luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
4377 commits 1 branch 0 tags 214 MiB
Commit graph

4377 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jeff Mitchell 9d68297ffa Have human-oriented token duration and secret duration output display a more human-friendly format 2016-07-19 12:15:00 -04:00
Vishal Nayak 8a1bb1626a Merge pull request #1583 from hashicorp/ssh-allowed-roles 
Add allowed_roles to ssh-helper-config and return role name from verify call
 2016-07-19 12:04:12 -04:00
vishalnayak 7fb04a1bbd Remove unused VerifyConnection from storage entries of SQL backends 2016-07-19 11:55:49 -04:00
Matt Hurne 316837857b mongodb secret backend: Return lease ttl and max_ttl in lease read in seconds rather than as duration strings 2016-07-19 11:23:56 -04:00
Matt Hurne f18d98272d mongodb secret backend: Don't bother persisting verify_connection field in connection config 2016-07-19 11:20:45 -04:00
Matt Hurne f8e6bcbb69 mongodb secret backend: Handle cases where stored username or db is not a string as expected when revoking credentials 2016-07-19 11:18:00 -04:00
Matt Hurne 75a5fbd8fe Merge branch 'master' into mongodb-secret-backend 2016-07-19 10:38:45 -04:00
vishalnayak 11e6fe0fb4 Fix tests 2016-07-19 07:58:47 -04:00
vishalnayak ac7ecbce5c Fixed re-registrations and health-check flatenning issue 2016-07-19 07:06:41 -04:00
Jeff Mitchell 321207a19c changelog++ 2016-07-18 22:04:44 -04:00
Jeff Mitchell aaca99ff73 Merge pull request #1627 from hashicorp/rollback-nil-race 
Ensure mount/auth tables are not nil when triggering rollback
 2016-07-18 22:03:38 -04:00
Jeff Mitchell 80a688c059 Ensure mount/auth tables are not nil when triggering rollback 
During setup or teardown there could be a race condition so check for it
to avoid a potential panic.
 2016-07-18 22:02:39 -04:00
Jeff Mitchell 0bcf77765f Merge pull request #1626 from brint/terraform_az_description_spell_fix 
Spell fix of the Terraform AWS AZ description
 2016-07-18 21:57:15 -04:00
Brint O'Hearn 3630c7ed91 Spell fix of the Terraform AWS AZ description 2016-07-18 18:03:04 -05:00
Jeff Mitchell 04f0471a9f Update documentation around dynamodb changes 2016-07-18 14:10:55 -04:00
Jeff Mitchell df621911d7 Merge pull request #1624 from hashicorp/dynamodb-ha-off-default 
Turn off DynamoDB HA by default.
 2016-07-18 13:54:26 -04:00
Jeff Mitchell 16ba47a22a changelog++ 2016-07-18 13:51:06 -04:00
Jeff Mitchell a52be079f1 Merge pull request #1625 from hashicorp/leadership-telemetry 
Add metrics around leadership
 2016-07-18 13:50:12 -04:00
Jeff Mitchell c47fc73bd1 Use parsebool 2016-07-18 13:49:05 -04:00
Jeff Mitchell 028d024345 Add metrics around leadership 
This can be helpful for detecting flapping.

Fixes #1544
 2016-07-18 13:38:44 -04:00
Jeff Mitchell 089c2884f7 changelog++ 2016-07-18 13:31:45 -04:00
Jeff Mitchell 434ed2faf2 Merge pull request #1573 from mickhansen/logical-postgresql-revoke-sequences 
handle revocations for roles that have privileges on sequences
 2016-07-18 13:30:42 -04:00
Jeff Mitchell a3ce0dcb0c Turn off DynamoDB HA by default. 
The semantics are wonky and have caused issues from people not reading
docs. It can be enabled but by default is off.
 2016-07-18 13:19:58 -04:00
Jeff Mitchell 4c5ae34ebf Merge pull request #1613 from skippy/update-aws-ec2-docs 
[Docs] aws-ec2 -- note IAM action requirement
 2016-07-18 10:40:38 -04:00
Jeff Mitchell 73923db995 Merge pull request #1589 from skippy/patch-2 
[Docs] aws-ec2 -- clarify aws public cert is already preloaded
 2016-07-18 10:02:35 -04:00
Vishal Nayak 7a15830b8b Merge pull request #1596 from hashicorp/json-use-number 
Recognize integer values in JSON input as `json.Number` as opposed to float64
 2016-07-15 17:22:27 -06:00
vishalnayak c14235b206 Merge branch 'master-oss' into json-use-number 
Conflicts:
	http/handler.go
	logical/framework/field_data.go
	logical/framework/wal.go
	vault/logical_passthrough.go
 2016-07-15 19:21:55 -04:00
Adam Greene 8f6b97f4e4 [Docs] aws-ec2 -- note IAM action requirement 2016-07-13 15:52:47 -07:00
Adam Greene d6f5c5f491 english tweaks 2016-07-13 15:11:01 -07:00
vishalnayak f1e2e2fe1b changelog++ 2016-07-13 17:17:04 -04:00
Vishal Nayak c55fa03760 Merge pull request #1599 from hashicorp/use-go-uuid 
Use go-uuid's GenerateUUID in PutWAL and discard logical.UUID()
 2016-07-13 11:36:28 -06:00
Vishal Nayak cdf58da43b Merge pull request #1610 from hashicorp/min-tls-ver-12 
Set minimum TLS version in all tls.Config objects
 2016-07-13 10:53:14 -06:00
vishalnayak 09a4142fd3 Handled upgrade path for TLSMinVersion 2016-07-13 12:42:51 -04:00
Vishal Nayak 9f1e6c7b26 Merge pull request #1607 from hashicorp/standardize-time 
Remove redundant invocations of UTC() call on `time.Time` objects
 2016-07-13 10:19:23 -06:00
vishalnayak de19314f18 Address review feedback 2016-07-13 11:52:26 -04:00
vishalnayak f78f303787 git add tlsutil 2016-07-13 11:29:17 -04:00
vishalnayak 407722a9b4 Added tls_min_version to consul storage backend 2016-07-12 20:10:54 -04:00
Nathan J. Mehl 314a5ecec0 allow overriding the default truncation length for mysql usernames 
see https://github.com/hashicorp/vault/issues/1605
 2016-07-12 17:05:43 -07:00
vishalnayak f34f0ef503 Make 'tls_min_version' configurable 2016-07-12 19:32:47 -04:00
vishalnayak 46d34130ac Set minimum TLS version in all tls.Config objects 2016-07-12 17:06:28 -04:00
vishalnayak 8269f323d3 Revert 'risky' changes 2016-07-12 16:38:07 -04:00
Jeff Mitchell 04cfa4f88d Whoops, fix vendoring 2016-07-11 23:13:26 +00:00
Jeff Mitchell a6682405a3 Migrate number of retries down by one to have it be max retries, not tries 2016-07-11 21:57:14 +00:00
Jeff Mitchell 57cdb58374 Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00
Jeff Mitchell 5f1c101ad3 Merge pull request #1608 from hashicorp/tune-duration-second 
Factor out parsing duration second type and use it for parsing tune v…
 2016-07-11 14:26:36 -06:00
Jeff Mitchell 5b210b2a1f Return a duration instead and port a few other places to use it 2016-07-11 18:19:35 +00:00
Jeff Mitchell ab6c2bc5e8 Factor out parsing duration second type and use it for parsing tune values too 2016-07-11 17:53:39 +00:00
Mick Hansen 9ee4542a7c incorporate code style guidelines 2016-07-11 13:35:35 +02:00
Mick Hansen c25788e1d4 handle revocations for roles that have privileges on sequences 2016-07-11 13:16:45 +02:00
Nathan J. Mehl 2cf4490b37 use role name rather than token displayname in generated mysql usernames 
If a single token generates multiple myself roles, the generated mysql
username was previously prepended with the displayname of the vault
user; this makes the output of `show processlist` in mysql potentially
difficult to correlate with the roles actually in use without cross-
checking against the vault audit log.

See https://github.com/hashicorp/vault/pull/1603 for further discussion.
 2016-07-10 15:57:47 -07:00