luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
12,503 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

2028 Commits

Author SHA1 Message Date
ncabatoff 4134ef2e98
Ensure that perf standbys can perform seal migrations. (#9690) 2020-08-10 08:35:57 -04:00
Rodrigo D. L d0df8bfa21
adding new config flag disable_sentinel_trace (#9696) 2020-08-10 06:23:44 -04:00
Tom Proctor 4ca978598f
Bundle couchbase database plugin with vault (#9664) 2020-08-07 11:01:04 +01:00
ncabatoff b6fd378ee8
Make manualStepDownCh a 1-buffered channel to ensure StepDown actually steps down in tests. (#9622) 2020-07-31 10:01:51 -04:00
ncabatoff 1154b36b56
Log sanitized config at startup and when it changes. (#9637) 
Co-authored-by: Aleksandr Bezobchuk <aleks.bezobchuk@gmail.com>
 2020-07-30 13:15:00 -04:00
Alexander Bezobchuk 1e262e5648
Merge PR #9581: Rate Limit Quota Headers 2020-07-29 15:15:05 -04:00
Scott Miller 16ca436dd8
Increase expiration timeouts on leases to avoid races in NoopBackend (#9600) 
* Increase expiration timeouts on leases to avoid races in NoopBackend

* Set timeouts depending on whether they are relevant to the test: 1s for irrelevant, back to 20ms if they are

* revert one more
 2020-07-29 10:13:47 -05:00
ncabatoff 003bccd16e
Eliminate global that caused race tests to fail in ent with an internal config setting. (#9604) 2020-07-27 16:10:26 -04:00
ncabatoff ee6e2344dd
Fix a race caused by assignment to core.metricSink (#9560) 2020-07-22 13:52:10 -04:00
ncabatoff 7484fd7c72
Handle "invalid request" failures stemming from a kvv2 upgrade. (#9550) 2020-07-22 10:56:00 -04:00
ncabatoff 3fbc0f35c2
Make runTransit tolerate a non-core-0 leader. (#9548) 2020-07-21 15:50:01 -04:00
Brian Kassouf fd72d92434
raft: Fix some snapshot restore issues (#9533) 
* raft: Remove double read lock

* Reload TLS keyring after reloading the barrier keys
 2020-07-21 10:59:07 -07:00
ncabatoff d2436a9c56
Make standbyStopCh atomic to avoid data races (#9539) 2020-07-21 08:34:07 -04:00
ncabatoff d777708fde
Improve logging, and add polling to the post-stepdown leader check. (#9530) 2020-07-20 12:44:23 -04:00
ncabatoff a31fd27069
Use the accessor method so state lock is used to check perf standby status. (#9496) 2020-07-20 10:34:16 -04:00
ncabatoff 3ddc837ce3
Make sure cluster is stopped before wiping storage. (#9526) 2020-07-20 09:32:38 -04:00
Vishal Nayak 14779e9f9d
Remove prefix for exception paths; add sys/internal/ui/mounts (#9512) 2020-07-17 10:55:38 -04:00
Mike Jarmy 93ff4c098c
Add a lock to seal migration (#9485) 
* add a lock to seal migration

* switch to CompareAndSwapInt32

* switch to uber go-atomic
 2020-07-16 15:14:29 -04:00
Alexander Bezobchuk ea13485c7d
Merge PR #9502: Resource Quotas: Remove 'burst' Param from Rate Limiter 2020-07-16 14:34:43 -04:00
Vishal Nayak 4e4cb5289a
Fetch quota by name before updating it (#9466) 
* Fix quotas update

* Update doc
 2020-07-15 13:25:00 -04:00
Mark Gritter c4dbbccef3
Remove namespace from mount_point label. (#9436) 
* Remove namespace from mount_point label.
* Fix the other two places where vault.token.creation is emitted.
 2020-07-14 14:28:11 -05:00
Calvin Leung Huang cf354f6438
quotas: fix data race that could occur if ApplyQuota was called durin… (#9458) 
* quotas: fix data race that could occur if ApplyQuota was called during a db reset

* Abstract out the locking caller

* Remove unneeded lock

* Update

Co-authored-by: Vishal Nayak <vishalnayakv@gmail.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
 2020-07-13 11:42:39 -07:00
ncabatoff c822a4bffb
Modifying base can break tests that share the same coreConfig passed to NewTestCluster. (#9451) 2020-07-10 13:11:18 -04:00
Josh Black 38fc012817
Backport the pieces of the replication API changes (#9425) 2020-07-09 15:11:37 -07:00
Alexander Bezobchuk f7c1907683
Merge PR #9437: tests: Port #1315 from enterprise 2020-07-09 17:16:31 -04:00
Brian Kassouf f8df68b673
seal: Fix issue migrating from Auto->Shamir and improve tests (#9430) 
* Fix issue migrating from Auto->Shamir and improve tests

* Undo newline

* fix panic in test

* Fix test panic
 2020-07-09 12:28:17 -07:00
Alexander Bezobchuk dfb28a8fcc
Merge PR #9390: http: revert resource quota changes 2020-07-07 00:05:28 -04:00
Calvin Leung Huang 67444d85b8
test/migration: ensure that leader client is used for storage read check (#9403) 2020-07-06 16:22:07 -07:00
Scott Miller dfbc60cc49
Add mount type to request earlier, so it is populated on audit entries even if the request fails authorization (#9389) 2020-07-06 11:17:41 -05:00
Alexander Bezobchuk f1534a0ed0
Add nil check for quota manager (#9379) 
* Add nil check for quota manager

* Add missing nil checks
 2020-07-01 18:14:33 -07:00
Alexander Bezobchuk fb9cd9db2a
Merge PR #9372: Fix Unauthenticated list 2020-07-01 16:02:14 -04:00
Mark Gritter 707fdea702
Don't return quota error on revoke. (#9374) 
Changed log messages to be clearer about quota operations.
This should fix enterprise unit test failures.
 2020-07-01 14:41:42 -05:00
Calvin Leung Huang 37c0e51142
logical/system: re-introduce ns-awareness in pathInternalUIMountsRead (#9373) 2020-07-01 12:37:11 -07:00
Scott Miller a6f62359a9
Don't setup plugin reload on perf standbys (#9352) 2020-06-30 17:32:06 -05:00
Mike Jarmy 4b2cdfee72
re-enable seal migration (#9351) 
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
 2020-06-30 18:21:18 -04:00
Scott Miller ad292bec73
Fix wrong err return value in plugin reload status command (#9348) 
* Fix wrong return value (discovered when merging to ENT)

* go.mod

* go mod vendor

* Add setup plugin reload hook

* All reloads return something now
 2020-06-30 13:33:30 -05:00
Scott Miller 001ee861bd
Global Plugin Reload: OSS Changes Take II (#9347) 
* Carefully move changes from the plugin-cluster-reload branch into this clean branch off master.

* Don't test this at this level, adequately covered in the api level tests

* Change PR link

* go.mod

* Vendoring

* Vendor api/sys_plugins.go
 2020-06-30 10:26:52 -05:00
Scott Miller e92f8f5a81
Revert global plugin reload commits (#9344) 
* Revert "Some of the OSS changes were clobbered when merging with quotas out of, master (#9343)"

This reverts commit 8719a9b7c4d6ca7afb2e0a85e7c570cc17081f41.

* Revert "OSS side of Global Plugin Reload (#9340)"

This reverts commit f98afb998ae50346849050e882b6be50807983ad.
 2020-06-29 17:36:22 -05:00
Scott Miller cc51427584
Some of the OSS changes were clobbered when merging with quotas out of, master (#9343) 
* OSS side of Global Plugin Reload
 2020-06-29 16:58:51 -05:00
Scott Miller a83fe0fc6d
OSS side of Global Plugin Reload (#9340) 
* OSS side of Global Plugin Reload

* changelog++
 2020-06-29 16:23:28 -05:00
ncabatoff d42ee4f7ef
Ensure "initialized" service registration tag is also present whenever Vault is unsealed, on both Consul and K8s (#8990) 
* Add the initialized tag to Consul registration for parity with k8s (and for easy automated testing).  Ensure that whenever we flag Vault as unsealed, we also flag it as initialized.

* Update API docs.

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
 2020-06-29 16:02:49 -04:00
Calvin Leung Huang babaa93a0f
monitor: watch for seal state during monitor request (#9341) 
* monitor: watch for seal state during monitor request

* monitor: return error regardless of how upstream handles it
 2020-06-29 12:58:41 -07:00
Mark Gritter 873acbefbd
Unit test that fails to demonstrate identity store problem. (#9339) 
Fix test compilation error.
 2020-06-29 13:33:25 -05:00
Vishal Nayak 6bd5674345
Reset quota manager during shutdown (#9331) 2020-06-29 13:23:10 -04:00
Vishal Nayak c6876fe00f
Resource Quotas: Rate Limiting (#9330) 2020-06-26 17:13:16 -04:00
Javier Ramos 16070564cb
Calculate percentage when displaying progress in tidy operation (#9233) 
* Calculate percentage when displaying progress in tidy operation

* Update vault/token_store.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update vault/token_store.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
 2020-06-26 12:44:45 -07:00
Mark Gritter a5d2edece2
Enable identity entity collection. (#9324) 2020-06-25 18:54:38 -05:00
Scott Miller 57c6ae4233
Test for overflow of the capacity value (#9317) 2020-06-25 11:22:13 -05:00
Mark Gritter a54a3b6a66
Entity and alias counts (#9262) 
* Added gauge collectors for entity counts.
* Entity and alias gauges.
* Locking around accessor to core.identityStore and core.mount.
 2020-06-23 19:45:59 -05:00
Mark Gritter 97d415d024
Token gauge metrics implementation. (#9239) 
* Token gauge metrics implementation.
* Enable gauges only when interval is nonzero.
* Added count by TTL
* Yandle "in restore mode" error specifically.
* Refactored initialization code for gauge collection processes.
* Fixed for multiple namespaces.
* Ability to disable individual gauges with environment variable.
* changelog++
 2020-06-23 18:36:24 -05:00