luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
12616 commits 1 branch 0 tags 214 MiB
Commit graph

433 commits

Author SHA1 Message Date
Jim Kalafut 34fab8ae09
Update gcp secrets plugin (#9004) 2020-06-01 11:02:33 -07:00
ncabatoff 8870b2e51c
Add mongodbatlas static roles support (#8987) 
* Refactor PG container creation.
* Rework rotation tests to use shorter sleeps.
* Refactor rotation tests.
* Add a static role rotation test for MongoDB Atlas.
 2020-05-29 14:21:23 -04:00
Michael Golowka b52950f884
Add user configurable password policies available to secret engines (#8637) 
* Add random string generator with rules engine

This adds a random string generation library that validates random
strings against a set of rules. The library is designed for use as generating
passwords, but can be used to generate any random strings.
 2020-05-27 12:28:00 -06:00
Jeff Mitchell 7e5d68a73e
Bump go-kms-wrapping to remove proto warning, and vendor (#9066) 2020-05-22 10:48:50 -04:00
Josh Black 6e92c8cbd2
Add a new "vault monitor" command (#8477) 
Add a new "vault monitor" command

Co-authored-by: ncabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>
 2020-05-21 13:07:50 -07:00
Clint 39de184f1f
Update vault-plugin-secret-ad dependency (#9025) 2020-05-20 12:47:37 -07:00
Jeff Mitchell 623d58deaf Bump api/sdk 2020-05-19 18:19:12 -04:00
Brian Kassouf 1bb0bd489d
storage/raft: Add committed and applied indexes to the status output (#9011) 
* storage/raft: Add committed and applied indexes to the status output

* Update api vendor

* changelog++

* Update http/sys_leader.go

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
 2020-05-18 16:07:27 -07:00
Clint 86a62130fd
Update to latest version of vault-plugin-secrets-openldap (#9006) 2020-05-18 15:59:11 -05:00
Jeff Mitchell b4f5d38916
Update to latest go-kms-wrapping and fix protos/etcd (#8996) 2020-05-14 18:45:10 -04:00
Vishal Nayak 934186ba82 Vendor update 2020-05-12 18:05:47 -04:00
Calvin Leung Huang e7af25b969
raft: use file paths for TLS info in the retry_join block (#8894) 
* raft: use file paths for TLS info in the retry_join stanza

* raft: maintain backward compat for existing tls params

* docs: update raft docs with new file-based TLS params

* Update godoc comment, fix docs
 2020-05-06 18:26:08 -07:00
Vladimir Dimitrov 34f01920e9
Added plugin reload function to api (#8777) 
* Added plugin reload function to api

* Apply suggestions from code review

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* go mod vendor

* addressing comments

* addressing comments

* add docs

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
 2020-05-04 11:14:23 -07:00
ncabatoff 55609f1d38
Ensure that the .vault-token file writen by vault login always has the correct permissions and ownership. (#8867) 2020-04-27 19:55:13 -04:00
Becca Petrin 3b420b0735
Add helper for aliasmetadata and add to AWS auth (#8783) 
* add aliasmetadata sdk helper and add to aws auth

* split into ec2_metadata and iam_metadata fields

* fix tests

* strip pointer

* add test of default metadata

* more test <3

* switch from interface to custom marshallers

* add tests for marshalling

* store nil when selected fields are default

* separate loop into pieces

* separate acc test into multiple

* Update builtin/credential/aws/path_login.go

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

* changes from feedback

* update aws test

* refactor to also populate auth metadata

* update how jsonification is tested

* only add populated metadata values

* add auth_type to ec2 logins

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
 2020-04-27 10:06:07 -07:00
Jim Kalafut b7fc72d5ec
Update go.mod and vendoring (#8752) 
This primarily ports updates made during the 1.4 release to master.
 2020-04-16 12:07:07 -07:00
Jim Kalafut 5c4796bb55
Update MongoDB Atlas secrets plugin (#8669) 2020-04-03 15:47:17 -07:00
Michel Vocks b216d75938
Fix outdated comment about logical request path (#8653) 2020-04-02 08:53:16 +02:00
ncabatoff c9ff95ec70
Update to go-metrics 1.3.3 for Prometheus performance improvements. (#8507) 2020-03-09 09:54:55 -04:00
Jorge Heleno a9e864f5e3
Add LDAP anonymous group search and client certs (#8365) 2020-03-06 10:27:09 -08:00
Jason O'Donnell 524e871343
secrets/openldap: update go.mod (#8475) 
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
 2020-03-06 11:52:28 -05:00
Brian Kassouf d4f72f792f go mod vendor 2020-02-20 10:15:11 -08:00
Sam Salisbury b929348a31 go mod vendor 2020-02-20 09:16:19 +00:00
ncabatoff e5721310ac
Add persistent feature flags to be used on enterprise non-primaries. (#8391) 2020-02-19 18:06:53 -05:00
Jim Kalafut 2e8826744f
Update plugin dependencies (#8371) 
* Update plugin dependencies

* Update vendoring
 2020-02-18 09:55:04 -08:00
JulesRenz c54c8c92bd
RSA3072 implementation in transit secrets engine (#8151) 
* RSA3072 implementation in transit secrets engine

* moved new KeyType at the end of the list
So already stored keys still work properly

Co-authored-by: Jim Kalafut <jim@kalafut.net>
 2020-02-15 14:40:50 -08:00
Jeff Mitchell 844b2c3a5d Bump API/SDK and adapt to move from SDK stuff 2020-02-15 14:58:05 -05:00
Brian Kassouf 157f8887f8 go mod vendor 2020-02-15 11:40:53 -08:00
Jason O'Donnell dd9f25a118
Add OpenLDAP Secret Plugin (#8360) 
* Add openldap secret plugin

* go mod vendor

* Revert to go-ldap 3.1.3

* go mod vendor
 2020-02-15 13:21:07 -05:00
Brian Kassouf e2da4529c2 go mod vendor 2020-02-14 16:40:05 -08:00
Jeff Mitchell 38679f4baa Update vendoring 2020-02-14 17:55:06 -05:00
Becca Petrin 5f19ff828c
update kerberos dependency (#8353) 2020-02-14 11:13:28 -08:00
Michel Vocks 985acc4ce5
Fix ldap client upndomain (#8333) 2020-02-14 10:26:30 -08:00
Becca Petrin 5a01a5af0f
Add Kubernetes service registration (#8249) 2020-02-13 09:56:29 -08:00
Jeff Malnick 27ad920399
Add redshift database plugin (#8299) 
* feat: add redshift database plugin

* build: update vendored libraries

* docs: add reference doc for redshift variant of the database secrets engine

* feat: set middlewear type name for better metrics naming (#8346)

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
 2020-02-13 09:42:30 -08:00
Jim Kalafut 2ee7b76469
Bundle MongoDB Atlas (#8309) 2020-02-07 14:09:39 -08:00
Becca Petrin 1459544630
update from github.com/hashicorp/gokrb5 to github.com/jcmturner/gokrb5/v8 (#8296) 2020-02-05 14:23:22 -08:00
Michel Vocks 2bde6a3a5a
Bump etcd client API dep (#8037) 2020-01-29 15:16:38 +01:00
Michel Vocks f695eb737b
Add Consul TLS options to access API endpoint (#8253) 2020-01-29 09:44:35 +01:00
Michel Vocks 90f1d3813d
Fix redoing redirect response raft snapshot cli (#8211) 
* Fix redoing redirect response raft snapshot cli

* Removed unnecessary lines of code

* go mod vendor
 2020-01-27 11:25:52 +01:00
Becca Petrin 759f9b38f7
Observer pattern for service registration interface (#8123) 
* use observer pattern for service discovery

* update perf standby method

* fix test

* revert usersTags to being called serviceTags

* use previous consul code

* vault isnt a performance standby before starting

* log err

* changes from feedback

* add Run method to interface

* changes from feedback

* fix core test

* update example
 2020-01-24 09:42:03 -08:00
Jeff Mitchell 1ba3b87eab Bump sdk 2020-01-23 14:25:35 -05:00
Jeff Mitchell ef44e226a9 Bump sdk and go-hclog and vendor 2020-01-23 14:12:19 -05:00
Jeff Mitchell 3956072c93 Update test var name and tidy 2020-01-16 20:18:59 -05:00
Michel Vocks 13ebf5460c
Add TLS options per Nomad backend (#8083) 2020-01-15 11:03:38 +01:00
Jeff Mitchell 80408beabe Bump go-kms-wrapping dep to fix a nil pointer in tests 2020-01-13 09:28:49 -05:00
Jeff Mitchell c5f9f8fc05 Update go-kms-wrapping dep 2020-01-13 09:25:11 -05:00
Jeff Mitchell 78a1d51a3a Update vendoring 2020-01-10 20:50:36 -05:00
Jeff Mitchell a0694943cc
Migrate built in auto seal to go-kms-wrapping (#8118) 2020-01-10 20:39:52 -05:00
Becca Petrin c2894b8d05
Add Kerberos auth agent (#7999) 
* add kerberos auth agent

* strip old comment

* changes from feedback

* strip appengine indirect dependency
 2020-01-09 14:56:34 -08:00
Jim Kalafut aa1761fb03
Update framework forwarding logic to handle nil system views (#8114) 2020-01-08 05:59:44 -08:00
Jim Kalafut 2d859d83ea
Update vendoring (#8111) 2020-01-07 14:14:45 -08:00
Michel Vocks d4d82cdd4a
Fix MySQL Plugin password special character escape bug (#8040) 
* Fix MySQL password escape bug

* Add test

* Add debug output

* Add debug line

* Added debug output

* Debug

* Debug

* Update vendor

* Remove debug comments
 2020-01-07 16:51:49 +01:00
Brian Kassouf 549faf47f2
Add identity templating helper to sdk/framework (#8088) 
* Add identity templating helper to sdk/framework

* Cleanup a bit

* Fix length issue when groups/aliases are filtered due to ns

* review feedback
 2020-01-06 10:16:52 -08:00
Jeff Mitchell d873e7ba3c Update master's sdk/api 2019-12-18 16:36:50 -05:00
Becca Petrin a594371f75
vendor api client portmap updates (#8042) 2019-12-18 11:08:23 -08:00
Becca Petrin 3d7cdea66f
Avoid potential panic in LDAP client (#8047) 
* fix potential panic

* add comment

* vendor the ldap update

* use localhost in test
 2019-12-17 16:33:59 -08:00
Becca Petrin a7383b6d86
Add Kerberos SPNEGO auth plugin (#7908) 2019-12-11 11:18:37 -08:00
ncabatoff fde5e55ce9
Handle otherName SANs in CSRs (#6163) 
If a CSR contains a SAN of type otherName, encoded in UTF-8, and the signing role specifies use_csr_sans, the otherName SAN will be included in the signed cert's SAN extension.

Allow single star in allowed_other_sans to match any OtherName.  Update documentation to clarify globbing behaviour.
 2019-12-11 10:16:44 -05:00
Calvin Leung Huang 7009dcc432
sdk/ldaputil: add request_timeout configuration option (#7909) 
* sdk/ldaputil: add request_timeout configuration option

* go mod vendor
 2019-11-20 11:26:13 -08:00
Jim Kalafut 6000a12380 Update GCP secrets plugin (#7869) 2019-11-12 11:59:26 -08:00
Clint 847fcf8551 Update how Vault Agent configures Consul Templates internal logger (#7822) 
* fix up logger in Vault Agent Template

* update deps
 2019-11-12 11:29:29 -08:00
Brian Kassouf 29f12581a8 Update SDK 2019-11-11 19:41:52 -08:00
Brian Kassouf f8085f518f Update plugins 2019-11-11 19:28:09 -08:00
Jeff Mitchell 7b803e92a3 Update API/vendoring 2019-11-08 11:40:12 -05:00
Jeff Mitchell a8aa5f0dd3 go-ldap update; bump dep, api, secrets-ad plugin, and vendor 2019-11-08 11:24:46 -05:00
Sam Salisbury b589fbfbd9
ci: switch to go1.12.12 on machine executors (#7703) 
* ci: switch to go1.12.12 on machine executors

- This brings in recent ci changes from the release/1.2.x branch.

* go mod vendor

* ci: remove ent build tags

* ci: fix gopath

* go mod vendor

* ci: ensure yarn install

* ci: add debug commands

* ci: debugging

* ci: increment yarn cache; remove debugging

* ci: remove redundant yarn install
 2019-11-06 13:15:06 +00:00
Brian Kassouf f149bbbdb1 go mod vendor 2019-10-28 22:27:00 -07:00
Sam Salisbury 8f0c38f78d
run go mod vendor (#7736) 2019-10-25 13:35:22 +01:00
Jeff Mitchell c4df00f193 Fix kv mod import and vendoring 2019-10-18 08:57:32 -04:00
Lexman 3cc4920e31
updates vendored api/client.go (#7692) 2019-10-17 14:10:55 -07:00
Lexman c86fe212c0
oss changes for entropy augmentation feature (#7670) 
* oss changes for entropy augmentation feature

* fix oss command/server/config tests

* update go.sum

* fix logical_system and http/ tests

* adds vendored files

* removes unused variable
 2019-10-17 10:33:00 -07:00
Becca Petrin e8432f1ebe
update ad secrets plugin for check-out feature (#7617) 2019-10-14 11:17:05 -07:00
Brian Kassouf 1167fad704
Improve raft write performance by utilizing FSM Batching (#7527) 
* Start benchmark work

* Add batching FSM function

* dedupe some code

* Update dependency on chunking FSM

* fix raft external tests

* fix go.mod

* Add batching test

* uncomment test

* update raft deps

* update vendor

* Update physical/raft/fsm.go

Co-Authored-By: Michel Vocks <michelvocks@gmail.com>

* Update physical/raft/fsm.go
 2019-10-14 09:25:07 -06:00
Mike Jarmy caea22f13b go mod tidy and vendor 2019-10-14 09:28:18 -04:00
Brian Kassouf f43f84a354
Port over cache refresh changes (#7599) 2019-10-08 13:23:43 -07:00
Nick Cabatoff 85e387439e go mod vendor and go mod tidy 2019-10-04 09:14:37 -04:00
Jeff Mitchell bdb59e7f51 Bump api/sdk and vendoring 2019-09-19 09:43:23 -04:00
Jeff Mitchell ba236306e2 Update api/sdk. Let kr/pty stay for now so it stops going in on every build 2019-09-18 09:12:57 -04:00
Jeff Mitchell 86d14691f4 Bump sdk and vendoring 2019-09-17 11:38:03 -04:00
Jim Kalafut b3fbcb2809
Update JWT auth dep (#7427) 2019-09-05 10:24:08 -07:00
Jim Kalafut 051bc15da3
Bundle OCI Auth method (#7422) 2019-09-04 16:46:00 -07:00
Vu Pham a47b2faf34 Added OCI Object Storage Plugin (#6985) 2019-09-04 11:33:16 -07:00
Jeff Mitchell d2376354f7 Update API and revendor 2019-09-04 12:46:30 -04:00
Jeff Malnick 8fdb5f62c4
feat: bump vault-plugin-auth-kubernetes to pick up support for projected tokens feature (#7386) 2019-08-30 11:53:06 -07:00
Jeff Mitchell 0d39d0507a Update api 2019-08-26 15:49:51 -04:00
Becca Petrin 64ecf46fb6
rename pcf to cf maintaining backwards compat (#7346) 2019-08-26 09:55:08 -07:00
Jeff Mitchell 88e1885c1c Updating plugin deps 2019-08-14 17:23:29 -04:00
Jim Kalafut 3e7a2211bf Update PCF Auth plugin (#7306) 2019-08-14 09:43:04 -04:00
Jeff Mitchell f7358e66bb Bump sdk/api 2019-08-05 18:03:40 -04:00
Jeff Mitchell cfffaa5f09 Updating plugin deps 2019-07-30 00:26:33 -04:00
Jeff Mitchell 23b1b27cec Update api/sdk 2019-07-30 00:24:27 -04:00
Jeff Mitchell e3ef0d3051 Pull in updated secrets-ad plugin 2019-07-29 18:10:13 -04:00
Brian Kassouf bdfa2c7828
Add additional raft chunk test (#7192) 
* Add an end-to-end raft chunk test

* Apply suggestions from code review

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>
 2019-07-29 14:11:46 -07:00
Jeff Mitchell abcae3830f Updating plugin deps 2019-07-25 13:01:47 -04:00
Jeff Mitchell 6ca4fa02df Bump api/sdk 2019-07-25 12:59:29 -04:00
Jeff Mitchell 6e22d14ff7 Updating plugin deps 2019-07-25 12:38:07 -04:00
Jeff Mitchell 1288e59857 Pull in tagged api/sdk 2019-07-25 12:17:13 -04:00
Jeff Mitchell 0425db59ab
Raft chunk snapshotting (#7185) 
Support chunking, including snapshot handling
 2019-07-24 20:44:13 -04:00
Jeff Mitchell d2a5a3035c Vendor deps 2019-07-24 13:42:50 -04:00