luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
9,007 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

9007 Commits

Author SHA1 Message Date
Clint fec3b70374
Allow force restore for Transit Key Restores (#5382) 
* Add test file for testing path_restore in Transit backend. Fails because 'force' is not implemented yet

* initial implementation of 'force', to force restore of existing transit key atomically
 2018-09-25 15:20:59 -05:00
Vishal Nayak 1ebc5e73f8
changelog++ 2018-09-25 15:31:22 -04:00
Vishal Nayak 68a496dde4
Support operating on entities and groups by their names (#5355) 
* Support operating on entities and groups by their names

* address review feedback
 2018-09-25 12:28:28 -07:00
Becca Petrin b427a23bbb
update ffi (#5395) 2018-09-25 11:26:58 -07:00
Martin 79ab601cdb use constant where x-vault-token was still hardcoded (#5392) 2018-09-25 09:34:40 -07:00
Matthew Irish d509588cd2
Ember update (#5386) 
Ember update - update ember-cli, ember-data, and ember to 3.4 series
 2018-09-25 11:28:26 -05:00
Calvin Leung Huang ed1e41ba5c
Short-circuit TestBackend_PluginMainEnv on plain test run (#5393) 2018-09-25 09:22:34 -07:00
Rob Playford 3998942f04 fix typo in vault-plugin-auth-jwt path (#5385) 
* fix typo in vault-plugin-auth-jwt path

* remove duplicate vault-plugin-auth-jwt entry
 2018-09-25 10:55:45 -05:00
Jeff Mitchell 33065a60db Fix compilation/protobuf 2018-09-22 17:58:39 -04:00
andrejvanderzee dc6ea9ecbb Fix for using ExplicitMaxTTL in auth method plugins. (#5379) 
* Fix for using ExplicitMaxTTL in auth method plugins.

* Reverted pb.go files for readability of PR.

* Fixed indenting of comment.

* Reverted unintended change by go test.
 2018-09-21 14:31:29 -07:00
emily b37b8b7edf Docs PR for GCP secrets backend access token changes (#5366) 
* initial docs pass

* fix docs
 2018-09-21 10:31:49 -07:00
Chris Hoffman f9d62db01d
changelog++ 2018-09-21 12:42:28 -04:00
Brian Shumate b43c52d89b Add Enterprise Replication metrics (#3981) 2018-09-21 12:01:44 -04:00
Brian Shumate 25d6d03222 Docs: update policy read API output to address #5298 (#5299) 2018-09-21 10:52:46 -04:00
Seth Vargo 743161abd4 Also format TTLs in non-secret responses (#5367) 2018-09-21 09:54:18 -04:00
Brian Shumate 7d692ee614 Update screenshot (#5378) 
- Use a Vault dashboard example (previous example was for Consul)
- Rename image file
 2018-09-21 09:53:49 -04:00
Roman Iuvshyn 0832153f7d fixes file path option in samples (#5377) 
fixes file path option in samples
 2018-09-20 15:55:20 -07:00
Jim Kalafut 25fbbdb730
changelog++ 2018-09-20 15:00:25 -07:00
Jim Kalafut 343c72dbe1
Detect and bypass cycles during token revocation (#5364) 
Fixes #4803
 2018-09-20 14:56:38 -07:00
Yoko 3600f3dfa5
[Guide] Tokens & Leases guide **Correction** (#5375) 
* Added Azure Key Vault

* Corrected the info about orphan token creation
 2018-09-20 13:58:29 -07:00
Calvin Leung Huang 4ac6675fef changelog++ 2018-09-20 12:32:07 -07:00
Calvin Leung Huang 189b893b35
Add ability to provide env vars to plugins (#5359) 
* Add ability to provide env vars to plugins

* Update docs

* Update docs with examples

* Refactor TestAddTestPlugin, remove TestAddTestPluginTempDir
 2018-09-20 10:50:29 -07:00
Brian Shumate 74ec835b3b Docs: update Tidy API (#5374) 
- Add a sample response to /auth/token/tidy API docs
- Document /auth/approle/tidy/secret-id API docs
 2018-09-20 13:25:33 -04:00
Jeff Mitchell 9a24242cd1 BoundCidrs -> BoundCIDRs 2018-09-20 12:45:49 -04:00
Jeff Mitchell 5363f1308f Makefile updates 2018-09-20 12:38:05 -04:00
Laura Gjerman-Uva 6fcf6ea6fe Add -dr-token flag to commands to generate OTP and decode with OTP (required on DR secondary as of 0.11) (#5368) 2018-09-20 09:19:01 -07:00
Richard Lane 43837ecdf1 Documentation correction - update list identity whitelist sample request (#5369) 
Path was incorrectly referencing the roletag-blacklist

Updated the sample to match the correct path
 2018-09-19 21:21:57 -07:00
Brian Kassouf 94990a38df
changelog++ 2018-09-19 12:10:01 -07:00
pavel-usov 470131d100 Change in GET_LOCK call to make it MariaDB compatilble (#5343) 
* Update mysql.go

Change in GET_LOCK call to make it MariaDB compatilble

* Use math.MaxUint32 for lock timeout, add comments
 2018-09-19 12:05:04 -07:00
Jeff Mitchell da21bb14a8 changelog++ 2018-09-19 13:09:49 -04:00
Jeff Mitchell 4b45d8210f
Possibly fix Nomad capabilities issue (#5360) 2018-09-19 13:06:37 -04:00
Becca Petrin d05484b586
AliCloud Secrets Docs (#5351) 2018-09-19 08:42:59 -07:00
Becca Petrin 74d4d0ccc0
add alicloud secrets engine (#5352) 2018-09-19 08:42:28 -07:00
Jeff Mitchell c4b88333c9 Fix make proto substitutions 2018-09-19 11:37:01 -04:00
Jeff Mitchell 43aebacfa8 Fix default_max_request_duration HCL name and update docs (#5321) 
* Fix default_max_request_duration HCL name and update docs

* Update tcp.html.md
 2018-09-18 14:30:21 -07:00
Calvin Leung Huang 3ea1cc861d Small Makefile and script cleanup (#5354) 2018-09-18 14:28:37 -07:00
Clint 06d8dce8db
Update CHANGELOG.md 2018-09-18 16:07:08 -05:00
Clint 5882156f53
Translate AWS Rate limiting errors to 502 errors (#5270) 
* Initial implemntation of returning 529 for rate limits

- bump aws iam and sts packages to v1.14.31 to get mocking interface
- promote the iam and sts clients to the aws backend struct, for mocking in tests
- this also promotes some functions to methods on the Backend struct, so
  that we can use the injected client

Generating creds requires reading config/root for credentials to contact
IAM. Here we make pathConfigRoot a method on aws/backend so we can clear
the clients on successful update of config/root path. Adds a mutex to
safely clear the clients

* refactor locking and unlocking into methods on *backend

* refactor/simply the locking

* check client after grabbing lock
 2018-09-18 15:26:06 -05:00
Jeff Mitchell 919b968c27
The big one (#5346) 2018-09-17 23:03:00 -04:00
Jeff Mitchell 551f435501 changelog++ 2018-09-17 14:30:33 -04:00
Jeff Mitchell f692c1e3a9 Revert "Detect and bypass cycles during token revocation (#5335)" 
This reverts commit 00314eb4d1c5609a1935f653dc6f2fc83c0bfcc0.
 2018-09-17 14:10:57 -04:00
Brian Kassouf a2608a3b61
Fix approle tidy on performance standbys (#5338) 
* Fix approle tidy on performance standbys

* Forward PKI and AWS also
 2018-09-17 09:53:23 -07:00
Jeff Mitchell 65928618eb changelog++ 2018-09-17 12:36:20 -04:00
Jeff Mitchell 07e654f539 changelog++ 2018-09-17 12:11:11 -04:00
Jim Kalafut 6c5f678d6a
changelog++ 2018-09-17 09:04:51 -07:00
Jim Kalafut 0ae6ec52b8
Detect and bypass cycles during token revocation (#5335) 
Fixes #4803
 2018-09-17 08:55:12 -07:00
Yoko 512b64ad77
[Guide] Secure Introduction - Update (#5323) 
* Adding Vault Agent to the Secure Intro guide

* Incorporated the feedback

* Deleted extra spaces

* methods -> approaches
 2018-09-14 13:51:23 -07:00
Jeff Mitchell 5dc2bff9e2 changelog++ 2018-09-14 14:46:50 -04:00
Yoko 2cc8610abb
[Guide] Namespaces policy (#5296) 
* Added policy info

* Fixed the API URL

* Added webinar recording as a reference material
 2018-09-14 11:23:46 -07:00
Jeff Mitchell 6a2a6a7b34 changelog++ 2018-09-14 09:06:11 -04:00