Jeff Mitchell
5ef2b0145b
Add ability to set max retries to API
2017-03-01 12:24:08 -05:00
Jordan Abderrachid
fa77e7cfa2
api: add `EnvVaultToken` constant. ( #2413 )
2017-02-27 18:36:21 -05:00
Jeff Mitchell
2cc0906b33
Fix breakage for HTTP2 support due to changes in wrapping introduced in 1.8 ( #2412 )
2017-02-27 12:49:35 -05:00
Jason Felice
ec10a9171d
ConfigureTLS() sets default HttpClient if nil ( #2329 )
2017-02-06 17:47:56 -05:00
Vishal Nayak
ad09acb479
Use Vault client's scheme for auto discovery ( #2146 )
2016-12-02 11:24:57 -05:00
Jeff Mitchell
97ca3292a4
Set number of pester retries to zero by default and make seal command… ( #2093 )
...
* Set number of pester retries to zero by default and make seal command return 403 if unauthorized instead of 500
* Fix build
* Use 403 instead and update test
* Change another 500 to 403
2016-11-16 14:08:09 -05:00
Jeff Mitchell
b45a481365
Wrapping enhancements ( #1927 )
2016-09-28 21:01:28 -07:00
Jeff Mitchell
9c33224928
Don't retry on redirections.
2016-08-12 15:13:42 -04:00
vishalnayak
ff22640015
Use default config and read environment by default while creating client object
2016-08-12 11:37:13 -04:00
Alex Dadgar
92ede0db17
Address comments
2016-08-02 13:17:45 -07:00
Alex Dadgar
f5d56ad8f8
Refactor the TLS configuration between meta.Client and the api.Config
2016-07-27 17:26:26 -07:00
Jeff Mitchell
a6682405a3
Migrate number of retries down by one to have it be max retries, not tries
2016-07-11 21:57:14 +00:00
Jeff Mitchell
57cdb58374
Switch to pester from go-retryablehttp to avoid swallowing 500 error messages
2016-07-11 21:37:46 +00:00
Jeff Mitchell
7023eafc67
Make the API client retry on 5xx errors.
...
This should help with transient issues. Full control over min/max delays
and number of retries (and ability to turn off) is provided in the API
and via env vars.
Fix tests.
2016-07-06 16:50:23 -04:00
Jeff Mitchell
05b2d4534c
Add unwrap test function and some robustness around paths for the wrap lookup function
2016-05-19 11:49:46 -04:00
Jeff Mitchell
c4431a7e30
Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors
2016-05-16 16:11:33 -04:00
Jeff Mitchell
99a5b4402d
Merge branch 'master-oss' into cubbyhole-the-world
2016-05-04 14:42:14 -04:00
Jeff Mitchell
45a120f491
Switch our tri-copy ca loading code to go-rootcerts
2016-05-03 12:23:25 -04:00
Jeff Mitchell
1ffd5653c6
Add wrap support to API/CLI
2016-05-02 02:03:23 -04:00
Robert M. Thomson
024407518b
Add VAULT_TLS_SERVER_NAME environment variable
...
If specified, verify a specific server name during TLS negotiation
rather than the server name in the URL.
2016-02-25 17:28:49 +01:00
Jeff Mitchell
32e23bea71
Move environment variable reading logic to API.
...
This allows the same environment variables to be read, parsed, and used
from any API client as was previously handled in the CLI. The CLI now
uses the API environment variable reading capability, then overrides any
values from command line flags, if necessary.
Fixes #618
2015-11-04 10:28:00 -05:00
Jeff Mitchell
22c65c0c07
Use cleanhttp instead of bare http.Client
2015-10-22 14:37:12 -04:00
Jeff Mitchell
cba4e82682
Don't use http.DefaultClient
...
This strips out http.DefaultClient everywhere I could immediately find
it. Too many things use it and then modify it in incompatible ways.
Fixes #700 , I believe.
2015-10-15 17:54:00 -04:00
Jeff Mitchell
b5d674d94e
Add 301 redirect checking to the API client.
...
Vault doesn't generate these, but in some cases Go's internal HTTP
handler does. For instance, during a mount-tune command, finishing the
mount path with / (as in secret/) would cause the final URL path to
contain .../mounts/secret//tune. The double slash would trigger this
behavior in Go's handler and generate a 301. Since Vault generates 307s,
this would cause the client to think that everything was okay when in
fact nothing had happened.
2015-10-09 17:11:31 -04:00
Dejan Golja
87c84db51b
Increase default timeout to 30s which should allow for any operation
...
to complete.
2015-10-09 00:53:35 +11:00
Dejan Golja
ea17b85d94
added a sensible default timeout for the vault client
2015-10-08 18:44:00 +11:00
Jeff Mitchell
2002406155
Rather than use http.DefaultClient, which is simply &http.Client{},
...
create our own. This avoids some potential client race conditions when
they are setting values on the Vault API client while the default client
is being used elsewhere in other goroutines, as was seen in
consul-template.
2015-09-03 13:47:20 -04:00
Jeff Mitchell
bc2d914905
Change variable name for clarity
2015-09-03 13:38:24 -04:00
Jeff Mitchell
c56fd6b3fc
Remove redirect handling code that was never being executed (redirects are manually handled within RawRequest). Add a sync.Once to fix a potential data race with setting the CheckRedirect function on the default http.Client
2015-09-03 13:34:45 -04:00
Seth Vargo
6f248425a6
Update documentation around cookies
2015-09-03 10:36:59 -04:00
Jeff Mitchell
a8ef0e8a80
Remove cookie authentication.
2015-08-21 19:46:23 -07:00
Jeff Mitchell
2de991ac7a
The docs say that if HttpClient is nil, http.DefaultClient will be used. However, the code doesn't do this, resulting in a nil dereference.
2015-06-04 14:01:10 -04:00
Seth Vargo
fc2ac74c5f
Improve error message when TLS is disabled
...
Fixes #198
2015-05-14 10:33:38 -04:00
Mitchell Hashimoto
d4155ef9d8
api: human friendly error for TLS [GH-123]
2015-05-02 13:08:35 -07:00
Seth Vargo
cc25b8b15c
Remove api dependency on http package
2015-04-23 19:58:44 -04:00
Seth Vargo
e5fca055f7
Use VAULT_ADDR instead
2015-04-23 11:46:22 -04:00
Seth Vargo
835e14dda0
Add docs
2015-04-23 11:45:37 -04:00
Seth Vargo
b421689ab4
Read environment variables for VAULT_HTTP_ADDR and VAULT_TOKEN
2015-04-23 11:43:20 -04:00
Seth Vargo
3fa76e0ea9
Use a pointer config instead
2015-04-23 11:13:52 -04:00
Armon Dadgar
fbaca87f56
api: Support redirect for HA
2015-04-20 11:30:35 -07:00
Mitchell Hashimoto
7442bc1ef6
command/delete
2015-04-07 11:15:20 -07:00
Mitchell Hashimoto
df4dc88176
api: SetToken
2015-03-30 21:20:23 -07:00
Mitchell Hashimoto
c2e1371217
api: re-use proper token constant
2015-03-30 11:14:51 -07:00
Mitchell Hashimoto
02126dd935
api: store token cookie, tests
2015-03-11 17:46:42 -05:00
Mitchell Hashimoto
de159fdac8
api: document jar requirement
2015-03-11 17:46:41 -05:00
Mitchell Hashimoto
886812ecce
api: automatically get errors in RawRequest
2015-03-11 17:46:41 -05:00
Mitchell Hashimoto
798689fb8d
api: sys methods
2015-03-11 17:46:41 -05:00
Mitchell Hashimoto
8ec69eae81
api: start the groundwork API stuff
2015-03-09 11:38:50 -07:00
Mitchell Hashimoto
80f8ba6b88
api: spec
2015-03-04 13:10:10 -08:00