Commit graph

531 commits

Author SHA1 Message Date
Brian Kassouf 556e8da040
Update vendor directory (#7076) 2019-07-05 17:01:41 -07:00
Brian Kassouf 4d7d0d729a
storage/raft: When restoring a snapshot preseal first (#7011)
* storage/raft: When restoring a snapshot preseal first

* best-effort allow standbys to apply the restoreOp before sealing active node

* Don't cache the raft tls key

* Update physical/raft/raft.go

* Move pending raft peers to core

* Fix race on close bool

* Extend the leaderlease time for tests

* Update raft deps

* Fix audit hashing

* Fix race with auditing
2019-07-03 13:56:30 -07:00
Jeff Mitchell b35aa24c7f Bump auth plugins 2019-07-03 00:47:07 -04:00
Jeff Mitchell 76216398da Bump api/sdk 2019-07-03 00:14:05 -04:00
Jeff Mitchell ab453c0a37 Update api/sdk 2019-07-02 22:18:30 -04:00
Jeff Mitchell 70ee688bbf Bump sdk 2019-07-02 21:02:07 -04:00
Jeff Mitchell 9ca8412add Bump sdk 2019-07-02 21:00:25 -04:00
Jeff Mitchell 9baf59dcdc Update auth plugins 2019-07-02 18:40:41 -04:00
Jeff Mitchell 02120cfe5e Bump api/sdk 2019-07-02 10:25:04 -04:00
Jeff Mitchell 66431f37b0 Bump api/sdk 2019-07-02 09:53:02 -04:00
Jeff Mitchell 3acf65ae12 Bump api/sdk 2019-07-01 18:29:44 -04:00
Jeff Mitchell e691f7a4e9 Bump secrets-ad plugin 2019-07-01 16:14:36 -04:00
Jeff Mitchell bba64f2cca Bump SDK 2019-07-01 16:13:00 -04:00
Jeff Mitchell 369456388e Bump sdk 2019-07-01 08:58:40 -04:00
Jeff Mitchell 09f1b1f483 Bump sdk 2019-06-29 16:36:43 -04:00
Jeff Mitchell eade600ca7 Bump sdk 2019-06-29 14:51:16 -04:00
Jeff Mitchell ff0ba7a926 Bump api/sdk 2019-06-27 18:01:05 -04:00
Michael Gaffney ce9f8a72b6
Bump KV dep 2019-06-27 12:08:11 -04:00
Jeff Mitchell ce9d76c516 Update vendoring 2019-06-23 21:18:45 -04:00
Jeff Mitchell 2dea5185b3 Update vendor 2019-06-23 20:33:45 -04:00
Jeff Mitchell 633a6099f2 Vendor and prep for beta 2019-06-20 23:43:02 -04:00
Jeff Mitchell 3d231d985d Update vendor 2019-06-20 18:12:40 -04:00
Jeff Mitchell 7966231d88
Port some stuff (#6939)
* Port some fixes

* Sync some updates
2019-06-20 16:02:11 -04:00
Jeff Mitchell a68484107e Update vendor 2019-06-20 15:56:24 -04:00
Brian Kassouf ed14061578
Raft Storage Backend (#6888)
* Work on raft backend

* Add logstore locally

* Add encryptor and unsealable interfaces

* Add clustering support to raft

* Remove client and handler

* Bootstrap raft on init

* Cleanup raft logic a bit

* More raft work

* Work on TLS config

* More work on bootstrapping

* Fix build

* More work on bootstrapping

* More bootstrapping work

* fix build

* Remove consul dep

* Fix build

* merged oss/master into raft-storage

* Work on bootstrapping

* Get bootstrapping to work

* Clean up FMS and node-id

* Update local node ID logic

* Cleanup node-id change

* Work on snapshotting

* Raft: Add remove peer API (#906)

* Add remove peer API

* Add some comments

* Fix existing snapshotting (#909)

* Raft get peers API (#912)

* Read raft configuration

* address review feedback

* Use the Leadership Transfer API to step-down the active node (#918)

* Raft join and unseal using Shamir keys (#917)

* Raft join using shamir

* Store AEAD instead of master key

* Split the raft join process to answer the challenge after a successful unseal

* get the follower to standby state

* Make unseal work

* minor changes

* Some input checks

* reuse the shamir seal access instead of new default seal access

* refactor joinRaftSendAnswer function

* Synchronously send answer in auto-unseal case

* Address review feedback

* Raft snapshots (#910)

* Fix existing snapshotting

* implement the noop snapshotting

* Add comments and switch log libraries

* add some snapshot tests

* add snapshot test file

* add TODO

* More work on raft snapshotting

* progress on the ConfigStore strategy

* Don't use two buckets

* Update the snapshot store logic to hide the file logic

* Add more backend tests

* Cleanup code a bit

* [WIP] Raft recovery (#938)

* Add recovery functionality

* remove fmt.Printfs

* Fix a few fsm bugs

* Add max size value for raft backend (#942)

* Add max size value for raft backend

* Include physical.ErrValueTooLarge in the message

* Raft snapshot Take/Restore API  (#926)

* Inital work on raft snapshot APIs

* Always redirect snapshot install/download requests

* More work on the snapshot APIs

* Cleanup code a bit

* On restore handle special cases

* Use the seal to encrypt the sha sum file

* Add sealer mechanism and fix some bugs

* Call restore while state lock is held

* Send restore cb trigger through raft log

* Make error messages nicer

* Add test helpers

* Add snapshot test

* Add shamir unseal test

* Add more raft snapshot API tests

* Fix locking

* Change working to initalize

* Add underlying raw object to test cluster core

* Move leaderUUID to core

* Add raft TLS rotation logic (#950)

* Add TLS rotation logic

* Cleanup logic a bit

* Add/Remove from follower state on add/remove peer

* add comments

* Update more comments

* Update request_forwarding_service.proto

* Make sure we populate all nodes in the followerstate obj

* Update times

* Apply review feedback

* Add more raft config setting (#947)

* Add performance config setting

* Add more config options and fix tests

* Test Raft Recovery (#944)

* Test raft recovery

* Leave out a node during recovery

* remove unused struct

* Update physical/raft/snapshot_test.go

* Update physical/raft/snapshot_test.go

* fix vendoring

* Switch to new raft interface

* Remove unused files

* Switch a gogo -> proto instance

* Remove unneeded vault dep in go.sum

* Update helper/testhelpers/testhelpers.go

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* Update vault/cluster/cluster.go

* track active key within the keyring itself (#6915)

* track active key within the keyring itself

* lookup and store using the active key ID

* update docstring

* minor refactor

* Small text fixes (#6912)

* Update physical/raft/raft.go

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* review feedback

* Move raft logical system into separate file

* Update help text a bit

* Enforce cluster addr is set and use it for raft bootstrapping

* Fix tests

* fix http test panic

* Pull in latest raft-snapshot library

* Add comment
2019-06-20 12:14:58 -07:00
Becca Petrin 8782f2f8bb revert more unnecessary dep changes 2019-06-19 10:47:25 -07:00
Becca Petrin 75d15ae627 revert unnecessary dep updates from bad merge 2019-06-19 10:43:09 -07:00
Becca Petrin ab156603bd merge master 2019-06-19 10:24:45 -07:00
Becca Petrin 8bbf6e6fc3 update to latest plugin dependencies 2019-06-19 10:04:49 -07:00
Jeff Mitchell 659f97a0b7 Update api and sdk to remove direct gogo dep 2019-06-18 14:51:13 -04:00
Jeff Mitchell 1e5398efb3 Update api/sdk in main repo 2019-06-18 12:24:15 -04:00
Jeff Mitchell 6ddac3ad33 Bump api/sdk dep 2019-06-18 11:19:15 -04:00
Becca Petrin 17a682da40 Merge branch 'opensource-master' into add-elasticsearch-auth 2019-06-17 11:12:51 -07:00
Jeff Mitchell 51f3d3137f Update vendoring and api/sdk 2019-06-14 14:29:16 -04:00
Jeff Mitchell 402ba1b0f0
Tokenhelper v2 (#6662)
This provides an sdk util for common token fields and parsing and plumbs it into token store roles.
2019-06-14 10:17:04 -04:00
Jeff Mitchell 4c9125c4e6 Update vendoring 2019-06-13 13:41:18 -04:00
Becca Petrin 5b9d49fc2d add elasticsearch database engine 2019-06-10 09:19:11 -07:00
Becca Petrin 66aaa46588 add PCF auth method, agent, and cli handler 2019-06-06 12:26:04 -07:00
Jeff Mitchell 6d71da0401 Update vendoring 2019-06-06 13:51:34 -04:00
Lexman 9aa4662cec transit cache is an Interface implemented by wrapped versions of sync… (#6225)
* transit cache is an Interface implemented by wrapped versions of syncmap and golang-lru

* transit cache is an Interface implemented by wrapped versions of syncmap and golang-lru

* changed some import paths to point to sdk

* Apply suggestions from code review

Co-Authored-By: Lexman42 <Lexman42@users.noreply.github.com>

* updates docs with information on transit/cache-config endpoint

* updates vendored files

* fixes policy tests to actually use a cache where expected and renames the struct and storage path used for cache configurations to be more generic

* updates document links

* fixed a typo in a documentation link

* changes cache_size to just size for the cache-config endpoint
2019-06-04 15:40:56 -07:00
Jeff Mitchell 51eae6c3c1 Bump AWS plugin again 2019-05-28 17:37:47 -04:00
Joel Thompson 98ee4b84b4 Bump AWS SDK dependency to latest (#6788)
Also pull the latest into the local vendor
2019-05-28 16:36:32 -05:00
tonyd 0570966cb9 Allow logical backends access to the disabled state of an entity (#6791)
* Allow logical backends access to the disabled state of an entity via SystemView.EntityInfo().

* Add generated file in vendor directory.
2019-05-28 16:31:50 -05:00
Jeff Mitchell 1943cc7380 Update vendor 2019-05-23 10:44:19 -04:00
Patrick Hayes 359dbfc092 Maximum typo in Vault UI (#6743) 2019-05-16 08:44:34 +02:00
Jeff Mitchell 87cb8a032f Update to use newer sdk 2019-05-15 09:22:48 -04:00
Jeff Mitchell c4075fffc0 Vendoring updated grpc 2019-05-13 16:20:10 -04:00
Jeff Mitchell f09ddbc30b Update mod vendor
Closes #6711
2019-05-09 21:14:28 -04:00
Lexman fedc1a29fe
fixes circle_ci_go-mod-vendor-check (#6704) 2019-05-08 17:04:26 -07:00
mgritter 39ca69b3bc Update vendor directory with SDK changes. 2019-05-06 13:50:56 -07:00
Jim Kalafut a4755ec076
Update SDK vendor (#6669) 2019-05-01 18:48:12 -07:00
Jeff Mitchell e8a9d47aca
Port over some SP v2 bits (#6516)
* Port over some SP v2 bits

Specifically:

* Add too-large handling to Physical (Consul only for now)
* Contextify some identity funcs
* Update SP protos

* Add size limiting to inmem storage
2019-05-01 13:47:41 -04:00
Brian Kassouf 04d0ddfdae
Add mount UUID to the secret and auth list API responses (#6633) 2019-04-24 12:27:43 -07:00
Jeff Mitchell fe8ead5f2d go mod tidy and go mod vendor 2019-04-23 20:58:55 -04:00
Jeff Mitchell 9a7eb54a68 Merge branch '1.1.2' into master-oss 2019-04-18 18:49:49 -04:00
Brian Kassouf 43783a5dca
Move cluster logic out of vault package (#6601)
* Move cluster logic out of vault package

* Dedup heartbeat and fix tests

* Fix test
2019-04-17 13:50:31 -07:00
Brian Kassouf 4372625411 Update kv deps 2019-04-16 09:43:52 -07:00
Jeff Mitchell 6eaab11ab4 Bump secrets-gcp version 2019-04-15 17:54:29 -04:00
Jeff Mitchell b2bbd32f3b Update vendoring 2019-04-15 14:59:52 -04:00
Jeff Mitchell 1442cb8912 Update vendor 2019-04-15 09:29:25 -04:00
Jeff Mitchell 9ebc57581d
Switch to go modules (#6585)
* Switch to go modules

* Make fmt
2019-04-13 03:44:06 -04:00
Jeff Mitchell e922b70e89 Remove unneeded consul dep 2019-04-13 02:22:03 -04:00
Jeff Mitchell b9d4209280 Remove consul lib dep 2019-04-13 02:12:31 -04:00
Jeff Mitchell 80c303ac83 Move ldaputil and tlsutil over to sdk 2019-04-12 18:26:54 -04:00
Jeff Mitchell 371db36ede Move useragent to sdk 2019-04-12 18:17:49 -04:00
Jeff Mitchell a1796b3ece Move password to sdk 2019-04-12 18:12:13 -04:00
Jeff Mitchell 8d6ce1ffb5 Move policyutil to sdk 2019-04-12 18:08:46 -04:00
Jeff Mitchell 7ca424e8d2 Move cidrutil to sdk 2019-04-12 18:03:59 -04:00
Jeff Mitchell 8bcb533a1b
Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
Jeff Mitchell 4e7ce6f42b
Update deps (#6580)
* Update deps

* Change azure dep to match plugin
2019-04-12 11:51:37 -04:00
Jeff Mitchell 673dcfe49f Update gcp plugin and changelog 2019-04-09 16:42:25 -04:00
Jeff Mitchell ab49700759 Update gcp secrets plugin 2019-04-09 16:39:29 -04:00
Jim Kalafut 540cb8b288
Update jwt plugin dep (#6556) 2019-04-09 12:49:44 -07:00
Jim Kalafut a2fb526a38
Update jwt plugin dep (#6543) 2019-04-05 15:42:15 -07:00
Jeff Mitchell 900bbf5113 Pull JWT auth plugin and update CL 2019-04-05 09:24:43 -04:00
Jeff Mitchell a2c6022010 Update kv dep 2019-04-04 17:27:13 -04:00
Jeff Mitchell c076c8429f Update kv deps 2019-04-04 16:54:10 -04:00
Brian Kassouf 4b5092b375 Pull in updates 2019-04-02 16:37:44 -07:00
Jeff Mitchell 312a4c4702 Update go-jose 2019-04-01 17:55:07 -04:00
Jeff Mitchell f8db986144 Update plugins 2019-04-01 16:31:15 -04:00
Jim Kalafut 6e9faa74cd
Fix OpenAPI cleanResponse and test (#6454)
Add missing Headers field, along with a test to detect changes.

The custom decoder test should be ensuring only that the resulting
OpenAPI JSON outputs are equal. Updating the go-test deep library
reveals the error.
2019-03-26 11:08:56 -05:00
Jeff Mitchell 112fb393b8 Bump plugins now that they don't need Sermo 2019-03-20 17:50:06 -04:00
Jeff Mitchell 6797e21f54
Migrate from SermoDigital go Square JOSE (#6445) 2019-03-20 14:54:03 -04:00
Brian Kassouf 90ba293a53 Update kv plugin 2019-03-18 11:14:41 -07:00
Brian Kassouf 609076ae4b update kv plugin 2019-03-15 12:49:31 -07:00
Brian Kassouf 9acbebd376 Upgrade kv plugin 2019-03-15 12:06:17 -07:00
Brian Kassouf 777e7766ca Update plugins 2019-03-15 10:19:26 -07:00
Jim Kalafut 868b73bd8d
Update JWT plugin (#6415) 2019-03-14 14:18:09 -07:00
Jim Kalafut 1274a8d3d4
Update JWT plugin dependency and docs (#6345) 2019-03-05 09:46:04 -08:00
Brian Kassouf ad3605e657
Revert "filtered-path endpoint (#6132)" (#6337)
This reverts commit dfdbb0bad975fab447f49766baaa5a6c956f8e3d.
2019-03-04 14:08:21 -08:00
ncabatoff 8814fe1ba5 filtered-path endpoint (#6132)
* First pass at filtered-path endpoint.  It seems to be working, but there are tests missing, and possibly some optimization to handle large key sets.

* Vendor go-cmp.

* Fix incomplete vendoring of go-cmp.

* Improve test coverage.  Fix bug whereby access to a subtree named X would expose existence of a the key named X at the same level.

* Add benchmarks, which showed that hasNonDenyCapability would be "expensive" to call for every member of a large folder.  Made a couple of minor tweaks so that now it can be done without allocations.

* Comment cleanup.

* Review requested changes: rename some funcs, use routeCommon instead of
querying storage directly.

* Keep the same endpoint for now, but move it from a LIST to a POST and allow multiple paths to be queried in one operation.

* Modify test to pass multiple paths in at once.

* Add endpoint to default policy.

* Move endpoint to /sys/access/filtered-path.
2019-03-04 11:04:29 -08:00
Michel Vocks f2d022ac20
Print warning when 'tls_cipher_suites' includes blacklisted cipher suites (#6300)
* Implemented a warning when tls_cipher_suites includes only cipher suites which are not supprted by the HTTP/2 spec

* Added test for cipher suites

* Added hard fail on startup when all defined cipher suites are blacklisted. Added warning when some ciphers are blacklisted.

* Replaced hard failure with warning. Removed bad cipher util function and replaced it by external library.

* Added missing dependency. Fixed renaming of package name.
2019-03-01 16:48:06 +01:00
Jim Kalafut 8eb4a0c50a Update JWT plugin deps (#6313) 2019-02-28 17:49:50 -08:00
Jeff Mitchell 6208142a71 Update golang-lru dep which has a minor speedbump in the critical path 2019-02-27 17:51:06 -05:00
Brian Kassouf 26d8d318d7 Merge remote-tracking branch 'oss/master' into 1.1-beta 2019-02-19 12:17:15 -08:00
Martin 9044173d6e Prometheus support on v1/sys/metrics endpoint (#5308)
* initial commit for prometheus and sys/metrics support

* Throw an error if prometheusRetentionTime is 0,add prometheus in devmode

* return when format=prometheus is used and prom is disable

* parse prometheus_retention_time from string instead of int

* Initialize config.Telemetry if nil

* address PR issues

* add sys/metrics framework.Path in a factory

* Apply requiredMountTable entries's MountConfig to existing core table

* address pr comments

* enable prometheus sink by default

* Move Metric-related code in a separate metricsutil helper
2019-02-14 12:46:59 -08:00
Jim Kalafut 6aa32db736 Update jwt plugin 2019-02-14 11:03:26 -08:00
madalynrose 625f0c7546
Update OpenAPI responses to include information the UI can use (#6204) 2019-02-14 12:42:44 -05:00
Jim Kalafut 164ca0834b Update vendored JWT plugin 2019-02-12 17:08:04 -08:00
Jeff Mitchell 700ec3a19c Pull in updated plugins 2019-02-12 08:53:40 -05:00
Jim Kalafut df4139df51
Create alias and command for OIDC (#6206) 2019-02-11 13:37:55 -08:00
Jeff Mitchell 17755b8150 Update go-retryablehttp to get bodybytes, and circonus deps as those break without it 2019-02-01 17:13:21 -05:00
Jeff Mitchell bbc1d53a5d Revert "Refactor common token fields and operations into a helper (#5953)"
This reverts commit 66c226c593bb1cd48cfd8364ac8510cb42b7d67a.
2019-02-01 11:23:40 -05:00
Jeff Mitchell b94c29a8a1 Update go-ldap to fix #6135 2019-01-31 17:07:25 -05:00
Jeff Mitchell 85a560abba
Refactor common token fields and operations into a helper (#5953) 2019-01-30 16:23:28 -05:00
Jeff Mitchell 3f1a7d4fdd
Update to latest etcd and use the new repository packages (#6087)
This will be necessary for go mod work

Additionally, the srv api has changed. This adapts to it.
2019-01-23 14:35:03 -05:00
Becca Petrin aac271ed7f swap the forked aliyun sdk for the original (#6024) 2019-01-23 11:24:51 -05:00
Jeff Mitchell f75f4e75c7 Prepare for 1.0.2 2019-01-15 11:25:11 -05:00
Giacomo Tirabassi 0d3845c537 Influxdb secret engine built-in plugin (#5924)
* intial work for influxdb secret plugin

* fixed typo

* added comment

* added documentation

* added tests

* fixed tests

* added vendoring

* minor testing issue with hardcoded values

* minor fixes
2019-01-08 17:26:16 -08:00
Julien Blache 91d432fc85 FoundationDB backend TLS support and housekeeping (#5800)
* Fix typo in documentation

* Update fdb-go-install.sh for new release tags

* Exclude FoundationDB bindings from vendoring, delete vendored copy

FoundationDB bindings are tightly coupled to the server version and
client library version used in a specific deployment. Bindings need
to be installed using the fdb-go-install.sh script, as documented in
the foundationdb backend documentation.

* Add TLS support to FoundationDB backend

TLS support appeared in FoundationDB 5.2.4, raising the minimum API version
for TLS-aware FoundationDB code to 520.

* Update documentation for FoundationDB TLS support
2019-01-08 09:01:44 -08:00
Jeff Mitchell 7cafbb51bf Update plugins 2018-12-14 10:42:11 -05:00
Jeff Mitchell 9066bba70a CL and plugin updates 2018-12-03 11:45:02 -05:00
Jeff Mitchell 0eef70f279 Update x/net deps to pull in some fixes. (#5827) 2018-11-20 13:29:13 -08:00
Brian Kassouf 2b2b69cf0b Update plugins 2018-11-20 11:43:38 -08:00
Brian Kassouf 48dffb9b7c release prep 2018-11-12 11:10:47 -08:00
Vishal Nayak 0244aa4c54
Update KV dependency (#5707) 2018-11-06 14:33:21 -05:00
Jim Kalafut f5fafdf907
Update kv dependency (#5700) 2018-11-05 21:42:44 -08:00
Nicolas Corrarello 0b44a55d22 Adding support for Consul 1.4 ACL system (#5586)
* Adding support for Consul 1.4 ACL system

* Working tests

* Fixed logic gate

* Fixed logical gate that evaluate empty policy or empty list of policy names

* Ensure tests are run against appropiate Consul versions

* Running tests against official container with a 1.4.0-rc1 tag

* policies can never be nil (as even if it is empty will be an empty array)

* addressing feedback, refactoring tests

* removing cast

* converting old lease field to ttl, adding max ttl

* cleanup

* adding missing test

* testing wrong version

* adding support for local tokens

* addressing feedback
2018-11-02 10:44:12 -04:00
Jeff Mitchell 756e4c5f89 Update jwt to pull in groups claim delimiter pattern 2018-10-31 16:04:39 -04:00
Jim Kalafut 3abb1bfaa9
Update Azure Secrets plugin (#5606) 2018-10-25 12:06:55 -07:00
Jeff Mitchell 0406eeb8b7 Check in some generated protos needed by non-native archs 2018-10-23 12:46:47 -04:00
Chris Hoffman dec2eb88b6 adding gcpkms secrets engine (#784) 2018-10-22 23:39:25 -07:00
Matthew Irish 8073ebcd1e Merge branch 'oss-master' into 1.0-beta-oss 2018-10-19 20:40:36 -05:00
Jim Kalafut 6f7b298de4
Update Azure Secrets plugin (#5533) 2018-10-19 16:15:31 -07:00
Calvin Leung Huang a08ccbffa7
[Review Only] Autoseal OSS port (#757)
* Port awskms autoseal

* Rename files

* WIP autoseal

* Fix protobuf conflict

* Expose some structs to properly allow encrypting stored keys

* Update awskms with the latest changes

* Add KeyGuard implementation to abstract encryption/decryption of keys

* Fully decouple seal.Access implementations from sealwrap structs

* Add extra line to proto files, comment update

* Update seal_access_entry.go

* govendor sync

* Add endpoint info to configureAWSKMSSeal

* Update comment

* Refactor structs

* Update make proto

* Remove remove KeyGuard, move encrypt/decrypt to autoSeal

* Add rest of seals, update VerifyRecoveryKeys, add deps

* Fix some merge conflicts via govendor updates

* Rename SealWrapEntry to EncryptedBlobInfo

* Remove barrier type upgrade check in oss

* Add key to EncryptedBlobInfo proto

* Update barrierTypeUpgradeCheck signature
2018-10-19 14:43:57 -07:00
Brian Kassouf 48ee3650a3
Update deps (#5521) 2018-10-15 15:25:08 -07:00
Brian Kassouf d987a3c230
Update deps (#5520) 2018-10-15 14:36:55 -07:00
Becca Petrin 072d56be95 vendor the desired version of go.uuid (#5458) 2018-10-03 15:30:05 -07:00
Brian Kassouf 2995c06a53
Fix build (#5457) 2018-10-03 14:53:08 -07:00
Brian Kassouf 9307ba4b0b
Update Deps (#5454) 2018-10-03 09:55:26 -07:00
Brian Kassouf bc36d78df1 Update plugins 2018-10-02 11:14:15 -07:00
Becca Petrin 3da8d38e7d point at a fork of aliyun-oss-go-sdk (#5358) 2018-10-01 10:05:08 -07:00
Jeff Mitchell 56aaaac944
Add lz4 to compressutil (#5403) 2018-09-26 09:20:33 -05:00
Rob Playford 3998942f04 fix typo in vault-plugin-auth-jwt path (#5385)
* fix typo in vault-plugin-auth-jwt path

* remove duplicate vault-plugin-auth-jwt entry
2018-09-25 10:55:45 -05:00
Becca Petrin 74d4d0ccc0
add alicloud secrets engine (#5352) 2018-09-19 08:42:28 -07:00
Clint 5882156f53
Translate AWS Rate limiting errors to 502 errors (#5270)
* Initial implemntation of returning 529 for rate limits

- bump aws iam and sts packages to v1.14.31 to get mocking interface
- promote the iam and sts clients to the aws backend struct, for mocking in tests
- this also promotes some functions to methods on the Backend struct, so
  that we can use the injected client

Generating creds requires reading config/root for credentials to contact
IAM. Here we make pathConfigRoot a method on aws/backend so we can clear
the clients on successful update of config/root path. Adds a mutex to
safely clear the clients

* refactor locking and unlocking into methods on *backend

* refactor/simply the locking

* check client after grabbing lock
2018-09-18 15:26:06 -05:00
Jeff Mitchell cdd08cba58 Bump for release 2018-09-05 13:17:37 -04:00
Becca Petrin 7e0e49656a Add AliCloud auth to the Vault Agent (#5179) 2018-09-05 11:56:30 -04:00
Jeff Mitchell a001021d51 Sync plugin updates 2018-08-28 02:39:13 -04:00
Brian Kassouf 20a58d68df
Update kv plugin (#5187) 2018-08-25 14:56:40 -07:00
Jeff Mitchell d35f6e23fd Add json-iterator to vendor file 2018-08-22 16:16:19 -04:00
Jeff Mitchell 64660afee2 Get reflect2 into vendoring 2018-08-22 16:11:51 -04:00
Jeff Mitchell 31dbc52183 Add concurrent 2018-08-22 15:50:08 -04:00
Jeff Mitchell f42201ac64 Add ali deps to vendor 2018-08-22 15:39:18 -04:00
Jim Kalafut d8dc68495d
Update Azure Secrets plugin (#5154) 2018-08-21 21:05:05 -07:00
Jeff Mitchell 167817a068 Pull in jwt auth update 2018-08-21 15:11:18 -04:00
Jeff Mitchell fcc2cd7356 Pull in go-ldap update that fixes comparison with AD 2018-08-20 18:16:47 -04:00
Jeff Mitchell 6604bff9f0 Remove non existent vendored files 2018-08-16 16:23:28 -04:00
Jeff Mitchell bb9b4bcf08 Sync plugins 2018-08-16 16:21:38 -04:00
Jim Kalafut a8e81ce393 Initial import of Azure Secrets (#5120)
* Initial import of Azure Secrets

* Update vendor folder
2018-08-16 12:18:06 -07:00