Commit graph

214 commits

Author SHA1 Message Date
Paweł Rozlach 33b4683dfd Post-review fixes for file/zk recursive empty prefix delete 2016-10-05 08:08:00 -04:00
Pawel Rozlach 41ade15f73 Fix file backend so that it properly removes nested secrets.
This patch makes file backend properly remove nested secrets, without leaving
empty directory artifacts, no matter how nested directories were.
2016-10-04 21:56:12 +02:00
Pawel Rozlach 44b4704cfa Fix zookeeper backend so that properly deletes/lists secrets.
This patch fixes two bugs in Zookeeper backends:
 * backend was determining if the node is a leaf or not basing on the number
   of the childer given node has. This is incorrect if you consider the fact
   that deleteing nested node can leave empty prefixes/dirs behind which have
   neither children nor data inside. The fix changes this situation by testing
   if the node has any data set - if not then it is not a leaf.
 * zookeeper does not delete nodes that do not have childern just like consul
   does and this leads to leaving empty nodes behind. In order to fix it, we
   scan the logical path of a secret being deleted for empty dirs/prefixes and
   remove them up until first non-empty one.
2016-10-04 21:56:12 +02:00
Pawel Rozlach 68fc52958d Add tests for nested/prefixed secrets removal.
Current tests were not checking if backends are properly removing
nested secrets. We follow here the behaviour of Consul backend, where
empty "directories/prefixes" are automatically removed by Consul itself.
2016-10-04 21:55:33 +02:00
Jeff Mitchell 226ef5d78c Make HA in etcd off by default. (#1909)
Fixes #1908

(Doesn't really "fix" it but someone from the community needs to step up
if they want to see this fixed.)
2016-09-21 14:01:36 -04:00
James Pearson Hughes f598c78d98 DynamoDB: fix log typo (#1891) 2016-09-14 15:16:24 -04:00
Jeff Mitchell ffaaacd029 Have file backend remove empty dirs. (#1821)
Add tests to check that prefixes are being properly removed (or at
least, not listed) from backends.
2016-08-31 14:12:28 -04:00
Jeff Mitchell 2ce4397deb Plumb through the ability to set the storage read cache size. (#1784)
Plumb through the ability to set the storage read cache size.

Fixes #1772
2016-08-26 10:27:06 -04:00
Jeff Mitchell 58b32e5432 Convert to logxi 2016-08-21 18:13:37 -04:00
Jeff Mitchell 2860dcc60f gofmt 2016-08-19 16:48:32 -04:00
Jeff Mitchell 734e80ca56 Add permit pool to dynamodb 2016-08-15 19:45:06 -04:00
Jeff Mitchell dcba6129e3 Use dockertest for physical consul tests, and always run them 2016-08-15 16:20:32 -04:00
Jeff Mitchell 37320f8798 Request forwarding (#1721)
Add request forwarding.
2016-08-15 09:42:42 -04:00
Jeff Mitchell 9e204bd88c Add arbitrary string slice parsing.
Like the KV function, this supports either separated strings or JSON
strings, base64-encoded or not.

Fixes #1619 in theory.
2016-08-03 14:24:16 -04:00
Jeff Mitchell c025b292b5 Cleanup 2016-08-03 13:09:12 -04:00
vishalnayak 91e60a5824 Fixed the test after removing shutdown bool 2016-08-01 12:20:38 -04:00
Jeff Mitchell 6ffefb649d Close the shutdown channel instead of sending a value down 2016-08-01 11:58:45 -04:00
vishalnayak 05b8ce8348 Address review feedback 2016-08-01 11:15:25 -04:00
vishalnayak 21d155f4af Fix physical/consul test case 2016-08-01 10:55:47 -04:00
vishalnayak 5ed10f4074 Make the defer statement of waitgroup to execute last 2016-08-01 10:24:27 -04:00
vishalnayak ea2e677f02 Sharing shutdown message with physical consul backend 2016-07-31 10:09:16 -04:00
vishalnayak a8b4fc0d3c Add waitgroup wait to allow physical consul to deregister checks 2016-07-30 13:17:29 -04:00
vishalnayak 32a72e84dc Added test for service tags 2016-07-22 09:04:42 -04:00
vishalnayak 58bd985551 Address review feedback from @jefferai 2016-07-22 08:44:16 -04:00
vishalnayak 9bfb518e3f Make debug statements specify that the logs are for physical/consul 2016-07-22 07:03:14 -04:00
vishalnayak 248889dd1b Fix broken test 2016-07-22 06:42:56 -04:00
vishalnayak 765d131b47 Added service-tags config option to provide additional tags to registered service 2016-07-22 04:41:48 -04:00
vishalnayak bd8ff10462 Address review feedback from @sean 2016-07-21 19:04:43 -04:00
vishalnayak 6872df833a Uniquify the check ID 2016-07-19 14:17:50 -04:00
vishalnayak f54dc7a31e Set QueryOptions while fetching service information from Consul catalog 2016-07-19 14:07:06 -04:00
vishalnayak 11e6fe0fb4 Fix tests 2016-07-19 07:58:47 -04:00
vishalnayak ac7ecbce5c Fixed re-registrations and health-check flatenning issue 2016-07-19 07:06:41 -04:00
Jeff Mitchell c47fc73bd1 Use parsebool 2016-07-18 13:49:05 -04:00
Jeff Mitchell a3ce0dcb0c Turn off DynamoDB HA by default.
The semantics are wonky and have caused issues from people not reading
docs. It can be enabled but by default is off.
2016-07-18 13:19:58 -04:00
vishalnayak c14235b206 Merge branch 'master-oss' into json-use-number
Conflicts:
	http/handler.go
	logical/framework/field_data.go
	logical/framework/wal.go
	vault/logical_passthrough.go
2016-07-15 19:21:55 -04:00
vishalnayak 407722a9b4 Added tls_min_version to consul storage backend 2016-07-12 20:10:54 -04:00
vishalnayak f34f0ef503 Make 'tls_min_version' configurable 2016-07-12 19:32:47 -04:00
vishalnayak 46d34130ac Set minimum TLS version in all tls.Config objects 2016-07-12 17:06:28 -04:00
vishalnayak ad7cb2c8f1 Added JSON Decode and Encode helpers.
Changed all the occurances of Unmarshal to use the helpers.
Fixed http/ package tests.
2016-07-06 12:25:40 -04:00
Tim Schindler b00535bcf5 fixed typo: explitely -> explicitly 2016-06-30 19:10:15 +00:00
Tim Schindler 23f08a139c os.GetEnv -> os.Getenv 2016-06-30 18:53:55 +00:00
Tim Schindler 6a1c142924 added ETCD_ADDR env var to etcd backend 2016-06-30 18:46:00 +00:00
Jeff Mitchell e7a1e95037 Merge pull request #1548 from quixoten/nopreparepsql
Remove prepared stmnts from pgsql physical backend
2016-06-28 16:38:13 +02:00
Jeff Mitchell b8c30aea18 Merge pull request #1502 from hashicorp/pr-1425
Staging area for me to fix up PR 1425
2016-06-08 12:31:31 -04:00
Jeff Mitchell 72a25d018c Add permit pool and cleanhttp support to Swift 2016-06-08 12:20:21 -04:00
Jeff Mitchell da6371ffc3 Merge remote-tracking branch 'origin/master' into pr-1425 2016-06-08 12:10:29 -04:00
Jeff Mitchell 3bf06b47e4 Add permitPool support to Azure 2016-06-08 12:01:43 -04:00
Bill Monkman de8477244e #1486 : Fixed sealed and leader checks for consul backend 2016-06-03 16:00:31 -07:00
Devin Christensen b0f50ecb6c Remove prepared stmnts from pgsql physical backend
Prepared statements prevent the use of connection multiplexing software
such as PGBouncer. Even when PGBouncer is configured for [session mode][1]
there's a possibility that a connection to PostgreSQL can be re-used by
different clients.  This leads to errors when clients use session based
features (like prepared statements).

This change removes prepared statements from the PostgreSQL physical
backend. This will allow vault to successfully work in infrastructures
that employ the use of PGBouncer or other connection multiplexing
software.

[1]: https://pgbouncer.github.io/config.html#poolmode
2016-05-26 17:07:21 -06:00
Stuart Glenn 1fea2799a5 Add backend for OpenStack Swift 2016-05-16 17:29:23 -05:00