Commit graph

10615 commits

Author SHA1 Message Date
Becca Petrin 5b9d49fc2d add elasticsearch database engine 2019-06-10 09:19:11 -07:00
Brian Kassouf 414035956c
changelog++ 2019-06-07 09:56:08 -07:00
Brian Kassouf 8ea9486dc4
changelog++ 2019-06-07 09:54:40 -07:00
Becca Petrin 66aaa46588 add PCF auth method, agent, and cli handler 2019-06-06 12:26:04 -07:00
Jeff Mitchell 6d71da0401 Update vendoring 2019-06-06 13:51:34 -04:00
Justin Weissig 0ae53eb5aa docs: minor fixes to improve sentence flow (#6839) 2019-06-06 08:25:59 -07:00
Jeff Mitchell c02abb969c
Attempt to grab read statelock in emit metrics to remove some raciness (#6829) 2019-06-05 12:26:29 -04:00
Jeff Mitchell 068b38faa0
Make flushing the cache race safe (#6828)
* Make flushing the cache race safe

* Remove noop aborts
2019-06-05 02:52:18 -04:00
Jeff Mitchell 841616defa Remove data races around error/latency injector rand objects 2019-06-05 01:37:40 -04:00
Michael Gaffney 055c5ff311
Fix data race in kvv2_upgrade_test (#6825) 2019-06-04 18:48:31 -04:00
Lexman 9aa4662cec transit cache is an Interface implemented by wrapped versions of sync… (#6225)
* transit cache is an Interface implemented by wrapped versions of syncmap and golang-lru

* transit cache is an Interface implemented by wrapped versions of syncmap and golang-lru

* changed some import paths to point to sdk

* Apply suggestions from code review

Co-Authored-By: Lexman42 <Lexman42@users.noreply.github.com>

* updates docs with information on transit/cache-config endpoint

* updates vendored files

* fixes policy tests to actually use a cache where expected and renames the struct and storage path used for cache configurations to be more generic

* updates document links

* fixed a typo in a documentation link

* changes cache_size to just size for the cache-config endpoint
2019-06-04 15:40:56 -07:00
Jeff Mitchell 30e1f4c505 changelog++ 2019-06-04 16:50:09 -04:00
Jeff Mitchell fe251f3af3 changelog++ 2019-06-04 16:48:14 -04:00
Matthew Irish 813c9f0a92
fix error when running formatOptions on items that don't come from the API response (#6824) 2019-06-04 12:44:58 -05:00
Jeff Mitchell 38c0a9d7a5 Audit listing with format json returns json, not a string (#6776)
* Audit listing with format json returns json, not a string

Fixes #6775

* list, kv list and namespace list with format json returns json, not a string

* Changed audit list return code to 2 which aligns with other list commands return codes
2019-06-04 10:36:34 -07:00
Jeff Mitchell 5f7321dcc7 Fix a case where mounts could be duplicated (#6771)
When unmounting, the router entry would be tainted, preventing routing.
However, we would then unmount the router before clearing storage, so if
an error occurred the router would have forgotten the path. For auth
mounts this isn't a problem since they had a secondary check, but
regular mounts didn't (not sure why, but this is true back to at least
0.2.0). This meant you could then create a duplicate mount using the
same path which would then not conflict in the router until postUnseal.

This adds the extra check to regular mounts, and also moves the location
of the router unmount.

This also ensures that on the next router.Mount, tainted is set to the
mount entry's tainted status.

Fixes #6769
2019-06-04 10:33:36 -07:00
Michel Vocks 71e99d9490 Added missing entity_id to SecretAuth struct (#6819) 2019-06-04 10:04:20 -07:00
Justin Weissig ef17e7cbaa Update comment spelling in postgresql.go (#6817)
Fixed minor comment: PostgresSQL/PostgreSQL
2019-06-04 02:29:36 -05:00
Justin Weissig fb75728c71 docs: minor spelling fix (#6818)
Fixed spelling: PostgresSQL/PostgreSQL.
2019-06-04 02:28:44 -05:00
Martin Lee 07978c08d6 Update pki-engine docs (#6238)
The user needs to set a decent TTL for the intermediate cert, otherwise all certs issued will be valid only for 30 minutes max.
2019-06-03 15:45:11 -05:00
Matthew Irish b0701f528d
changelog++ 2019-06-03 15:30:24 -05:00
Madalyn 43f4c5532d use ember-power-select-with-create instead of ember-power-select (#6728)
* use ember-power-select-with-create instead of ember-power-select

* add custom Add message to clarify whether you need a name or ID

* add search-select to storybook

* add wormhole div for ember-basic-dropdown

* add search-select to storybook

* make sure knobs are working

* remove unused code
2019-06-03 15:25:59 -05:00
Justin Weissig ff3e23e050 docs: fixed typos (#6809)
Fixed two typos: lifecyle + specfied.
2019-05-31 14:33:13 -05:00
Martin Lee b7dadc11e6 Add hard-won practical knowledge to the Okta notes (#6808) 2019-05-31 11:44:59 -05:00
Jim Kalafut 8f1eeda737
Fix OIDC API examples (#6803)
Fixes #6684
2019-05-30 21:50:34 -05:00
benz0 2e6686cc18 Explain owner role requirement (#6801) 2019-05-30 21:25:30 -05:00
Justin Weissig 3fc537da0b docs: spelling (#6799)
Fixed spelling: Specifiy/Specify.
2019-05-30 21:20:57 -05:00
Justin Weissig 7643eda03f docs: wording (#6798)
Fixed minor sentence flow: an sealed state -> a sealed state.
2019-05-29 19:13:13 -05:00
Jeff Mitchell 51eae6c3c1 Bump AWS plugin again 2019-05-28 17:37:47 -04:00
Joel Thompson 98ee4b84b4 Bump AWS SDK dependency to latest (#6788)
Also pull the latest into the local vendor
2019-05-28 16:36:32 -05:00
tonyd 0570966cb9 Allow logical backends access to the disabled state of an entity (#6791)
* Allow logical backends access to the disabled state of an entity via SystemView.EntityInfo().

* Add generated file in vendor directory.
2019-05-28 16:31:50 -05:00
Jeff Mitchell 1b30d21705 changelog++ 2019-05-28 17:26:11 -04:00
Jeff Mitchell 78746c7ace Make fmt 2019-05-28 17:25:23 -04:00
Jeff Mitchell ff2e8053e8
Fully omitempty audit (#6727) 2019-05-28 16:24:30 -05:00
Justin Weissig 2d727a5640 docs: wording (#6746)
* docs: wording

Fixed wording: "lets create an"/"lets create a"

* Update website/source/docs/secrets/nomad/index.html.md

Co-Authored-By: Jeff Mitchell <jeffrey.mitchell@gmail.com>
2019-05-24 15:44:09 -04:00
Brian Shumate 543e149b8c Docs: Minor updates to PKI Secrets Engine (#6778)
* Docs: Minor updates to PKI Secrets Engine

- Update `ttl` and `max-lease-ttl` values from _43800_ which
  appears to be a typo, to _4380_; this helps avoid warnings
  like: "The expiration time for the signed certificate is
  after the CA's expiration time. If the new certificate is
  not treated as a root, validation paths with the
  certificate past the issuing CA's expiration time will
  fail." when following the Quick Start and using the tuned
  Root CA TTL of 8760h
- Change _my-role_ role name to _example-dot-com_ in **Setup**
  to help reduce confusion and match what is used in
  **Quick Start**

* ttl changes
2019-05-24 15:39:56 -04:00
Srikanth Venkatesh d08edf7483 Typo in concepts/policy-syntax (#6782) 2019-05-24 15:39:11 -04:00
Sam Salisbury 78c6668d80 ci: make ember-ci-test (browserstack) (#6751)
* ci: make ember-ci-test (browserstack) VLTES-28

* Update .circleci/config.yml

Co-Authored-By: Josh Freda <jfreda@users.noreply.github.com>

* Update .circleci/config.yml

Co-Authored-By: Josh Freda <jfreda@users.noreply.github.com>

* ci: rename test-ember -> test-ui-browserstack

* Makefile: ember-ci-test -> test-ui-browserstack

- Use the same name for this test everywhere to reduce cognitive load.

* browserstack: exit non-zero on failure to connect

* .travis.yml: ember-ci-test -> test-ui-browserstack

* browserstack: add vault bin to the path

* Makefile: browserstack: fail early w/clear msgs

This might save someone time later. The same checks could be applied
elsewhere too trivially.
2019-05-24 08:02:51 -04:00
Srikanth Venkatesh b9f67e5622 Fixed typo in documentation on vault internals/architecture (#6781) 2019-05-23 21:58:31 -07:00
nathan r. hruby 0762d9c6eb
fix indeting for mount options (#6780) 2019-05-23 19:09:52 -07:00
Jeff Mitchell 1943cc7380 Update vendor 2019-05-23 10:44:19 -04:00
ncabatoff ad28263b69
Allow plugins to submit audit requests/responses via extended SystemView (#6777)
Move audit.LogInput to sdk/logical.  Allow the Data values in audited
logical.Request and Response to implement OptMarshaler, in which case
we delegate hashing/serializing responsibility to them.  Add new
ClientCertificateSerialNumber audit request field.

SystemView can now be cast to ExtendedSystemView to expose the Auditor
interface, which allows submitting requests and responses to the audit
broker.
2019-05-22 18:52:53 -04:00
Matthew Irish f34427c523
changelog++ 2019-05-22 16:09:02 -05:00
Matthew Irish 23946d75a7
web-cli quote parsing (#6755)
* upgrade yargs-parser for better quote handling

* remove encoding pre&post parse, and remove wrapping quotes when pushing to data array

* add test for spaces and strings

* base64 encode policy strings in tests where we're using them with string interpolation

* improve regex to only remove wrapping single and double quotes

* don't support quotes in paths in the web cli
2019-05-22 16:07:42 -05:00
Calvin Leung Huang 39cf729114
changelog++ 2019-05-22 10:21:22 -07:00
Calvin Leung Huang 18d769ae96
changelog++ 2019-05-22 09:25:42 -07:00
Calvin Leung Huang 679f7415ea
agent/caching: support proxying request query parameters (#6772)
* agent/caching: support proxying request query parameters

* update comment

* rejig other agent log messages to output method followed by path
2019-05-22 09:21:47 -07:00
Josh Freda 4a75183b90
Move no_output_timeout to the correct spot (#6773) 2019-05-22 10:09:24 -05:00
Matthew Irish 5c4b828d75
changelog++ 2019-05-22 09:53:32 -05:00
Matthew Irish 663e344f87
Change tab completion in the UI to prefer common prefix (#6759)
* add common-prefix util and use it in the list controller

* add test

* browser js for in-repo dirs

* address PR feedback
2019-05-22 09:28:34 -05:00