Commit graph

10446 commits

Author SHA1 Message Date
Jeff Mitchell 49ca5cec91 Bump api against latest sdk 2019-06-18 11:18:22 -04:00
Jeff Mitchell c0db3df73d Update go-plugin dep 2019-06-18 10:53:38 -04:00
Jeff Mitchell 334efe4743 changelog++ 2019-06-18 10:29:51 -04:00
Jeff Mitchell d65a716b63 Add a force capability to delete in the policy store
This allows us to truly delete policies when we've either invalidated it
(which since they're singletons/default should only happen when we're
doing a namespace delete) or are doing a namespace delete on the local
node.
2019-06-18 10:25:57 -04:00
Becca Petrin 2cc7545351
Merge pull request #6897 from hashicorp/add-es-docs-to-list
Add ElasticSearch docs to sidebars
2019-06-17 15:21:46 -07:00
Jeff Mitchell 1e1e7c9321 Fix some tests 2019-06-17 17:02:34 -04:00
Becca Petrin ca165ffdef add es docs to sidebars 2019-06-17 12:05:57 -07:00
Evan Phoenix 29a287648e Upgrade github.com/lib/pq to pickup SCRAM-SHA-* methods (#6895) 2019-06-17 14:45:27 -04:00
Becca Petrin 7927cc3a43
Update elasticdb.html.md 2019-06-17 11:24:42 -07:00
Becca Petrin 117d28d966
Merge pull request #6857 from hashicorp/add-elasticsearch-auth
Add ElasticSearch database secrets engine
2019-06-17 11:19:01 -07:00
Becca Petrin 17a682da40 Merge branch 'opensource-master' into add-elasticsearch-auth 2019-06-17 11:12:51 -07:00
Becca Petrin fd2e859617 update doc to 7.1.1 2019-06-17 11:12:16 -07:00
ncabatoff 006bab1e49
Add new license callback init step for logical backends. (#6887) 2019-06-17 14:11:35 -04:00
Frederic Hemberger 8c5476fb0c Website(api/secret/identity): Fix whitespace in JSON examples (#6889) 2019-06-16 09:26:37 -04:00
Joshua Ogle f58b79db7f
UI: Remove upgrade modal (#6871)
* Remove upgrade-link component
* Hide enterprrise links from OSS
* Don't show sidebar if they can't use the options
2019-06-14 15:46:18 -06:00
Jeff Mitchell 51f3d3137f Update vendoring and api/sdk 2019-06-14 14:29:16 -04:00
ncabatoff 2cf5009ff5
Fix deadlock in TestPostgreSQLBackend (#6884)
Make lock2's retryInterval smaller so it grabs the lock as soon as lock1's renewer fails to renew in time.  Fix the logic to test if lock1's leader channel gets closed: we don't need a goroutine, and
the logic was broken in that if we timed out we'd never write to the blocking channel we then try to read from.  Moreover the timeout was wrong.
2019-06-14 12:59:24 -04:00
Jeff Mitchell ad2baf9768 changelog++ 2019-06-14 12:54:08 -04:00
Jeff Mitchell 1ea0c0314a
Prevent entity alias creation when entity is in different NS than mount (#943) (#6886) 2019-06-14 12:53:00 -04:00
Jeff Mitchell 402ba1b0f0
Tokenhelper v2 (#6662)
This provides an sdk util for common token fields and parsing and plumbs it into token store roles.
2019-06-14 10:17:04 -04:00
Jeff Mitchell 4c9125c4e6 Update vendoring 2019-06-13 13:41:18 -04:00
Jason O'Donnell d2e620ae70
Fix multiline jwt config setup example (#6873) 2019-06-12 13:34:26 -04:00
Brian Kassouf 934b497101
Clear the Barrier AEAD cache on keyring reload (#6870)
* Clear the barrier's AEAD cache on keyring reload

* Update barrier_aes_gcm_test.go
2019-06-12 08:56:16 -07:00
Jeff Mitchell 342c1b57e3 Bump Go version in build Dockerfile 2019-06-12 09:38:35 -04:00
Calvin Leung Huang 5259ec8a30
core: add ForwardGenericRequest to StaticSystemView to satisfy ExtendedSystemView (#6867) 2019-06-11 14:07:04 -07:00
Calvin Leung Huang 08e17cc111
core: add generic request forwarding bits to oss (#6866) 2019-06-11 13:13:03 -07:00
Sam Salisbury e2e5e16ff2 ci: break config into separate files (#6849)
* ci: break config into separate files

* Untangle githooks

* githooks: fix whitespace

* .hooks/pre-commit: add ui -> lint-staged check

- We no longer require dependency on husky with this change.

* ui: remove husky dependency and config

- The previous commit obviates the need for it.
- We will now have to manage these hooks by hand, but this removes
  the conflict between husky-installed hooks and those in the .hooks dir.

* ui: update yarn.lock with husky removed

* .hooks/pre-commit: always use subshell + docs

- Always use subshell means we consistently exit from the
  same place which feels less complex.
- Docs are necessary for horrible bash like this I think...

* Makefile: remove old husky githooks

- Husky has installed a handler for every single git hook.
- This causes warnings on every git operation.
- Eventually we can remove this, but better not to confuse
  people with these messages for now.

* ci: fix go build tags

* Makefile: improve compatibility of rm call

- Looks like the xargs in Travis does something different to the one
  on my mac, this more verbose call should be safe everywhere.

* ci: fix make target names

* ci: fix test-ui invocation

* Makefile: simplify husky hook cleanup

* ci: more focussed readme
2019-06-11 09:55:53 -05:00
Michel Vocks fcf1b9c54e
Fixed wrong rekey recovery backup client API URL (#6841)
* Fixed wrong rekey recovery backup client API URL

* Fixed wrong rekey recovery backup client API URL delete

* Changed output for recovery backup key delete
2019-06-11 10:05:44 +02:00
Mark Gritter d4d1ae55a0
Be more permissive in what URLs to allow; added test for unix socket. (#6859) 2019-06-10 13:59:13 -05:00
ncabatoff cc41e608dc
Add core.coreNumber field, used to differentiate multiple cores/clusters when running tests (#6855)
This is not used or exposed in prod.

Remove some test-specific code from the cluster-building helpers. The corresponding additions go on the ent side.
2019-06-10 14:07:16 -04:00
Yoko 2b81ea64c3
Adding vault kv command doc (#6845)
* Adding vault kv command doc

* Update website/source/docs/commands/kv/delete.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

* Update website/source/docs/commands/kv/delete.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

* Update website/source/docs/commands/kv/destroy.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

* Update website/source/docs/commands/kv/destroy.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

* Update website/source/docs/commands/kv/undelete.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

* Update website/source/docs/commands/kv/delete.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>
2019-06-10 10:41:55 -07:00
Yoko daebe65d1c
upgrade guide warning about downgrading (#6836)
* upgrade guide warning about downgrading

* Changed the wording
2019-06-10 09:54:21 -07:00
Becca Petrin 5b9d49fc2d add elasticsearch database engine 2019-06-10 09:19:11 -07:00
Brian Kassouf 414035956c
changelog++ 2019-06-07 09:56:08 -07:00
Brian Kassouf 8ea9486dc4
changelog++ 2019-06-07 09:54:40 -07:00
Jeff Mitchell 6d71da0401 Update vendoring 2019-06-06 13:51:34 -04:00
Justin Weissig 0ae53eb5aa docs: minor fixes to improve sentence flow (#6839) 2019-06-06 08:25:59 -07:00
Jeff Mitchell c02abb969c
Attempt to grab read statelock in emit metrics to remove some raciness (#6829) 2019-06-05 12:26:29 -04:00
Jeff Mitchell 068b38faa0
Make flushing the cache race safe (#6828)
* Make flushing the cache race safe

* Remove noop aborts
2019-06-05 02:52:18 -04:00
Jeff Mitchell 841616defa Remove data races around error/latency injector rand objects 2019-06-05 01:37:40 -04:00
Michael Gaffney 055c5ff311
Fix data race in kvv2_upgrade_test (#6825) 2019-06-04 18:48:31 -04:00
Lexman 9aa4662cec transit cache is an Interface implemented by wrapped versions of sync… (#6225)
* transit cache is an Interface implemented by wrapped versions of syncmap and golang-lru

* transit cache is an Interface implemented by wrapped versions of syncmap and golang-lru

* changed some import paths to point to sdk

* Apply suggestions from code review

Co-Authored-By: Lexman42 <Lexman42@users.noreply.github.com>

* updates docs with information on transit/cache-config endpoint

* updates vendored files

* fixes policy tests to actually use a cache where expected and renames the struct and storage path used for cache configurations to be more generic

* updates document links

* fixed a typo in a documentation link

* changes cache_size to just size for the cache-config endpoint
2019-06-04 15:40:56 -07:00
Jeff Mitchell 30e1f4c505 changelog++ 2019-06-04 16:50:09 -04:00
Jeff Mitchell fe251f3af3 changelog++ 2019-06-04 16:48:14 -04:00
Matthew Irish 813c9f0a92
fix error when running formatOptions on items that don't come from the API response (#6824) 2019-06-04 12:44:58 -05:00
Jeff Mitchell 38c0a9d7a5 Audit listing with format json returns json, not a string (#6776)
* Audit listing with format json returns json, not a string

Fixes #6775

* list, kv list and namespace list with format json returns json, not a string

* Changed audit list return code to 2 which aligns with other list commands return codes
2019-06-04 10:36:34 -07:00
Jeff Mitchell 5f7321dcc7 Fix a case where mounts could be duplicated (#6771)
When unmounting, the router entry would be tainted, preventing routing.
However, we would then unmount the router before clearing storage, so if
an error occurred the router would have forgotten the path. For auth
mounts this isn't a problem since they had a secondary check, but
regular mounts didn't (not sure why, but this is true back to at least
0.2.0). This meant you could then create a duplicate mount using the
same path which would then not conflict in the router until postUnseal.

This adds the extra check to regular mounts, and also moves the location
of the router unmount.

This also ensures that on the next router.Mount, tainted is set to the
mount entry's tainted status.

Fixes #6769
2019-06-04 10:33:36 -07:00
Michel Vocks 71e99d9490 Added missing entity_id to SecretAuth struct (#6819) 2019-06-04 10:04:20 -07:00
Justin Weissig ef17e7cbaa Update comment spelling in postgresql.go (#6817)
Fixed minor comment: PostgresSQL/PostgreSQL
2019-06-04 02:29:36 -05:00
Justin Weissig fb75728c71 docs: minor spelling fix (#6818)
Fixed spelling: PostgresSQL/PostgreSQL.
2019-06-04 02:28:44 -05:00