Commit graph

12512 commits

Author SHA1 Message Date
Alexander Bezobchuk f1534a0ed0
Add nil check for quota manager (#9379)
* Add nil check for quota manager

* Add missing nil checks
2020-07-01 18:14:33 -07:00
Noelle Daley cf94e19b03
Update CHANGELOG.md 2020-07-01 17:28:59 -07:00
Noelle Daley bd8281b4ae
upgrade storybook and babel deps (#9371) 2020-07-01 16:28:16 -07:00
Chelsea Shaw 1f55f5d602
Add dr_operation_token_primary to hashed submit value (#9370) 2020-07-01 16:03:57 -05:00
Alexander Bezobchuk fb9cd9db2a
Merge PR #9372: Fix Unauthenticated list 2020-07-01 16:02:14 -04:00
Mark Gritter 707fdea702
Don't return quota error on revoke. (#9374)
Changed log messages to be clearer about quota operations.
This should fix enterprise unit test failures.
2020-07-01 14:41:42 -05:00
Calvin Leung Huang 37c0e51142
logical/system: re-introduce ns-awareness in pathInternalUIMountsRead (#9373) 2020-07-01 12:37:11 -07:00
Jim Kalafut 6e605c0995
Update plugin dependencies (#9367) 2020-07-01 12:03:47 -07:00
Austin Gebauer e8d972c2ec
changelog++ 2020-07-01 11:32:20 -07:00
Brian Kassouf 50cd031798
Update go-kms-deps & run go mod vendor (#9366) 2020-07-01 10:54:50 -07:00
Chelsea Shaw dfa9b7021b
Update TTL picker on add replication secondary (#9271)
* Update TTL picker on add replication secondary

This change updates the TTL picker to the new version to match most updated designs. The component also allows the default value to be more obvious

* Remove erroneous else

* Add changeOnInit param for TtlPicker2 and use it on add secondary page

* Update ttlPicker2 docs and add tests for new param

* Calculate value in unit provided on init for ttl-picker2, with tests

* Cleanup and make ttl-picker2 test more specific
2020-07-01 12:50:02 -05:00
Scott Miller a6f62359a9
Don't setup plugin reload on perf standbys (#9352) 2020-06-30 17:32:06 -05:00
Mike Jarmy 4b2cdfee72
re-enable seal migration (#9351)
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-06-30 18:21:18 -04:00
Scott Miller 2aa90105d3
Address feedback on Plugin Reload: OSS Side (#9350)
* just use an error string

* Switch command to use new struct
2020-06-30 16:26:38 -05:00
Scott Miller ad292bec73
Fix wrong err return value in plugin reload status command (#9348)
* Fix wrong return value (discovered when merging to ENT)

* go.mod

* go mod vendor

* Add setup plugin reload hook

* All reloads return something now
2020-06-30 13:33:30 -05:00
Scott Miller 001ee861bd
Global Plugin Reload: OSS Changes Take II (#9347)
* Carefully move changes from the plugin-cluster-reload branch into this clean branch off master.

* Don't test this at this level, adequately covered in the api level tests

* Change PR link

* go.mod

* Vendoring

* Vendor api/sys_plugins.go
2020-06-30 10:26:52 -05:00
Theron Voran 32bf4b6e00
changelog++ 2020-06-29 15:47:45 -07:00
Jason O'Donnell 142b47fe5e
auth/k8s: update go.mod (#9328)
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2020-06-29 15:44:33 -07:00
Scott Miller e92f8f5a81
Revert global plugin reload commits (#9344)
* Revert "Some of the OSS changes were clobbered when merging with quotas out of, master (#9343)"

This reverts commit 8719a9b7c4d6ca7afb2e0a85e7c570cc17081f41.

* Revert "OSS side of Global Plugin Reload (#9340)"

This reverts commit f98afb998ae50346849050e882b6be50807983ad.
2020-06-29 17:36:22 -05:00
Josh Black 44a7e3661d
Update replication status API docs with new fields (#9215) 2020-06-29 15:11:17 -07:00
Scott Miller cc51427584
Some of the OSS changes were clobbered when merging with quotas out of, master (#9343)
* OSS side of Global Plugin Reload
2020-06-29 16:58:51 -05:00
Scott Miller a83fe0fc6d
OSS side of Global Plugin Reload (#9340)
* OSS side of Global Plugin Reload

* changelog++
2020-06-29 16:23:28 -05:00
ncabatoff d42ee4f7ef
Ensure "initialized" service registration tag is also present whenever Vault is unsealed, on both Consul and K8s (#8990)
* Add the initialized tag to Consul registration for parity with k8s (and for easy automated testing).  Ensure that whenever we flag Vault as unsealed, we also flag it as initialized.

* Update API docs.

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
2020-06-29 16:02:49 -04:00
Calvin Leung Huang babaa93a0f
monitor: watch for seal state during monitor request (#9341)
* monitor: watch for seal state during monitor request

* monitor: return error regardless of how upstream handles it
2020-06-29 12:58:41 -07:00
Josh Black dc2b5c1830
Add docs for vault monitor (#9218) 2020-06-29 12:23:31 -07:00
Mark Gritter 873acbefbd
Unit test that fails to demonstrate identity store problem. (#9339)
Fix test compilation error.
2020-06-29 13:33:25 -05:00
Theron Voran 06700a7110
Adding docs for azure-specific handling in jwt-oidc (#9287)
Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
2020-06-29 10:46:41 -07:00
Theron Voran 6dfe8d966a
changelog++ 2020-06-29 10:25:18 -07:00
Theron Voran c943235288
Update auth-jwt to v0.7.0 (#9320)
Adds support for distributed groups claims on Azure, necessary when a
user is a member of more than 200 groups.
2020-06-29 10:23:32 -07:00
Vishal Nayak 6bd5674345
Reset quota manager during shutdown (#9331) 2020-06-29 13:23:10 -04:00
ncabatoff 4a5d8fc212
Remove two unreliable tests from TestTransit_SignVerify_P256. (#7499)
* Remove two tests from TestTransit_SignVerify_P256.  These verify that
you can't verify something signed using JWS marshaling when claiming
it's ASN1, and vice versa.  The problem is that we rely on unmarshaling
failing, and it doesn't always.  Both encodings use base64, one with
padding, one without, so depending on the data sometimes unmarshaling
will work when we expect it to fail.  It would be nice to preserve
these tests if they could be made reliable, but I didn't see an easy way,
and I don't think they add enough value to warrant greater effort.

* Restore the tests I removed, and improve the verify function to broaden the notion of errExpected.

Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-06-29 12:22:22 -04:00
Vitaly Velikodny 1bb9992c92
fix #8092: add the note to docs about impossible to create a custom token with 's.' prefix (#8195)
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-06-29 12:20:23 -04:00
Josh Black 6306faa3d2
Update documentation with more details for allowed_parameters (#9279) 2020-06-29 09:01:33 -07:00
Kevin Pruett 4a48b57546
Add Algolia indexing script to CI (#9332) 2020-06-29 16:39:08 +01:00
Clint cbecc40e48
Stepwise docker env (#9292)
* add first stepwise test env, Docker, with example transit test

* update transit stepwise test

* add other tests that use stepwise

* cleanup test, make names different than just 'transit'

* return the stderr if compile fails with error

* minor cleanups

* minor cleanups

* go mod vendor

* cleanups

* remove some extra code, and un-export some fields/methods

* update vendor

* remove reference to vault.CoreConfig, which really wasn't used anyway

* update with go mod vendor

* restore Precheck method to test cases

* clean up some networking things; create networks with UUID, clean up during teardown

* vendor stepwise

* Update sdk/testing/stepwise/environments/docker/environment.go

haha thanks :D

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* Update sdk/testing/stepwise/environments/docker/environment.go

Great catch, thanks

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* fix redundant name

* update error message in test

* Update builtin/credential/userpass/stepwise_test.go

More explicit error checking and responding

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* Update builtin/logical/aws/stepwise_test.go

`test` -> `testFunc`

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* Update builtin/logical/transit/stepwise_test.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* fix typos

* update error messages to provide clarity

* Update sdk/testing/stepwise/environments/docker/environment.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* update error handling / collection in Teardown

* panic if GenerateUUID returns an error

* Update sdk/testing/stepwise/environments/docker/environment.go

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>

* Update builtin/credential/userpass/stepwise_test.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update builtin/logical/aws/stepwise_test.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update builtin/logical/transit/stepwise_test.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update sdk/testing/stepwise/environments/docker/environment.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* import ordering

* standardize on dc from rc for cluster

* lowercase name

* CreateAPIClient -> NewAPIClient

* testWait -> ensure

* go mod cleanup

* cleanups

* move fields and method around

* make start and dockerclusternode private; use better random serial number

* use better random for SerialNumber

* add a timeout to the context used for terminating the docker container

* Use a constant for the Docker client version

* rearrange import statements

Co-authored-by: Michael Golowka <72365+pcman312@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-06-26 17:52:31 -05:00
Vishal Nayak c6876fe00f
Resource Quotas: Rate Limiting (#9330) 2020-06-26 17:13:16 -04:00
Noelle Daley ae821b2600
ensure primary cluster information displays on initial page load (#9329) 2020-06-26 14:05:19 -07:00
Javier Ramos 16070564cb
Calculate percentage when displaying progress in tidy operation (#9233)
* Calculate percentage when displaying progress in tidy operation

* Update vault/token_store.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update vault/token_store.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-06-26 12:44:45 -07:00
Noelle Daley f06403ddee
Ui/add primary link (#9327)
* add link to primary cluster UI

* only show link to primary when we have a link to the primary

* add tests; move consts into individual tests
2020-06-26 12:18:14 -07:00
Alexander Bezobchuk bd96d1dae1
physical/raft: Add nil check to shutdown (#9322) 2020-06-25 17:51:13 -07:00
Mark Gritter a5d2edece2
Enable identity entity collection. (#9324) 2020-06-25 18:54:38 -05:00
Theron Voran 505bb596d3
docs: default for the auth-path annotation (#9313)
Updating the default for the auth-path annotation in the k8s injector
docs.
2020-06-25 09:36:23 -07:00
Scott Miller 57c6ae4233
Test for overflow of the capacity value (#9317) 2020-06-25 11:22:13 -05:00
Austin Gebauer e8ba04f021
changelog++ 2020-06-24 14:32:23 -07:00
Jim Kalafut b775ea5c7e
Update kerberos auth plugin (#9307) 2020-06-24 14:02:52 -07:00
Noelle Daley b88334fe77
Ui/fix manage grid (#9309)
* fix typo in known_primary_cluster_addrs

* make height of manage actions the same on all browsers
2020-06-24 13:50:26 -07:00
Jason O'Donnell 5eaddca426
plugins/openldap: update go mod (#9301)
* plugins/openldap: update go mod

* go mod vendor
2020-06-24 09:28:24 -04:00
Jason O'Donnell 0e294a7174
plugins/ssh: add diabled host key verification warning (#9304) 2020-06-24 08:40:19 -04:00
Mark Gritter a54a3b6a66
Entity and alias counts (#9262)
* Added gauge collectors for entity counts.
* Entity and alias gauges.
* Locking around accessor to core.identityStore and core.mount.
2020-06-23 19:45:59 -05:00
Mark Gritter 97d415d024
Token gauge metrics implementation. (#9239)
* Token gauge metrics implementation.
* Enable gauges only when interval is nonzero.
* Added count by TTL
* Yandle "in restore mode" error specifically.
* Refactored initialization code for gauge collection processes.
* Fixed for multiple namespaces.
* Ability to disable individual gauges with environment variable.
* changelog++
2020-06-23 18:36:24 -05:00