Commit graph

7174 commits

Author SHA1 Message Date
Jeff Mitchell 6be5b8e8a1 Don't use context in barrier type/recovery type 2018-01-19 03:17:36 -05:00
Brian Kassouf f8b03795f9
changelog++ 2018-01-18 23:49:51 -08:00
Jeff Mitchell 0f7e3bb79b Add context to performPolicyChecks 2018-01-19 02:43:39 -05:00
Brian Kassouf 13fddcb193
changelog++ 2018-01-18 23:40:36 -08:00
Jeff Mitchell c97e73ce70
Don't check recovery seal in Initialized()
It doesn't actually matter and can give false positives.
2018-01-19 01:55:33 -05:00
Brian Kassouf 2f19de0305 Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 01:44:44 -05:00
Jeff Mitchell 85ceb198b8 bump go-plugin 2018-01-18 16:58:03 -05:00
Brian Kassouf 7050c1ca41
gRPC Backend Plugins (#3808)
* Add grpc plugins

* Add grpc plugins

* Translate wrap info to/from proto

* Add nil checks

* Fix nil marshaling errors

* Provide logging through the go-plugin logger

* handle errors in the messages

* Update the TLS config so bidirectional connections work

* Add connectivity checks

* Restart plugin and add timeouts where context is not availible

* Add the response wrap data into the grpc system implementation

* Add leaseoptions to pb.Auth

* Add an error translator

* Add tests for translating the proto objects

* Fix rename of function

* Add tracing to plugins for easier debugging

* Handle plugin crashes with the go-plugin context

* Add test for grpcStorage

* Add tests for backend and system

* Bump go-plugin for GRPCBroker

* Remove RegisterLicense

* Add casing translations for new proto messages

* Use doneCtx in grpcClient

* Use doneCtx in grpcClient

* s/shutdown/shut down/
2018-01-18 13:49:20 -08:00
Matthew Irish b701c418bf
changelog++ 2018-01-18 14:37:48 -06:00
Jeff Mitchell 842a3a4a05 Remove RegisterLicense from logical.Backend
It's almost certainly the wrong signature and nothing uses it currently
anyways.
2018-01-18 13:44:29 -05:00
Calvin Leung Huang 5cf07f9e63 changelog++ 2018-01-18 12:28:09 -05:00
Calvin Leung Huang f59069c22f
Don't call LeaseExtend on login renewal paths when period is provided (#3803)
* Don't call LeaseExtend on login renewal paths when period is provided

* WIP tests

* NoopBackend accept backend ttl values

* Test period value on credentials backend

* Use t.Fatalf instead

* Remove mockCoreExpiration

* Add login renewal test for approle backend

* Add resp.Auth.Period check on aws and cert backend tests

* Pass in approle's period via role's period

* Correctly set period in valid-role's role

* Add period renewal test using TestCluster and approle backend

* Check for ttl values after renewals on test
2018-01-18 12:19:18 -05:00
Jeff Mitchell b5c46a9419 changelog++ 2018-01-18 12:15:11 -05:00
samiam c59b5a1a88 Write password prompts to stderr to avoid co-mingling stdout (#3781) (#3782) 2018-01-18 12:14:19 -05:00
Jeff Mitchell dc4a95bf2d Enhance TLS client forwarding test to ensure each client is distinct 2018-01-18 12:01:07 -05:00
Jeff Mitchell b281e76089 Move around some logic to be neater 2018-01-18 11:47:24 -05:00
Jeff Mitchell cf895fc19a Actually print out forwarded stacktrace 2018-01-18 11:40:59 -05:00
Calvin Leung Huang 7752ebe45e Fix sys/health tests 2018-01-18 10:00:28 -05:00
Jeff Mitchell 8ec1c91408 changelog++ 2018-01-18 01:45:10 -05:00
Jeff Mitchell c231479a18
Fix max_ttl not being honored in database backend when default_ttl is zero (#3814)
Fixes #3812
2018-01-18 01:43:38 -05:00
Calvin Leung Huang bffaf9b0c3 Remove vlogger, add log.Logger to PolicyStore struct (#3813) 2018-01-18 01:01:51 -05:00
Jeff Mitchell ffc15201dd Allow API to return health response when in a custom state 2018-01-17 23:50:37 -05:00
Jeff Mitchell 5371b0489f Rename var from last commit 2018-01-17 23:08:35 -05:00
Jeff Mitchell 307a177540 Make heartbeatInterval a package var to allow tests to modify it 2018-01-17 23:05:11 -05:00
Jeff Mitchell 842e3cb5dd Add replication mode sys health information to Go API 2018-01-17 22:50:37 -05:00
Jeff Mitchell d1631346ce replication state -> replication mode in sys/health 2018-01-17 22:38:03 -05:00
Jeff Mitchell 6598182249 changelog++ 2018-01-17 22:19:23 -05:00
Jeff Mitchell a71c74aa3f
Add replication state to EchoReply (#3810) 2018-01-17 22:17:47 -05:00
Jeff Mitchell e3e89ecb40 changelog++ 2018-01-17 20:55:38 -05:00
Vishal Nayak b826c56686
SHA2-256 salting for AppID (#3806)
* Use SHA2-256 hash with prefix to upgrade the paths

* test the SHA1 upgrade to SHA256

* Remove hash identifier and the delimiter; use 's' instead

* Added API test to verify the correctness of the fix

* Fix broken test

* remove unneeded test
2018-01-17 19:48:32 -05:00
Jeff Mitchell 5a6a7900ae Change next major release of Vault to 0.11 or later to make it less scary 2018-01-17 19:31:52 -05:00
Jeff Mitchell cb0aee8229 changelog++ 2018-01-17 19:25:08 -05:00
Jeff Mitchell 2cbac864f0 changelog++ 2018-01-17 19:22:45 -05:00
Chris Hoffman 102ed8cfae Locking updates in database backend (#3774) 2018-01-17 19:21:59 -05:00
Jeff Mitchell 9fa314e639 changelog++ 2018-01-17 19:20:32 -05:00
Tom Wilkie e06cb595fc Make the plugin catalog endpoint roundtrip so we can use terraform to manage them. (#3778) 2018-01-17 19:19:28 -05:00
Jeff Mitchell 3dc9967460 Sync in latest go-plugin 2018-01-17 11:57:24 -05:00
Chris Hoffman 5bc72f35f5 changelog++ 2018-01-17 11:57:12 -05:00
Chris Hoffman 5b2b168e97
Converting OU and Organization role fields to CommaStringSlice (#3804) 2018-01-17 11:53:49 -05:00
Jeff Mitchell 46ab4b201a changelog++ 2018-01-16 18:21:04 -05:00
Josh Giles 9c46431b80 Support JSON lists for Okta user groups+policies. (#3801)
* Support JSON lists for Okta user groups+policies.

Migrate the manually-parsed comma-separated string field types for user
groups and user policies to TypeCommaStringSlice. This means user
endpoints now accept proper lists as input for these fields in addition
to comma-separated string values. The value for reads remains a list.

Update the Okta API documentation for users and groups to reflect that
both user group and user/group policy fields are list-valued.

Update the Okta acceptance tests to cover passing a list value for the
user policy field, and require the OKTA_API_TOKEN env var to be set
(required for the "everyone" policy tests to pass).

* Fix typo, add comma-separated docs.
2018-01-16 18:20:19 -05:00
Jeff Mitchell 88313f0398 Update replication state logic.
Fixes #3727
2018-01-16 13:51:55 -05:00
Dominik Müller e18e4036c7 add allowed_names to cert-response (#3779) 2018-01-16 13:41:58 -05:00
Jake Scaltreto 3ad372d65d Fix minor typo in word "certificate" (#3783) 2018-01-15 15:52:41 -05:00
Paweł Słomka b994e83c65 Cleanup of deprecated commands in tests, docs (#3788) 2018-01-15 15:19:28 -05:00
Harrison Brown 6b7f57caab Suggested website copy changes (#3791)
* Adds comma

* Adds comma

* Suggested copy change
2018-01-15 14:33:41 -05:00
vishalnayak fdc31f1b15 changelog++ 2018-01-11 11:01:38 -05:00
Vishal Nayak 8ef51c0065
Delete group alias upon group deletion (#3773) 2018-01-11 10:58:05 -05:00
Brian Kassouf 30378d5ff6
remove the Initialize wrap and call close explicitly (#3769) 2018-01-10 13:07:55 -08:00
Jeff Mitchell 002ead7069
Merge pull request #3287 from hashicorp/sethvargo/cli-magic
Standardize all commands with autocomplete, help output, and tests
2018-01-10 10:58:52 -06:00