This was inspired by #7022 but has the advantage of avoiding
double-locking and needing to perform lock upgrades while also
simplifying the logic and being faster.
Original, #7022, this:
goos: linux
goarch: amd64
pkg: github.com/hashicorp/vault/builtin/audit/file
BenchmarkAuditFile_request-4 30000 60734 ns/op
PASS
ok github.com/hashicorp/vault/builtin/audit/file 2.428s
goos: linux
goarch: amd64
pkg: github.com/hashicorp/vault/builtin/audit/file
BenchmarkAuditFile_request-4 50000 34772 ns/op
PASS
ok github.com/hashicorp/vault/builtin/audit/file 2.086s
goos: linux
goarch: amd64
pkg: github.com/hashicorp/vault/builtin/audit/file
BenchmarkAuditFile_request-4 50000 25302 ns/op
PASS
ok github.com/hashicorp/vault/builtin/audit/file 1.542s
Fixes#7014Closes#7022
* Add leeway parameters to JWT auth doc
* Clarify leeway doc
* Apply suggestions from code review
Co-Authored-By: Jim Kalafut <jim@kalafut.net>
* Add note about only being applicable to JWT
* Update for negative values
* Implemented token backend support for identity
* Fixed tests
* Refactored a few checks for the token entity overwrite. Fixed tests.
* Moved entity alias check up so that the entity and entity alias is only created when it has been specified in allowed_entity_aliases list
* go mod vendor
* Added glob pattern
* Optimized allowed entity alias check
* Added test for asterisk only
* Changed to glob pattern anywhere
* Changed response code in case of failure. Changed globbing pattern check. Added docs.
* Added missing token role get parameter. Added more samples
* Fixed failing tests
* Corrected some cosmetical review points
* Changed response code for invalid provided entity alias
* Fixed minor things
* Fixed failing test
If only a non-_token field is provided we don't want to clear out the
Token version of the params, we want to set both. Otherwise we can't
rely on using the Token version of the parameter when creating the Auth
struct.
* lay groundwork for application serializer to setup capabilities relationships
* add api path util and tests, and attach-capabilites fn
* make attach-capabilities work with array responses, add tests
StoragePackerV2 rewrite based on variadic API instead of bucket-based API.
* Working variadic functions
* Invalidate method for replciation
* Unit tests
* Return specialized error type
* Add a helper for extracting gRPC codes from errors
* Fix spacing in example
* Drop grpc codes
* Fix storing of decoded errors
* Refactor table driven tests to use subtests
* sdk/framework: add TypeSignedDurationSecond FieldType
Adds the TypeSignedDurationSecond FieldType which accepts positive and
negative durations. The existing TypeDurationSecond FieldType does not
accept negative durations.
* Add tests for 0 for TypeDurationSecond and TypeSignedDurationSecond
* move download-button and toolbar-download-button to core addon
* add ca model and adapter and show CA on the engine configuration page
* add other side of model relationship for kmip ca<->config
* ci: update Makefile
- Copied from c5c5149583/copythis.circleci/Makefile
* Makefile: make ci- targets phony and more explicit
* ci: add pre-flight checks
- Right now just validates ci config is up to date.
* ci: add --skip-update-check to circleci
* ci: remove cruft from Makefile
* ci: fix missing source dir error message
* ci: consolidate circleci path handling
* initialize tooltip
* style tooltip
* show date in tooltip
* show tooltip on hover
* style tooltip
* add hover padding for when bar is very short
* add tooltip test and format tooltip date
* revert to using real data
* update comment about binding the tooltip to shadowBars
* remove d3array
* use double colons for pseudo elements
* use elementId in bars-container id name to prevent clashing
* use Object.freeze to eliminate linting error
Jeff Mitchell