Commit graph

9594 commits

Author SHA1 Message Date
Hugues Malphettes 6ea6844ef9
JWT API - List Roles: fix the path
With vault-1.0.0 and vault-0.11.4 a different path is needed to list the jwt registered roles:

```
$ vault list auth/jwt/roles
No value found at auth/jwt/roles/

$ vault list auth/jwt/role
Keys
----
myrole
```
I hope this helps!
2018-12-13 06:27:30 +08:00
Jim Kalafut dfc8b37dc7
changelog++ 2018-12-12 14:03:44 -08:00
Jim Kalafut 5687892530
Add operationId field to OpenAPI output (#5876)
Fixes #5842
2018-12-12 13:59:23 -08:00
Jeff Mitchell 4c47e64611 changelog++ 2018-12-12 15:39:06 -05:00
Lukasz Jagiello 76008b2e1e Remove an empty line for /pki/ca_chain (#5779)
This PR fix #5778.

Easy test case to reproduce the problem:
https://play.golang.org/p/CAMdrOHT7C1

Since `certStr` is empty string during first iteration `strings.Join()`
will merge empty line with first CA cert.

Extra `strings.TrimSpace` call will remove that empty line, before
certificate will be return.
2018-12-12 15:38:35 -05:00
Jeff Mitchell fff8976671 Update backwards compat fix from 5913 2018-12-12 15:36:28 -05:00
Nándor István Krácser 8bd1ce1864 Fix list plugins backward compatibility mechanism (#5913) 2018-12-12 15:33:09 -05:00
Jeff Mitchell e51c316915 changelog++ 2018-12-12 15:30:36 -05:00
Brian Kassouf 0ef12ac8b7
changelog++ 2018-12-12 12:28:54 -08:00
Sergey Trasko f24a4f189e Fixed markdown for cert documentation (#5735) 2018-12-12 15:27:28 -05:00
Jeff Mitchell 88cb7068e8 changelog++ 2018-12-12 15:26:48 -05:00
Calvin Leung Huang 351b707e18 cli/json: correctly output the number of key shares and threshold on stored keys (#5910) 2018-12-12 15:26:11 -05:00
Joel Thompson 286b3f4e9f auth/aws: Clarify docs for cross-account access with IAM auth (#5900)
The docs hadn't been updated to reflect the ability to do cross-account
AWS IAM auth, and so it was a bit confusing as to whether that was
supported. This removes the ambiguity by explicitly mentioning AWS IAM
principals.
2018-12-12 15:21:27 -05:00
Jeff Mitchell c12c21551f Merge branch 'master' of https://github.com/hashicorp/vault into master-oss 2018-12-12 15:16:50 -05:00
Jeff Mitchell ea9fbc5709 changelog++ 2018-12-12 15:08:42 -05:00
Chris Hoffman 555b914695 adding -dev-kv-v1 flag for forcing kvv1 (#5919) 2018-12-12 12:07:18 -08:00
Þórhallur Sverrisson d86acfc94f Remove DEL characters from password input (#5837)
* Remove DEL characters from password input

iTerm password manager sends \x03\0x7f before sending a password
from its password manager to make sure the password is not being
echoed to the screen.  Unfortunately, vault login does not handle
the Space DEL sequence, causing the login to fail when using the
password manager.  This patch uses a simple method to delete the
sequence if present anywhere in the string, although it is strictly
only needed at the start of input.

* Simplify iTerm handling to only remove iTerm prefix

The logic now only removes the two byte prefix sent in by iTerm
instead of trying to remove all deletes in the string.

This has been tested to work with the iTerm password manager.

As a small correction, the byte sequence is \x20\x7f.  The
earlier commit message incorrectly stated it was \x03\x7f.
2018-12-12 15:06:10 -05:00
Noelle Daley 5056e34956
return correct format of random data generator (#5945) 2018-12-12 11:05:37 -08:00
Bert Roos cfa008896d Added comma for readability (#5941)
Signed-off-by: Bert Roos <Bert-R@users.noreply.github.com>
2018-12-12 09:23:20 -05:00
Graham Land 53c6b36613 Fixing a couple of small typos (#5942) 2018-12-12 05:56:58 -08:00
Brian Kassouf 737b7e6651
Fix plugin reload when in a namespace (#5937) 2018-12-11 17:21:23 -08:00
Jeff Escalante eddfd7ff23 improve bootstrap script and local development instructions 2018-12-11 19:46:52 -05:00
Jeff Mitchell e3c538e9cb Fix tests 2018-12-11 15:04:02 -05:00
Jeff Mitchell 66af039f00 changelog++ 2018-12-11 11:29:16 -05:00
Jeff Mitchell c178d05e07
Properly continue if cert entry is nil when tidying (#5933)
Fixes #5931
2018-12-11 11:28:14 -05:00
emily 94c03d1072 Update GCP auth BE docs (#5753)
Documented changes from https://github.com/hashicorp/vault-plugin-auth-gcp/pull/55
* Deprecating `project_id` for `bound_projects` and making it optional
* Deprecating `google_certs_endpoint` (unused)
* Adding group aliases 

Also, some general reformatting
2018-12-10 12:54:18 -08:00
madalynrose c822f06d54
Update CHANGELOG.md 2018-12-10 12:14:51 -05:00
madalynrose c84c8e01b2
Search select (#5851) 2018-12-10 11:44:37 -05:00
Jeff Mitchell c67ef8be09
Update PKI docs (#5929) 2018-12-10 10:24:47 -05:00
Tommy Murphy d3774e6aaa Correct GCE Token Parameter (#5667)
As written the GCE token curl results in an error: "non-empty audience parameter required".

Google's docs (https://cloud.google.com/compute/docs/instances/verifying-instance-identity) confirm that the parameter is 'audience' not 'aud'.
2018-12-07 15:10:30 -08:00
Noelle Daley 37683e234d
mask password on ldap auth form (#5898) 2018-12-07 13:23:42 -08:00
Matthew Irish 436b60fa77
changelog++ 2018-12-07 14:02:58 -06:00
Matthew Irish 42300b4087
UI - web cli layout (#5909)
* move console/ui-panel into nav-header component

* notch-specific CSS

* add layout test in the application for the console
2018-12-07 14:00:52 -06:00
Matthew Irish a447dac803
change ui url so that it includes the trailing slash (#5890) 2018-12-05 12:25:16 -06:00
Chris Hoffman 561502394a
fixing redirect (#5908) 2018-12-05 12:06:15 -05:00
Chris Hoffman 57536e0c41
adding a redirect for old style upgrade guide location (#5905) 2018-12-05 10:54:10 -05:00
Chris Hoffman cebbe43f70
removing beta tag (#5904) 2018-12-05 10:45:22 -05:00
Jim Kalafut cb52f36c38 Update downloads.html.erb (#5899) 2018-12-05 10:40:33 -05:00
Chris Hoffman 1da490e929
adding upgrade guide for 1.0 (#5903)
* adding upgrade guide for 1.0

* fixing sidebar
2018-12-05 10:33:53 -05:00
Jeff Mitchell 13b5c3be51
Fix SSH CA giving 500 if keys need to be deleted (#5897) 2018-12-04 13:29:11 -05:00
ncabatoff b53437a2f8
Fix documentation re substitutions. It appears this was broken from day one. (#5896) 2018-12-04 13:14:00 -05:00
Jim Kalafut 3552019795
Update operator migrate docs (#5895) 2018-12-04 08:49:42 -08:00
James Nugent 65e7a2660d docs: Clarify the utility of DynamoDB capacities
When configuring DynamoDB, the read and write capacities configured only
have any effect if the table does not exist. As per the comment in the
code [1], the configuration of an existing table is never modified. This
was not previously reflected in the documentation - this commit
rectifies that.

[1]: https://github.com/hashicorp/vault/blob/master/physical/dynamodb/dynamodb.go#L743-L745
2018-12-03 17:55:18 -06:00
Jeff Mitchell 7b717983c6 changelog++ 2018-12-03 17:44:12 -05:00
Brian Kassouf 052ae041e9
Update CHANGELOG.md 2018-12-03 14:19:08 -08:00
Chris Dituri 471f26a0e3 ui/app/adapters/pki.js: fix typo in assert() message (#5882)
Update the assertion to indicate, in order to override the PKI adapter
url() method, one should extend the PKI adapter; not the SSH adapter.
2018-12-03 16:14:59 -06:00
Jeff Mitchell e590c4fb99
Cut version 1.0.0 2018-12-03 14:37:18 -05:00
Martin 6c0ce0b11f Typo in policy template doc (#5887) 2018-12-03 14:36:17 -05:00
Jeff Mitchell 394ce75e33
Move some handle request functions up a level (#5889)
* Move some handle request functions up a level

Add clearing of token entry from request, fixing a test

* Update request_handling.go
2018-12-03 14:35:20 -05:00
Jeff Mitchell 806bf309dc changelog++ 2018-12-03 12:48:42 -05:00