Commit graph

1796 commits

Author SHA1 Message Date
Jeff Mitchell 488d33c70a Rejig how dynamic values are represented in system view and location of some functions in various packages; create mount-tune command and API analogues; update documentation 2015-09-10 15:09:54 -04:00
Jeff Mitchell 4239f9d243 Add DynamicSystemView. This uses a pointer to a pointer to always have
up-to-date information. This allows remount to be implemented with the
same source and dest, allowing mount options to be changed on the fly.
If/when Vault gains the ability to HUP its configuration, this should
just work for the global values as well.

Need specific unit tests for this functionality.
2015-09-10 15:09:54 -04:00
Jeff Mitchell d435048d9e Switch StaticSystemView values to pointers, to support updating 2015-09-10 15:09:54 -04:00
Jeff Mitchell 6efcbe3a9f Allow POST as well as PUT for seal/unseal command, fits in more with how logical handles things 2015-09-10 15:09:53 -04:00
Jeff Mitchell 696d0c7b1d Plumb per-mount config options through API 2015-09-10 15:09:53 -04:00
Jeff Mitchell 893d2d9b00 Minor cleanup of MountConfig 2015-09-10 15:09:53 -04:00
Jeff Mitchell 17c60d3e78 Add logic to core to fetch a SystemView for a given mount entry and use those values for default/max TTL. The SystemView will reflect system defaults if not set for that mount. 2015-09-10 15:09:53 -04:00
Jeff Mitchell f4239556d2 Merge pull request #508 from mfischer-zd/webdoc_environment
docs: Document environment variables
2015-09-09 11:29:10 -04:00
Jeff Mitchell 1a8bcfe18d Merge pull request #592 from blalor/patch-1
Remove unused param to 'vault write aws/roles/deploy'
2015-09-09 11:28:15 -04:00
Michael S. Fischer 24a5127fab docs: Document environment variables 2015-09-08 11:59:58 -07:00
Seth Vargo e57cff96e1 Merge pull request #595 from jeteon/patch-1
Typo fix
2015-09-08 14:06:19 -04:00
Neo 4e3e9c38a2 Typo fix 2015-09-08 02:43:01 +02:00
Brian Lalor 2ae48fa586 Remove unused param to 'vault write aws/roles/deploy'
The name is taken from the path, not the request body.  Having the duplicate key is confusing.
2015-09-06 06:57:39 -04:00
Armon Dadgar 4eaacaf546 Merge pull request #590 from MarkVLK/patch-1
Update mysql docs markdown to fix grammar error
2015-09-04 19:13:50 -07:00
Armon Dadgar 03619c5fd7 Merge pull request #591 from MarkVLK/patch-2
Update transit docs markdown to add missing word
2015-09-04 19:13:35 -07:00
MarkVLK fae51d605f Update transit docs markdown to add missing word
Added the presumably missing *decrypt* from "encrypt/data" in the first sentence.
2015-09-04 17:11:34 -07:00
MarkVLK cd292d5372 Update mysql docs markdown to fix grammar error
Changed "... used to **generated** those credentials" to "... used to **generate** those credentials."
2015-09-04 17:05:45 -07:00
Jeff Mitchell 2002406155 Rather than use http.DefaultClient, which is simply &http.Client{},
create our own. This avoids some potential client race conditions when
they are setting values on the Vault API client while the default client
is being used elsewhere in other goroutines, as was seen in
consul-template.
2015-09-03 13:47:20 -04:00
Jeff Mitchell bc2d914905 Change variable name for clarity 2015-09-03 13:38:24 -04:00
Jeff Mitchell c56fd6b3fc Remove redirect handling code that was never being executed (redirects are manually handled within RawRequest). Add a sync.Once to fix a potential data race with setting the CheckRedirect function on the default http.Client 2015-09-03 13:34:45 -04:00
Jeff Mitchell 959a727acd Don't re-use tls configuration, to fix a possible race issue during test 2015-09-03 13:04:32 -04:00
Jeff Mitchell 099deb4392 Merge pull request #587 from hashicorp/sethvargo/auth_token_tests
Add test coverage for auth tokens
2015-09-03 11:26:14 -04:00
Jeff Mitchell 08d61de4ec Merge pull request #586 from hashicorp/sethvargo/docs_cookie
Update documentation around cookies
2015-09-03 11:25:42 -04:00
Seth Vargo 4b33a1669b Add test coverage for auth tokens 2015-09-03 10:57:17 -04:00
Seth Vargo 6f248425a6 Update documentation around cookies 2015-09-03 10:36:59 -04:00
Jeff Mitchell 98d0d23d70 Ensure token store is available when looking up token 2015-09-01 08:21:47 -04:00
Jeff Mitchell 4596ed6484 Remove custom http/sys_auth handler in favor of logical. Unit tests
pass.
2015-08-28 13:42:01 -07:00
Jeff Mitchell 5fa76b5640 Add base_url option to GitHub auth provider to allow selecting a custom endpoint. Fixes #572. 2015-08-28 06:28:43 -07:00
Vishal Nayak d4609dea28 Merge pull request #578 from hashicorp/exclude-cidr-list
Vault SSH: Added exclude_cidr_list option to role
2015-08-28 07:59:46 -04:00
vishalnayak b12a2f0013 Vault SSH: Added exclude_cidr_list option to role 2015-08-27 23:19:55 -04:00
Jeff Mitchell a4fc4a8e90 Deprecate lease -> ttl in PKI backend, and default to system TTL values if not given. This prevents issuing certificates with a longer duration than the maximum lease TTL configured in Vault. Fixes #470. 2015-08-27 12:24:37 -07:00
Jeff Mitchell eed9b6da7f Merge pull request #576 from hashicorp/system-config-to-logical
Plumb system config to logical
2015-08-27 15:15:12 -04:00
Jeff Mitchell 9e5e8a8a4d Whitespace fix 2015-08-27 12:14:51 -07:00
Jeff Mitchell cdabe6350e SystemConfig -> SystemView 2015-08-27 11:38:05 -07:00
Jeff Mitchell b74fa8c888 Make DefaultSystemView StaticSystemView with statically-configured information. Export this from Framework to make it easy to override for testing. 2015-08-27 11:25:07 -07:00
Jeff Mitchell 7c2bbe4c7f Use a SystemView interface and turn SystemConfig into DefaultSystemView 2015-08-27 10:36:44 -07:00
Vishal Nayak 47a6ec0b1f Merge pull request #577 from hashicorp/default-cidr
Vault SSH: Default CIDR for roles
2015-08-27 13:17:58 -04:00
vishalnayak fbff20d9ab Vault SSH: Docs for default CIDR value 2015-08-27 13:10:15 -04:00
vishalnayak 5063a0608b Vault SSH: Default CIDR for roles 2015-08-27 13:04:15 -04:00
Jeff Mitchell e58553e7d5 Plumb the system configuration information up into framework 2015-08-27 09:41:03 -07:00
Jeff Mitchell 2e07106c4b Add some documentation to SystemConfig 2015-08-27 09:14:03 -07:00
Jeff Mitchell 992e357d07 Add some plumbing to allow specified system configuration information to
be retrieved by logical backends. First implemented is default/max TTL.
2015-08-27 08:51:35 -07:00
Vishal Nayak 2cdee69501 Merge pull request #575 from hashicorp/fix-option-specs
Key option specifications as optional parameter to Dynamic key type
2015-08-27 11:48:42 -04:00
vishalnayak 702a869010 Vault SSH: Provide key option specifications for dynamic keys 2015-08-27 11:41:29 -04:00
Jeff Mitchell 3f45f3f41b Rename config lease_duration parameters to lease_ttl in line with current standardization efforts 2015-08-27 07:50:24 -07:00
vishalnayak d5a3ff1c49 Merge branch 'master' of https://github.com/hashicorp/vault 2015-08-27 08:47:56 -04:00
vishalnayak 5b08e01bb1 Vault SSH: Create .ssh directory if not present. Closes #573 2015-08-27 08:45:34 -04:00
Jeff Mitchell d6f64ab368 Merge pull request #574 from msample/master
corrected two typos
2015-08-27 08:08:58 -04:00
Mike Sample e847fbd596 corrected two typos 2015-08-27 00:05:19 -07:00
Jeff Mitchell 6bc86cfee1 Use logical passthrough for renew API calls 2015-08-26 13:22:16 -07:00