Commit graph

11642 commits

Author SHA1 Message Date
Roberto Pommella Alegro 9b01d34703 Fix oidc callback to check entire storage (#7929)
* Fix oidc callback to check entire storage

In some cases, extensions or other unexpected javascript can be executed
on the oidc callback. Sometimes changing the localstorage and generating
a `storage` event before the callback component does. In such cases, the
authorization component will hang indefinitely.

A simple fix is to check for the expected `oidcState` key in the whole
localstorage instead of just the event `key`.

* Fix tests for auth-jwt

Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
2020-01-15 14:27:12 -07:00
Angel Garbarino 3b28d42bf8
Update CHANGELOG.md 2020-01-15 13:05:20 -07:00
Angel Garbarino 2fb4ee2d5a
Show permissions error on KV when you don't have access to create a secret (#8133)
* add catch for fail on save.  isError is not being set to true, so set it in the catch

* add conditionally to only catch 403 permission errors.  Otherwise it will catch and return an unhelpful error message for when you are trying to save a duplicate secret

* add in code comment

* remove catch and pass version 2 secret model to Error handler inside template

* replace Error model with modelForData to catch errors on the correct model

* add back in space

* replace error model with modelForData
2020-01-15 13:02:15 -07:00
Noelle Daley bf9002dda4
set JOBS=2 to prevent memory errors; see https://github.com/emberjs/ember.js/issues/15641#issuecomment-328496408 (#8152) 2020-01-15 09:53:18 -08:00
Michel Vocks 86ab27f35a
changelog++ 2020-01-15 12:58:49 +01:00
Michel Vocks 544ab857a7
changelog++ 2020-01-15 11:29:43 +01:00
Michel Vocks 13ebf5460c
Add TLS options per Nomad backend (#8083) 2020-01-15 11:03:38 +01:00
Vishal Nayak 26ee62a027 changelog++ 2020-01-14 16:44:16 -05:00
Jason O'Donnell e40bbb0aaf
doc: add extraArgs example to vault-helm (#8149)
* doc: add extraArgs example

* Update website/source/docs/platform/k8s/helm/configuration.html.md

Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com>

* Update website/source/docs/platform/k8s/helm/run.html.md

Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com>

* Update injector installation example

* Update website/source/docs/platform/k8s/helm/configuration.html.md

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* Update website/source/docs/platform/k8s/helm/run.html.md

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-01-14 14:14:56 -05:00
Michel Vocks feb5391767
Docs: Add vaul.token.create_root metric (#8089)
* Docs: Add vaul.token.create_root metric

* Update website/source/docs/internals/telemetry.html.md

* Add additional note
2020-01-14 15:47:10 +01:00
Vishal Nayak 8891f2ba88 Raft retry join (#7856)
* Raft retry join

* update

* Make retry join work with shamir seal

* Return upon context completion

* Update vault/raft.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Address some review comments

* send leader information slice as a parameter

* Make retry join work properly with Shamir case. This commit has a blocking issue

* Fix join goroutine exiting before the job is done

* Polishing changes

* Don't return after a successful join during unseal

* Added config parsing test

* Add test and fix bugs

* minor changes

* Address review comments

* Fix build error

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2020-01-13 17:02:16 -08:00
Becca Petrin 02c9a45c40
Fix AWS region tests (#8145)
* fix aws region tests

* strip logger

* return an error, restore tests to master

* fix extra line at import

* revert changes in spacing and comments

* Update sdk/helper/awsutil/region.go

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

* strip explicit nil value

Co-authored-by: Jim Kalafut <jim@kalafut.net>
2020-01-13 14:56:41 -08:00
Jeff Mitchell 80408beabe Bump go-kms-wrapping dep to fix a nil pointer in tests 2020-01-13 09:28:49 -05:00
Jeff Mitchell c5f9f8fc05 Update go-kms-wrapping dep 2020-01-13 09:25:11 -05:00
Jeff Mitchell 78a1d51a3a Update vendoring 2020-01-10 20:50:36 -05:00
Jeff Mitchell 6a5916fdc3 Bump sdk/api 2020-01-10 20:45:24 -05:00
Jeff Mitchell 79ba7def56 Bump api's sdk 2020-01-10 20:40:44 -05:00
Jeff Mitchell a0694943cc
Migrate built in auto seal to go-kms-wrapping (#8118) 2020-01-10 20:39:52 -05:00
Noelle Daley 3ab87306a3
changelog++ 2020-01-10 16:54:21 -08:00
Noelle Daley 864b434415
Fix delete namespaces (#8132)
* do not access items.content since it turns items into an InternalModel and breaks deleting namespaces

* remove pagination story until we have a better way to fake data in Storybook
2020-01-10 16:48:48 -08:00
Becca Petrin 9f5b4caba0 fix AWS http import 2020-01-10 15:53:56 -08:00
Becca Petrin 6291c75175
Add support for AWS instance metadata v2 (#8062)
* add support for aws instance metadata v2

* use GetDynamicData instead
2020-01-10 09:31:16 -08:00
Jeff Mitchell 156e31c740 Bump go-uuid 2020-01-10 10:43:37 -05:00
Michel Vocks 80bc527726 Fix DB static role credential rotation replication issue (#8105)
* Fix DB static role credential rotation replication issue

* Rebased and switched to new path forward options

* Removed unnecesary write to storage
2020-01-09 16:45:07 -08:00
Jim Kalafut 154b11bedd
Update Duo docs (#8127) 2020-01-09 15:58:52 -08:00
Jacob Burroughs ac974a814e Add aws metadata to identity alias (#7985)
* Add aws metadata to identity alias

This allows for writing identity token templates that include these attributes
(And including these attributes in path templates)

* Add alias metadata asserstion to IAM login check
2020-01-09 15:12:30 -08:00
Becca Petrin a94f2d3e6f
Replace deprecated AWS client instantiations (#8060)
* replace deprecated aws client instantiation

* fix imports
2020-01-09 14:58:33 -08:00
Becca Petrin c2894b8d05
Add Kerberos auth agent (#7999)
* add kerberos auth agent

* strip old comment

* changes from feedback

* strip appengine indirect dependency
2020-01-09 14:56:34 -08:00
Jim Kalafut 2c6be02579
Allow easier swapping of Go version (#8102) 2020-01-09 09:35:32 -08:00
Michel Vocks 02cdd8a6da
Fix DB root rotation replication issue (#8106)
* Fix DB root rotation replication issue

* Rebase and switch to new path forward options
2020-01-09 15:59:58 +01:00
Mike Green 57a3b72cde Docs: Add note about needing to do plugin reload on each node (#8108)
* Add note about needing to do this on each node

Specifically calling this out will heed off operators doing this on a single node and thinking it is a bug that it didn't propagate to the other nodes, secondaries, etc.

* Updated to reflect not needing to do registration on each
2020-01-08 16:09:41 -08:00
Mike Green 12fba35a7c Update docs to add example of field output for KV get (#8109)
* Add example of field output

Ordering matters here and its a constant question both from customers and new folks. This will help to show the right syntax.

* minor update to spelling and force unit test rerun

* Update example actually in example area

* Clarify last example is only unix example

* removing Unix specific example
2020-01-08 15:58:10 -08:00
Mike Green ba3c4ed9d7 Add reference to answer "where are the metrics listed"? (#8110) 2020-01-08 10:32:09 -08:00
Jeff Mitchell fb9d809d91 Add changes for renewer api/agent behavior to upgrade guide 2020-01-08 12:47:49 -05:00
Jeff Mitchell f6758d5ed6 changelog++ 2020-01-08 12:45:54 -05:00
Jason O'Donnell 038d7bfc86
doc: update vault-helm to 0.3.2 (#8119) 2020-01-08 11:41:26 -05:00
Jim Kalafut aa1761fb03
Update framework forwarding logic to handle nil system views (#8114) 2020-01-08 05:59:44 -08:00
Michel Vocks c5925d6a0b
Fix go mod changes (#8116) 2020-01-08 14:17:53 +01:00
Michel Vocks 3416ce672e
changelog++ 2020-01-08 13:50:13 +01:00
Jim Kalafut 1e8806f80a
changelog++ 2020-01-07 16:49:42 -08:00
Noelle Daley 5b07838999
upgrade handlebars (#8112) 2020-01-07 16:19:25 -08:00
Jim Kalafut 2d859d83ea
Update vendoring (#8111) 2020-01-07 14:14:45 -08:00
Jim Kalafut fb4edc129e
Add path attributes to indicate when operations should forward (#7175) 2020-01-07 14:04:08 -08:00
Paul Banks 0b5c7550a6 Fix Headings for Consul Secret Engine (#8107) 2020-01-07 11:46:43 -05:00
Michel Vocks 1198fe848b
Fix potential panic in database credential role rotation (#8098) 2020-01-07 16:52:51 +01:00
Michel Vocks d4d82cdd4a
Fix MySQL Plugin password special character escape bug (#8040)
* Fix MySQL password escape bug

* Add test

* Add debug output

* Add debug line

* Added debug output

* Debug

* Debug

* Update vendor

* Remove debug comments
2020-01-07 16:51:49 +01:00
Matthew Irish a6617e1958
UI: add a command to build static storybook for deploying to netlify (#8028)
* add a command to build static storybook for deploying to netlify

* add storybook deploys to the ui readme
2020-01-06 16:01:34 -06:00
Brian Kassouf 549faf47f2
Add identity templating helper to sdk/framework (#8088)
* Add identity templating helper to sdk/framework

* Cleanup a bit

* Fix length issue when groups/aliases are filtered due to ns

* review feedback
2020-01-06 10:16:52 -08:00
Brian Kassouf 0d23c7973b
Update config.rb 2020-01-03 09:25:26 -08:00
Jason O'Donnell 78d47b0fe2
doc: update vault-k8s version (#8085) 2020-01-03 08:55:29 -05:00