Jeff Mitchell
386aa408b7
Remove need for PUT in rekey. We've decided that POST and PUT are to
...
stay as synonyms for writes, so there's no reason to limit it for this
operation.
2016-01-14 16:52:34 -05:00
Seth Vargo
6d655d75fe
Do not use compressed javascripts
...
Minifier gets really confused when you give it already-compressed
javascript.
2016-01-14 15:00:41 -05:00
Jeff Mitchell
1001566a26
Keep ordering consistent in config doc, and put HA backends first
2016-01-14 13:55:53 -05:00
Jeff Mitchell
b30e185d25
Merge pull request #931 from hashicorp/sethvargo/deploy
...
Add scripts to deploy via Atlas
2016-01-14 13:47:57 -05:00
Seth Vargo
94f590581a
Add scripts to deploy via Atlas
2016-01-14 13:42:53 -05:00
Seth Vargo
e40c77ff27
Use HTTPS + www where appropriate
2016-01-14 13:42:47 -05:00
Seth Vargo
d210b561a2
ImageOptim
2016-01-14 13:42:34 -05:00
Seth Vargo
13b1e8f9df
Fix image asset URLs
2016-01-14 13:42:28 -05:00
Seth Vargo
2d7555f442
Remove Heroku stuff
2016-01-14 13:42:13 -05:00
Jeff Mitchell
5873824ee2
Version 0.4.1
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJWls/HAAoJEFGFLYc0j/xMarQH/i6rW+wLm9DadkFV23jwjttt
TRumTPDoBxHQDoB0wkC4CmA8UiZnzc68o5OlxisC8KAz/89HWZf8sUDxkOSY1vUX
BGDkiv+KF6LiDRAdDyIqK6PYUkKHaJgue9Vnwu5+1iRv1sjK5PyPb992Wmt/DtOM
nRn8Hn5qmmDCUm79TKXpZNMs/CRx21VM7q2Sm139kLzTr0Qg2Oyxcp3mB8TR7LtV
ATdMQ//HzL/tGJ6Yw7zkgZzdf7EMFFO1SSVqAzqag6kqNqwjvmDGrQaTzkdl7anv
72zMXqVcryeSL6DRZuR+OrHs63aaoTwIXcqO56nBrZ1NAEqkI0oCcvDZNLt7yi4=
=YCXl
-----END PGP SIGNATURE-----
Merge tag 'v0.4.1'
Version 0.4.1
2016-01-14 09:57:21 -05:00
Jeff Mitchell
5fb4b4982c
Cut version 0.4.1
2016-01-13 17:29:16 -05:00
Jeff Mitchell
eeac69939c
Bump values to 0.4.1
2016-01-13 17:28:17 -05:00
Jeff Mitchell
9c5ad28632
Update deps, and adjust usage of go-uuid to match new return values
2016-01-13 13:40:08 -05:00
Jeff Mitchell
55a802f9ca
changelog++
2016-01-12 21:19:25 -05:00
Jeff Mitchell
f9bbe0fb04
Use logical operations instead of strings for comparison
2016-01-12 21:16:31 -05:00
Jeff Mitchell
d949043cac
Merge pull request #914 from hashicorp/acl-rework
...
More granular ACL capabilities
2016-01-12 21:11:52 -05:00
Jeff Mitchell
4253299dfe
Store uint32s in radix
2016-01-12 17:24:01 -05:00
Jeff Mitchell
e58705b34c
Cleanup
2016-01-12 17:10:48 -05:00
Jeff Mitchell
87fba5dad0
Convert map to bitmap
2016-01-12 17:08:10 -05:00
Jeff Mitchell
da87d490eb
Add some commenting around create/update
2016-01-12 15:13:54 -05:00
Jeff Mitchell
9db22dcfad
Address some more review feedback
2016-01-12 15:09:16 -05:00
Jeff Mitchell
ce5bd64244
Clean up HelpOperation
2016-01-12 14:34:49 -05:00
Jeff Mitchell
1efb33cfd5
changelog++
2016-01-12 09:31:07 -05:00
Jeff Mitchell
e89a1b1396
Merge pull request #924 from richardzone/patch-1
...
Fix typo
2016-01-12 09:30:40 -05:00
Ziyi, LIU
5204da4edd
Fix typo
...
Change "...implements is own login endpoint..." to "...implements its own login endpoint..."
2016-01-12 22:22:13 +08:00
Jeff Mitchell
ae6df99b19
changelog++
2016-01-12 08:47:33 -05:00
Jeff Mitchell
8cb23835d7
Fix read panic when an empty argument is given.
...
Fixes #923
2016-01-12 08:46:49 -05:00
Jeff Mitchell
e815db8756
Update audit sys docs
2016-01-11 19:08:23 -05:00
Eric Kidd
69434fd13e
etcd: Allow disabling sync for load balanced etcd
...
Some etcd configurations (such as that provided by compose.io) place the
etcd cluster behind multiple load balancers or proxies. In this
configuration, calling Sync (or AutoSync) on the etcd client will
replace the load balancer addresses with the underlying etcd server
address.
This will cause the etcd client to bypass the load balancers, and may
cause the connection to fail completely if the etcd servers are
protected by a firewall.
This patch provides a "sync" option for the etcd backend, which defaults
to the current behavior, but which can be used to turn off of sync.
This corresponds to etcdctl's --no-sync option.
2016-01-11 13:56:58 -05:00
Eric Kidd
ebabcd857a
etcd: Document existing username and password options
...
These options were present in the source code, but not in the
documentation. They're needed to connect to some hosted etcd services.
2016-01-11 11:30:51 -05:00
Jeff Mitchell
8e131e4ea4
Make sure VAULT_TOKEN is empty during unit tests
2016-01-09 14:47:55 -05:00
Jeff Mitchell
2527a9d18e
changelog++
2016-01-09 14:21:36 -05:00
Jeff Mitchell
b7e68633a3
Merge pull request #878 from seiffert/dynamodb_backend
...
Add DynamoDB physical backend.
2016-01-09 14:16:15 -05:00
Jeff Mitchell
a2bd31d493
Fix up PGP tests from earlier code fixes
2016-01-08 22:21:41 -05:00
Jeff Mitchell
a99787afeb
Don't allow a policy with no name, even though it is a valid slice member
2016-01-08 21:23:40 -05:00
Jeff Mitchell
676008b2c5
Lotsa warnings if you choose not to be safe
2016-01-08 17:35:07 -05:00
Jeff Mitchell
f6d2271a3c
Use an array of keys so that if the same fingerprint is used none are lost when using PGP key backup
2016-01-08 14:29:23 -05:00
Jeff Mitchell
26e1837a82
Some minor rekey backup fixes
2016-01-08 14:09:40 -05:00
Jeff Mitchell
4f4ddbf017
Create more granular ACL capabilities.
...
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.
Fixes #724 (and others).
2016-01-08 13:05:14 -05:00
Jeff Mitchell
f3ce90164f
WriteOperation -> UpdateOperation
2016-01-08 13:03:03 -05:00
Paul Seiffert
3a0ea3bcaa
Add documentation for the DynamoDB backend
2016-01-08 17:34:31 +01:00
Paul Seiffert
99f7659bb4
Add recovery option to DynamoDB backend
...
When Vault is killed without the chance to clean up the lock
entry in DynamoDB, no further Vault nodes can become leaders after
that.
To recover from this situation, this commit adds an environment
variable and a configuration flag that when set to "1" causes Vault
to delete the lock entry from DynamoDB.
2016-01-08 17:31:37 +01:00
Paul Seiffert
8853e50691
Explicitly read AWS credentials from environment
2016-01-08 17:31:37 +01:00
Paul Seiffert
9618d95c4e
Godeps: install new requirements from AWS SDK
2016-01-08 17:31:37 +01:00
Paul Seiffert
277de77256
Add tests for DynamoDB backend
2016-01-08 17:31:37 +01:00
Paul Seiffert
870bc6c5b4
Implement DynamoDB physical HA backend
2016-01-08 17:31:37 +01:00
Jeff Mitchell
87f686997f
changelog++
2016-01-07 11:36:32 -05:00
Jeff Mitchell
c9f9bcdeaf
Merge pull request #912 from hashicorp/fix-renew-regression
...
Have 'sys/renew' return the value provided in Secret.
2016-01-07 11:35:52 -05:00
Jeff Mitchell
455acc255b
Have 'sys/renew' return the value provided in Secret.
...
Fixes a regression introduced in 0.3.
2016-01-07 11:35:09 -05:00
Jeff Mitchell
2412c078ac
Also convert policy store cache to 2q.
...
Ping #908
2016-01-07 09:26:08 -05:00