Merge branch 'master-oss' into copy-of-master
This commit is contained in:
commit
9577bb58a8
14
vendor/github.com/hashicorp/vault-plugin-auth-centrify/Gopkg.lock
generated
vendored
14
vendor/github.com/hashicorp/vault-plugin-auth-centrify/Gopkg.lock
generated
vendored
|
@ -85,7 +85,7 @@
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "github.com/hashicorp/go-retryablehttp"
|
name = "github.com/hashicorp/go-retryablehttp"
|
||||||
packages = ["."]
|
packages = ["."]
|
||||||
revision = "763e4b5d05f5534071213c67c335aad6b0d318a7"
|
revision = "3b087ef2d313afe6c55b2f511d20db04ca767075"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -165,13 +165,13 @@
|
||||||
"physical/inmem",
|
"physical/inmem",
|
||||||
"version"
|
"version"
|
||||||
]
|
]
|
||||||
revision = "8568e791dd7896c3820b6ac5373a991f257a39e4"
|
revision = "74e1134a91bc9c801dab2c846f49551a99ce1fb6"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "github.com/hashicorp/yamux"
|
name = "github.com/hashicorp/yamux"
|
||||||
packages = ["."]
|
packages = ["."]
|
||||||
revision = "2658be15c5f05e76244154714161f17e3e77de2e"
|
revision = "3520598351bb3500a49ae9563f5539666ae0a27c"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -207,7 +207,7 @@
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "golang.org/x/crypto"
|
name = "golang.org/x/crypto"
|
||||||
packages = ["ssh/terminal"]
|
packages = ["ssh/terminal"]
|
||||||
revision = "ab813273cd59e1333f7ae7bff5d027d4aadf528c"
|
revision = "b47b1587369238182299fe4dad77d05b8b461e06"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -221,7 +221,7 @@
|
||||||
"internal/timeseries",
|
"internal/timeseries",
|
||||||
"trace"
|
"trace"
|
||||||
]
|
]
|
||||||
revision = "dfa909b99c79129e1100513e5cd36307665e5723"
|
revision = "1e491301e022f8f977054da4c2d852decd59571f"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -263,7 +263,7 @@
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "google.golang.org/genproto"
|
name = "google.golang.org/genproto"
|
||||||
packages = ["googleapis/rpc/status"]
|
packages = ["googleapis/rpc/status"]
|
||||||
revision = "694d95ba50e67b2e363f3483057db5d4910c18f9"
|
revision = "81158efcc9f219c511e4d3c0d61a0e6e49c01a24"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
name = "google.golang.org/grpc"
|
name = "google.golang.org/grpc"
|
||||||
|
@ -301,6 +301,6 @@
|
||||||
[solve-meta]
|
[solve-meta]
|
||||||
analyzer-name = "dep"
|
analyzer-name = "dep"
|
||||||
analyzer-version = 1
|
analyzer-version = 1
|
||||||
inputs-digest = "3ecee3c628919dbb9661e17bc01e8a786a3eb5c615c5e3b4d979f9a90944a734"
|
inputs-digest = "76e47f3a3a3d4f6116ecf327993ce72edc4cd4ab42c4f7a4340e63b49a234c29"
|
||||||
solver-name = "gps-cdcl"
|
solver-name = "gps-cdcl"
|
||||||
solver-version = 1
|
solver-version = 1
|
||||||
|
|
6
vendor/github.com/hashicorp/vault-plugin-auth-centrify/Gopkg.toml
generated
vendored
6
vendor/github.com/hashicorp/vault-plugin-auth-centrify/Gopkg.toml
generated
vendored
|
@ -1,6 +1,6 @@
|
||||||
# Gopkg.toml example
|
# Gopkg.toml example
|
||||||
#
|
#
|
||||||
# Refer to https://github.com/golang/dep/blob/master/docs/Gopkg.toml.md
|
# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html
|
||||||
# for detailed Gopkg.toml documentation.
|
# for detailed Gopkg.toml documentation.
|
||||||
#
|
#
|
||||||
# required = ["github.com/user/thing/cmd/thing"]
|
# required = ["github.com/user/thing/cmd/thing"]
|
||||||
|
@ -33,6 +33,10 @@
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "github.com/hashicorp/go-cleanhttp"
|
name = "github.com/hashicorp/go-cleanhttp"
|
||||||
|
|
||||||
|
[[constraint]]
|
||||||
|
branch = "master"
|
||||||
|
name = "github.com/hashicorp/go-hclog"
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
name = "github.com/hashicorp/vault"
|
name = "github.com/hashicorp/vault"
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
|
100
vendor/github.com/hashicorp/vault-plugin-auth-kubernetes/Gopkg.lock
generated
vendored
100
vendor/github.com/hashicorp/vault-plugin-auth-kubernetes/Gopkg.lock
generated
vendored
|
@ -1,19 +1,8 @@
|
||||||
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
|
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
|
||||||
|
|
||||||
|
|
||||||
[[projects]]
|
|
||||||
name = "github.com/PuerkitoBio/purell"
|
|
||||||
packages = ["."]
|
|
||||||
revision = "0bcb03f4b4d0a9428594752bd2a3b9aa0a9d4bd4"
|
|
||||||
version = "v1.1.0"
|
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "github.com/PuerkitoBio/urlesc"
|
|
||||||
packages = ["."]
|
|
||||||
revision = "de5bf2ad457846296e2031421a34e2568e304e35"
|
|
||||||
|
|
||||||
[[projects]]
|
|
||||||
name = "github.com/SermoDigital/jose"
|
name = "github.com/SermoDigital/jose"
|
||||||
packages = [
|
packages = [
|
||||||
".",
|
".",
|
||||||
|
@ -21,8 +10,7 @@
|
||||||
"jws",
|
"jws",
|
||||||
"jwt"
|
"jwt"
|
||||||
]
|
]
|
||||||
revision = "f6df55f235c24f236d11dbcf665249a59ac2021f"
|
revision = "803625baeddc3526d01d321b5066029f53eafc81"
|
||||||
version = "1.1"
|
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -30,39 +18,6 @@
|
||||||
packages = ["."]
|
packages = ["."]
|
||||||
revision = "1fca145dffbcaa8fe914309b1ec0cfc67500fe61"
|
revision = "1fca145dffbcaa8fe914309b1ec0cfc67500fe61"
|
||||||
|
|
||||||
[[projects]]
|
|
||||||
name = "github.com/emicklei/go-restful"
|
|
||||||
packages = [
|
|
||||||
".",
|
|
||||||
"log"
|
|
||||||
]
|
|
||||||
revision = "2810ccc68e0ca445fa81ebfa03fbf70aca5c41ae"
|
|
||||||
version = "v2.7.0"
|
|
||||||
|
|
||||||
[[projects]]
|
|
||||||
branch = "master"
|
|
||||||
name = "github.com/go-openapi/jsonpointer"
|
|
||||||
packages = ["."]
|
|
||||||
revision = "3a0015ad55fa9873f41605d3e8f28cd279c32ab2"
|
|
||||||
|
|
||||||
[[projects]]
|
|
||||||
branch = "master"
|
|
||||||
name = "github.com/go-openapi/jsonreference"
|
|
||||||
packages = ["."]
|
|
||||||
revision = "3fb327e6747da3043567ee86abd02bb6376b6be2"
|
|
||||||
|
|
||||||
[[projects]]
|
|
||||||
branch = "master"
|
|
||||||
name = "github.com/go-openapi/spec"
|
|
||||||
packages = ["."]
|
|
||||||
revision = "bcff419492eeeb01f76e77d2ebc714dc97b607f5"
|
|
||||||
|
|
||||||
[[projects]]
|
|
||||||
branch = "master"
|
|
||||||
name = "github.com/go-openapi/swag"
|
|
||||||
packages = ["."]
|
|
||||||
revision = "811b1089cde9dad18d4d0c2d09fbdbf28dbd27a5"
|
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
name = "github.com/gogo/protobuf"
|
name = "github.com/gogo/protobuf"
|
||||||
packages = [
|
packages = [
|
||||||
|
@ -142,7 +97,7 @@
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "github.com/hashicorp/go-retryablehttp"
|
name = "github.com/hashicorp/go-retryablehttp"
|
||||||
packages = ["."]
|
packages = ["."]
|
||||||
revision = "763e4b5d05f5534071213c67c335aad6b0d318a7"
|
revision = "3b087ef2d313afe6c55b2f511d20db04ca767075"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -199,6 +154,7 @@
|
||||||
packages = [
|
packages = [
|
||||||
"api",
|
"api",
|
||||||
"helper/certutil",
|
"helper/certutil",
|
||||||
|
"helper/cidrutil",
|
||||||
"helper/compressutil",
|
"helper/compressutil",
|
||||||
"helper/consts",
|
"helper/consts",
|
||||||
"helper/errutil",
|
"helper/errutil",
|
||||||
|
@ -221,23 +177,13 @@
|
||||||
"physical/inmem",
|
"physical/inmem",
|
||||||
"version"
|
"version"
|
||||||
]
|
]
|
||||||
revision = "da2bb1c8a7b2ac56a3448eb460fe4b558f1da116"
|
revision = "74e1134a91bc9c801dab2c846f49551a99ce1fb6"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "github.com/hashicorp/yamux"
|
name = "github.com/hashicorp/yamux"
|
||||||
packages = ["."]
|
packages = ["."]
|
||||||
revision = "2658be15c5f05e76244154714161f17e3e77de2e"
|
revision = "3520598351bb3500a49ae9563f5539666ae0a27c"
|
||||||
|
|
||||||
[[projects]]
|
|
||||||
branch = "master"
|
|
||||||
name = "github.com/mailru/easyjson"
|
|
||||||
packages = [
|
|
||||||
"buffer",
|
|
||||||
"jlexer",
|
|
||||||
"jwriter"
|
|
||||||
]
|
|
||||||
revision = "8b799c424f57fa123fc63a99d6383bc6e4c02578"
|
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -269,12 +215,6 @@
|
||||||
revision = "572520ed46dbddaed19ea3d9541bdd0494163693"
|
revision = "572520ed46dbddaed19ea3d9541bdd0494163693"
|
||||||
version = "v0.1"
|
version = "v0.1"
|
||||||
|
|
||||||
[[projects]]
|
|
||||||
name = "github.com/spf13/pflag"
|
|
||||||
packages = ["."]
|
|
||||||
revision = "583c0c0531f06d5278b7d917446061adc344b5cd"
|
|
||||||
version = "v1.0.1"
|
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "golang.org/x/net"
|
name = "golang.org/x/net"
|
||||||
|
@ -287,7 +227,7 @@
|
||||||
"internal/timeseries",
|
"internal/timeseries",
|
||||||
"trace"
|
"trace"
|
||||||
]
|
]
|
||||||
revision = "dfa909b99c79129e1100513e5cd36307665e5723"
|
revision = "1e491301e022f8f977054da4c2d852decd59571f"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -311,8 +251,7 @@
|
||||||
"unicode/bidi",
|
"unicode/bidi",
|
||||||
"unicode/cldr",
|
"unicode/cldr",
|
||||||
"unicode/norm",
|
"unicode/norm",
|
||||||
"unicode/rangetable",
|
"unicode/rangetable"
|
||||||
"width"
|
|
||||||
]
|
]
|
||||||
revision = "f21a4dfb5e38f5895301dc265a8def02365cc3d0"
|
revision = "f21a4dfb5e38f5895301dc265a8def02365cc3d0"
|
||||||
version = "v0.3.0"
|
version = "v0.3.0"
|
||||||
|
@ -327,7 +266,7 @@
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "google.golang.org/genproto"
|
name = "google.golang.org/genproto"
|
||||||
packages = ["googleapis/rpc/status"]
|
packages = ["googleapis/rpc/status"]
|
||||||
revision = "694d95ba50e67b2e363f3483057db5d4910c18f9"
|
revision = "81158efcc9f219c511e4d3c0d61a0e6e49c01a24"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
name = "google.golang.org/grpc"
|
name = "google.golang.org/grpc"
|
||||||
|
@ -369,19 +308,13 @@
|
||||||
version = "v0.9.1"
|
version = "v0.9.1"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
name = "gopkg.in/yaml.v2"
|
branch = "master"
|
||||||
packages = ["."]
|
|
||||||
revision = "5420a8b6744d3b0345ab293f6fcba19c978f1183"
|
|
||||||
version = "v2.2.1"
|
|
||||||
|
|
||||||
[[projects]]
|
|
||||||
branch = "release-1.8"
|
|
||||||
name = "k8s.io/api"
|
name = "k8s.io/api"
|
||||||
packages = ["authentication/v1"]
|
packages = ["authentication/v1"]
|
||||||
revision = "a315a049e7a93e5455f7fefce1ba136d85054687"
|
revision = "4c8191c9c7bfa20f74a2d477f2c3530e711e7620"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "release-1.8"
|
branch = "master"
|
||||||
name = "k8s.io/apimachinery"
|
name = "k8s.io/apimachinery"
|
||||||
packages = [
|
packages = [
|
||||||
"pkg/api/errors",
|
"pkg/api/errors",
|
||||||
|
@ -397,6 +330,7 @@
|
||||||
"pkg/types",
|
"pkg/types",
|
||||||
"pkg/util/errors",
|
"pkg/util/errors",
|
||||||
"pkg/util/intstr",
|
"pkg/util/intstr",
|
||||||
|
"pkg/util/json",
|
||||||
"pkg/util/net",
|
"pkg/util/net",
|
||||||
"pkg/util/runtime",
|
"pkg/util/runtime",
|
||||||
"pkg/util/sets",
|
"pkg/util/sets",
|
||||||
|
@ -406,17 +340,11 @@
|
||||||
"pkg/watch",
|
"pkg/watch",
|
||||||
"third_party/forked/golang/reflect"
|
"third_party/forked/golang/reflect"
|
||||||
]
|
]
|
||||||
revision = "40eaf68ee1889b1da1c528b1a075ecfe94e66837"
|
revision = "521145febf93d5639dce48a49ee8dc080863b034"
|
||||||
|
|
||||||
[[projects]]
|
|
||||||
branch = "master"
|
|
||||||
name = "k8s.io/kube-openapi"
|
|
||||||
packages = ["pkg/common"]
|
|
||||||
revision = "98b5c3f6a62e3f879d7017752989c925732b6c7d"
|
|
||||||
|
|
||||||
[solve-meta]
|
[solve-meta]
|
||||||
analyzer-name = "dep"
|
analyzer-name = "dep"
|
||||||
analyzer-version = 1
|
analyzer-version = 1
|
||||||
inputs-digest = "2960eddfc4173670edc561e40b75f99f865fdc7a43dbbf1873e74f798a865472"
|
inputs-digest = "a4f5c4784a693e2d63df96593815f130a8511739b284e67037efc44321d48a36"
|
||||||
solver-name = "gps-cdcl"
|
solver-name = "gps-cdcl"
|
||||||
solver-version = 1
|
solver-version = 1
|
||||||
|
|
16
vendor/github.com/hashicorp/vault-plugin-auth-kubernetes/Gopkg.toml
generated
vendored
16
vendor/github.com/hashicorp/vault-plugin-auth-kubernetes/Gopkg.toml
generated
vendored
|
@ -1,6 +1,6 @@
|
||||||
# Gopkg.toml example
|
# Gopkg.toml example
|
||||||
#
|
#
|
||||||
# Refer to https://github.com/golang/dep/blob/master/docs/Gopkg.toml.md
|
# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html
|
||||||
# for detailed Gopkg.toml documentation.
|
# for detailed Gopkg.toml documentation.
|
||||||
#
|
#
|
||||||
# required = ["github.com/user/thing/cmd/thing"]
|
# required = ["github.com/user/thing/cmd/thing"]
|
||||||
|
@ -26,17 +26,25 @@
|
||||||
|
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
|
branch = "master"
|
||||||
name = "github.com/SermoDigital/jose"
|
name = "github.com/SermoDigital/jose"
|
||||||
version = "1.1.0"
|
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "github.com/hashicorp/go-cleanhttp"
|
name = "github.com/hashicorp/go-cleanhttp"
|
||||||
|
|
||||||
|
[[constraint]]
|
||||||
|
branch = "master"
|
||||||
|
name = "github.com/hashicorp/go-hclog"
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "github.com/hashicorp/go-multierror"
|
name = "github.com/hashicorp/go-multierror"
|
||||||
|
|
||||||
|
[[constraint]]
|
||||||
|
branch = "master"
|
||||||
|
name = "github.com/hashicorp/go-sockaddr"
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
name = "github.com/hashicorp/vault"
|
name = "github.com/hashicorp/vault"
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -46,11 +54,11 @@
|
||||||
name = "github.com/mitchellh/mapstructure"
|
name = "github.com/mitchellh/mapstructure"
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
branch = "release-1.8"
|
branch = "master"
|
||||||
name = "k8s.io/api"
|
name = "k8s.io/api"
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
branch = "release-1.8"
|
branch = "master"
|
||||||
name = "k8s.io/apimachinery"
|
name = "k8s.io/apimachinery"
|
||||||
|
|
||||||
[prune]
|
[prune]
|
||||||
|
|
7
vendor/github.com/hashicorp/vault-plugin-auth-kubernetes/path_login.go
generated
vendored
7
vendor/github.com/hashicorp/vault-plugin-auth-kubernetes/path_login.go
generated
vendored
|
@ -11,6 +11,7 @@ import (
|
||||||
"github.com/SermoDigital/jose/jws"
|
"github.com/SermoDigital/jose/jws"
|
||||||
"github.com/SermoDigital/jose/jwt"
|
"github.com/SermoDigital/jose/jwt"
|
||||||
multierror "github.com/hashicorp/go-multierror"
|
multierror "github.com/hashicorp/go-multierror"
|
||||||
|
"github.com/hashicorp/vault/helper/cidrutil"
|
||||||
"github.com/hashicorp/vault/helper/strutil"
|
"github.com/hashicorp/vault/helper/strutil"
|
||||||
"github.com/hashicorp/vault/logical"
|
"github.com/hashicorp/vault/logical"
|
||||||
"github.com/hashicorp/vault/logical/framework"
|
"github.com/hashicorp/vault/logical/framework"
|
||||||
|
@ -77,6 +78,11 @@ func (b *kubeAuthBackend) pathLogin() framework.OperationFunc {
|
||||||
return logical.ErrorResponse(fmt.Sprintf("invalid role name \"%s\"", roleName)), nil
|
return logical.ErrorResponse(fmt.Sprintf("invalid role name \"%s\"", roleName)), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Check for a CIDR match.
|
||||||
|
if req.Connection != nil && !cidrutil.RemoteAddrIsOk(req.Connection.RemoteAddr, role.BoundCIDRs) {
|
||||||
|
return logical.ErrorResponse("request originated from invalid CIDR"), nil
|
||||||
|
}
|
||||||
|
|
||||||
config, err := b.config(ctx, req.Storage)
|
config, err := b.config(ctx, req.Storage)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -120,6 +126,7 @@ func (b *kubeAuthBackend) pathLogin() framework.OperationFunc {
|
||||||
TTL: role.TTL,
|
TTL: role.TTL,
|
||||||
MaxTTL: role.MaxTTL,
|
MaxTTL: role.MaxTTL,
|
||||||
},
|
},
|
||||||
|
BoundCIDRs: role.BoundCIDRs,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
17
vendor/github.com/hashicorp/vault-plugin-auth-kubernetes/path_role.go
generated
vendored
17
vendor/github.com/hashicorp/vault-plugin-auth-kubernetes/path_role.go
generated
vendored
|
@ -6,6 +6,8 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"github.com/hashicorp/go-sockaddr"
|
||||||
|
"github.com/hashicorp/vault/helper/parseutil"
|
||||||
"github.com/hashicorp/vault/helper/policyutil"
|
"github.com/hashicorp/vault/helper/policyutil"
|
||||||
"github.com/hashicorp/vault/helper/strutil"
|
"github.com/hashicorp/vault/helper/strutil"
|
||||||
"github.com/hashicorp/vault/logical"
|
"github.com/hashicorp/vault/logical"
|
||||||
|
@ -66,6 +68,11 @@ should never expire. The token should be renewed within the
|
||||||
duration specified by this value. At each renewal, the token's
|
duration specified by this value. At each renewal, the token's
|
||||||
TTL will be set to the value of this parameter.`,
|
TTL will be set to the value of this parameter.`,
|
||||||
},
|
},
|
||||||
|
"bound_cidrs": &framework.FieldSchema{
|
||||||
|
Type: framework.TypeCommaStringSlice,
|
||||||
|
Description: `Comma separated string or list of CIDR blocks. If set, specifies the blocks of
|
||||||
|
IP addresses which can perform the login operation.`,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
ExistenceCheck: b.pathRoleExistenceCheck(),
|
ExistenceCheck: b.pathRoleExistenceCheck(),
|
||||||
Callbacks: map[logical.Operation]framework.OperationFunc{
|
Callbacks: map[logical.Operation]framework.OperationFunc{
|
||||||
|
@ -142,6 +149,7 @@ func (b *kubeAuthBackend) pathRoleRead() framework.OperationFunc {
|
||||||
"policies": role.Policies,
|
"policies": role.Policies,
|
||||||
"period": role.Period,
|
"period": role.Period,
|
||||||
"ttl": role.TTL,
|
"ttl": role.TTL,
|
||||||
|
"bound_cidrs": role.BoundCIDRs,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -276,6 +284,13 @@ func (b *kubeAuthBackend) pathRoleCreateUpdate() framework.OperationFunc {
|
||||||
return logical.ErrorResponse("service_account_names and service_account_namespaces can not both be \"*\""), nil
|
return logical.ErrorResponse("service_account_names and service_account_namespaces can not both be \"*\""), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Parse bound CIDRs.
|
||||||
|
boundCIDRs, err := parseutil.ParseAddrs(data.Get("bound_cidrs"))
|
||||||
|
if err != nil {
|
||||||
|
return logical.ErrorResponse("unable to parse bound_cidrs: " + err.Error()), nil
|
||||||
|
}
|
||||||
|
role.BoundCIDRs = boundCIDRs
|
||||||
|
|
||||||
// Store the entry.
|
// Store the entry.
|
||||||
entry, err := logical.StorageEntryJSON("role/"+strings.ToLower(roleName), role)
|
entry, err := logical.StorageEntryJSON("role/"+strings.ToLower(roleName), role)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -320,6 +335,8 @@ type roleStorageEntry struct {
|
||||||
// ServiceAccountNamespaces is the array of namespaces able to access this
|
// ServiceAccountNamespaces is the array of namespaces able to access this
|
||||||
// role.
|
// role.
|
||||||
ServiceAccountNamespaces []string `json:"bound_service_account_namespaces" mapstructure:"bound_service_account_namespaces" structs:"bound_service_account_namespaces"`
|
ServiceAccountNamespaces []string `json:"bound_service_account_namespaces" mapstructure:"bound_service_account_namespaces" structs:"bound_service_account_namespaces"`
|
||||||
|
|
||||||
|
BoundCIDRs []*sockaddr.SockAddrMarshaler
|
||||||
}
|
}
|
||||||
|
|
||||||
var roleHelp = map[string][2]string{
|
var roleHelp = map[string][2]string{
|
||||||
|
|
18
vendor/github.com/hashicorp/vault-plugin-secrets-kv/Gopkg.lock
generated
vendored
18
vendor/github.com/hashicorp/vault-plugin-secrets-kv/Gopkg.lock
generated
vendored
|
@ -19,7 +19,6 @@
|
||||||
revision = "1fca145dffbcaa8fe914309b1ec0cfc67500fe61"
|
revision = "1fca145dffbcaa8fe914309b1ec0cfc67500fe61"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
|
||||||
name = "github.com/golang/protobuf"
|
name = "github.com/golang/protobuf"
|
||||||
packages = [
|
packages = [
|
||||||
"proto",
|
"proto",
|
||||||
|
@ -28,7 +27,8 @@
|
||||||
"ptypes/duration",
|
"ptypes/duration",
|
||||||
"ptypes/timestamp"
|
"ptypes/timestamp"
|
||||||
]
|
]
|
||||||
revision = "3a3da3a4e26776cc22a79ef46d5d58477532dede"
|
revision = "b4deda0973fb4c70b50d226b1af49f3da59f5265"
|
||||||
|
version = "v1.1.0"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -76,7 +76,7 @@
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "github.com/hashicorp/go-retryablehttp"
|
name = "github.com/hashicorp/go-retryablehttp"
|
||||||
packages = ["."]
|
packages = ["."]
|
||||||
revision = "763e4b5d05f5534071213c67c335aad6b0d318a7"
|
revision = "3b087ef2d313afe6c55b2f511d20db04ca767075"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -156,13 +156,13 @@
|
||||||
"physical/inmem",
|
"physical/inmem",
|
||||||
"version"
|
"version"
|
||||||
]
|
]
|
||||||
revision = "924e55a07d7aa9fe5e3af6bc55bd0ad10d7f20e4"
|
revision = "74e1134a91bc9c801dab2c846f49551a99ce1fb6"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "github.com/hashicorp/yamux"
|
name = "github.com/hashicorp/yamux"
|
||||||
packages = ["."]
|
packages = ["."]
|
||||||
revision = "2658be15c5f05e76244154714161f17e3e77de2e"
|
revision = "3520598351bb3500a49ae9563f5539666ae0a27c"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -205,7 +205,7 @@
|
||||||
"internal/chacha20",
|
"internal/chacha20",
|
||||||
"poly1305"
|
"poly1305"
|
||||||
]
|
]
|
||||||
revision = "ab813273cd59e1333f7ae7bff5d027d4aadf528c"
|
revision = "b47b1587369238182299fe4dad77d05b8b461e06"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -219,7 +219,7 @@
|
||||||
"internal/timeseries",
|
"internal/timeseries",
|
||||||
"trace"
|
"trace"
|
||||||
]
|
]
|
||||||
revision = "89e543239a64caf31d3a6865872ea120b41446df"
|
revision = "1e491301e022f8f977054da4c2d852decd59571f"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
@ -261,7 +261,7 @@
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "google.golang.org/genproto"
|
name = "google.golang.org/genproto"
|
||||||
packages = ["googleapis/rpc/status"]
|
packages = ["googleapis/rpc/status"]
|
||||||
revision = "694d95ba50e67b2e363f3483057db5d4910c18f9"
|
revision = "81158efcc9f219c511e4d3c0d61a0e6e49c01a24"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
name = "google.golang.org/grpc"
|
name = "google.golang.org/grpc"
|
||||||
|
@ -299,6 +299,6 @@
|
||||||
[solve-meta]
|
[solve-meta]
|
||||||
analyzer-name = "dep"
|
analyzer-name = "dep"
|
||||||
analyzer-version = 1
|
analyzer-version = 1
|
||||||
inputs-digest = "90b9fd05b2dbe168441e3bb1be83fb26d891c31b3080ba50ca407be5b30bf6a9"
|
inputs-digest = "83b98d2a0a02e20c32b7c864834aa7642eda9589ea0599ab6582bc8715ffe828"
|
||||||
solver-name = "gps-cdcl"
|
solver-name = "gps-cdcl"
|
||||||
solver-version = 1
|
solver-version = 1
|
||||||
|
|
4
vendor/github.com/hashicorp/vault-plugin-secrets-kv/Gopkg.toml
generated
vendored
4
vendor/github.com/hashicorp/vault-plugin-secrets-kv/Gopkg.toml
generated
vendored
|
@ -26,16 +26,16 @@
|
||||||
|
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
branch = "master"
|
|
||||||
name = "github.com/golang/protobuf"
|
name = "github.com/golang/protobuf"
|
||||||
|
version = "1.1.0"
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
name = "github.com/hashicorp/go-hclog"
|
name = "github.com/hashicorp/go-hclog"
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
name = "github.com/hashicorp/vault"
|
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
name = "github.com/hashicorp/vault"
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
branch = "master"
|
branch = "master"
|
||||||
|
|
50
vendor/vendor.json
vendored
50
vendor/vendor.json
vendored
|
@ -1299,20 +1299,20 @@
|
||||||
{
|
{
|
||||||
"checksumSHA1": "NCsUBSk7mleZOEz5iDQIXTvxroI=",
|
"checksumSHA1": "NCsUBSk7mleZOEz5iDQIXTvxroI=",
|
||||||
"path": "github.com/hashicorp/vault-plugin-auth-azure/plugin",
|
"path": "github.com/hashicorp/vault-plugin-auth-azure/plugin",
|
||||||
"revision": "4a00ec473112ccb88b2df03c56ebd0074313db3d",
|
"revision": "b6ea73720e04697cd70258d4d15afb893823d8e7",
|
||||||
"revisionTime": "2018-05-30T01:05:16Z"
|
"revisionTime": "2018-06-06T02:18:40Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "wlqe/d6fgGPTrcHPKNvnrQgPt7s=",
|
"checksumSHA1": "LI3ZsYvX/mU/o5EL3gE0qwKcSPs=",
|
||||||
"path": "github.com/hashicorp/vault-plugin-auth-centrify",
|
"path": "github.com/hashicorp/vault-plugin-auth-centrify",
|
||||||
"revision": "686a6c7493c36866316f4f3a9f39972d5fbb8d09",
|
"revision": "938178a6cf7984923db84aba4881913f84de9eea",
|
||||||
"revisionTime": "2018-05-30T01:09:28Z"
|
"revisionTime": "2018-06-06T02:20:31Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "CidzvD2Z5a68j+AfUatPOUlHZT4=",
|
"checksumSHA1": "CidzvD2Z5a68j+AfUatPOUlHZT4=",
|
||||||
"path": "github.com/hashicorp/vault-plugin-auth-gcp/plugin",
|
"path": "github.com/hashicorp/vault-plugin-auth-gcp/plugin",
|
||||||
"revision": "ba6bf5cfd920487f8bd5ebcc8c9428a78f98b47c",
|
"revision": "00e5bbe1b7d82707a43ae69de55a240fc888275e",
|
||||||
"revisionTime": "2018-05-30T01:10:45Z"
|
"revisionTime": "2018-06-06T02:26:37Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "ffJQvzbQvmCG/PdaElGSfGnDgNM=",
|
"checksumSHA1": "ffJQvzbQvmCG/PdaElGSfGnDgNM=",
|
||||||
|
@ -1321,52 +1321,52 @@
|
||||||
"revisionTime": "2018-04-08T01:06:05Z"
|
"revisionTime": "2018-04-08T01:06:05Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "peG2kzr0s+m66hK2qcVdlLbksuc=",
|
"checksumSHA1": "p5RZZr9+57AbEn0cJWofpxup66Q=",
|
||||||
"path": "github.com/hashicorp/vault-plugin-auth-kubernetes",
|
"path": "github.com/hashicorp/vault-plugin-auth-kubernetes",
|
||||||
"revision": "364dc7a8b257893415293583db4512fc8d44c284",
|
"revision": "8b146812410672dcf7c36b45762f4d3d3a6398b0",
|
||||||
"revisionTime": "2018-05-30T01:11:52Z"
|
"revisionTime": "2018-06-06T02:28:44Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "TXlbc4EPXue+Jz/HXl3NU5kEoUs=",
|
"checksumSHA1": "TXlbc4EPXue+Jz/HXl3NU5kEoUs=",
|
||||||
"path": "github.com/hashicorp/vault-plugin-secrets-ad/plugin",
|
"path": "github.com/hashicorp/vault-plugin-secrets-ad/plugin",
|
||||||
"revision": "955ac20048397e0ec7c707704fb28cd7fc5cb3da",
|
"revision": "28b22929498292a5fe2cc972d77e931f415e0786",
|
||||||
"revisionTime": "2018-06-04T18:23:35Z"
|
"revisionTime": "2018-06-06T02:34:28Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "w0TXZUy4HvuTrCxm32cVzkF3sEg=",
|
"checksumSHA1": "w0TXZUy4HvuTrCxm32cVzkF3sEg=",
|
||||||
"path": "github.com/hashicorp/vault-plugin-secrets-ad/plugin/client",
|
"path": "github.com/hashicorp/vault-plugin-secrets-ad/plugin/client",
|
||||||
"revision": "955ac20048397e0ec7c707704fb28cd7fc5cb3da",
|
"revision": "28b22929498292a5fe2cc972d77e931f415e0786",
|
||||||
"revisionTime": "2018-06-04T18:23:35Z"
|
"revisionTime": "2018-06-06T02:34:28Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "f5N0jlhC8c2vq0zez81fezfas/o=",
|
"checksumSHA1": "f5N0jlhC8c2vq0zez81fezfas/o=",
|
||||||
"path": "github.com/hashicorp/vault-plugin-secrets-ad/plugin/util",
|
"path": "github.com/hashicorp/vault-plugin-secrets-ad/plugin/util",
|
||||||
"revision": "955ac20048397e0ec7c707704fb28cd7fc5cb3da",
|
"revision": "28b22929498292a5fe2cc972d77e931f415e0786",
|
||||||
"revisionTime": "2018-06-04T18:23:35Z"
|
"revisionTime": "2018-06-06T02:34:28Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "X9XW3xqAeOQqDdeJKzeqOYHn4Wo=",
|
"checksumSHA1": "X9XW3xqAeOQqDdeJKzeqOYHn4Wo=",
|
||||||
"path": "github.com/hashicorp/vault-plugin-secrets-gcp/plugin",
|
"path": "github.com/hashicorp/vault-plugin-secrets-gcp/plugin",
|
||||||
"revision": "5edda7daf40133a7ae2fb142ef0af5ba0e2dbfce",
|
"revision": "19ce67943d4ba3d0dcda025d832e3a0c4da47d42",
|
||||||
"revisionTime": "2018-05-30T01:13:41Z"
|
"revisionTime": "2018-06-06T02:42:09Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "Dmpy+AguiGWfVg43Me5HB3+eDsk=",
|
"checksumSHA1": "Dmpy+AguiGWfVg43Me5HB3+eDsk=",
|
||||||
"path": "github.com/hashicorp/vault-plugin-secrets-gcp/plugin/iamutil",
|
"path": "github.com/hashicorp/vault-plugin-secrets-gcp/plugin/iamutil",
|
||||||
"revision": "5edda7daf40133a7ae2fb142ef0af5ba0e2dbfce",
|
"revision": "19ce67943d4ba3d0dcda025d832e3a0c4da47d42",
|
||||||
"revisionTime": "2018-05-30T01:13:41Z"
|
"revisionTime": "2018-06-06T02:42:09Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "81kYL49zTBoj1NYczxB2Xbr2d6Y=",
|
"checksumSHA1": "81kYL49zTBoj1NYczxB2Xbr2d6Y=",
|
||||||
"path": "github.com/hashicorp/vault-plugin-secrets-gcp/plugin/util",
|
"path": "github.com/hashicorp/vault-plugin-secrets-gcp/plugin/util",
|
||||||
"revision": "5edda7daf40133a7ae2fb142ef0af5ba0e2dbfce",
|
"revision": "19ce67943d4ba3d0dcda025d832e3a0c4da47d42",
|
||||||
"revisionTime": "2018-05-30T01:13:41Z"
|
"revisionTime": "2018-06-06T02:42:09Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "H+CTWTduLBAjjEGpLjKsoknAz1U=",
|
"checksumSHA1": "zyIz4QL1DddbGjsP6W2qbf3Uh28=",
|
||||||
"path": "github.com/hashicorp/vault-plugin-secrets-kv",
|
"path": "github.com/hashicorp/vault-plugin-secrets-kv",
|
||||||
"revision": "b55ec07a1a524ccbab9a0c218bb44df16688fdd2",
|
"revision": "730a019907e33c96abded11bbbd9aadf6e5b97d3",
|
||||||
"revisionTime": "2018-05-30T13:06:28Z"
|
"revisionTime": "2018-06-06T02:56:43Z"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "vTfeYxi0Z1y176bjQaYh1/FpQ9s=",
|
"checksumSHA1": "vTfeYxi0Z1y176bjQaYh1/FpQ9s=",
|
||||||
|
|
Loading…
Reference in a new issue