Michael Schurter
93cea382dd
Remove support for pre-0.5 nodes
...
Nodes before 0.5 did not have a SecretID. Since SecretID is now a
required field and 0.4.x is >2 point releases ago, drop support for it.
2017-10-13 11:28:47 -07:00
Michael Schurter
15b991e039
base64 migrate token
...
HTTP header values must be ASCII.
Also constant time compare tokens and test the generate and compare
helper functions.
2017-10-13 10:59:13 -07:00
Michael Schurter
021b4c1ae9
Fix AuthToken use on Node.GetAllocs
2017-10-12 17:12:41 -07:00
Michael Schurter
ab7b6d1315
Allow Node.SecretID for GetNode and GetAlloc
2017-10-12 16:27:33 -07:00
Michael Schurter
84d8a51be1
SecretID -> AuthToken
2017-10-12 15:16:33 -07:00
Alex Dadgar
53f2ea88a5
Small fixes
...
This commit:
* Fixes the error checking in migration tests now that we are using the
canonical ErrPermissionDenied error
* Guard against NPE when looking up objects to generate the migration
token
* Handle an additional case in ShouldMigrate()
2017-10-11 17:13:50 -07:00
Chelsea Holland Komlo
c67bfc2ee4
fixups from code review
...
change creation of a migrate token to be for a previous allocation
2017-10-11 17:13:50 -07:00
Chelsea Holland Komlo
410adaf726
Add functionality for authenticated volumes
2017-10-11 17:09:20 -07:00
Chelsea Holland Komlo
36ad6bc6bf
add MigrateTokens to server response for allocs
2017-10-11 17:09:20 -07:00
Michael Schurter
e50acae1a9
ForceLeave endpoint must use Server.ResolveToken
...
The ForceLeaveRequest endpoint may only be called on servers, but the
code was using a Client to resolve tokens. This would cause a panic when
an agent wasn't both a Server and a Client.
2017-10-09 15:49:04 -07:00
Michael Schurter
a66c53d45a
Remove structs
import from api
...
Goes a step further and removes structs import from api's tests as well
by moving GenerateUUID to its own package.
2017-09-29 10:36:08 -07:00
Michael Schurter
816e7e544e
Filter Node.GetAllocs results by readable namespaces
2017-09-15 14:27:11 -07:00
Michael Schurter
01816af088
Node.List ACL enforcement
2017-09-14 22:01:18 -07:00
Michael Schurter
aca9e337aa
Node.GetAllocs ACL enforcement
2017-09-14 21:42:19 -07:00
Michael Schurter
4fc44c686c
Node.GetNode ACL enforcement
2017-09-14 20:59:18 -07:00
Michael Schurter
21ee5f4720
Node.Evaluate ACL enforcement
2017-09-14 20:41:44 -07:00
Michael Schurter
0cfaaa0a4d
Node.UpdateDrain ACL enforcement
2017-09-14 20:33:31 -07:00
Alex Dadgar
84d06f6abe
Sync namespace changes
2017-09-07 17:04:21 -07:00
Luke Farnell
f0ced87b95
fixed all spelling mistakes for goreport
2017-08-07 17:13:05 -04:00
Alex Dadgar
54a4d01bf6
Fix error checking
2017-03-29 13:59:43 -07:00
Michael Schurter
507862ade3
Add WrapRecoverable helper
2017-03-27 15:37:15 -07:00
Michael Schurter
0e6c564406
Improve artifact download error message
...
Fixes #2289
Unfortunately took more RecoverableError hijinx than I would have liked.
There might be a better way.
2017-03-24 15:26:05 -07:00
Alex Dadgar
c1d4927088
Debug lines
2017-03-06 10:25:26 -08:00
Alex Dadgar
743cf410ef
Include alloc on server side err/logs
2017-02-14 16:26:49 -08:00
Alex Dadgar
dea460281d
Merge pull request #2282 from hashicorp/f-raft-v2-stage-one
...
Update to Raft V2 stage one
2017-02-08 15:26:16 -08:00
Alex Dadgar
b51ba01d54
Merge pull request #2293 from hashicorp/f-vendor-memdb
...
Vendor MemDB
2017-02-08 14:51:01 -08:00
Alex Dadgar
b69b357c7f
Nomad builds
2017-02-07 20:31:23 -08:00
Alex Dadgar
6f9866ca69
Fix forwarded recoverable error
2017-02-05 13:14:24 -08:00
Alex Dadgar
ee368762ae
It builds
2017-02-02 16:07:15 -08:00
Brad Sickles
c67f10166d
fmt
2017-02-01 16:37:19 -05:00
Brad Sickles
da12d8811a
Third time is a charm.
2017-02-01 16:18:12 -05:00
Brad Sickles
5a8f2d3f60
Properly dealing with non-nil errors.
2017-02-01 16:07:19 -05:00
Brad Sickles
429fdb3ce7
Preventing panics of RecoverableError casts
2017-02-01 14:38:59 -05:00
Michael Schurter
a3a3656dbb
Switch to use recoverable errors from Cleanup
...
TaskRunner handles retrying but Cleanup handles all of CreatedResources.
2017-01-13 16:46:08 -08:00
Alex Dadgar
fde7a24865
Consul-template fixes + PreviousAlloc in api
2016-10-28 15:50:35 -07:00
Alex Dadgar
03fde26656
Fix inplace update for pre secret node
2016-10-26 22:05:44 -07:00
Alex Dadgar
fc8856e82b
Remove default
2016-10-24 15:01:08 -07:00
Alex Dadgar
0070178741
Thread through whether DeriveToken error is recoverable or not
2016-10-22 18:08:30 -07:00
Alex Dadgar
6047414fb9
address comments
2016-08-31 14:10:33 -07:00
Alex Dadgar
48696ba0cc
Use tomb to shutdown
...
Token revocation
Remove from the statestore
Revoke tokens
Don't error when Vault is disabled as this could cause issue if the operator ever goes from enabled to disabled
update server interface to allow enable/disable and config loading
test the new functions
Leader revoke
Use active
2016-08-28 14:06:25 -07:00
Alex Dadgar
db2806a9c1
Merge pull request #1629 from hashicorp/f-derive-token
...
Server Deriving Tokens on behalf of Clients
2016-08-23 13:58:47 -07:00
Alex Dadgar
19be6b57b2
fixes
2016-08-19 20:02:32 -07:00
Alex Dadgar
7f18074637
remove debug
2016-08-19 17:30:16 -07:00
Alex Dadgar
909f552d9e
tests
2016-08-19 16:40:37 -07:00
Alex Dadgar
10cd844ca8
Commit Vault Accessors to vault and return the response
2016-08-19 16:40:37 -07:00
Alex Dadgar
19752edfaf
Pipeline Vault token creation
2016-08-19 16:40:37 -07:00
Alex Dadgar
94b870a58b
Start
2016-08-19 16:40:37 -07:00
Alex Dadgar
16285a0dc6
Enforce serverside secret id match
2016-08-19 10:50:49 -07:00
Alex Dadgar
895c31f605
Nodes generate Secret ID and used for retrieving allocations and registering
2016-08-17 16:31:47 -07:00
Alex Dadgar
ebac5cb283
Node.Register handles the case of transistioning to ready and creating evals
2016-07-21 15:22:02 -07:00