Commit graph

12037 commits

Author SHA1 Message Date
Jim Kalafut de2d7b5260
Update OIDC configuration docs (#8771) 2020-04-27 15:59:40 -07:00
Scott Miller 2f0254d05a
Handle request errors during raft snapshot (#8861)
* Handle request errors during raft snapshot
2020-04-27 13:39:06 -05:00
Becca Petrin 3b420b0735
Add helper for aliasmetadata and add to AWS auth (#8783)
* add aliasmetadata sdk helper and add to aws auth

* split into ec2_metadata and iam_metadata fields

* fix tests

* strip pointer

* add test of default metadata

* more test <3

* switch from interface to custom marshallers

* add tests for marshalling

* store nil when selected fields are default

* separate loop into pieces

* separate acc test into multiple

* Update builtin/credential/aws/path_login.go

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

* changes from feedback

* update aws test

* refactor to also populate auth metadata

* update how jsonification is tested

* only add populated metadata values

* add auth_type to ec2 logins

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-04-27 10:06:07 -07:00
Calvin Leung Huang 67ce5cf9d4
changelog++ 2020-04-27 09:52:41 -07:00
Calvin Leung Huang ec8448ab56
token: disallow periods on custom token IDs (#8646)
* token: disallow periods on custom token IDs

* docs: update token API docs
2020-04-27 09:39:33 -07:00
Michael Golowka 1dbc6d3dd0
Add 'iam_alias' and 'gce_alias' fields to API docs (#8822) 2020-04-27 09:54:51 -06:00
Michael Hofer 62ee11ef02
Fix typo in Entropy Augmentation docs sales contact link (#8851) 2020-04-26 14:24:48 -07:00
Clement Chauplannaz 5f3a64595b
Typo in response-wrapping.mdx (#8849) 2020-04-26 10:00:32 -07:00
Austin Gebauer 98bea4517f
fix: removes broken golangci-lint external tool from bootstrap (#8846) 2020-04-24 17:52:23 -07:00
Calvin Leung Huang 5b53fd9e34
changelog++ 2020-04-24 13:34:40 -07:00
Calvin Leung Huang 660ce17dd0
seal/gcpkms: fix panic that occurs when the seal config map is nil (#8840) 2020-04-24 13:31:03 -07:00
Dustin Decker 08571a0ac3
Add identity num_entities gauge metric (#8816)
Signed-off-by: Dustin Decker <dustindecker@protonmail.com>
2020-04-23 19:29:42 -05:00
Brian Kassouf 21cdba6fb5
identity: Add batch entity deletion endpoint (#8785)
* identity: Add batch entity deletion endpoint

* Update the parameter description

* Update error message

* Update helper/storagepacker/storagepacker.go

Co-Authored-By: Vishal Nayak <vishalnayak@users.noreply.github.com>

* Review feedback

* Update vault/identity_store_entities.go

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-04-23 15:25:13 -07:00
Calvin Leung Huang 4f982ea12e
changelog++ 2020-04-23 14:13:45 -07:00
Calvin Leung Huang e9f73e66c2
userpass: fix upgrade value for token_bound_cidrs (#8826) 2020-04-23 14:00:21 -07:00
Austin Gebauer 149a6eea50
changelog++ 2020-04-23 11:51:10 -07:00
ncabatoff a0ec5b087c
changelog++ 2020-04-23 14:48:23 -04:00
ncabatoff 6262b499c3
changelog++ 2020-04-23 14:47:41 -04:00
ncabatoff c5f3996855
The new okta library doesn't prepend /api/v1 to our URL paths like the old one does (we still use the old one in the absence of an API token, since the new one doesn't support that.) Make our shim prepend /api/v1 to manual requests for the new library like the old library does, and remove explicit /api/v1 from our request paths. (#8807) 2020-04-23 14:35:26 -04:00
Brian Kassouf 33b3e6857e
identity: group refresh shouldn't lock unless an update is needed (#8795) 2020-04-23 11:31:22 -07:00
Brian Kassouf d979279015
storage/raft: Fix memory allocation issue and Metadata tracking issues with snapshots (#8793)
* storage/raft: Split snapshot restore disk write into batches

* Work on snapshot consistency

* make sure tests send a snapshot

* Fix comment

* Don't remove metrics

* Fix comment
2020-04-23 11:11:08 -07:00
Austin Gebauer 01e701f008
Fix: rotate root credentials for database plugins using WAL (#8782)
* fix: rotate root credentials for database plugins using WAL

* test: adds a test for WAL rollback logic

* fix: progress on wal rollback

* docs: updates some comments

* docs: updates some comments

* test: adds additional test coverage for WAL rollback

* chore: remove unneeded log

* style: error handling, imports, signature line wraps

* fix: always close db plugin connection
2020-04-22 16:21:28 -07:00
Jeff Escalante ec1d92a95a
Add changelog url to data file for website (#8810)
* pull changelog url from config file

* add fallback if url is empty
2020-04-22 16:27:34 -04:00
Jeff Escalante 771fd8de61
update website readme (#8739)
- add section on redirects
- add section on markdown enhancements
- consistently wrap at col 81
- add fix for safe write issue
2020-04-22 15:18:48 -04:00
ncabatoff 35acc3f081
Use a more minimal bootstrap target when running in CI: just what we need to satisfy our job needs. Also remove govendor which we no longer use. (#8808) 2020-04-22 15:05:49 -04:00
Jim Kalafut ad85aa6d13
changelog++ 2020-04-21 21:19:42 -07:00
Vishal Nayak 2ff08ee932
Doc: update sys/mounts API response (#8800) 2020-04-21 23:57:49 -04:00
Calvin Leung Huang 2a0a08a9d3
changelog++ 2020-04-21 15:35:27 -07:00
Calvin Leung Huang 0509985408
http: ensure return after writing response by respondError (#8796) 2020-04-21 15:30:36 -07:00
Calvin Leung Huang b411b93dc3
changelog++ 2020-04-21 13:51:12 -07:00
Calvin Leung Huang 2659c34910
raft: check for nil on concrete type in SetupCluster (#8784)
* raft: check for nil on concrete type in SetupCluster

* raft: move check to its own func

* raft: func cleanup

* raft: disallow disable_clustering = true when raft storage is used

* docs: update disable_clustering to mention new behavior
2020-04-21 13:45:07 -07:00
Jim Kalafut 7c3f1830bb
changelog++ 2020-04-21 11:44:26 -07:00
Scott G. Miller 9302d8a52e changelog++ 2020-04-20 13:14:14 -05:00
Scott G. Miller ea1dc0f24c Merge branch 'master' of github.com:hashicorp/vault 2020-04-20 13:09:43 -05:00
Scott G. Miller 2db3d59175 changelog++ 2020-04-20 13:09:26 -05:00
Chelsea Shaw ec62bd18fe
Ui/update ttl on secret engines (#8743) 2020-04-20 10:17:50 -05:00
Jim Kalafut 053c2b3cf6
Update go.mod to corrected plugin tags (#8759)
This addresses an issue found in #8696 which was determined to be due to
the Go module proxy having a cached copy of a tag that doesn't match the
official version (due a build prep error weeks ago). All of the repos
got new patch versions, but the content is identical.
2020-04-17 11:50:19 -07:00
Adrienne Cohea 858549450a
Documentation: In Transit, for the Trim Key API endpoint, correct the sample payload. (#8763) 2020-04-17 11:20:17 -07:00
Mike Green e58cce958b
Clarify version that sink mode is in (#8764)
Clarifying customer experience. Ie, don't try this on 1.2.1
2020-04-17 11:16:21 -07:00
Calvin Leung Huang 1425e43476
changelog++ 2020-04-16 17:10:05 -07:00
Calvin Leung Huang df23b481a6
core: change rawConfig to be atomic.Value (#8755)
This avoids SetConfig from having to grab a write lock which is called on a SIGHUP, and may block, along with a long-running requests that has a read lock held, any other operation that requires a state lock.
2020-04-16 16:34:46 -07:00
Jim Kalafut 7a0867073c
changelog++ 2020-04-16 14:59:59 -07:00
Ryan Canty 49c937ff2c
Added docs for PR in Vault GCP Secrets repo (#8728) 2020-04-16 14:57:50 -07:00
Jim Kalafut b7fc72d5ec
Update go.mod and vendoring (#8752)
This primarily ports updates made during the 1.4 release to master.
2020-04-16 12:07:07 -07:00
Jim Kalafut e7e2f7415b
Update the version prelease value (#8748) 2020-04-16 10:10:35 -07:00
Brian Kassouf 2e7d682586
Update triton-go package (#8751) 2020-04-16 09:57:37 -07:00
Michael Golowka cfad0ebe16
Clarify key rotation capabilities for Azure auto-unseal (#8745)
* Clarify key rotation capabilities for Azure auto-unseal

* Fix alignment

Co-authored-by: Vishal Nayak <vishalnayakv@gmail.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-04-15 12:52:16 -04:00
Becca Petrin a3e5d261b5
Add Transform to enterprise OpenAPI doc (#8746)
* add transform to gen_openapi.sh

* add license
2020-04-15 09:12:12 -07:00
Michael Golowka 9c3e4daa33
Improve error outputs (#8740)
Makes "ldap operation failed" error messages a little more useful. Also
makes the errors unique so it's easier to debug where an error is coming
from when one occurs.
2020-04-14 14:08:07 -06:00
Mike Jarmy 5ae2f103d8
Enable transit->shamir seal migration in Enterprise (#8737)
* Enable transit->shamir seal migration in Enterprise

* prove that we can stop the transit cluster after migration is complete
2020-04-14 10:36:46 -04:00