luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
8391 commits 1 branch 0 tags 214 MiB
Commit graph

8391 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jeff Mitchell 4a3fe87a39
Allow max request size to be user-specified (#4824) 
* Allow max request size to be user-specified

This turned out to be way more impactful than I'd expected because I
felt like the right granularity was per-listener, since an org may want
to treat external clients differently from internal clients. It's pretty
straightforward though.

This also introduces actually using request contexts for values, which
so far we have not done (using our own logical.Request struct instead),
but this allows non-logical methods to still get this benefit.

* Switch to ioutil.ReadAll()
 2018-07-06 15:44:56 -04:00
Chris Hoffman a1c8c8459b
Bump Deps (#4868) 
* bump deps

* revert script changes

* adding govendor miss
 2018-07-06 12:09:34 -04:00
Jeff Mitchell a8826b28e0 Port pubkey parsing from kube-auth to helper/certutil 2018-07-06 10:25:32 -04:00
Jeff Mitchell 5a0c44f4f4 Update generate-root output (#4807) 
In current Vault server EncodedToken will always be populated regardless
of type (root, DR), so prioritize that, and properly refer to it as
Encoded Token instead of Root Token.

Additionally refer to the nonce as the Operation nonce instead of the
Root generation operation nonce since it's used for both strategies.
 2018-07-06 09:02:47 -04:00
Kawsar Kamal 66f035edc4 Fixed example file extensions from .hcl to .json (#4810) 2018-07-06 08:59:09 -04:00
Chris Bednarski 514ffac5e2 Added documentation to consul and listener pages explaining how to control Consul's DNS resolution with multiple listeners (#4862) 2018-07-06 08:51:51 -04:00
Calvin Leung Huang 04332f5b3f
Add missing replication props, prettify tables (#4816) 
* Add missing request.replication props, prettify tables

* Fix location of replication prop
 2018-07-05 16:11:21 -04:00
Matthew Irish f38a50b6b2
UI - unauthed login methods (#4854) 
* fetch auth methods when going to the auth route and pass them to the auth form component

* add boolean editType for form-fields

* look in the data hash in the serializer

* remove renderInPlace for info-tooltips as it does something goofy with widths

* add new fields for auth methods

* fix console refresh command on routes that use lazyPaginatedQuery

* add wrapped_token param that logs you in via the token backend and show other backends if your list contains supported ones

* handle casing when looking up supported backends

* change listingVisibility to match the new API

* move wrapped_token up to the vault route level so it works from the app root
 2018-07-05 13:28:12 -05:00
Chris Hoffman 32c94b2638
Update docs 2018-07-03 08:28:43 -04:00
Brian Shumate 7b106683f0 Clarify policies note (#4832) 
- Make it even clearer that "*" is the glob character referred to
 2018-07-03 08:27:12 -04:00
vishalnayak 972ef86f84 changelog++ 2018-07-02 12:16:45 -04:00
Jeff Mitchell 8f45bc69ba Fix tuning visibility in CLI (#4827) 
The API elides the value if it's empty, but empty has meaning. This adds
"hidden" as an option which is fundamentally identical to the default.
 2018-07-02 12:13:25 -04:00
Yoko dcb229d36d
Updates made by Michael Lucas (#4855) 
Since this PR was created on behalf of EA and I approve all the changes, I'm merging this.
 2018-07-02 08:56:15 -07:00
Brian Kassouf 3a5d5cb872
Use run groups to manage HA go routines (#4671) 
* Use rungroups to spinoff standby go routines

* Update comments
 2018-06-29 16:23:52 -07:00
Brian Kassouf 4ede13c91f
HA: Bump the max send/recv size for the gRPC server (#4844) 2018-06-29 09:52:23 -07:00
Chris Hoffman 6b7d215e7e
Clarify performance replication token handling 2018-06-29 09:32:35 -04:00
Chris Hoffman 6f5b8c0e6f
adding sample request to key status api docs (#4853) 2018-06-29 09:17:51 -04:00
Matthew Irish e3ddddf3a5
UI - fix cubbyhole (#4851) 
* fix cubbyhole and add acceptance test for it
 2018-06-28 15:54:02 -05:00
Jim Kalafut 16a2bc7ca2
Changelog++ 2018-06-28 09:51:15 -07:00
Jim Kalafut eb70ad032a Fix interface conversion panic during database creds revoke (#4850) 2018-06-28 09:42:04 -07:00
Adam Medziński e3bf33b5c7 Restore is-word-break class in masked input template (#4849) 2018-06-28 11:08:07 -05:00
Nándor István Krácser a40ff31777 vault kv metadata put doesn't need [DATA] (#4847) 2018-06-28 00:26:10 -07:00
Brian Kassouf 8b344acaac
secret/kv: Sort keys during list operation (#4845) 2018-06-27 11:48:59 -07:00
Vishal Nayak ec42bc1514
avoid panic (#4841) 2018-06-27 10:16:12 -04:00
Matthew Irish d93c92e4f5
UI - guard page redesign (#4779) 
* add NavHeader component
* use NavHeader in SplashPage component and application.hbs
* let download button take a block
* add RadialProgress component
* use RadialProgress in ShamirFlow component
* style up the RadialProgress component
* update ember-basic-dropdown, ember-basic-dropdown-hover
* rework operation token generation workflow
* directly depend on ember-maybe-in-element
 2018-06-26 16:35:47 -05:00
Matthew Irish 873c131b71
update lockfile (#4839) 2018-06-26 11:29:14 -05:00
Seth Vargo 0322f1bf43 Validate operator init args (#4838) 2018-06-26 10:15:00 -04:00
Matthew Irish 30daed5716
UI ensure trailing slash (#4828) 
* add make targets to build the ui without minifying the source
* add polyfill for string.prototype.endswith and move to npm version of string.prototype.startswith
* replace the current history state with a / on the list secrets endpoint
* add test for list with id
 2018-06-25 15:30:11 -05:00
Becca Petrin 90f567b985 fetch the runes and text encoding packages (#4831) 2018-06-25 12:44:10 -07:00
vishalnayak 235b29f1d3 Add back upsertEntityNonLocked 2018-06-24 07:54:00 -04:00
Vishal Nayak 57c7ecfcd4
Identity: Remove unused MemDB indexes and unused functions (#4817) 
* refactor delete utility

* refactor delete alias utility

* remove MemDBUpsertAlias

* Remove MemDBAliasByCanonicalID

* remove MemDBAliasesByMetadata

* remove MemDBDeleteAliasByID

* Remove MemDBUpsertEntity and MemDBEntityByNameInTxn

* Remove is.MemDBEntitiesByBucketEntryKeyHash

* Remove MemDBEntitiesByBucketEntryKeyHash and MemDBEntityByMergedEntityID

* Remove MemDBEntities

* Remove validateMemberGroupID

* Remove validateEntityID, validateGroupID, deleteAliasFromEntity

* Remove updateAliasInEntity

* Remove satisfiesMetadataFilters and UpsertGroup

* Remove MemDBUpsertGroup

* Remove deleteGroupByID

* Remove deleleGroupByName

* Remove MemDBDeleteGroupByNameInTxn

* Remove MemDBGroupsByPolicy and MemDBGroupsByPolicyInTxn

* Remove MemDBGroupIterator

* Remove MemDBGroupsByBucketEntryKeyHash

* Remove deleteGroupAlias

* Remove metadata index from entities table

* Remove unneeded indexes from entity alias and group alias schema

* Remove unneeded index from groups table schema

* Fix test

* s/entity/lockEntity

* Don't expose the memdb instance outside identity store

* More txn.Abort() corrections

* switch back to deferring abort calls
 2018-06-24 07:45:53 -04:00
Logan Rakai 619dd3c6ed Typo fix (#4822) 2018-06-23 16:34:25 -07:00
Logan Rakai 59b87fae53 Small grammar fix (#4821) 2018-06-22 21:59:39 -07:00
Jeff Mitchell 2410a11156 Add a warning to syslog 
Ping #3617
 2018-06-22 09:00:07 -04:00
Kevin Hicks cda793f5b3 Fix typos (#4813) 2018-06-21 12:29:18 -07:00
Yoko 01d50cd3eb
Fixed a typo (#4812) 2018-06-21 11:11:30 -07:00
Steven Farage fadb3eb6fd Make documentation match API example (#4809) 
Quick and easy change to make the passwords match.
 2018-06-21 10:50:02 -07:00
Yoko c3b7d1fbb6
Vault DR Replication Setup Guide (#4790) 
* WIP DR setup guide

* Fix typos

* Added the steps to demote & disable primary

* Clarified some of the explanation
 2018-06-21 08:42:35 -07:00
Brian Kassouf f757ed93e2
changelog++ 2018-06-20 09:45:32 -07:00
Brian Kassouf cfc309a159
changelog++ 2018-06-20 09:40:34 -07:00
Jim Kalafut 6011ae5721
Add DynamoDB fix to changelog 2018-06-20 09:38:28 -07:00
Jeff Mitchell 80de75fbe4 Add missing feature to changelog 2018-06-20 10:55:40 -04:00
Jeff Mitchell 9af4707e92
Cut version 0.10.3 2018-06-20 09:36:34 -04:00
Jeff Mitchell c6180c57c8
Check for nil value in BarrierView.Put (#4804) 
Fixes #4802
 2018-06-20 09:32:06 -04:00
Jeff Mitchell bf33d5d849 Prep for release 2018-06-20 09:27:04 -04:00
Jeff Mitchell 3fee2cc8dd Simplify logic 2018-06-19 23:07:56 -04:00
Jeff Mitchell 00673fe197 Update kubernetes auth plugin 2018-06-19 23:03:22 -04:00
Jeff Mitchell 441eec9ce5 changelog++ 2018-06-19 23:02:41 -04:00
Calvin Leung Huang ac4be8d44d Do not fail login if no policies are mapped to the user or group (#4798) 
* Do not fail login if no policies are mapped to the user or group

* Remove debug line

* Remove restriction in radius
 2018-06-19 23:00:22 -04:00
Jeff Mitchell f4a2641246 changelog++ 2018-06-19 22:58:03 -04:00