||
| deprecation | ||
| enterprise | ||
| faq | ||
| get-started | ||
| internals | ||
| platform | ||
| plugins | ||
| release-notes | ||
| secrets | ||
| sync | ||
| upgrading | ||
| browser-support.mdx | ||
| glossary.mdx | ||
| index.mdx | ||
| install.mdx | ||
| interoperability-matrix.mdx | ||
| partnerships.mdx | ||
| use-cases.mdx | ||
| what-is-vault.mdx | ||