Commit graph

358 commits

Author SHA1 Message Date
Jeff Mitchell cc1f5207b3 Merge branch 'master' into token-roles 2016-03-07 10:03:54 -05:00
Jeff Mitchell 0998e1cdf9 Update help text exporting dev mode listen address.
Ping #1160
2016-03-03 18:10:14 -05:00
Jeff Mitchell 3e7bca82a1 Merge pull request #1146 from hashicorp/step-down
Provide 'sys/step-down' and 'vault step-down'
2016-03-03 12:30:08 -05:00
Jeff Mitchell 69c853fd2f Add the ability to specify dev mode address via CLI flag and envvar.
Fixes #1160
2016-03-03 10:48:52 -05:00
Jeff Mitchell 750b33c51b Add ability to control dev root token id with
VAULT_DEV_ROOT_TOKEN_ID env var, and change the CLI flag to match.

Ping #1160
2016-03-03 10:24:44 -05:00
Jeff Mitchell 8011148fb5 Allow specifying an initial root token ID in dev mode.
Ping #1160
2016-03-02 12:03:26 -05:00
Jeff Mitchell 521a956e4d Address review feedback 2016-03-01 20:25:40 -05:00
Jeff Mitchell addf92e185 Allow token-renew to not be given a token; it will then use the
renew-self endpoint. Otherwise it will use the renew endpoint, even if
the token matches the client token.

Adds an -increment flag to allow increments even with no token passed
in.

Fixes #1150
2016-03-01 17:02:48 -05:00
Jeff Mitchell 8a500e0181 Add command and token store documentation for roles 2016-03-01 13:02:40 -05:00
Jeff Mitchell ef990a3681 Initial work on token roles 2016-03-01 12:41:40 -05:00
vishalnayak 6314057b9a fix typo 2016-03-01 11:48:17 -05:00
Jeff Mitchell 11ddd2290b Provide 'sys/step-down' and 'vault step-down'
This endpoint causes the node it's hit to step down from active duty.
It's a noop if the node isn't active or not running in HA mode. The node
will wait one second before attempting to reacquire the lock, to give
other nodes a chance to grab it.

Fixes #1093
2016-02-26 19:43:55 -05:00
Grégoire Paris 6de1a0ecd7 add missing verb 2016-02-26 14:43:56 +01:00
Jeff Mitchell efc48f2473 Fix CLI formatter to show warnings again on CLI list output. 2016-02-24 21:45:58 -05:00
Jeff Mitchell 5a35ee2ddd Merge pull request #1080 from jkanywhere/improve-formatter
Refactor formatting of output
2016-02-24 21:36:57 -05:00
vanhalt a387725e96 help sentence improved 2016-02-22 09:38:30 -06:00
vanhalt 31862dc5c2 When writing from a file it must be a JSON file
Making clear from write help text that when writing secrets
using @file, the file must be a JSON file.
2016-02-21 19:02:09 -06:00
vanhalt d0489e16c1 Fixing auth-enable help text
auth-enable command help in the "Auth Enable Options" is suggesting
the usage of a non-existing command called 'auth-list' instead of
the correct one "auth -methods"
2016-02-21 14:54:50 -06:00
Vishal Nayak 597ba98895 Merge pull request #1099 from hashicorp/fix-ssh-cli
ssh: use resolved IP address while executing ssh command
2016-02-19 13:02:34 -05:00
Jeff Mitchell 28857cb419 Fix mixed whitespacing in ssh help text 2016-02-19 12:47:58 -05:00
vishalnayak bccbf2b87e ssh: use resolved IP address while executing ssh command 2016-02-19 12:19:10 -05:00
Ron Kuris c4c6bbf33c Refactor formatting of output
This change is almost perfectly compatible with the existing code,
except it's a little shorter because it uses a list of a available
formatters that must implement a `command.Formatter` interface.

Also added some basic formatting tests.
2016-02-16 12:27:29 -08:00
Ryan Hileman 1e65c4a01f don't panic when config directory is empty 2016-02-12 16:40:19 -08:00
Jeff Mitchell 5f5542cb91 Return status for rekey/root generation at init time. This mitigates a
(very unlikely) potential timing attack between init-ing and fetching
status.

Fixes #1054
2016-02-12 14:24:36 -05:00
Jeff Mitchell ba71ff7b0c Update documentation for status command to reflect new return codes 2016-02-08 11:36:08 -05:00
Jeff Mitchell da2360c7f4 On the CLI, ensure listing ends with /. 2016-02-03 21:08:46 -05:00
Jeff Mitchell 38c51f9412 Fix build tag 2016-02-03 08:41:31 -05:00
Jeff Mitchell 7e0d4bef3e Add test for HA availability to command/server 2016-02-02 17:47:02 -05:00
Jeff Mitchell a2bb51e7de remove unneeded assignment 2016-02-02 15:11:35 -05:00
Jeff Mitchell a5bf677bb3 Ensure that we fall back to Backend if HABackend is not specified. 2016-02-02 15:09:58 -05:00
Jeff Mitchell cb046c4ce2 Fix command status test with new return value 2016-01-29 19:31:01 -05:00
Jeff Mitchell 2712a10750 Return 2 for sealed instead of 1 to match the new init -check behavior 2016-01-29 10:55:31 -05:00
Jeff Mitchell 7cf93c0e37 Don't return 1 when flags don't parse for status command, as all other errors return 2; 1 is for when the vault is sealed 2016-01-29 10:53:56 -05:00
James Tancock 5d7537ff85 Docs typo in server command 2016-01-28 08:26:49 +00:00
Jeff Mitchell 3b7a533b5a Fix test on 1.6 by comparing to nil instead of a nil-defined map 2016-01-22 21:26:06 -05:00
Jeff Mitchell d95adc731a Add -check flag to init.
Fixes #949
2016-01-22 13:06:40 -05:00
Jeff Mitchell be1b4c8a46 Only allow listing on folders and enforce this. Also remove string sorting from Consul backend as it's not a requirement and other backends don't do it. 2016-01-22 10:07:32 -05:00
Jeff Mitchell e412ac8461 Remove bare option, prevent writes ending in slash, and return an exact file match as "." 2016-01-22 10:07:32 -05:00
Jeff Mitchell 455931873a Address some review feedback 2016-01-22 10:07:32 -05:00
Jeff Mitchell 5341cb69cc Updates and documentation 2016-01-22 10:07:32 -05:00
Jeff Mitchell 10c307763e Add list capability, which will work with the generic and cubbyhole
backends for the moment. This is pretty simple; it just adds the actual
capability to make a list call into both the CLI and the HTTP handler.
The real meat was already in those backends.
2016-01-22 10:07:32 -05:00
Jeff Mitchell 9adfdfd6e7 Add -decode flag verification 2016-01-21 12:18:57 -05:00
Jeff Mitchell 973c888833 RootGeneration->GenerateRoot 2016-01-19 18:28:10 -05:00
Jeff Mitchell 3b100c5965 Address most of the review feedback 2016-01-19 18:28:10 -05:00
Jeff Mitchell 3b994dbc7f Add the ability to generate root tokens via unseal keys. 2016-01-19 18:28:10 -05:00
Jeff Mitchell 630b2d83a7 Allow ASCII-armored PGP pub keys to be passed into -pgp-keys.
Fixes #940
2016-01-18 17:01:52 -05:00
Jeff Mitchell 8cb23835d7 Fix read panic when an empty argument is given.
Fixes #923
2016-01-12 08:46:49 -05:00
Jeff Mitchell a2bd31d493 Fix up PGP tests from earlier code fixes 2016-01-08 22:21:41 -05:00
Jeff Mitchell 676008b2c5 Lotsa warnings if you choose not to be safe 2016-01-08 17:35:07 -05:00
Jeff Mitchell 26e1837a82 Some minor rekey backup fixes 2016-01-08 14:09:40 -05:00