bitwarden / key-connector Goto Github PK

An agent that stores and provides cryptographic keys to Bitwarden clients.

License: Other

C# 93.17% Dockerfile 0.90% Shell 1.36% PowerShell 4.57%

key-connector's Introduction

Bitwarden Key Connector

The Bitwarden Key Connector is a self-hosted web application that stores and provides cryptographic keys to Bitwarden clients.

The Key Connector project is written in C# using .NET Core with ASP.NET Core. The codebase can be developed, built, run, and deployed cross-platform on Windows, macOS, and Linux distributions.

Deploy

The Bitwarden Key Connector can be deployed using the pre-built docker container available on DockerHub.

Configuration

A variety of configuration options are available for the Bitwarden Key Connector.

Bitwarden Server

By default, the Bitwarden server configuration points to the Bitwarden Cloud endpoints. If you are using a self-hosted Bitwarden installation, you will need to configure the web vault and identity server endpoints.

keyConnectorSettings__webVaultUri=https://bitwarden.company.com
keyConnectorSettings__identityServerUri=https://bitwarden.company.com/identity/

Database

A database persists encrypted keys for your users. The following databases are supported to be configured. Migrating from one database provider to another is not supported at this time.

JSON File (default)

keyConnectorSettings__database__provider=json
keyConnectorSettings__database__jsonFilePath={FilePath}

By default, the application stores the JSON file at the follow path: /etc/bitwarden/data.json.

Microsoft SQL Server

keyConnectorSettings__database__provider=sqlserver
keyConnectorSettings__database__sqlServerConnectionString={ConnectionString}

PostgreSQL

keyConnectorSettings__database__provider=postgresql
keyConnectorSettings__database__postgreSqlConnectionString={ConnectionString}

MySQL/MariaDB

keyConnectorSettings__database__provider=mysql
keyConnectorSettings__database__mySqlConnectionString={ConnectionString}

SQLite

keyConnectorSettings__database__provider=sqlite
keyConnectorSettings__database__sqliteConnectionString={ConnectionString}

MongoDB

keyConnectorSettings__database__provider=mongo
keyConnectorSettings__database__mongoConnectionString={ConnectionString}
keyConnectorSettings__database__mongoDatabaseName={DatabaseName}

RSA Key

The Bitwarden Key Connector uses a RSA key pair to protect user keys at rest. The RSA key pair should be a minimum of 2048 bits in length.

You must configure how the Bitwarden Key Connector accesses and utilizes your RSA key pair.

Certificate

An X509 certificate that contains the RSA key pair.

keyConnectorSettings__rsaKey__provider=certificate

See additional certificate configuration options below.

Azure Key Vault

You will need to create an Azure Active Directory application that has access to read from the associated Key Vault.

keyConnectorSettings__rsaKey__provider=azurekv
keyConnectorSettings__rsaKey__azureKeyvaultUri={URI}
keyConnectorSettings__rsaKey__azureKeyvaultKeyName={KeyName}
keyConnectorSettings__rsaKey__azureKeyvaultAdTenantId={ActiveDirectoryTenantId}
keyConnectorSettings__rsaKey__azureKeyvaultAdAppId={ActiveDirectoryAppId}
keyConnectorSettings__rsaKey__azureKeyvaultAdSecret={ActiveDirectorySecret}

Google Cloud Key Management

keyConnectorSettings__rsaKey__provider=gcpkms
keyConnectorSettings__rsaKey__googleCloudProjectId={ProjectId}
keyConnectorSettings__rsaKey__googleCloudLocationId={LocationId}
keyConnectorSettings__rsaKey__googleCloudKeyringId={KeyringId}
keyConnectorSettings__rsaKey__googleCloudKeyId={KeyId}
keyConnectorSettings__rsaKey__googleCloudKeyVersionId={KeyVersionId}

AWS Key Management Service

keyConnectorSettings__rsaKey__provider=awskms
keyConnectorSettings__rsaKey__awsAccessKeyId={AccessKeyId}
keyConnectorSettings__rsaKey__awsAccessKeySecret={AccessKeySecret}
keyConnectorSettings__rsaKey__awsRegion={RegionName}
keyConnectorSettings__rsaKey__awsKeyId={KeyId}

PKCS11

Use a physical HSM device with the PKCS11 provider.

keyConnectorSettings__rsaKey__provider=pkcs11
# Available providers: yubihsm, opensc
keyConnectorSettings__rsaKey__pkcs11Provider={Provider}
keyConnectorSettings__rsaKey__pkcs11SlotTokenSerialNumber={TokenSerialNumber}
# Available user types: user, so, context_specific
keyConnectorSettings__rsaKey__pkcs11LoginUserType={LoginUserType}
keyConnectorSettings__rsaKey__pkcs11LoginPin={LoginPIN}

# Locate the private key on the device via label *or* ID.
keyConnectorSettings__rsaKey__pkcs11PrivateKeyLabel={PrivateKeyLabel}
keyConnectorSettings__rsaKey__pkcs11PrivateKeyId={PrivateKeyId}

When using the PKCS11 provider to store your private key on an HSM device, the associated public key must be made available and configured as a certificate (see below).

Certificate

The RSA key pair can be provided via certificate configuration. The certificate should be made available as a PKCS12 .pfx file. Example:

openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout bwkc.key
  -out bwkc.crt -subj "/CN=Bitwarden Key Connector" -days 36500

openssl pkcs12 -export -out ./bwkc.pfx -inkey bwkc.key
  -in bwkc.crt -passout pass:{Password}

If using the PKCS11 RSA key provider, you will need to make a public key PKCS12 certificate available.

Filesystem (default)

keyConnectorSettings__certificate__provider=filesystem
keyConnectorSettings__certificate__filesystemPath={Path}
keyConnectorSettings__certificate__filesystemPassword={Password}

By default, the application looks for a certificate at the follow path: /etc/bitwarden/key.pfx.

OS Certificate Store

keyConnectorSettings__certificate__provider=store
keyConnectorSettings__certificate__storeThumbprint={Thumbprint}

Azure Blob Storage

keyConnectorSettings__certificate__provider=azurestorage
keyConnectorSettings__certificate__azureStorageConnectionString={ConnectionString}
keyConnectorSettings__certificate__azureStorageContainer={Container}
keyConnectorSettings__certificate__azureStorageFileName={FileName}
keyConnectorSettings__certificate__azureStorageFilePassword={FilePassword}

Azure Key Vault

You will need to create an Azure Active Directory application that has access to read from the associated Key Vault.

keyConnectorSettings__certificate__provider=azurekv
keyConnectorSettings__certificate__azureKeyvaultUri={URI}
keyConnectorSettings__certificate__azureKeyvaultCertificateName={CertificateName}
keyConnectorSettings__certificate__azureKeyvaultAdTenantId={ActiveDirectoryTenantId}
keyConnectorSettings__certificate__azureKeyvaultAdAppId={ActiveDirectoryAppId}
keyConnectorSettings__certificate__azureKeyvaultAdSecret={ActiveDirectorySecret}

HashiCorp Vault

keyConnectorSettings__certificate__provider=vault
keyConnectorSettings__certificate__vaultServerUri={ServerURI}
keyConnectorSettings__certificate__vaultToken={Token}
keyConnectorSettings__certificate__vaultSecretMountPoint={SecretMountPoint}
keyConnectorSettings__certificate__vaultSecretPath={SecretPath}
keyConnectorSettings__certificate__vaultSecretDataKey={SecretDataKey}
keyConnectorSettings__certificate__vaultSecretFilePassword={SecretFilePassword}

Developer Documentation

Please refer to the Key Connector section of the Contributing Documentation for build instructions, recommended tooling, code style tips, and lots of other great information to get you started.

key-connector's People

Contributors

Stargazers

Watchers

key-connector's Issues

Add support for ARM based Mac M1

Dockerfile currently uses an amd64 image. On Mac docker uses qemu to emulate the containers, but doesn't seem to have support for file system watching. At least that's my understanding from google this issue, see docker/for-mac#5328

Tested fix

Changing the dockerfile to use mcr.microsoft.com/dotnet/aspnet:5.0.0-buster-slim-arm64v8 fixes the issues. However YubiHSM2 does not have support for a Debian 10 ARM based OS. Could probably be solved using another .Net image.

Configuration used

      keyConnectorSettings__webVaultUri: https://localhost:8081
      keyConnectorSettings__identityServerUri: http://localhost:33657
      keyConnectorSettings__database__provider: json
      keyConnectorSettings__database__jsonFilePath: /config/database_docker.json
      keyConnectorSettings__rsaKey__provider: certificate
      keyConnectorSettings__certificate__provider: filesystem
      keyConnectorSettings__certificate__filesystemPath: /config/bwkc.pfx
      keyConnectorSettings__certificate__filesystemPassword: "{Password}"

Error message

Unhandled exception. System.IO.IOException: Function not implemented
   at System.IO.FileSystemWatcher.StartRaisingEvents()
   at System.IO.FileSystemWatcher.StartRaisingEventsIfNotDisposed()
   at System.IO.FileSystemWatcher.set_EnableRaisingEvents(Boolean value)
   at Microsoft.Extensions.FileProviders.Physical.PhysicalFilesWatcher.TryEnableFileSystemWatcher()
   at Microsoft.Extensions.FileProviders.Physical.PhysicalFilesWatcher.CreateFileChangeToken(String filter)
   at Microsoft.Extensions.FileProviders.PhysicalFileProvider.Watch(String filter)
   at Microsoft.Extensions.Configuration.FileConfigurationProvider.<.ctor>b__1_0()
   at Microsoft.Extensions.Primitives.ChangeToken.OnChange(Func`1 changeTokenProducer, Action changeTokenConsumer)
   at Microsoft.Extensions.Configuration.FileConfigurationProvider..ctor(FileConfigurationSource source)
   at Microsoft.Extensions.Configuration.Json.JsonConfigurationSource.Build(IConfigurationBuilder builder)
   at Microsoft.Extensions.Configuration.ConfigurationBuilder.Build()
   at Microsoft.Extensions.Hosting.HostBuilder.BuildAppConfiguration()
   at Microsoft.Extensions.Hosting.HostBuilder.Build()
   at Bit.KeyConnector.Program.Main(String[] args) in /home/runner/work/key-connector/key-connector/src/KeyConnector/Program.cs:line 11
qemu: uncaught target signal 6 (Aborted) - core dumped

Elaborate on the usage/use cases

Hi,

Could the use cases and the usage of this application be elaborated in the ReadMe.md please?

Thanks,

Key-connector not working

I am using the docker-unified version (2024.2.3) and the settings for the key-connector are as follows:

ENV:

        - name: BW_ENABLE_KEY_CONNECTOR
         value: "true"
       - name: BW_KEY_CONNECTOR_INTERNAL_URL
         value: http://bitwarden-keyconnector.bitwarden.svc.cluster.local:5000

When I try to log in with SSO I get the following error:

Nginx log:

10.233.106.28 - - [14/Mar/2024:12:18:01 +0100] "GET /api/config HTTP/1.1" 200 256 "https://bitwarden.mydomian.ltd/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.3
6" "x.x.x.x"
10.233.106.28 - - [14/Mar/2024:12:18:01 +0100] "POST /identity/connect/token HTTP/1.1" 200 1479 "https://bitwarden.mydomian.ltd/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.
0 Safari/537.36" "x.x.x.x"
10.233.106.28 - - [14/Mar/2024:12:18:01 +0100] "GET /api/config HTTP/1.1" 200 256 "https://bitwarden.mydomian.ltd/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.3
6" "x.x.x.x"
10.233.106.28 - - [14/Mar/2024:12:18:01 +0100] "POST /key-connector//user-keys HTTP/1.1" 401 0 "https://bitwarden..mydomian.ltd/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0
 Safari/537.36" "x.x.x.x"
10.233.106.28 - - [14/Mar/2024:12:18:02 +0100] "GET /api/config HTTP/1.1" 200 256 "https://bitwarden..mydomian.ltd/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.3
6" "x.x.x.x"
10.233.106.28 - - [14/Mar/2024:12:22:51 +0100] "POST /identity/connect/token HTTP/1.1" 200 1368 "https://bitwarden.mydomian.ltd/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.
0 Safari/537.36" "x.x.x.x"

Key-connector log:

12:25:35 ERR] Exception occurred while processing message.
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
 ---> System.IO.IOException: IDX20804: Unable to retrieve document from: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
 ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
 ---> System.IO.IOException: Unable to read data from the transport connection: Connection reset by peer.
 ---> System.Net.Sockets.SocketException (104): Connection reset by peer
   --- End of inner exception stack trace ---
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken)
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource<System.Int32>.GetResult(Int16 token)
   at System.Net.Security.SslStream.<FillHandshakeBufferAsync>g__InternalFillHandshakeBufferAsync|189_0[TIOAdapter](TIOAdapter adap, ValueTask`1 task, Int32 minSize)
   at System.Net.Security.SslStream.ReceiveBlobAsync[TIOAdapter](TIOAdapter adapter)
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)
   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(HttpRequestMessage request)
   at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.GetHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
   at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.SendAsyncAndRetryOnNetworkError(HttpClient httpClient, Uri uri)
   at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
   at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
[12:25:35 ERR] IDX20803: Unable to obtain configuration from: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
 ---> System.IO.IOException: IDX20804: Unable to retrieve document from: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
 ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
 ---> System.IO.IOException: Unable to read data from the transport connection: Connection reset by peer.
 ---> System.Net.Sockets.SocketException (104): Connection reset by peer
   --- End of inner exception stack trace ---
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken)
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource<System.Int32>.GetResult(Int16 token)
   at System.Net.Security.SslStream.<FillHandshakeBufferAsync>g__InternalFillHandshakeBufferAsync|189_0[TIOAdapter](TIOAdapter adap, ValueTask`1 task, Int32 minSize)
   at System.Net.Security.SslStream.ReceiveBlobAsync[TIOAdapter](TIOAdapter adapter)
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)
   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(HttpRequestMessage request)
   at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.GetHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
   at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.SendAsyncAndRetryOnNetworkError(HttpClient httpClient, Uri uri)
   at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
   at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
   at IdentityServer4.AccessTokenValidation.IdentityServerAuthenticationHandler.HandleAuthenticateAsync()
[12:25:35 INF] Bearer was not authenticated. Failure message: IDX20803: Unable to obtain configuration from: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
[12:25:35 INF] AuthenticationScheme: Bearer was challenged.

Key-connector env:

        - name: TZ
          value: Europe/Budapest
        - name: keyConnectorSettings__database__provider
          value: mysql
        - name: keyConnectorSettings__database__mySqlConnectionString
          value: server=mariadb-galera.mariadb.svc.cluster.local;uid=bitwarden-key;pwd=xxxxx;database=bitwardenkeyconnector
        - name: keyConnectorSettings__rsaKey__provider
          value: certificate
        - name: keyConnectorSettings__certificate__provider
          value: filesystem
        - name: keyConnectorSettings__certificate__filesystemPassword
          value: password
        - name: keyConnectorSettings__certificate__filesystemPath
          value: /etc/bitwarden/key.pfx
        - name: keyConnectorSettings__webVaultUri
          value: https://bitwarden.mydomian.ltd/
        - name: keyConnectorSettings__identityServerUri
          value: https://bitwarden.mydomian.ltd/identity/

Version: 2023,12.0

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Awaiting Schedule

These updates are awaiting their schedule. Click on a checkbox to get an update now.

[deps]: Update docker/build-push-action action to v6

Edited/Blocked

These updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox.

[deps]: Update nuget minor (AWSSDK.KeyManagementService, Azure.Security.KeyVault.Certificates, Azure.Security.KeyVault.Keys, Azure.Security.KeyVault.Secrets, Azure.Storage.Blobs, Google.Cloud.Kms.V1, Microsoft.EntityFrameworkCore.Design, Microsoft.EntityFrameworkCore.Relational, Microsoft.EntityFrameworkCore.SqlServer, Microsoft.EntityFrameworkCore.Sqlite, MongoDB.Driver, Npgsql.EntityFrameworkCore.PostgreSQL, Pomelo.EntityFrameworkCore.MySql, Serilog.Settings.Configuration, VaultSharp, dotnet-ef)

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

[deps]: Update Azure.Identity to v1.11.4 [SECURITY]
[deps]: Update gh minor (actions/checkout, docker/build-push-action)
[deps]: Update Serilog.Sinks.Console to v6
Click on this checkbox to rebase all open PRs at once

Detected dependencies

dockerfile

src/KeyConnector/Dockerfile

mcr.microsoft.com/dotnet/aspnet 8.0

github-actions

.github/workflows/build.yml

actions/checkout v4.1.5@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b

actions/checkout v4.1.5@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b

actions/upload-artifact v4.3.3@65462800fd760344b1a7b4382951275a0abb4808

actions/checkout v4.1.5@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b

Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf

actions/download-artifact v4.1.7@65a9edc5881444af0b9093a5e628f2fe47ea3b2e

docker/build-push-action v5.3.0@2cdde995de11925a030ce8070c3d77a52ffcf1c0

ubuntu 22.04

ubuntu 22.04

ubuntu 22.04

.github/workflows/cleanup-rc-branch.yml

Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf

actions/checkout v4.1.5@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b

ubuntu 22.04

.github/workflows/release.yml

actions/checkout v4.1.5@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b

ncipollo/release-action v1.14.0@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5

Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf

Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf

act10ns/slack v2.1.0@44541246747a30eb3102d87f7a4cc5471b0ffb7d

ubuntu 22.04

ubuntu 22.04

ubuntu 22.04

ubuntu 22.04

.github/workflows/version-bump.yml

actions/checkout v4.1.5@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b

Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf

crazy-max/ghaction-import-gpg v6.1.0@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4

actions/checkout v4.1.5@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b

ubuntu 22.04

ubuntu 22.04

nuget

.config/dotnet-tools.json

dotnet-ef 8.0.2

global.json

src/KeyConnector/KeyConnector.csproj

VaultSharp 1.7.0

Serilog.Sinks.File 5.0.0

Serilog.Sinks.Console 5.0.1

Serilog.Settings.Configuration 8.0.0

Serilog.AspNetCore 8.0.1

Pomelo.EntityFrameworkCore.MySql 8.0.1

Pkcs11Interop 5.1.2

Npgsql.EntityFrameworkCore.PostgreSQL 8.0.2

MongoDB.Driver 2.22.0

Microsoft.EntityFrameworkCore.SqlServer 8.0.2

Microsoft.EntityFrameworkCore.Sqlite 8.0.2

Microsoft.EntityFrameworkCore.Relational 8.0.2

Microsoft.EntityFrameworkCore.Design 8.0.2

JsonFlatFileDataStore 2.4.2

IdentityServer4.AccessTokenValidation 3.0.1

Google.Cloud.Kms.V1 3.7.0

Azure.Storage.Blobs 12.19.1

Azure.Security.KeyVault.Secrets 4.5.0

Azure.Security.KeyVault.Keys 4.5.0

Azure.Security.KeyVault.Certificates 4.5.1

Azure.Identity 1.10.4

AWSSDK.KeyManagementService 3.7.2.6

Check this box to trigger a request for Renovate to run again on this repository

docker image is still using dotnet 6.0?

I see that Keyconnector was recently updated to use Dotnet 6.0, thank you. But I see that the "server" code and docker images are now set to use Dotnet 8.0. Is there a timetable on when Keyconnector might be updated?

./bitwarden.sh update gives ERROR: No such service: key-connector

Running ./bitwarden.sh update gives ERROR: No such service: key-connector

sudo ./bitwarden.sh updateself

| |__ () |__ ____ _ _ __ _| | ___ _ __
| ' | | \ \ /\ / / | '__/ _ |/ _ \ '
| |) | | | \ V V / (| | | | (| | / | | |
|_./||_| _/_/ _,|| _,_|_|| ||

Open source password management solutions
Copyright 2015-2021, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden

===================================================

bitwarden.sh version 1.45.2
Docker version 20.10.12, build e91ed57
docker-compose version 1.29.2, build 5becea4c

Updated self.
sudo ./bitwarden.sh update