Jeff Mitchell
12bd2f430b
Ensure generatePolicy checks disk, not just the cache, now that we aren't eager loading
2016-01-28 13:10:59 -05:00
Jeff Mitchell
dd1b94fbd6
Remove eager loading
2016-01-28 08:59:05 -05:00
Jeff Mitchell
be83340b14
Embed the cache directly
2016-01-27 21:59:20 -05:00
Jeff Mitchell
48c9f79896
Implement locking in the transit backend.
...
This ensures that we can safely rotate and modify configuration
parameters with multiple requests in flight.
As a side effect we also get a cache, which should provide a nice
speedup since we don't need to decrypt/deserialize constantly, which
would happen even with the physical LRU.
2016-01-27 17:03:21 -05:00
Jeff Mitchell
df4469cc4e
Update contribution guide
2016-01-27 15:17:11 -05:00
Armon Dadgar
9dc9264629
Merge pull request #791 from hashicorp/contributing-guide
...
Adds a CONTRIBUTING guide
2016-01-27 11:52:16 -08:00
Jeff Mitchell
92a0fae392
Changelog formatting
2016-01-27 14:33:41 -05:00
Jeff Mitchell
6d21bb7b98
Changelog formatting
2016-01-27 14:05:20 -05:00
Jeff Mitchell
dd89018511
changelog++
2016-01-27 13:43:53 -05:00
Jeff Mitchell
b7a8d529fe
Merge pull request #977 from hashicorp/transit-key-archiving
...
Transit key archiving
2016-01-27 13:42:30 -05:00
Jeff Mitchell
d1b2bf3183
Move archive location; also detect first load of a policy after archive
...
is added and cause the keys to be copied to the archive.
2016-01-27 13:41:37 -05:00
Jeff Mitchell
369d0bbad0
Address review feedback
2016-01-27 13:41:37 -05:00
Jeff Mitchell
e5a58109ec
Store all keys in archive always
2016-01-27 13:41:37 -05:00
Jeff Mitchell
30ffc18c19
Add unit tests
2016-01-27 13:41:37 -05:00
Jeff Mitchell
5000711a67
Force min decrypt version to 1 if it's zero, which allows fixing problematic archiving logic
2016-01-27 13:41:37 -05:00
Jeff Mitchell
7a27dd5cb3
Fix logic bug when restoring keys
2016-01-27 13:41:37 -05:00
Jeff Mitchell
004b35be36
Fix decrementing instead of incrementing
2016-01-27 13:41:37 -05:00
Jeff Mitchell
beafe25508
Initial transit key archiving work
2016-01-27 13:41:37 -05:00
Jeff Mitchell
1769984368
Bump godeps
2016-01-27 13:41:26 -05:00
Jeff Mitchell
5f379ccfb6
Merge pull request #976 from hashicorp/audit-panic
...
Use reflect.Value.String() rather than a type assertion.
2016-01-26 13:05:05 -05:00
Jeff Mitchell
658a995eed
Bump travis to 1.5.3
2016-01-26 12:47:45 -05:00
Jeff Mitchell
ef84e04fd7
Add unit test for audit change
2016-01-26 12:47:04 -05:00
Jeff Mitchell
f0c66f0b8c
Use reflect.Value.String() rather than a type assertion.
...
Fixes a panic in hashstructure/auditing that can occur with custom
string types.
Fixes #973
2016-01-26 12:32:50 -05:00
Jeff Mitchell
1107a068b7
Merge pull request #972 from rajanadar/patch-7
...
added the delete api details to generic backend
2016-01-26 09:49:06 -05:00
Jeff Mitchell
bc04e4eec2
Merge pull request #971 from rajanadar/patch-6
...
added the delete api details to cubbyhole
2016-01-26 09:48:47 -05:00
Jeff Mitchell
92d42aa6c7
Merge pull request #969 from rajanadar/patch-4
...
fixing the description of the /lookup/<token> api
2016-01-26 09:48:22 -05:00
Jeff Mitchell
c1f4957fe9
Merge pull request #970 from rajanadar/patch-5
...
fixing an incorrect json response field name
2016-01-26 09:47:54 -05:00
Raja Nadar
741c23cb4a
added the delete api details to generic backend
...
documentation was missing this api description
2016-01-25 23:56:33 -08:00
Raja Nadar
64c9eb969d
added the delete api details to cubbyhole
...
cubbyhole delete api details were missing. added them.
2016-01-25 23:47:33 -08:00
Raja Nadar
f02aa2c2c0
fixing an incorrect json response field name
...
changed a read-role api response field from 'revocation_cql' to 'rollback_cql'
didn't verify it using a real cassandra server test, but looked at the source code json schema definition here:
https://github.com/hashicorp/vault/blob/master/builtin/logical/cassandra/path_roles.go
func pathRoles(b *backend) *framework.Path
please feel free to discard the PR, if i am looking at the wrong source location or something.
2016-01-25 23:42:20 -08:00
Raja Nadar
cf9b3c7c66
fixing the description of the /lookup/<token> api
2016-01-25 23:26:29 -08:00
Jeff Mitchell
aede2fcb3e
Merge pull request #968 from nickithewatt/aws-policies-docs
...
AWS secret backend use of existing policy - docs
2016-01-25 23:02:25 -05:00
Nicki Watt
c57072d39a
AWS secret backend - docs when using existing policy
2016-01-26 01:43:14 +00:00
Nicki Watt
35a0d28620
Docs for AWS backend when using an existing policy
2016-01-26 01:39:24 +00:00
Jeff Mitchell
3761f19932
changelog++
2016-01-25 14:48:34 -05:00
Jeff Mitchell
bb73d796ca
Merge pull request #955 from hashicorp/postgres-idle-connections
...
Add a max_idle_connections parameter.
2016-01-25 14:47:28 -05:00
Jeff Mitchell
05e337727f
Document changes
2016-01-25 14:47:16 -05:00
Jeff Mitchell
7390cd5264
Add a max_idle_connections parameter.
2016-01-25 14:47:07 -05:00
Jeff Mitchell
21d658c5fe
Merge pull request #966 from hashicorp/sethvargo/sdata
...
Add structured data
2016-01-24 13:41:02 -05:00
Seth Vargo
64e521a68b
Add structured data
2016-01-24 13:37:20 -05:00
Jeff Mitchell
59fc5d0f8d
Merge pull request #964 from hashicorp/patched-1.5.3
...
Add a Dockerfile to build 1.5.3 with patches.
2016-01-23 20:11:02 -05:00
Jeff Mitchell
b2ab68f814
Add a Dockerfile to build 1.5.3 with patches.
...
Specifically this pulls in the following:
https://go-review.googlesource.com/12717
https://go-review.googlesource.com/17247
These fix bugs users have encountered -- the first with the PKI backend,
and the second with Vault generally, as it can bite any use of a
certificate within Vault (listener, cert credential backend, pki
backend).
These are in 1.6, but it will probably be released too late for us given
what is currently known about their release plans and our known
deadline. This lets us build our releases against a patched 1.5.3.
2016-01-23 14:50:23 -05:00
Jeff Mitchell
0c2829d2a2
changelog++
2016-01-23 14:46:20 -05:00
Jeff Mitchell
abd9fe1b73
Merge pull request #961 from rajanadar/patch-3
...
fixed login link,request params,add json response
2016-01-23 14:45:27 -05:00
Jeff Mitchell
e772a3e695
Merge pull request #963 from hashicorp/fail-unsup-path
...
If the path is not correct, don't fail due to existence check, fail d…
2016-01-23 14:05:32 -05:00
Jeff Mitchell
8b9fa042fe
If the path is not correct, don't fail due to existence check, fail due to unsupported path
2016-01-23 14:05:09 -05:00
Raja Nadar
d3434f8f03
clarify default mountpoint
2016-01-23 11:02:00 -08:00
Jeff Mitchell
e9f067f8e0
Merge pull request #960 from rajanadar/patch-2
...
mention that this is an unauthenticated endpoint
2016-01-23 10:24:16 -05:00
Jeff Mitchell
3b7a533b5a
Fix test on 1.6 by comparing to nil instead of a nil-defined map
2016-01-22 21:26:06 -05:00
Jeff Mitchell
c7c8dc3f5b
changelog++
2016-01-22 21:24:25 -05:00