Commit Graph

12258 Commits

Author SHA1 Message Date
Brian Kassouf 09593283b8
Improve the performance of snapshot installs by using rename (#9247)
* initial work on improving snapshot performance

* Work on snapshots

* rename a few functions

* Cleanup the snapshot file

* vendor the safeio library

* Add a test

* Add more tests

* Some review comments

* Fix comment

* Update physical/raft/snapshot.go

Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>

* Update physical/raft/snapshot.go

Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>

* Review feedback

Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>
2020-06-23 11:08:30 -07:00
Calvin Leung Huang 4a5bef48c4
docs: add additional info around transform for tweak and template type (#9203) 2020-06-23 10:32:54 -07:00
Noelle Daley 6d23a6b768
Update CHANGELOG.md 2020-06-23 09:15:03 -07:00
Alexander Bezobchuk f4cf0fc0ff
CL++: Add go version to server message output
Add CL entry from https://github.com/hashicorp/vault/pull/9078
2020-06-23 10:48:56 -04:00
Clint 6b4bdb1882
VLT091 plugin testing framework stepwise (#9270)
* Resolve merge conflicts and updates from running a test

* move testing/_test.go over to legacy

* updates

* Add core of plugin test framework Stepwise  (#9166)

* adding stepwise testing, but there are protocol buff error :/

* move file and update sdk/go.mo

* update/sync modules

* update from other branch

* update sdk/go.mod

* some cleanups after feedback

* remove enviornments from this PR

* update vendor

* change from running go mod tidy

* change from go mod tidy

* Update sdk/testing/stepwise/helpers.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* Update sdk/testing/stepwise/helpers.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* change panic to error

* Update sdk/testing/stepwise/helpers.go

return `nil` and not `err` at the end

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* Defer close() on successful Open of a file

* document the re-creation of steps

* Update sdk/testing/stepwise/stepwise.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* remove unused BarrierKeys()

* Update sdk/testing/stepwise/stepwise.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* updates from feedback

* fix return with bad arguments

* Rename things:

- StepOperation -> Operation
- StepwiseEnvironment -> Environment
- StepCheckFunc -> AssertionFunc
- step.Check -> step.Assert

* document the environment interface methods

* rename EnvironmentOptions to MountOptions

* rename Name to RegistryName

* remove ExpectError because it's redundant

* minor doc update

* Update sdk/testing/stepwise/stepwise.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* add checkShouldRun function

* remove redundant return

* remove vestigial PreCheck function

* add tt.Helper() to makeRequest

* minor code formatting and document 1-based index for log output of Steps

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* minor updates

* update sdk

* use local reference for api, vault dep

* Update sdk/testing/stepwise/stepwise.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update sdk/testing/stepwise/stepwise.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* cleanup some defer functions

* call fatal if environment setup fails, and don't call teardown

* defer re-setting client token in makeRequest

* Move legacy logicaltest back to testhelpers

* update mods and test files with go mod tidy

* go mod vendor

* remove relative replace directives

* restore old logical test location

* move declaration to main stepwise file

* remove index var and use i+1

* add testing for write, delete paths of makeRequest

* update stepwise core testing to do request counting

* remove unused methods

* Update sdk/testing/stepwise/stepwise.go

remove dead line

Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>

* Update sdk/testing/stepwise/stepwise.go

fix capitalization in code comment

Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>

* update code comments for SkipTeardown to clarify its use

* update stepwise

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>
2020-06-23 06:01:39 -05:00
Austin Gebauer 2fa1e7ab71
changelog++ 2020-06-22 13:47:05 -07:00
Austin Gebauer 57ddf3da35
changelog++ 2020-06-22 13:24:15 -07:00
ncabatoff 7082c3b59d
changelog++ 2020-06-22 13:54:40 -04:00
Austin Gebauer 965f95239a
docs: clarify when plugin executables must also be given mlock syscall ability (#9275) 2020-06-22 10:05:15 -07:00
Austin Gebauer 63a7ea05ce
changelog++ 2020-06-20 07:56:10 -07:00
Johnathan Schmidt ab4e072bb6
Add the static-roles feature for MSSQL (#9062) 2020-06-19 23:01:06 -07:00
Mark Gritter ce88903638
Add counter for creation of new entity. (#9263) 2020-06-19 18:24:05 -05:00
Jim Kalafut 835ba0f8a1
changelog++ 2020-06-19 16:08:03 -07:00
Jim Kalafut d2bb399d95
Update kubernetes auth plugin (#9195) 2020-06-19 15:47:13 -07:00
Mark Gritter 3e220f300a
Fix to failing test compilation. (#9272) 2020-06-19 15:19:21 -05:00
Mark Gritter b3c3635f49
Added gauges to count KV secrets. (#9250)
* Added gauges to count KV secrets.
* Use real KV implementation in test.
2020-06-19 14:01:35 -05:00
ncabatoff 8b5dbeb26d
changelog++ 2020-06-19 09:33:04 -04:00
ncabatoff 3b83f5ba85
changelog++ 2020-06-19 09:24:44 -04:00
Angel Garbarino 89302f0e3f
Ui/replication status discoverability (#8705)
* Sidebranch: add new route on DR secondary (#8640)

* setup, not complete

* update routing

* clean up

* add test

* add link from status menu

* clean up

* fixes per pr comments

* revert back to two if statements due to refresh bug

* Sidebranch: Setup Replication Page as component to be consumed in all pages for project (#8661)

* setup, not complete

* update routing

* clean up

* add test

* add link from status menu

* clean up

* fixes per pr comments

* setup dashboard with contextual components, and toggle

* setup option to show tabs or not

* handle conditional nav menu

* pass in whole model object

* rename to replication-page

* clean up

* clean up based on pr feedback

* fix linting error

* Sidebranch: setup replication dashboard with scss and initial card components (#8670)

* setup replication dashboard with scss and initial card components

* sync with Noelles changes and clean up the inner grid container inside the selectable card

* set up nested contextual components for selectable-cards

* setup component for table row

* address walk through notes

* remove name selectable from card component as it is not selectable

* add missing space

* Ui/dr primary/initial page setup (#8671)

* add helperText param to InfoTableRow

* initial page setup

* format card with padding and correct number of rows

* style card titles with margin

* move styles inside replication class; add todos

* move replication-summary styles into core app so hot reloading works

* prevent known secondaries card from being cut off on the right hand side

* make cards have the correct column span

* make code elements inside tables black

* WIP - start VltTable component

* simplify css

* renamed VltTable to ReplicationTable and use divs instead of table elements

* fix position of known secondaries

* use table element for secondaries card

* add todo

* move replication components to replication engine

* Revert "move replication components to replication engine"

This reverts commit 2228b8392199a1376815dc8b7642de438aad68b5.

* move ReplicationPrimaryCards to components

* remove hover box shadow since cards are not selectable yet

* only apply padding to replication selectable-cards

* specify replication vlt-table in classname

* move replication toggle and toggle into core addon

* remove extra toolbar border

* remove duplicate css

* move ReplicationTableRows to core addon and use them on DR primary page

* clean up todos

* add jsdoc comments

* rename ReplicationTable to KnownSecondaries

* update replicaiton table api to accept flexible data

* rename replicationAttrs to data

* move replication components to core addon

* Ui/dr primary components (#8711)

* populate table with actual secondary ids

* add todo

* make KnownSecondariesCard component

* move KnownSecondariesCard styles to own file

* add EmptyState when there are no known secondaries

* fix known secondaries manage link

* fix Add Secondary link; bring in capabilities model to repliation index route so we can check for adding secondaries

* fix JSDOC comments and updata data to replicationAttrs

* Sidebranch: DR Secondary Dashboard - pr4 (#8706)

* setup styling for delta

* clean up

* replication table remove and rename model to data

* remove old replication header component now that it is in addons

* move replication secondary card component

* calc delta

* clean up

* remove unused components that are now in addon

* address pr comments

* remove test

* fix failing test

* address pr comments

* attempting to fix test

* move to computed components

* fix test error

* fix state of null error

* Sidebranch: DR Secondary Dashboard state message handlers (#8741)

* setup styling for delta

* clean up

* replication table remove and rename model to data

* remove old replication header component now that it is in addons

* move replication secondary card component

* calc delta

* clean up

* remove unused components that are now in addon

* address pr comments

* remove test

* fix failing test

* address pr comments

* attempting to fix test

* initial setup before merge updates

* move to computed components

* fix test error

* fix state of null error

* clean up

* setup alert banner and documentation link

* setup alert banner with second icon

* remove underscore to dash

* add in missing error messages

* add connection-state shutdown

* add storybook update to alert banner

* pr comments

* move css class to helper class

* address pr comments

* add in connection states correct endpoint

* Ui/dr dashboard tests (#8732)

* initial test setup

* use margin when there are no knownsecondaries

* set up replication tests in ember engine

* set knownSecondaries

* move tests to host app and set resolver

* finish known-secondaries-card-test

* make knownSecondaries array match the API response

* add known secondaries table test

* oops, remove stories directory

* wip - replication table rows test

* remove extra code

* finish replication table rows tests

* add | Enterprise | to test module

* remove unncessary assertion:

* show dynamic state glyph (#8747)

* show dynamic state glyph

* show state glyph after state

* move LearnLink into core addon

* make ReplicationDocLink component

* prevent double lines at the bottom of the dashboard

* Sidebranch: dr-secondary-dashboard-pr7 (#8792)

* move dr to higher level component and setup isDisabled for error state when dr mode is disabled.

* add in error messages final

* refactor transistion on submit handler focused on dr secondary

* handle transition

* update empty state component to include icon and add empty state to details page

* fix spelling

* address pr comments

* merge with replication branch

* remove component structure for replication-secondary-card

* compute title and error message

* make specific empty state messages

* fix test

* address pr comments

* regenerate the storyboook for empty state

* Replication Primary Dashboard: handle errors (#8845)

* use h3 instead of code elements

* use correct property names for StateDisplay

* WIP

* remove todo

* move cluster states into a map; make status menu icon match cluster state

* show error in state card using the same state map in the cluster model

* whitespace

* move cluster-states into a helper and update usage

* use circle success icon for stream-wals because that is the ideal state

* more refactoring of cluster state display

* use new cluster-states helper

* whitespace

* use clusterStates helper in replication secondary card

* remove extra import

* add default values for when state isn't recognized

* make sure that state exists before getting state details from clusterStates helper

* be more strict when state cannot be found

* use brace expansion to fix linting error

* add tests for error states

* fix text wrapping issue on secondary cards; make titles match mocks

* use unknown if metric isn't foudn

* remove extra border on selectable card when there is an error

* use outline square in status menu for error

* Ui/replication/refactor dashboard components (#8878)

* use ReplicationDashboard component

* move syncing and alert banners into dashboard component

* only show primary cluster addr if dashboard is for a secondary

* use ReplicationPage and Dashboard

* move isSecondary to page component

* remove duplication

* remove dead code

* refactored table rows

* make sure dashboards update data when we are switching between mclusterModes and replicationTypes

* clarified replicationMode and clusterMode

* remove extra margin

* get rid of data

* remove syncProgress

* remove Enterprise filter from tests so component tests are run

* Ui/replication/primary reindexing (#8906)

* fix typo

* fetch replication/mode/status and pass to dashboard component

* add reindexing stage to AlertBanner; use real value for isReindexing

* remove dr since we don't need it anymore

* add indentation

* remove TODO

* capitalize reindexing_stage and make progress 0 by default

* remove Toggle since we don't need it anymore

* get allllll the variables at once

* only run secondary details test on enterprise

* Sidebranch: component and acceptance tests (#8903)

* address secondary card overflow issue

* setup replicaiton header test

* address secondary card overflow issue

* setup replication secondary card test

* setup replicaiton header test

* setup replicaiton page test

* setup replication secondary card test

* setup replication dashboard test

* setup replicaiton page test

* remove unused code

* fix overflow

* finish test for rep dashboard

* update rep secondary card test

* finish rep header test

* fix rep table rows and header test

* fix header test

* fix missing data-test-primary-cluster

* add to secondary test

* remove pauseTest

* add to enterprise replication test

* add mode to dr secondary test

* remove pauseTest

* add enterprise to test

* amend per pr commments

* re organize rep secondary card test

* adjust error heights with design input

* move const around in rep secondary card test

* move const around and message for rep dashboard test

* amend per pr review comments

* remove styling from grid-item-left

* remove dup hasErrorClass key

* quick fix

* test failure fix

* fix test due to merge

* remove hasErrorClass

* modify test message

* Sidebranch: remove delta, toggle, and make auto-refresh (#8945)

* change styling

* remove replication toggle

* modifications for auto refresh and final removal of delta and last wal

* fix refresh issue by removing replicationMode on this.reset which conflicts with the same property being set on the cluster model

* remove comments

* add unknown placeholder

* add auto refresh to other components and remove mention of toggle

* remove meep and primary cluster heading area

* ensure status menu displays replication state, not just one (#8959)

* Add Replication Reindexing Progress Bar (#8975)

* whitespace

* rename consts

* rename variables

* test that dashboard shows a reindexing alert banner

* standardize shamir and ui wizard progress bar

* make new progressbar component

* just kidding, we can use the html5 progress bar

* make top margins consistent across primary and secondary dashboards

* clean up AlertBanner JSDocs and markdown

* show a progress bar inside an AlertBanner if cluster is reindexing

* add example AlertBanner with Progress Bar

* add reindexing tests

* add a tiny left margin to progress bars inside alert banners

* keep old class names in wizard to prevent bug, but keep consistent progress background color

* use spacing variables

* remove extra border when secondary card has an error

* make card header sizes and weight consistent

* Sidebranch: Performance Secondary Dashboard (#8956)

* setup rep dashboard to dynamically take in the component to render and dynamically setup the css based on mode of cluster

* conditional pass in the correct props to the Dashboard.card component and add margin to reindexing alertBanner

* update replication dashboard test

* add performance secondary test and clean up replication-secondary-card test

* fix message

* replace cluster-id with secondaryId

* remove reindexing test as its a duplicate of the branch noelle is working on

* cleanup

* address pr comments

* small test fixes

* add secondaryId to header test

* fix tests description

* Ui/replication/test update (#8995)

* make sure progress bar updates and animates

* ensure dashboard updates when replication mode has changed

* make sure we update isSyncing when state has changed

* wip - console log statements to see if components are getting new attrs

* Revert "wip - console log statements to see if components are getting new attrs"

This reverts commit d05219ba6c14c64a9f2e867892476faf7dad4659.

* style progress bar in mozilla; allow testing the progress bar in storybook

* test that primary and secondary card container don't display at the same time

* prepare KnownSecondariesTable for backend compatibility (#9029)

* Ui/replication mgmt action block (#9053)

This does some low-impact work to prepare for the refactor of replication-actions. Includes:

- Move modal to addon in lib/core
- Update modal to take a "type" param which changes the header color + icon
- Add tests for modal changes
- Add action-block style only component
- Add styles-only replication-action grid that the action-blocks will live inside of

* Sidebranch: address transition issues on replication engine and actions (#9010)

* small formatting changes

* change findRecord to peekRecord so it keeps track of the changing data.

* add styling such that when page is loading it does not spread across the whole page

* help with reload and styling on replication route

* initial setup for new flow that handles adding a perf secondary, and also some on a dr secondary

* clean up

* add loader on rep page for situations when data is still loading, and add loading mode in header, seperate from the modeForUrl used in other places to help transistion

* fix transitionTo when coming from different replication.mode vs replication.index route

* set default of mode for radio checkboxes after removing from DEFAULTS var

* reset and cont using onEnable because TransitionTo is not working inside of component

* remove console

* the reason we were getting transition errors :(

* remove modeObjecT

* fix error by removing peek record from application and moving it lower down in a property replicationAttrs

* Readd back space

* this one really does fix the issue

* add back peek record and add conditional to isLoadingData

* figure out cluster id from service instead of hardcoded

* fix capabilities-self error by adding a 1 sceond delay for when transition from replication.index to replication.mode.index on enable performance secondary

* remove attempt to circumvent the peekRecord in application

* add to replication page tests and clarify replicationMode to formattedReplicationMode, it's super confusing when seeing replicationMode being duplicated throughout the computed components.  this clarifies its computed only for formatting

* fix repetive conditional

* capture the state when either dr.mode or performance.mode are undefined, which happens during a transition.  If this is the case add a loader on the replicationindex page.

* address some pr comments

* small change

* add bootstrapping mode to test

* add Replication Learn Links to wizard (#9106)

* Ui/summary dashboard (#9079)

* move key value to lib/core/addon so I can use inside replication engine

* setup summary dasbhoard on replication summary component

* set title for summary dashboard

* do not show replication table rows on summary dashboard

* show that last_wal updates every 10 seconds

* show replication table rows on individual dashboards, but not summary

* remove extra bottom border on replication-dashboard

* add replicationDetailsSummary object and replication-summary-card

* setup structure and data calcs of replication summary card

* fix links and styling on summary card

* breadcrumbs

* match state title on summary dashboard to individual dashboards

* add margin below replication header

* update breadcrumbs to show replication mode

* align details link right

* add margin below tabs in replication header

* user helper-text to make card text styling consistent across dashboards

* remove unneeded code

* add bottom border to summary state

* add bottom margin to summary dashboard

* add negative margins to bring values closer to related cell

* fix failing test due to data-test attribute change and make storybook component for replication-summary-card

* setup replication summary card test.  I suspect we'll move the hasError test to the dashboard where the error will show around the state display

* add to replication acceptance test for new summary dashboard

* remove pauseTest

* add is-active to li element

* clean up

* dashboard test and clean up

* addressing pr comments

* fix replication/null/status error

* add JSDocs for rep page and rep dash

* more pr cleanup

* remove conditional and fix styling blue link

* fix conditional on when loading summary dashboard to check for primary on both. wrap code in div so it lands on another line.

Co-authored-by: Noelle Daley <adriannenoelle@gmail.com>

* change message with bold 'not' if primary (#9112)

* Add JSDocs to components (#9125)

* jsdocs

* remove todo that is no longer relevant

* clean up wording

* wordsmithing

* fix spelling

* example for clusterMode

* Replication Management Sidebranch: Replication Action Disable (#9061)

Set up dr-secondary management page with new action flow

* Create confirmation-modal component

* Refactor replication-dr-secondary splash page to replication manage page

* Refactor replication-action-disable component to use confirmation modal

* Add details/manage tab to replication-dr-secondary section

* Refactor Replication Action: Promote to use modal flow (#9122)

* Ui/replication mgmt/reindex action (#9126)

* Replication Management Sidebranch: Replication Action Disable (#9061)

* Ui/replication mgmt/recover action (#9127)

* Replication Management Sidebranch: Replication Action Recover (#9061)

* Close link-to tag in header (#9139)

Fixes bad merge conflict

* UI: Fix replication management tests (#9136)

* do not show replication mode or id when replication isn't enabled

* fix broken tag

* fill in confirmation text when disabling replication in tests

* fix typo

* fix demote primary test selector

* add test selectors and update tests to match new format

* fill in Performance when disabling performance secondary

* Ui/replication mgmt/update primary action (#9149)

* Update Primary replication action uses modal flow

* Update modal max-height to accommodate for the navbar

* Ui/secondary token flow dr (#9150)

* setup token modal flow

* calc expirationDate

* fix date-format test after moving it in addon

* fix icon conditional in modal title

* decode token to get epoch expiration date and convert

* handle clicking outside of modal

* remove extra copy button

* add modal check in rep  acceptance test

* look only at day and month and remove console

* fix spelling

* cleanup

* replace dr with variable

* make string check longer in test

* fix test variables

* refactor enterprise test for secondary token flow

* make cluster model property replicationModeForDisplay to handle all cases where we were either conditionally displaying the DR, Disaster Recovery, etc. or where we were hardcoding it into the hbs.  For situations where it was DR before, I am now keeping it more consistent and using Disaster Recovery as on the manage page we do not show the Diaster Recovery (DR) anywhere.

* set initial value for ttl picker to fix issue where itwas setting seconds to minutes

* clean up

* add comment about ttl picker

* Add known primaries info table (#9152)

* replace primaryClusterAddr with knownPrimaryClusterAddrs

* rename state to Status; fix css layout

* add InfoTable component

* only show label column if there is a label

* add grid-item-middle class

* whitespace

* fix grid layout

* die tagName, die

* set table max-height

* prep InfoTable for Storybook

* ensure cards always have the same height

* remove duplicate max height since vlt-table already has max-height

* add InfoTable tests

* add InfoTable to Storybook

* organize grid item css; rename for consistency

* add sticky header to table

* add sticky-header class to keep table styles in scope

* whoops, do not use fake data

* Ui/rep design updates (#9169)

* show secondaryId in table rows

* show primary_cluster_addr in table rows

* remove cluster Ids from replication headers

* Ui/fix enable overflow (#9173)

* only show primary_cluster_addr for primary

* fix overflow on replication index

* remove display from cluster-states because it is not used anywhere

* fix missing replication mode from description

* add comments

* use helper to consolidate replication descriptions

* fix text wrapping on medium screen sizes

* Ui/replication mgmt/demote action (#9168)

* Replication demote action uses modal flow

Co-authored-by: Noelle Daley <adriannenoelle@gmail.com>
Co-authored-by: Angel Garbarino <argarbarino@gmail.com>

* Ui/replication merge cleanup 2 (#9212)

* replace with replicationModeForDisplay that is defined on the cluster

* fix spelling on replication and confirmed with design for placeholder when Not defined

* remove extra div with box class

* change manage link to take you to the secondaries manage as it's within the known secondaries card

* fix scroll always showing by adding auto, and decreasing the height.  WIP

* add empty state to known_primary_cluster_addrs

* address pr comments

* Add real connected state and API address (#9219)

* fix title of secondary card

* show connected status

* fix tests

* fix enterprise test (#9229)

* fix enterprise test

* add n

* add another n

* Ui/replication mgmt/generate token action (#9187)

Generate operation token flow from replication DR Secondary. Clicking 'Cancel' on the modal after the operation has started results in cancelling generate operation and restarting the process.

* use none set instead of not defined

Co-authored-by: Noelle Daley <noelledaley@users.noreply.github.com>
Co-authored-by: Chelsea Shaw <chelshaw.dev@gmail.com>
Co-authored-by: Noelle Daley <adriannenoelle@gmail.com>
2020-06-18 14:52:43 -07:00
Angel Garbarino 8202fe01cd
Update CHANGELOG.md 2020-06-18 15:50:37 -06:00
Mark Gritter 239b2375aa
Counter that increments on every secret engine lease creation. (#9244) 2020-06-18 15:36:21 -05:00
Michael Golowka 7502813335
Add password_policy field to Azure docs (#9249)
* Add password_policy field
* Updated vault-plugin-secrets-azure to v0.6.1
* A bunch of other libraries also got updated at the same time because of the plugin update
2020-06-18 13:25:59 -06:00
Mark Gritter cc6a64d4d8
Replaced ClusterMetricSink's cluster name with an atomic.Value. (#9252)
* Replaced ClusterMetricSink's cluster name with an atomic.Value.
This should permit go-race tests to pass which seal and unseal
the core.

* Replace metric sink before unseal to avoid data races.
2020-06-18 12:55:50 -05:00
Jason O'Donnell 3c8ceb4d1d
Fix database creds rotation panic for nil resp (#9258) 2020-06-18 13:49:42 -04:00
Jim Kalafut 5e5b6b33fe
changelog++ 2020-06-17 16:28:56 -07:00
Chelsea Shaw 0e058607d3
changelog++ 2020-06-17 15:26:34 -05:00
Michael Golowka f77bcc53c4
Move sdk/helper/random -> helper/random (#9226)
* This package is new for 1.5 so this is not a breaking change.
* This is being moved because this code was originally intended to be used
within plugins, however the design of password policies has changed such
that this is no longer needed. Thus, this code doesn't need to be in the
public SDK.
2020-06-17 14:24:38 -06:00
Chelsea Shaw 4ea3a0f4ae
UI: Disallow kv2 with too large 'max versions' value (#9242) 2020-06-17 15:24:10 -05:00
Lauren Voswinkel a5ae18d285
Allow mTLS for mysql secrets engine (#9181)
* Extract certificate helpers for use in non-mongodb packages
* Created mTLS/X509 test for MySQL secrets engine.
* Ensure mysql username and passwords aren't url encoded
* Skip mTLS test for circleCI
2020-06-17 11:46:01 -07:00
Calvin Leung Huang 2e7e63f78c
docs: add sample revocation for mongodb (#9245) 2020-06-17 08:25:56 -07:00
Scott Miller 632c86ecc1
Add new Telemetry config options (#9238)
* Add new Telemetry config options

Add cluster_name, maximum_gauge_cardinality, and usage_gauge_period
configuration options to the config stanza.

Update unit tests.

Document.

Co-authored-by: Mark Gritter <mgritter@hashicorp.com>
2020-06-17 10:07:33 -05:00
Scott Miller 0b9a40a64e
Add a simple sealed gauge, updated when seal status changes (#9177)
* Add a simple unsealed gauge, updated when seal status changes
2020-06-17 09:50:28 -05:00
Mike Jarmy e608503139
Test Shamir-to-Transit and Transit-to-Shamir Seal Migration for post-1.4 Vault. (#9214)
* move adjustForSealMigration to vault package

* fix adjustForSealMigration

* begin working on new seal migration test

* create shamir seal migration test

* refactor testhelpers

* add VerifyRaftConfiguration to testhelpers

* stub out TestTransit

* Revert "refactor testhelpers"

This reverts commit 39593defd0d4c6fd79aedfd37df6298391abb9db.

* get shamir test working again

* stub out transit join

* work on transit join

* remove debug code

* initTransit now works with raft join

* runTransit works with inmem

* work on runTransit with raft

* runTransit works with raft

* cleanup tests

* TestSealMigration_TransitToShamir_Pre14

* TestSealMigration_ShamirToTransit_Pre14

* split for pre-1.4 testing

* add simple tests for transit and shamir

* fix typo in test suite

* debug wrapper type

* test debug

* test-debug

* refactor core migration

* Revert "refactor core migration"

This reverts commit a776452d32a9dca7a51e3df4a76b9234d8c0c7ce.

* begin refactor of adjustForSealMigration

* fix bug in adjustForSealMigration

* clean up tests

* clean up core refactoring

* fix bug in shamir->transit migration

* stub out test that brings individual nodes up and down

* refactor NewTestCluster

* pass listeners into newCore()

* simplify cluster address setup

* simplify extra test core setup

* refactor TestCluster for readability

* refactor TestCluster for readability

* refactor TestCluster for readability

* add shutdown func to TestCore

* add cleanup func to TestCore

* create RestartCore

* stub out TestSealMigration_ShamirToTransit_Post14

* refactor address handling in NewTestCluster

* fix listener setup in newCore()

* remove unnecessary lock from setSealsForMigration()

* rename sealmigration test package

* use ephemeral ports below 30000

* work on post-1.4 migration testing

* clean up pre-1.4 test

* TestSealMigration_ShamirToTransit_Post14 works for non-raft

* work on raft TestSealMigration_ShamirToTransit_Post14

* clean up test code

* refactor TestClusterCore

* clean up TestClusterCore

* stub out some temporary tests

* use HardcodedServerAddressProvider in seal migration tests

* work on raft for TestSealMigration_ShamirToTransit_Post14

* always use hardcoded raft address provider in seal migration tests

* debug TestSealMigration_ShamirToTransit_Post14

* fix bug in RestartCore

* remove debug code

* TestSealMigration_ShamirToTransit_Post14 works now

* clean up debug code

* clean up tests

* cleanup tests

* refactor test code

* stub out TestSealMigration_TransitToShamir_Post14

* set seals properly for transit->shamir migration

* migrateFromTransitToShamir_Post14 works for inmem

* migrateFromTransitToShamir_Post14 works for raft

* use base ports per-test

* fix seal verification test code

* simplify seal migration test suite

* simplify test suite

* cleanup test suite

* use explicit ports below 30000

* simplify use of numTestCores

* Update vault/external_tests/sealmigration/seal_migration_test.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update vault/external_tests/sealmigration/seal_migration_test.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* clean up imports

* rename to StartCore()

* Update vault/testing.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* simplify test suite

* clean up tests

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-06-16 14:12:22 -04:00
Mark Gritter ebac0443d5
Configure metrics wrapper with the "global" object, not just the fanout. (#9099) 2020-06-16 10:50:24 -05:00
ncabatoff a117cf7e73
changelog++ 2020-06-16 08:29:00 -04:00
Scott Miller 883524c71c
Add backend type to audit logs (#9167)
Add a mount_type field to audit log requests and responses.
2020-06-16 07:22:33 -05:00
Austin Gebauer 4acadd372b
changelog++ 2020-06-15 18:45:28 -07:00
Austin Gebauer 1fe041689d
Update GCP secrets plugin (#9231) 2020-06-15 18:24:12 -07:00
Mark Gritter 50b388a93c
Changes to expiration manager to walk tokens (#9182)
* Changes to expiration manager to walk tokens (including non-expiring ones.)
* Count by namespace in token manager.
* Keep a dictionary of policy lists and deduplicate based on it.
2020-06-15 18:54:36 -05:00
Noelle Daley 88a0e432e8
Ui/add changelog link (#9216)
* link to changelog in version

* link to specific changelog version number

* update CHANGELOG headings to match expected format

* clean up and add tests

* handle errors

* use https

* update test url
2020-06-15 14:53:48 -07:00
Jason O'Donnell e8db47f92d
docs/agent: add overview for consul template fetches (#9227)
* docs/vault-k8s: add overview for consul template fetches

* Add dynamic role link

* move to agent documentation, add link

* fix typo in certificate doc

* fix note about leased secrets

* update secret vs token, add note to pki

* add more secret vs token notes

* add note about caching
2020-06-15 15:49:35 -04:00
ncabatoff c8833c24d8
Restart template server if it shuts down (#9200) 2020-06-15 15:25:45 -04:00
Austin Gebauer d9fbd04a33
docs: fix typo in gcp and gcpkms secrets (#9228) 2020-06-15 11:57:51 -07:00
Matt Whiteley 922f9374c6
Fix typo (#9217)
correct parameter is `leader_ca_cert_file`
2020-06-15 14:36:15 -04:00
Austin Gebauer f21d89c61e
changelog++ 2020-06-15 11:10:10 -07:00
Austin Gebauer 7aba2ada56
Update oracle cloud infrastructure auth plugin to v0.5.5 (#9210) 2020-06-15 10:11:20 -07:00
Michael Golowka 1a8b7765bc
Add password policies to Active Directory secret engine (#9144)
* Also updates AD docs to reflect password policies
2020-06-15 10:36:17 -06:00
Jim Kalafut 320e9ecb92
Minor transform docs rewording (#9223) 2020-06-14 20:53:36 -07:00
Michael Golowka 993291da07
Validate physical CockroachDB table config value before using it (#9191)
* Validate table name (and database if specified) prior to using it in SQL
2020-06-12 11:09:38 -06:00
Michael Golowka 8d022cbe9c
Validate physical MySQL database and table config values before using them (#9189)
* Validate database & table names prior to using it in SQL
2020-06-12 11:08:56 -06:00