Commit graph

143 commits

Author SHA1 Message Date
Brian Kassouf 09593283b8
Improve the performance of snapshot installs by using rename (#9247)
* initial work on improving snapshot performance

* Work on snapshots

* rename a few functions

* Cleanup the snapshot file

* vendor the safeio library

* Add a test

* Add more tests

* Some review comments

* Fix comment

* Update physical/raft/snapshot.go

Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>

* Update physical/raft/snapshot.go

Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>

* Review feedback

Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>
2020-06-23 11:08:30 -07:00
Clint 6b4bdb1882
VLT091 plugin testing framework stepwise (#9270)
* Resolve merge conflicts and updates from running a test

* move testing/_test.go over to legacy

* updates

* Add core of plugin test framework Stepwise  (#9166)

* adding stepwise testing, but there are protocol buff error :/

* move file and update sdk/go.mo

* update/sync modules

* update from other branch

* update sdk/go.mod

* some cleanups after feedback

* remove enviornments from this PR

* update vendor

* change from running go mod tidy

* change from go mod tidy

* Update sdk/testing/stepwise/helpers.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* Update sdk/testing/stepwise/helpers.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* change panic to error

* Update sdk/testing/stepwise/helpers.go

return `nil` and not `err` at the end

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* Defer close() on successful Open of a file

* document the re-creation of steps

* Update sdk/testing/stepwise/stepwise.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* remove unused BarrierKeys()

* Update sdk/testing/stepwise/stepwise.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* updates from feedback

* fix return with bad arguments

* Rename things:

- StepOperation -> Operation
- StepwiseEnvironment -> Environment
- StepCheckFunc -> AssertionFunc
- step.Check -> step.Assert

* document the environment interface methods

* rename EnvironmentOptions to MountOptions

* rename Name to RegistryName

* remove ExpectError because it's redundant

* minor doc update

* Update sdk/testing/stepwise/stepwise.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* add checkShouldRun function

* remove redundant return

* remove vestigial PreCheck function

* add tt.Helper() to makeRequest

* minor code formatting and document 1-based index for log output of Steps

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* minor updates

* update sdk

* use local reference for api, vault dep

* Update sdk/testing/stepwise/stepwise.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update sdk/testing/stepwise/stepwise.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* cleanup some defer functions

* call fatal if environment setup fails, and don't call teardown

* defer re-setting client token in makeRequest

* Move legacy logicaltest back to testhelpers

* update mods and test files with go mod tidy

* go mod vendor

* remove relative replace directives

* restore old logical test location

* move declaration to main stepwise file

* remove index var and use i+1

* add testing for write, delete paths of makeRequest

* update stepwise core testing to do request counting

* remove unused methods

* Update sdk/testing/stepwise/stepwise.go

remove dead line

Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>

* Update sdk/testing/stepwise/stepwise.go

fix capitalization in code comment

Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>

* update code comments for SkipTeardown to clarify its use

* update stepwise

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>
2020-06-23 06:01:39 -05:00
Jim Kalafut d2bb399d95
Update kubernetes auth plugin (#9195) 2020-06-19 15:47:13 -07:00
Michael Golowka 7502813335
Add password_policy field to Azure docs (#9249)
* Add password_policy field
* Updated vault-plugin-secrets-azure to v0.6.1
* A bunch of other libraries also got updated at the same time because of the plugin update
2020-06-18 13:25:59 -06:00
Scott Miller 883524c71c
Add backend type to audit logs (#9167)
Add a mount_type field to audit log requests and responses.
2020-06-16 07:22:33 -05:00
Austin Gebauer 1fe041689d
Update GCP secrets plugin (#9231) 2020-06-15 18:24:12 -07:00
Austin Gebauer 7aba2ada56
Update oracle cloud infrastructure auth plugin to v0.5.5 (#9210) 2020-06-15 10:11:20 -07:00
Michael Golowka 1a8b7765bc
Add password policies to Active Directory secret engine (#9144)
* Also updates AD docs to reflect password policies
2020-06-15 10:36:17 -06:00
Brian Kassouf 3b4ba9d1fb
Upgrade raft library (#9170)
* Upgrade raft library

* Update vendor

* Update physical/raft/snapshot_test.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update physical/raft/snapshot_test.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-06-08 16:34:20 -07:00
Clint dd9c3b9133
Sync Protobuf dependencies between core and sdk (#9154)
* update go.mod/sum for root and sdk folders to sync protobuf versions

* run 'go mod vendor'

* bump github.com/golang/protobuf to v1.4.2
2020-06-05 14:15:12 -05:00
Michael Golowka 438345c390
Update OpenLDAP secret engine to v0.1.3 (#9123)
* Adds ability to use password policies

Operations:
Updated go.mod for OpenLDAP to v0.1.3
Ran `go mod tidy`
Ran `go mod vendor`
2020-06-03 10:37:00 -06:00
Jim Kalafut 34fab8ae09
Update gcp secrets plugin (#9004) 2020-06-01 11:02:33 -07:00
ncabatoff 8870b2e51c
Add mongodbatlas static roles support (#8987)
* Refactor PG container creation.
* Rework rotation tests to use shorter sleeps.
* Refactor rotation tests.
* Add a static role rotation test for MongoDB Atlas.
2020-05-29 14:21:23 -04:00
Michael Golowka b52950f884
Add user configurable password policies available to secret engines (#8637)
* Add random string generator with rules engine

This adds a random string generation library that validates random
strings against a set of rules. The library is designed for use as generating
passwords, but can be used to generate any random strings.
2020-05-27 12:28:00 -06:00
Jeff Mitchell 7e5d68a73e
Bump go-kms-wrapping to remove proto warning, and vendor (#9066) 2020-05-22 10:48:50 -04:00
Lauren Voswinkel 4d98430964
Use parameters when executing prepared statements rather than fmt.Sprintf (#9013)
* Don't use string formatting to prepare queries.

We should, when possible, use the built-in params and ? format when
preparing and executing a query. This is done to prevent SQL Injection
attacks.

* Revert some changes due to failing tests, update mssql go driver

* Add docker container startup for some MSSQL tests

* Remove acceptance test flagging, add more SQL injection protection

* Refactor MSSQL prepareTestContainer to a test helper

Also, remove all ? references and convert them to @p*
2020-05-21 16:07:18 -07:00
Josh Black 6e92c8cbd2
Add a new "vault monitor" command (#8477)
Add a new "vault monitor" command

Co-authored-by: ncabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>
2020-05-21 13:07:50 -07:00
Clint 39de184f1f
Update vault-plugin-secret-ad dependency (#9025) 2020-05-20 12:47:37 -07:00
Jason O'Donnell dd254b08d5
agent/template: update consul-template dep (#9044) 2020-05-20 13:03:33 -04:00
Jeff Mitchell 41d5727d9d
Port encrypted config shared bits to a separate PR (#9037)
* Port encrypted config shared bits to a separate PR

* Address feedback
2020-05-19 18:15:30 -04:00
Clint 86a62130fd
Update to latest version of vault-plugin-secrets-openldap (#9006) 2020-05-18 15:59:11 -05:00
Jeff Mitchell b4f5d38916
Update to latest go-kms-wrapping and fix protos/etcd (#8996) 2020-05-14 18:45:10 -04:00
Jeff Mitchell 2f5f0049db
Switch bootstrap (except CI) over to using pinned versions from go.mod (#9000) 2020-05-14 13:45:12 -04:00
Jeff Mitchell 1d3d89e2aa
Create configutil and move some common config and setup functions there (#8362) 2020-05-14 09:19:27 -04:00
Scott Miller 16cc804086
Upgrade go-ldap to 3.1.10, containing the send race fix (#8937)
* Upgrade go-ldap to 3.1.10, containing the send race fix
2020-05-11 11:28:01 -05:00
ncabatoff 55609f1d38
Ensure that the .vault-token file writen by vault login always has the correct permissions and ownership. (#8867) 2020-04-27 19:55:13 -04:00
Brian Kassouf d979279015
storage/raft: Fix memory allocation issue and Metadata tracking issues with snapshots (#8793)
* storage/raft: Split snapshot restore disk write into batches

* Work on snapshot consistency

* make sure tests send a snapshot

* Fix comment

* Don't remove metrics

* Fix comment
2020-04-23 11:11:08 -07:00
Jim Kalafut 053c2b3cf6
Update go.mod to corrected plugin tags (#8759)
This addresses an issue found in #8696 which was determined to be due to
the Go module proxy having a cached copy of a tag that doesn't match the
official version (due a build prep error weeks ago). All of the repos
got new patch versions, but the content is identical.
2020-04-17 11:50:19 -07:00
Jim Kalafut b7fc72d5ec
Update go.mod and vendoring (#8752)
This primarily ports updates made during the 1.4 release to master.
2020-04-16 12:07:07 -07:00
Brian Kassouf 2e7d682586
Update triton-go package (#8751) 2020-04-16 09:57:37 -07:00
Jim Kalafut 5c4796bb55
Update MongoDB Atlas secrets plugin (#8669) 2020-04-03 15:47:17 -07:00
Nick Cabatoff f13589f9fe Revert "Bump cloud.google.com/go to get timeout fix (#8636)"
This reverts commit 0ea3e78f91153129853dea6c42d4a01b403ae5c9.
2020-04-02 10:09:24 -04:00
Joshua Kwan b0561a189d
Bump cloud.google.com/go to get timeout fix (#8636)
The commit I'm interested in is
googleapis/google-cloud-go@fbf2f51 ,
which disables an aggressive 2-second timeout for awaiting headers from
the compute metadata service.

This 2-second timeout causes problems when [Workload Identity] is
enabled on a cluster. In this situation, a different endpoint is used
under the hood for compute metadata, and this endpoint can often take
more than 2 seconds to return headers.

[Workload Identity]: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity

Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-04-01 15:42:06 -04:00
Tommy Murphy a936a77f01
stackdriver: metric label extraction (#8073)
* stackdriver: use label extraction and add debug config

* go.mod: update go-metrics-stackdriver

* vendor go-metrics-stackdriver
2020-03-13 07:58:45 +01:00
ncabatoff 5fe1ab766b
Add option to detect deadlocks in Core.stateLock using build tag deadlock (#8524) 2020-03-10 16:01:20 -04:00
ncabatoff c9ff95ec70
Update to go-metrics 1.3.3 for Prometheus performance improvements. (#8507) 2020-03-09 09:54:55 -04:00
Jason O'Donnell 3d2c5477ec
openldap secret: update go.mod (#8494) 2020-03-06 12:46:29 -05:00
Jason O'Donnell 524e871343
secrets/openldap: update go.mod (#8475)
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-03-06 11:52:28 -05:00
Jim Kalafut 2e8826744f
Update plugin dependencies (#8371)
* Update plugin dependencies

* Update vendoring
2020-02-18 09:55:04 -08:00
Jason O'Donnell dd9f25a118
Add OpenLDAP Secret Plugin (#8360)
* Add openldap secret plugin

* go mod vendor

* Revert to go-ldap 3.1.3

* go mod vendor
2020-02-15 13:21:07 -05:00
Jeff Mitchell 463e5a05fe Bump API/SDK 2020-02-14 17:28:40 -05:00
Becca Petrin 5f19ff828c
update kerberos dependency (#8353) 2020-02-14 11:13:28 -08:00
Jim Kalafut 2ee7b76469
Bundle MongoDB Atlas (#8309) 2020-02-07 14:09:39 -08:00
ncabatoff fbd4925889
Update to newest go-metrics, go mod vendor. (#8311) 2020-02-07 09:05:14 -05:00
Becca Petrin 1459544630
update from github.com/hashicorp/gokrb5 to github.com/jcmturner/gokrb5/v8 (#8296) 2020-02-05 14:23:22 -08:00
ncabatoff 03b14d8a64
Upgrade okta sdk lib (#8143)
Upgrade to new official Okta sdk lib.  Since it requires an API token, use old unofficial okta lib for no-apitoken case. 

Update test to use newer field names.  Remove obsolete test invalidated by #4798.  Properly handle case where an error was expected and didn't occur.
2020-02-03 12:51:10 -05:00
Michel Vocks 2bde6a3a5a
Bump etcd client API dep (#8037) 2020-01-29 15:16:38 +01:00
Michel Vocks f695eb737b
Add Consul TLS options to access API endpoint (#8253) 2020-01-29 09:44:35 +01:00
Michel Vocks 027ada452e
Mongodb driver switch to mongo-driver (#8140)
* Switch mongodb driver to mongo-driver

* Tidy mod

* Make writeConcern private

* Implement review feedback

* Add retry functionality

* Added backoff time

* go mod vendor

* Fix failing test

* goimport
2020-01-24 09:32:47 +01:00
Jeff Mitchell ef44e226a9 Bump sdk and go-hclog and vendor 2020-01-23 14:12:19 -05:00