luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
11,007 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

11007 Commits

Author SHA1 Message Date
Brian Shumate 54a45db46d Update sample request (#7431) 
- Format curl command to be similar to other sample requests
- Add single quotes to URL for '?' so that example is functional
- Delete trailing space
 2019-09-25 13:32:42 -07:00
minitux 88da7ecd82 Fix api auth approle documentation (#7382) 
Change policies to token_policies
 2019-09-25 13:27:27 -07:00
Jim Kalafut 68a682cc10
changelog++ 2019-09-25 11:10:37 -07:00
Jim Kalafut db0c672d23
Ignore any existing token during CLI login (#7508) 
Fixes #6694
 2019-09-25 10:59:42 -07:00
Vu Pham 2d84a1078f Use snake case for HA example (#7505) 2019-09-23 16:02:08 -07:00
Joel Thompson 551b7a5e5c secret/aws: Support permissions boundaries on iam_user creds (#6786) 
* secrets/aws: Support permissions boundaries on iam_user creds

This allows configuring Vault to attach a permissions boundary policy to
IAM users that it creates, configured on a per-Vault-role basis.

* Fix indentation of policy in docs

Use spaces instead of tabs
 2019-09-19 16:35:12 -07:00
Calvin Leung Huang f4fd84d52b
sys: add pprof endpoint (#7473) 
* sys/pprof: add pprof routes to the system backend

* sys/pprof: add pprof paths to handler with local-only check

* fix trailing slash on pprof index endpoint

* use new no-forward handler on pprof

* go mod tidy

* add pprof external tests

* disallow streaming requests to exceed DefaultMaxRequestDuration

* add max request duration test
 2019-09-19 13:44:37 -07:00
Dilan Bellinghoven 2625b66595 chore: Do not need logger for command/agent/config.LoadConfig (#7496) 2019-09-19 13:03:30 -07:00
Jeff Mitchell bdb59e7f51 Bump api/sdk and vendoring 2019-09-19 09:43:23 -04:00
Jeff Mitchell 1fd71ed774 Bump API's SDK 2019-09-19 09:42:45 -04:00
Yahya 936af3650c [Docs] Fix typo in database sample request (#7492) 2019-09-19 10:14:34 +02:00
Jim Kalafut 3621179560 Fix Agent handling of gzipped responses (#7470) 
* Fix Agent handling of gzipped responses

Fixes #6606

* Only remove "gzip" member, if present

* Simplify to just removing Accept-Encoding altogether
 2019-09-18 14:24:41 -07:00
Graham Land 73b9e39775 Early indication of storage backend requirements (#7472) 
A Vault Enterprise Pro customer in Japan has tried to get Vault DR replication working using Google Cloud Storage.
They were frustrated to learn that GCS may not have support for transactional updates which has resulted in a lot of wasted time.
The complaint was that this was not clear from our documentation.
This note may help customers to understand sooner that not all highly available backends support transactional updates.
 2019-09-18 14:19:32 -07:00
Lars Lehtonen 404cb5f6dd Fix token_store_test.go (#7490) 
* vault: fix dropped error in test goroutine

* vault: fix dropped test errors
 2019-09-18 14:18:08 -07:00
Matthew Irish 368eba4055
Update CHANGELOG.md 2019-09-18 14:09:10 -05:00
Matthew Irish 6e4cc02f4d
expose 'storage_type' on the sys/seal-status endpoint (#7486) 
* expose 'storage_type' on the sys/seal-status endpoint

* add comments

* Update vault/core.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>
 2019-09-18 14:07:18 -05:00
Michael Gaffney fdc1274c70
Fix the transit trim key api doc (#7453) 2019-09-18 09:29:58 -04:00
Jeff Mitchell ba236306e2 Update api/sdk. Let kr/pty stay for now so it stops going in on every build 2019-09-18 09:12:57 -04:00
Jeff Mitchell fbfeda9576 Bump API's sdk 2019-09-18 09:10:23 -04:00
Jeff Mitchell 63f377c6b6 Tidy sdk 2019-09-18 09:09:44 -04:00
Pavlos Ratis d5d5582b23 add more gcp examples (#6358) 2019-09-17 13:39:00 -07:00
Jeff Mitchell 86d14691f4 Bump sdk and vendoring 2019-09-17 11:38:03 -04:00
Jeff Mitchell f72bc5acb2 Update version for 1.3 dev target on master 2019-09-17 11:36:55 -04:00
Justin Weissig ec41f0d775 docs: fixed sample json payload parse error (#7484) 
Fixed malformed json example (removed extra comma). Here's the payload parse error I was running into with the example.

```
{
  "rotation_period":"12h",
  "verification_ttl":43200,
}
```

Vault does not like this JSON.

```
curl -s \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload-2.json \
    http://127.0.0.1:8200/v1/identity/oidc/key/named-key-001 | jq
{
  "errors": [
    "failed to parse JSON input: invalid character '}' looking for beginning of object key string"
  ]
}
```
 2019-09-17 11:42:01 +02:00
Calvin Leung Huang 0caff07201
testing: set MetricsHelper if it not provided through base config (#7480) 2019-09-16 17:50:51 -07:00
Calvin Leung Huang 801e15ffe3
http: add handleLogicalNoForward handler for local-only requests (#7482) 
* http: add handleLogicalNoForward handler for local-only requests

* fix missing no-forward case; add docstring

* add docstring for handleLogicalInternal

* fix docstring reference

* fix comment on not-ok case
 2019-09-16 17:50:28 -07:00
Jim Kalafut d9741060d2
Add OCI links to detailed index (#7483) 2019-09-16 16:05:47 -07:00
Becca Petrin d416b5a838
document role aws auth role name casing (#7356) 2019-09-16 11:55:03 -07:00
Jim Kalafut dc18e7d33f
Add Technology Preview disclaimer to Raft docs (#7478) 2019-09-16 08:44:04 -07:00
David Rubin a2a22e6611 Remove vaulted as supported nodejs client (#7404) 
Vaulted is no longer maintained according to the readme. 

https://github.com/chiefy/vaulted#vaulted 

"No Longer Being Maintained Use node-vault for future support of Vault features!"
 2019-09-13 16:33:15 -07:00
Joel Thompson e8e59cd87c logical/aws: Clean up test user (#7459) 
I probably left this cleanup commented out as part of debugging test
errors in #6789 and forgot to uncomment it, so actually cleaning up the
test user.
 2019-09-13 11:05:43 -07:00
Jim Kalafut 4f76204eb5
changelog++ 2019-09-13 10:15:02 -07:00
Joel Thompson 8a981004ec Add reading AWS root/config endpoint (#7245) 2019-09-13 10:07:04 -07:00
Chris Hoffman 258229b01a
changelog++ 2019-09-13 11:53:20 -04:00
Mike Jarmy ecfcdc329e
use api.Config.Timeout instead of http.Client.Timeout for 60s request timeout default (#7469) 2019-09-13 08:28:58 -04:00
Michel Vocks f048a7c1be
Fixed wrong API method in API docs for identity token generation (#7462) 2019-09-13 09:08:18 +02:00
Laurent Godet 3de32582ae Fix kv destroy command (#7461) 2019-09-11 15:20:49 +02:00
Jeff Mitchell 09a9587523 Move renewer to internal package so tests don't barf 2019-09-09 16:09:53 -04:00
Jeff Mitchell da7d3ada09 changelog++ 2019-09-09 15:59:59 -04:00
Jeff Mitchell a965378b17
Support batch tokens in renewer and caching proxy for transit auto-unseal (#7441) 
Currently this uses a fork of the api.Renewer code, which we should consolidate in 1.3.
 2019-09-09 12:58:28 -07:00
Jeff Mitchell 852f95ac5d Bump Go in Dockerfile to 1.12.9 2019-09-09 14:45:14 -04:00
Sam Salisbury af26eda579
ci: 'atomically' update .circleci/config.yml (#7449) 
- Updates .circleci/Makefile to match
7cd733a000
 2019-09-09 15:11:37 +01:00
Austin Heiman c1f41a5e77 document mysql and postgres generated password complexity (#7435) 2019-09-07 09:48:08 -07:00
Jim Kalafut 27377dd612
Document Postgres ha_table parameter (#7444) 
Fixes #7416
 2019-09-07 08:49:14 -07:00
Jim Kalafut 4859d253d5
Fix Azure auth api docs (#7446) 
Fixes #6793, #6785
 2019-09-06 15:38:12 -07:00
Calvin Leung Huang 297e7bca38
raft: fix TestRaft_Snapshot_Take_Restore (#7443) 2019-09-06 15:20:08 -07:00
Yoko 72618cb5cf
Auto-unseal with Azure Key Vault (#7414) 
* Added note based on Asana report

* Removed extra space
 2019-09-06 15:03:37 -07:00
Jim Kalafut 210d6a4217
Update JWT docs re: host parameter (#7445) 2019-09-06 14:58:14 -07:00
Jeff Mitchell 3424b49613 changelog++ 2019-09-06 17:53:23 -04:00
Jim Kalafut ac046241c4
changelog++ 2019-09-06 14:40:00 -07:00