Commit graph

9911 commits

Author SHA1 Message Date
Becca Petrin 309e7db6f0
Don't run MSSQL revocations as a transaction (#6154) 2019-02-04 09:02:56 -08:00
Brian Shumate 18c8f390f9 Update AppRole API docs (#6047)
- Use consistent "Create/Update" heading text style
2019-02-04 11:17:16 -05:00
nickwales e2429522fa Removed typo (#6162) 2019-02-04 11:13:37 -05:00
Matthew Potter 5e374d5cd1 Add libvault to the list of elixir libraries (#6158) 2019-02-04 11:12:29 -05:00
Jeff Mitchell ba4a5c0576 changelog++ 2019-02-01 17:15:00 -05:00
Jeff Mitchell 82ee4176e6
Add the ability to print curl commands from CLI (#6113) 2019-02-01 17:13:51 -05:00
Jeff Mitchell 17755b8150 Update go-retryablehttp to get bodybytes, and circonus deps as those break without it 2019-02-01 17:13:21 -05:00
Jeff Mitchell 2f9a7c6203
Add more perf standby guards (#6149) 2019-02-01 16:56:57 -05:00
Brian Kassouf aaca35be94
Updates to recovery keys (#6152) 2019-02-01 11:29:55 -08:00
Yoko a9392f9840
Adding a mention for 'kv-v2' as type (#6151) 2019-02-01 11:26:08 -08:00
Jeff Mitchell bbc1d53a5d Revert "Refactor common token fields and operations into a helper (#5953)"
This reverts commit 66c226c593bb1cd48cfd8364ac8510cb42b7d67a.
2019-02-01 11:23:40 -05:00
Jeff Mitchell adccccae69 Update example output for PKI serial -> serial_number
Fixes #6146
2019-02-01 10:29:34 -05:00
Jeff Mitchell b2cc9ebd3a Remove regenerate-key docs as it no longer exists 2019-02-01 09:29:40 -05:00
Jeff Mitchell b94c29a8a1 Update go-ldap to fix #6135 2019-01-31 17:07:25 -05:00
Jeff Mitchell 1a6580039c Add npm to apt-get command 2019-01-31 15:56:04 -05:00
Joel Thompson 33400e6e99 Fix typo in help text (#6136)
Small typo introduced in #6133
2019-01-31 08:53:54 -08:00
Jeff Mitchell 27c960d8df
Split SubView functionality into logical.StorageView (#6141)
This lets other parts of Vault that can't depend on the vault package
take advantage of the subview functionality.

This also allows getting rid of BarrierStorage and vault.Entry, two
totally redundant abstractions.
2019-01-31 09:25:18 -05:00
Jim Kalafut b98cc2e2cf
Add json.Number handling to TypeHeader (#6134)
Fixes #6131
2019-01-30 15:24:39 -08:00
Jeff Mitchell 85a560abba
Refactor common token fields and operations into a helper (#5953) 2019-01-30 16:23:28 -05:00
Jeff Mitchell 3592bfdcb0 changelog++ 2019-01-30 16:22:25 -05:00
Jeff Mitchell d8b0015d71 Add role ID to token metadata and internal data 2019-01-30 16:17:31 -05:00
Jeff Mitchell 47accf8086 Add role_id as an alias name source for AWS and change the defaults 2019-01-30 15:51:45 -05:00
Donald Guy 4363453017 Docs: Azure auth example using metadata service (#6124)
There are probably better ways to massage this but I think it would be helpful to have something like this included
2019-01-30 12:13:39 -08:00
nathan r. hruby ef43617efd
Merge pull request #6130 from hashicorp/nrh/website-gems
Fix Website Gems
2019-01-30 11:58:49 -07:00
nathan r. hruby a643664c5b bump dato and rack to fix website builds 2019-01-30 11:10:49 -07:00
Jim Kalafut 7842e320aa
Add fields to support UI/display uses, along with OpenAPI mappings (#6082) 2019-01-29 15:35:37 -08:00
Matthias Bartelmeß 0cb766d4dd Typo in mongodb engine (#6125) 2019-01-29 11:44:45 -08:00
Jeff Mitchell 553fd083d2 Bump Dockerfile Go version 2019-01-29 13:43:29 -05:00
Jeff Mitchell 3bb381720f Allow devel in go version check and bump to 1.11 2019-01-29 11:27:04 -05:00
Matthew Irish 81f52d3c7f
changelog++ 2019-01-29 09:45:54 -06:00
Matthew Irish b777906fee
add entity lookup to the default policy (#6105)
* add entity lookup to the default policy

* only use id for lookup

* back in with name
2019-01-29 09:43:59 -06:00
Jeff Mitchell 4b3e611fd6 changelog++ 2019-01-29 00:53:01 -05:00
Noelle Daley 0aa0e0fe1d
UI/gate wizard (#6094)
* check for capabilities when finding matching paths

* disable wizard items that user does not have access to

* make hasPermissions accept an array of capabilities

* refactor features-selection

* fix tests

* implement feedback
2019-01-28 14:49:25 -08:00
Brian Shumate 2337df4b2b Update documentation for command operator unseal (#6117)
- Add migrate command option
2019-01-28 10:27:51 -05:00
Jeff Mitchell 39e14b9083 Force circonus v2 as directed by them 2019-01-28 10:27:02 -05:00
Jeff Mitchell 928698fce5 Update update deps script 2019-01-26 18:43:35 -05:00
Jeff Mitchell 40ff476664 changelog++ 2019-01-26 16:48:53 -05:00
Gordon Shankman cd2f7bbde8 Adding support for SSE in the S3 storage backend. (#5996) 2019-01-26 16:48:08 -05:00
Jeff Mitchell 3032dfd5c3 changelog++ 2019-01-25 14:11:58 -05:00
Jeff Mitchell e781ea3ac4
First part of perf standby entity race fix (#6106) 2019-01-25 14:08:42 -05:00
Jeff Mitchell 1f57e3674a Move a common block up a level 2019-01-24 18:29:22 -05:00
Calvin Leung Huang 34af3daeb0 docs: update agent sample config (#6096) 2019-01-24 07:25:03 -05:00
Becca Petrin df24d204ba Convert MSSQL tests to Docker (#6095)
* create working mssql docker container

* update tests
2019-01-24 07:24:31 -05:00
Jeff Mitchell 6d22f3fc2e minor linting change 2019-01-23 17:19:06 -05:00
Jeff Mitchell 94e56d964f Fix build 2019-01-23 16:52:51 -05:00
Jeff Mitchell 0874b552cb Fix build 2019-01-23 16:52:06 -05:00
Jeff Mitchell 42253deac3 changelog++ 2019-01-23 16:35:56 -05:00
Seth Vargo 98ad431d6d Continuously attempt to unseal if sealed keys are supported (#6039)
* Add helper for checking if an error is a fatal error

The double-double negative was really confusing, and this pattern is used a few places in Vault. This negates the double negative, making the devx a bit easier to follow.

* Check return value of UnsealWithStoredKeys in sys/init

* Return proper error types when attempting unseal with stored key

Prior to this commit, "nil" could have meant unsupported auto-unseal, a transient error, or success. This updates the function to return the correct error type, signaling to the caller whether they should retry or fail.

* Continuously attempt to unseal if sealed keys are supported

This fixes a bug that occurs on bootstrapping an initial cluster. Given a collection of Vault nodes and an initialized storage backend, they will all go into standby waiting for initialization. After one node is initialized, the other nodes had no mechanism by which they "re-check" to see if unseal keys are present. This adds a goroutine to the server command which continually waits for unseal keys to exist. It exits in the following conditions:

- the node is unsealed
- the node does not support stored keys
- a fatal error occurs (as defined by Vault)
- the server is shutting down

In all other situations, the routine wakes up at the specified interval and attempts to unseal with the stored keys.
2019-01-23 16:34:34 -05:00
Jeff Mitchell c5d8391c38
Prefix path rename (#6089)
* Rename Prefix -> Path in internal struct

* Update test
2019-01-23 15:04:49 -05:00
Jeff Mitchell 4a76aa0f12 changelog++ 2019-01-23 14:35:51 -05:00