Commit graph

9646 commits

Author SHA1 Message Date
Thomas L. Kula 319324f731 Incredibly tiny comment fix on secret.go (#6078) 2019-01-21 16:57:39 -05:00
Jim Kalafut 0374a1ed6d
Add Sprintf capability to logical.ErrorResponse (#6076)
Roughly 25% of calls to logical.ErrorResponse() include an inner fmt.Sprintf() call.
This PR would simplify these cases:

`return logical.ErrorResponse(fmt.Sprintf("unable to read role '%s'", role))`

  could become

`return logical.ErrorResponse("unable to read role '%s'", role)`

With only a single parameter passed in, behavior is unchanged.
2019-01-18 15:12:38 -08:00
Becca Petrin 83e0c5e5e6
Check ec2 instance metadata for region (#6025) 2019-01-18 14:49:24 -08:00
Noelle Daley 58dfd8aa68
Add Policy-based Navigation (#5967)
* add permissions service

* start template helper

* match prefixed paths

* gate sidebar links

* land on first page user has access to

* show nav when user first logs in

* clear paths when user logs out

* add tests

* implement feedback

* show all nav items if no policy is found

* update onboarding wizard

* fix some unrelated tests

* add support for namespaces

* gate wizard

* unstage package and lockfile
2019-01-18 14:04:40 -08:00
Riley Lahd 1a010320e3 Consider whole response in UI console when missing auth, data and wrap_info for non writes/deletes (#6073) 2019-01-18 14:02:11 -06:00
Riley Lahd 6e26c18d05 Format array, number and boolean outputs in ui console (Fixes #6054) (#6062)
* format array, number and boolean outputs in ui console

* Remove extra description from console output tests
2019-01-18 10:15:37 -06:00
Jim Kalafut 0f2fcfb6f1
Update JWT docs with new jwt_supported_algs parameter (#6069) 2019-01-17 15:27:20 -08:00
Zac Medico 49eaa3d4ff Makefile: do not execute static-assets in parallel with deps (#6057)
The static-assets target has a dependency on *either* ember-dist or
ember-dist-dev, so these targets must not execute in parallel. Since
this is an either/or dependency, it cannot be expressed as a regular
dependency unless the targets are refactored somehow.

Fixes: 7a312d7c37bb ("Add Makefile/Dockerfile UI bits")
2019-01-17 18:19:54 -05:00
Jeff Mitchell f7a35d4f49 Add missing performance_standby field to API 2019-01-17 18:15:00 -05:00
Jim Kalafut aff9bbe49f
changelog++ 2019-01-17 14:49:16 -08:00
Noelle Daley 9c99a8cc49
always show copy token button (#6064) 2019-01-17 14:36:54 -08:00
Seth Vargo 018ec9cdb8 Upgrade to new Cloud KMS client libraries (#6051)
* Upgrade to new Cloud KMS client libraries

We recently released the new Cloud KMS client libraries which use GRPC
instead of HTTP. They are faster and look nicer (</opinion>), but more
importantly they drastically simplify a lot of the logic around client
creation, encryption, and decryption. In particular, we can drop all the
logic around looking up credentials and base64-encoding/decoding.

Tested on a brand new cluster (no pre-existing unseal keys) and against
a cluster with stored keys from a previous version of Vault to ensure no
regressions.

* Use the default scopes the client requests

The client already does the right thing here, so we don't need to
surface it, especially since we aren't allowing users to configure it.
2019-01-17 17:27:15 -05:00
Noelle Daley 3bacca85b1
add link to copy current token from user status bar (#6063) 2019-01-17 11:24:49 -08:00
Jeff Mitchell 159f0c1b0a Fix typo in comment 2019-01-17 13:28:27 -05:00
Yoko e5c6b421e0 Fixed the broken link (#6052)
* Fixed the broken link

* Fixing the broken link

* Fixes redirect to Tokens guide

The separate redirect within learn.hashicorp.com will be fixed on its own repo.
2019-01-16 17:06:28 -08:00
Chris Hoffman fdf0344bfe
add code of conduct (#6049) 2019-01-15 17:30:33 -08:00
Jim Kalafut db3e83551a
changelog++ 2019-01-15 12:13:24 -08:00
Jim Kalafut 5a9dd0aa02
changelog++ 2019-01-15 12:12:03 -08:00
Jim Kalafut f5b19f9ce8
Fix physical/postgresql to return the full entry key (#6044)
Fixes #6041
2019-01-15 12:06:01 -08:00
Yoko e09f058ada
Adding the CLI flag placement info (#6027)
* Adding the CLI flag placement info

* Adding the definition of 'options' and 'args'

* tweaked the wording a little bit

* Added more description in the example

* Added a link to 'Flags' in the doc for options def
2019-01-15 11:24:50 -08:00
Brian Kassouf a1e6341a59
changelog++ 2019-01-15 10:56:14 -08:00
Jeff Mitchell 1c265fdea9
Cut version 1.0.2 2019-01-15 11:51:39 -05:00
Jeff Mitchell f75f4e75c7 Prepare for 1.0.2 2019-01-15 11:25:11 -05:00
Jeff Mitchell 440ef3b42e Fix bound cidrs propagation 2019-01-15 10:55:36 -05:00
Becca Petrin 015f641ada Return errs from parsing unknown plugins (#6038) 2019-01-15 10:51:55 -05:00
Jeff Mitchell 78b4ff570f Expose error so warning about not decoding accessors is more useful (#6034) 2019-01-14 09:55:49 -08:00
Jeff Mitchell 4dfb25927a Make useCache explicit everywhere in lock manager (#6035)
* Make useCache explicit everywhere in lock manager

This also clears up a case where we could insert into the cache when it
wasn't active

* Address feedback
2019-01-14 08:58:03 -08:00
Jeff Mitchell c07c946b7b changelog++ 2019-01-10 20:00:52 -05:00
Jeff Mitchell 28bd394d8b
Fix a couple of instances where we are using LIST verb (#6026)
* Fix a couple of instances where we are using LIST verb

We specify it for the wrapping lookup function but for broader
compatibility with proxies and such we want to filter it to a GET. In a
couple of places we weren't doing that, so this updates those locations.
2019-01-10 19:57:00 -05:00
Jim Kalafut 960eb45014
Remove unnecessary permission 2019-01-10 16:18:10 -08:00
Brian Kassouf ee5730ab59
changelog++ 2019-01-10 11:50:46 -08:00
Seth Vargo e726f13957 Simplify permission requirements for GCP things (#6012) 2019-01-10 10:05:21 -08:00
Matthew Irish 4bb4166276
changelog++ 2019-01-10 11:23:50 -06:00
Matthew Irish fd3f031d41
UI - only look for data.keys if it's not a queryRecord request on secrets (#6023) 2019-01-10 11:18:29 -06:00
Matthew Irish bd284b5868
UI - kv save error (#6022)
* don't prevent model save when the model is in the error state on secrets creation

* add test
2019-01-10 10:37:25 -06:00
Dilan Bellinghoven f9dacbf221 Add docker-credential-vault-login to Third-Party Tools (#6003)
* Added Docker credential helper to list of Third-Party tools

* website/source/api/relatedtools.html.md: Fixed a typo
2019-01-10 10:46:18 -05:00
Yoko 9a4de34dce Allowed characters in paths (#6015) 2019-01-10 10:39:20 -05:00
vishalnayak 09a79422e6 changelog++ 2019-01-10 10:27:28 -05:00
ncabatoff e78ca24d17 Instead of using the (nil) err, use the non-nil newCtErr for ctErr. (#5841) 2019-01-09 17:39:58 -08:00
nathan r. hruby bfcf30fc72 add influx plugin (#6021) 2019-01-09 17:25:40 -08:00
Vishal Nayak 0c30f46587
Add option to configure ec2_alias values (#5846)
* Add option to configure ec2_alias values

* Doc updates

* Fix overwriting of previous config value

* s/configEntry/config

* Fix formatting

* Address review feedback

* Address review feedback
2019-01-09 18:28:29 -05:00
Calvin Leung Huang a13f36049a changelog++ 2019-01-09 12:07:45 -08:00
Vishal Nayak 1119f47e13 Cubbyhole cleanup (#6006)
* fix cubbyhole deletion

* Fix error handling

* Move the cubbyhole tidy logic to token store and track the revocation count

* Move fetching of cubby keys before the tidy loop

* Fix context getting cancelled

* Test the cubbyhole cleanup logic

* Add progress counter for cubbyhole cleanup

* Minor polish

* Use map instead of slice for faster computation

* Add test for cubbyhole deletion

* Add a log statement for deletion

* Add SHA1 hashed tokens into the mix
2019-01-09 10:53:41 -08:00
Matthew Irish c31671ce04
Bug fix - ui context menu (#6018)
* add dot-to-dash helper

* fix context menu on policy page and add test for deletion

* use dot-to-dash where we use confirm component

* fix acceptance test
2019-01-09 12:30:19 -06:00
ncabatoff 3e3498073e Fix #5973 on windows by disregarding errors when querying legacy cert path. (#6013) 2019-01-08 18:08:21 -08:00
Yoko 0a97f95ff4
Document upper limit on Transit encryption size (#6014) 2019-01-08 17:57:43 -08:00
Brian Kassouf b002915af3
remove extra comment 2019-01-08 17:28:07 -08:00
Giacomo Tirabassi 0d3845c537 Influxdb secret engine built-in plugin (#5924)
* intial work for influxdb secret plugin

* fixed typo

* added comment

* added documentation

* added tests

* fixed tests

* added vendoring

* minor testing issue with hardcoded values

* minor fixes
2019-01-08 17:26:16 -08:00
Jim Kalafut 84fe48b6f9
Support for AllowedValues in FieldSchema (#6008)
Currently used for enum output in OpenAPI.
2019-01-08 16:50:24 -08:00
Jim Kalafut d0e2badbae Run goimports across the repository (#6010)
The result will still pass gofmtcheck and won't trigger additional
changes if someone isn't using goimports, but it will avoid the
piecemeal imports changes we've been seeing.
2019-01-08 16:48:57 -08:00