Michael Schurter
a85e7b7cc9
vault: fix data races
2019-04-16 11:22:44 -07:00
Michael Schurter
0aeb3dbd86
vault: fix renewal time
...
Renewal time was being calculated as 10s+Intn(lease-10s), so the renewal
time could be very rapid or within 1s of the deadline: [10s, lease)
This commit fixes the renewal time by calculating it as:
(lease/2) +/- 10s
For a lease of 60s this means the renewal will occur in [20s, 40s).
2019-04-16 11:22:44 -07:00
Chris Baker
829a972693
vault client test: minor formatting
...
vendor: using upstream circonus-gometrics
2019-04-10 10:34:10 -05:00
Chris Baker
a26d4fe1e5
docs: -vault-namespace, VAULT_NAMESPACE, and config
...
agent: added VAULT_NAMESPACE env-based configuration
2019-04-10 10:34:10 -05:00
Chris Baker
0eaeef872f
config/docs: added `namespace` to vault config
...
server/client: process `namespace` config, setting on the instantiated vault client
2019-04-10 10:34:10 -05:00
Michael Schurter
6743ed9fdc
tests: port TestTaskRunner_BlockForVault from 0.8
...
Also fix race conditions in the mock vault client.
2019-02-12 13:46:09 -08:00
Alex Dadgar
4bdccab550
goimports
2019-01-22 15:44:31 -08:00
Danielle Tomlinson
62e06eda56
chore: Cleanup formatting
2019-01-17 18:43:13 +01:00
Danielle Tomlinson
915bab2365
vaultclient: use require for error assertions
2019-01-17 18:43:13 +01:00
Danielle Tomlinson
dc55d3e353
vaultclient: Update tests for vault 1.0
2019-01-17 18:43:13 +01:00
Mahmood Ali
e1994e59bd
address review comments
2018-11-20 17:10:54 -05:00
Mahmood Ali
171b73fde7
Emit metric counters for Vault token and renewal failures
2018-11-20 17:10:54 -05:00
Mahmood Ali
5b10da5de6
Set User-Agent header when hitting Vault API
2018-11-20 17:10:54 -05:00
Alex Dadgar
9baa7402ef
fix test compiling
2018-10-16 16:56:55 -07:00
Michael Schurter
9d1ea3b228
client: hclog-ify most of the client
...
Leaving fingerprinters in case that interface changes with plugins.
2018-10-16 16:53:30 -07:00
Alex Dadgar
300b1a7a15
Tests only use testlog package logger
2018-06-13 15:40:56 -07:00
Michael Schurter
7dd7fbcda2
non-Existent -> nonexistent
...
Reverting from #3963
https://www.merriam-webster.com/dictionary/existent
2018-03-12 11:59:33 -07:00
Josh Soref
e37626561c
spelling: semantics
2018-03-11 19:00:26 +00:00
Filip Ochnik
d265e11c36
Recognize renewing non-renewable Vault lease as fatal
2018-01-08 20:32:31 +01:00
Michael Schurter
a66c53d45a
Remove `structs` import from `api`
...
Goes a step further and removes structs import from api's tests as well
by moving GenerateUUID to its own package.
2017-09-29 10:36:08 -07:00
Alex Dadgar
4173834231
Enable more linters
2017-09-26 15:26:33 -07:00
Alex Dadgar
a9c786a4fe
Make test Vault pick random ports
2017-07-25 17:40:59 -07:00
Alex Dadgar
46c8bec9b0
faster vaultclient
2017-07-21 19:38:37 -07:00
Alex Dadgar
d1645f47b1
Stop Vault token renew on task exit
...
This PR fixes an oversight in which the client would attempt to renew a
token even after the task exits.
Fixes https://github.com/hashicorp/nomad/issues/2475
2017-03-28 10:53:15 -07:00
Alex Dadgar
5be806a3df
Fix vet script and fix vet problems
...
This PR fixes our vet script and fixes all the missed vet changes.
It also fixes pointers being printed in `nomad stop <job>` and `nomad
node-status <node>`.
2017-02-27 16:00:19 -08:00
Alex Dadgar
0940fc08af
Better derive token logging
2017-02-14 16:46:54 -08:00
Alex Dadgar
9987a235a5
Fix race condition with Deriving vault tokens
...
This PR fixes a race condition in which the client was not locked while
deriving Vault tokens. This allowed the token to be set which would
cause subsequent Vault requests to fail with permission denied because
the incorrect Vault token was being used.
Further this PR makes the unsetting and unlocking of the client atomic
to avoid an even harder to hit race condition (not sure it was ever hit
but was still incorrect).
2017-02-01 16:25:59 -08:00
Alex Dadgar
ba0b3963ef
Comments
2016-10-18 11:36:04 -07:00
Alex Dadgar
4f8bfd7b18
Tests
2016-10-18 11:24:20 -07:00
Alex Dadgar
36cfe6e89e
Large refactor of task runner and Vault token rehandling
2016-10-18 11:24:20 -07:00
Alex Dadgar
82960c46d8
Tests
2016-10-11 13:28:18 -07:00
Alex Dadgar
751aa114bf
Fix Vault parsing of booleans
2016-10-10 18:04:39 -07:00
Alex Dadgar
0fefaef008
Alloc runner tests
2016-09-15 17:24:09 -07:00
Alex Dadgar
688e616200
Fix token renewal
2016-09-15 11:20:51 -07:00
Alex Dadgar
ec152a6d12
Clean up vault client
2016-09-14 18:10:56 -07:00
Alex Dadgar
6702a29071
Vault token threaded
2016-09-14 13:30:01 -07:00
Alex Dadgar
8ca3a16825
Fingerprint
2016-09-01 11:10:14 -07:00
vishalnayak
d0ad1603c3
Print debug message only when error is non-nil
2016-08-30 13:14:34 -04:00
vishalnayak
55a6f06e15
Addressed review feedback
2016-08-30 13:08:13 -04:00
vishalnayak
3808dd0ff8
Return only fatal error to renewal error channel
2016-08-30 12:46:59 -04:00
vishalnayak
a0dbfe25b3
Fix tests
2016-08-29 21:30:06 -04:00
vishalnayak
82f6209e97
tokenDeriver function pointer to derive tokens.
...
Remove rpc*, connPool, node and region from vaultclient.
2016-08-29 20:32:05 -04:00
vishalnayak
f35bb409b6
Use Job.LookupTaskGroup
2016-08-29 16:34:39 -04:00
vishalnayak
160ba48eb4
Address review feedback
2016-08-29 12:47:33 -04:00
vishalnayak
56e42cf03d
Employ DeriveVaultToken API and flesh-up DeriveToken
2016-08-24 12:29:59 -04:00
vishalnayak
6002e596c4
VaultClient for Nomad Client
2016-08-24 09:43:45 -04:00