Commit graph

8233 commits

Author SHA1 Message Date
Brian Kassouf 6d447d2671 Rename up path to internal/ui/mounts/<path> (#4435) 2018-04-23 18:16:10 -04:00
Jeff Mitchell fbb5e201f5 changelog++ 2018-04-23 18:05:08 -04:00
Alex Samorukov cb52f3eb80 Use locking to avoid parallel script execution (#4358) 2018-04-23 18:04:22 -04:00
Jeff Mitchell 89816ca76c changelog++ 2018-04-23 18:02:26 -04:00
Jeff Mitchell 182d960ecc changelog++ 2018-04-23 18:01:08 -04:00
Brian Kassouf c7f9d185b0
Kv preflight (#4430)
* Update kv command to use a preflight check

* Make the existing ui endpoint return the allowed mounts

* Add kv subcommand tests

* Enable `-field` in `vault kv get/put` (#4426)

* Enable `-field` in `vault kv get/put`

Fixes #4424

* Unify nil value handling

* Use preflight helper

* Update vkv plugin

* Add all the mount info when authenticated

* Add fix the error message on put

* add metadata test

* No need to sort the capabilities

* Remove the kv client header

* kv patch command (#4432)

* Fix test

* Fix tests

* Use permission denied instead of entity disabled
2018-04-23 15:00:02 -07:00
vishalnayak 6b7a042003 error on enable_local_secret_ids update after role creation 2018-04-23 17:05:53 -04:00
vishalnayak 97d146ca69 update docs 2018-04-23 16:54:23 -04:00
vishalnayak 644892c53c naming changes 2018-04-23 16:52:09 -04:00
Jeff Mitchell d54191adff Use permission denied for entity disabling 2018-04-23 16:50:04 -04:00
Matthew Irish ca872c5de1
UI: Mount tune fix (#4431)
* serialize instead of toJSON when mount tuning

* add tests

* remove model unit test

* fix typo
2018-04-23 15:32:43 -05:00
vishalnayak a369a4edb6 Upgrade secret ID prefix and fix tests 2018-04-23 16:31:51 -04:00
vishalnayak d14cd4a51e segregate local and non-local accessor entries 2018-04-23 16:19:05 -04:00
vishalnayak 7efbee2a12 Fix the tidy operation to consider both local and non-local secretID cleanups 2018-04-23 16:02:55 -04:00
Jeff Mitchell 3e6a9d5e09 changelog++ 2018-04-23 15:05:50 -04:00
vishalnayak 743e3ace13 fix path regex and role storage 2018-04-23 14:08:30 -04:00
vishalnayak 1680b56d43 add prefix to LocalStorage 2018-04-23 14:08:30 -04:00
vishalnayak 97b821b231 local secret IDs 2018-04-23 14:08:30 -04:00
vishalnayak 5cc02fd64b changelog++ 2018-04-23 13:52:11 -04:00
Vishal Nayak 10419845b7
disable identity for local mounts (#4407) 2018-04-23 13:46:14 -04:00
Jeff Mitchell 78b09d77c0 Use ResetNamed for sealunwrapper logger 2018-04-23 13:42:02 -04:00
Calvin Leung Huang 31633654ee Explicitly use 5.7 and below to test mysql backends (#4429) 2018-04-23 13:03:02 -04:00
Becca Petrin dbd1f119ed Use a sub-logger for the transactional cache (#4428) 2018-04-23 12:08:12 -04:00
Jeff Mitchell 0882e5afb6 Update audit text to make it clear that audit logs are for authenticated interactions 2018-04-23 10:49:32 -04:00
Calvin Leung Huang 72e70afe21 changelog++ 2018-04-23 10:31:08 -04:00
Jeff Mitchell bb8fa74a53 changelog++ 2018-04-23 10:11:45 -04:00
Jeff Mitchell 8d338f9903 Bump secrets-gcp for panic fix (#6) 2018-04-23 10:11:14 -04:00
Malhar Vora 45fe086107 Corrects description for mode option in ssh command (#4420)
Fixes #4375
2018-04-22 13:42:46 -04:00
Malhar Vora 739362b081 Correct typo in Kubernetes auth backend docs
Resolve small typo in Configuring Kubernetes section in Kubernetes Auth Backend
documentation.

Fixes #4417
2018-04-21 19:37:59 -07:00
Jeff Mitchell ceb39c0da7
Update seal wrap text in UI (#4416) 2018-04-21 11:09:39 -04:00
Jeff Mitchell 1cacd517f8 changelog++ 2018-04-21 10:51:47 -04:00
Jeff Mitchell 6d95b4d266
Add the ability to restrict token usage by IP. Add to token roles. (#4412)
Fixes #815
2018-04-21 10:49:16 -04:00
Matthew Irish 08c9bf3940
UI - Login fix (#4403)
* fix login

* add tests for login submission
2018-04-20 15:39:45 -05:00
Calvin Leung Huang 9864965e9d
Add ui build tag to generate assetfs file (#4413) 2018-04-20 15:47:45 -04:00
Chris Kent b6b521d4db Mrktfix (#4411)
* Updated hero with current logo

* Updated logos in these artifact images as well

* Added Branded Logo

with HashiCorp

* Updated logo with branded logo

(HashiCorp in the name)

* typo

* Wrong spot

* Updated logo
2018-04-20 14:43:11 -05:00
Jeff Mitchell 640b30ff7b
Resultant acl (#4386) 2018-04-20 14:19:04 -04:00
Chris Kent 4881a53eb0 Updated hero with current logo (#4410) 2018-04-20 12:50:00 -05:00
Alvin Huang 84ffdbb7b5 remove redundant 'Vault' in approle docs (#4405) 2018-04-20 09:55:15 -04:00
Matthew Irish 7f4dbe3fd2
Ui kv v2 redux (#4393)
* remove header used for backwards compatibility in KV mounts, and use v1 paths for v1, v2 paths for v2

* make the model hook always run

* simplify adapter & serializer code for secrets

* update tests

* fix lease tests

* address review feedback
2018-04-19 21:26:25 -05:00
Matthew Irish 5fd178b423
changelog++ 2018-04-19 20:55:31 -05:00
Matthew Irish 0e25096665
use an array to lookup capabilities paths so that commas aren't an issue (#4398) 2018-04-19 20:51:41 -05:00
Matthew Irish e32e82efcb
update the readme to be more useful for UI development (#4399) 2018-04-19 16:08:41 -05:00
Calvin Leung Huang 8df7add5f1 Adjustable test timeouts in Makefile (#4394) 2018-04-19 15:04:40 -04:00
Jeff Mitchell e69845b458
Defer setting views read/write until the end of postUnseal (#4392)
A few notes:

* We exert positive control over singletons and they usually need to
perform some (known, validated) writes, so this excludes singletons --
they are simply limited to the end of the mount function as before.

* I'm not sure how to test this _specifically_; I've done some testing
of e.g. sealing vault and unsealing and ensuring that I can write to a
KV mount. I think this is tested by every dev server though, since for a
dev server Vault is inited, the default mounts are mounted, then it's
sealed, then it's unsealed for the user, so it already goes through this
code path. The mere fact that you can write to secret/ on a dev server
means it was successfully set read-write.
2018-04-19 13:29:43 -04:00
Kevin Wang f1e46a0d76 Fix panic on kv put command with no arguments (#4389) 2018-04-18 15:45:49 -07:00
Jeff Mitchell 6eb2f2f8a3 changelog++ 2018-04-18 16:35:36 -04:00
Matthew Irish cfdb54cc5a
fix item popup for aws backend (#4371) 2018-04-18 15:34:35 -05:00
skiggety 77d59c527f remove lingering mention of "vault write" command. (#4388) 2018-04-18 16:32:37 -04:00
Matthew Irish 4c9e6c52ab
changelog++ 2018-04-18 14:31:35 -05:00
vishalnayak e1d857fed9 changelog++ 2018-04-18 13:11:40 -04:00