luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
8095 commits 1 branch 0 tags 214 MiB
Commit graph

8095 commits

This branch
This branch
All branches
Author SHA1 Message Date
Brian Kassouf 248b988586
Add debug comment when singleton reload is skipped (#4625) 2018-05-23 17:52:11 -07:00
Brian Kassouf 210df327d1
ui/mounts: Add a better error message when permission is denied (#4624) 
* ui/mounts: Add a better error message when permission is denied

* Update logical_system.go
 2018-05-23 17:47:54 -07:00
Jeff Mitchell 7749f3cb3f Prevent warnings from showing in individual commands when format is not table, in addition to the existing hiding of higher-level deprecation warnings 2018-05-23 17:13:39 -04:00
Jeff Mitchell 396457ce03
Don't use environment as a mechanism for floating format around. (#4622) 
This turns out to not work very well for the demo server. Also,
it's kinda hacky.
 2018-05-23 16:45:17 -04:00
Jeff Mitchell f1c3ddc566
Fix panic on deprecated audit-disable and some cleanup (#4619) 2018-05-23 12:34:48 -04:00
Matthew Irish 23778935b0
UI - make engine list more consistent with the auth method list (#4598) 
* remove expanding behavior from engines list and add a configuration route

* use page header component, secret tab component for the template on the secret engine configuration route

* move abstraction to secret-list-header and remove secret-tabs

* add attrs to secret engine model and adjust mount controller code to support that

* fix top level nav so that we can use the back button properly

* fix tests
 2018-05-23 11:25:52 -05:00
Jeff Mitchell 8a9cd42fe9 Interactive server now uses kvv2 so update text 2018-05-23 09:59:52 -04:00
Jeff Mitchell ddf90c4f38 changelog++ 2018-05-23 09:57:27 -04:00
Jeff Mitchell 84eaebb774
Add missing flags to KV commands and simplify boilerplate (#4617) 2018-05-23 09:56:47 -04:00
Chris Hoffman d066c4a2a8
remove incorrect parameter 2018-05-23 08:58:27 -04:00
Matthew Irish e54650e6dc
Update CHANGELOG.md 2018-05-22 16:52:28 -05:00
Matthew Irish c283930983
fix issue where unwrapping a response with an auth block wouldn't work (#4611) 2018-05-22 16:49:29 -05:00
Jeff Mitchell 1414eb5e32 Add a switch for the demo server to use version 2 kv mount by default 2018-05-22 17:31:36 -04:00
Chris Hoffman 59a91dc472
changelog++ 2018-05-22 16:52:18 -04:00
Jeff Mitchell e55a3c7e9b Update to TrustedCAFile for etcd as CAFile is deprecated and removed in latest libs 2018-05-22 15:46:39 -04:00
Jeff Mitchell 18f23f68a1 Specify go-oidc v2 for update-deps 2018-05-22 15:42:54 -04:00
Becca Petrin 44678e9ada
Fix possible nil pointer on mapping method (#4609) 2018-05-22 12:10:36 -07:00
Yoko 11646db916
Seal Wrap / FIPS 140-2 Compliance guide (#4558) 
* WIP - Seal Wrap guide

* WIP: Seal Wrap guide

* Added a brief description about the Seal Wrap guide

* Incorporated feedbacks

* Updated FIPS language

Technically everything looks great. I've updated some of the language here as "compliance" could be interpreted to mean that golang's crypto and xcrypto libraries have been certified compliant with FIPS. Unfortunately they have not, and Leidos' cert is only about how Vault can operate in tandem with FIPS-certified modules.

It's a very specific update, but it's an important one for some VE customers.

Looks great - thanks!

* Removed 'Compliance' from title

* typo fix
 2018-05-22 11:23:11 -07:00
Jeff Mitchell d60360ddbe Add instructions for both kvv1 and kvv2 to getting started policies info 2018-05-22 14:07:12 -04:00
Yoko d88e4d5019
Mount Filters guide (#4536) 
* WIP: Mount filter guide

* WIP

* Mount filter guide for CLI, API, and UI

* updated the next step

* Updated the verification steps

* Added a note about the unseal key on secondaries

* Added more details

* Added a reference to mount filter guide

* Added a note about generating a new root token

* Added a note about local secret engine
 2018-05-22 08:57:36 -07:00
Jeff Mitchell bc50ec113a changelog++ 2018-05-22 10:39:24 -04:00
Chris Hoffman 3db5a6adaa
updating link 2018-05-22 10:00:20 -04:00
Dan Brown 013e4e4d81 Fix typo (#4607) 2018-05-22 08:30:13 -04:00
Becca Petrin 4c1d8013f3
move fields and field parsing to helper (#4603) 2018-05-21 17:04:26 -07:00
Chris Hoffman ae43f2c25e
adding options information to mount endpoint (#4606) 2018-05-21 16:39:43 -04:00
madalynrose 7ec2cb5f37
Update CHANGELOG.md 2018-05-21 14:54:05 -04:00
madalynrose e42a99ced3
update hmac form and component to use 'algorithm' instead of 'hash-algorithm' (#4604) 2018-05-21 14:50:54 -04:00
Becca Petrin fb04064967
Restrict userpass logins & tokens by CIDR (#4557) 2018-05-21 11:47:28 -07:00
Brian Kassouf bc4372741f
Don't reload singleton mounts (#4593) 2018-05-21 11:05:04 -07:00
Jeff Mitchell d0402f5084 changelog++ 2018-05-21 09:21:24 -04:00
Jeff Mitchell c737778c8d Make description of prehashed a bit more friendly 2018-05-21 09:08:22 -04:00
Jeff Mitchell cec2123a98 changelog++ 2018-05-19 13:25:27 -04:00
Jeff Mitchell 72200603c6
Fix role writing not allowing key_type of any (#4596) 
Fixes #4595
 2018-05-19 10:24:43 -07:00
Jeff Mitchell 3a568b6175 Update key_type parameter description 2018-05-19 12:20:37 -04:00
Jeff Mitchell 701275aa21 Bump travis go version 2018-05-19 12:07:13 -04:00
Kevin Paulisse 6d93ea4d77 Docs: Clarify that revoking token revokes dynamic secrets (#4592) 2018-05-18 23:27:53 -07:00
Jeff Mitchell 0e627dc4c6 Update issue templates 2018-05-18 17:49:30 -04:00
Jeff Mitchell 9653b539a6 Update issue templates 2018-05-18 17:46:31 -04:00
Jeff Mitchell 84e1c87d3c Update issue templates 2018-05-18 17:20:36 -04:00
Jeff Mitchell c03d80e81d changelog++ 2018-05-18 16:35:01 -04:00
Jeff Mitchell 6b345ccdef
Use copystructure when assigning allowed/denied params from nil check (#4585) 
Fixes #4582
 2018-05-18 13:33:49 -07:00
Calvin Leung Huang 90d305a322
Optimize revokeSalted by not calling view.List twice (#4465) 
* Optimize revokeSalted by not calling view.List twice

* Minor comment update

* Do not go through the orphaning dance if we are revoking the entire tree

* Update comment
 2018-05-18 12:14:42 -07:00
Calvin Leung Huang 95958dd9f9
Use a token store with an initialized exp mananger in TestTokenStore_RevokeSelf (#4590) 2018-05-18 12:13:37 -07:00
Jeff Mitchell 484b32d3da Update go-retryablehttp de 2018-05-18 15:11:44 -04:00
Calvin Leung Huang d7017c7924
Return as internal error on failed token lookup (#4589) 2018-05-18 10:14:31 -07:00
Jeff Mitchell c42276bc3a
Update command in UI DR guide to non-deprecated version (#4588) 2018-05-18 09:43:12 -07:00
Jeff Mitchell 5a35dac726 Add missing drsecondarycode to health API docs 2018-05-18 12:39:13 -04:00
Calvin Leung Huang 08720c93ec
Return ts.Lookup error on handleCreateCommon (#4587) 
* Return ts.Lookup error on handleCreateCommon

* Fix test
 2018-05-18 09:30:03 -07:00
Jeff Mitchell 30dc66221c Flip documented resolve_aws_unique_id value 
Fixes #4583
 2018-05-18 12:05:52 -04:00
Reid Wiggins 9813794bc2 Add documentation for MySQL 5.6 root rotation (#4584) 
The default root rotation statement for MySQL is only valid for 5.7 and
up. This commit adds example documentation for 5.6.

Fixes #4567
 2018-05-18 08:56:11 -07:00