Commit graph

10725 commits

Author SHA1 Message Date
Jim Kalafut 15b68c35c3
Support EC and EdDSA in identity tokens (#6992) 2019-06-27 08:34:48 -07:00
Jeff Mitchell f27e73c61c changelog++ 2019-06-27 11:07:20 -04:00
Aaron Donovan 09acded420 Allow configuration of nonce for ec2 authentication (#6953)
* Allow configuration of nonce for ec2 authentication

* Addressing pull request comment
2019-06-27 11:06:20 -04:00
Thomas Kula be998aeeac Cert auth method examples need to use https (#6961)
In order to present a client certificate to use the certificate
auth method, you must use https.
2019-06-27 11:04:09 -04:00
Jeff Mitchell 8fe9c2c163 Add deprecation notices for policymap/pathmap
External plugin authors keep using it :-(
2019-06-27 10:17:05 -04:00
dr-db 720db0ffbc Fix the doc string for IsFatalError (#7000) 2019-06-27 12:50:47 +02:00
Mark Gritter de92ecedfa
Revert "Merge StoragePackerV2 implementation (#6874)" (#6997)
This reverts commit 6cf9efbd750600b230a777fbee0fe9187f592a8a.
2019-06-26 19:26:06 -05:00
Mark Gritter 02b18b5926
Merge StoragePackerV2 implementation (#6874)
StoragePackerV2 rewrite based on variadic API instead of bucket-based API.
 * Working variadic functions
 * Invalidate method for replciation
 * Unit tests
2019-06-26 17:54:25 -05:00
Alex Dadgar 831a3afca9
API Response returns specialized error type (#6984)
* Return specialized error type

* Add a helper for extracting gRPC codes from errors

* Fix spacing in example

* Drop grpc codes

* Fix storing of decoded errors
2019-06-26 11:35:08 -07:00
Michael Gaffney 76208eaf84
sdk/framework: add TypeSignedDurationSecond FieldType (#6989)
* Refactor table driven tests to use subtests

* sdk/framework: add TypeSignedDurationSecond FieldType

Adds the TypeSignedDurationSecond FieldType which accepts positive and
negative durations. The existing TypeDurationSecond FieldType does not
accept negative durations.

* Add tests for 0 for TypeDurationSecond and TypeSignedDurationSecond
2019-06-26 13:15:36 -04:00
Matthew Irish 9fccccb0ec
UI KMIP CA (#6983)
* move download-button and toolbar-download-button to core addon

* add ca model and adapter and show CA on the engine configuration page

* add other side of model relationship for kmip ca<->config
2019-06-26 11:02:05 -05:00
Sam Salisbury cacc978bfb
pre-commit: no fail if circleci missing or too old (#6990)
Just a warning instead.
2019-06-26 15:49:42 +01:00
Lexman a4ba0e22ac Identity tokens documentation (#6971) 2019-06-26 07:31:10 -07:00
Sam Salisbury 6f79b6dfc6
ci pre-flight checks (#6960)
* ci: update Makefile

- Copied from c5c5149583/copythis.circleci/Makefile

* Makefile: make ci- targets phony and more explicit

* ci: add pre-flight checks

- Right now just validates ci config is up to date.

* ci: add --skip-update-check to circleci

* ci: remove cruft from Makefile

* ci: fix missing source dir error message

* ci: consolidate circleci path handling
2019-06-26 15:14:23 +01:00
Noelle Daley 4c9dec60b7
UI: Add HTTP Requests Bar Chart Tooltip (#6972)
* initialize tooltip

* style tooltip

* show date in tooltip

* show tooltip on hover

* style tooltip

* add hover padding for when bar is very short

* add tooltip test and format tooltip date

* revert to using real data

* update comment about binding the tooltip to shadowBars

* remove d3array

* use double colons for pseudo elements

* use elementId in bars-container id name to prevent clashing

* use Object.freeze to eliminate linting error
2019-06-25 15:36:33 -07:00
Matthew Irish 68f3b90978
UI - kmip role edit form (#6973)
* extend edit form with a custom kmip role form

* adjust model fields and use new kmip role edit form

* customize serialize adapter hook for kmip/role

* refresh list routes in the list mixin

* style up kmip role edit form

* return a promise from preSave so that the queue helper waits to call save

* add serialize tests for the kmip/role adapter

* rename component to edit-form-kmip-role

* add tests for edit-form-kmip-role

* add some clarifying comments

* make input more realistic in tests

* remove delete toolbar
2019-06-25 15:57:50 -05:00
Lexman 4b01a6b95c
adds tests for the identity/oidc backend (#6964)
* adds several tests

* use deep.Equal to validate responses

* use deep.Equal in a few other places
2019-06-25 12:55:20 -07:00
Brian Kassouf f3460d1ec7
changelog++ 2019-06-25 11:14:31 -07:00
Matthew Irish 2fdfc7a667
only use ember-qunit, ember-cli-qunit is deprecated (#6978) 2019-06-25 11:19:01 -05:00
Jim Kalafut 0f2a7a6acd
changelog++ 2019-06-25 08:36:46 -07:00
Vishal Nayak 13935f00af
Fix Join (#6974) 2019-06-24 18:49:28 -04:00
Jim Kalafut a215ce1599
Update New Features section in changelog 2019-06-24 15:15:19 -07:00
Jeff Mitchell 6e2bf2977c Merge branch 'master' of https://github.com/hashicorp/vault into master-oss 2019-06-24 16:20:27 -04:00
Jeff Mitchell a4214a2161
Add the ability to use a dev Consul node for dev storage (#6965) 2019-06-24 13:29:47 -04:00
Clint abbb00dd2e
Update CHANGELOG.md 2019-06-24 12:00:50 -05:00
Jim Kalafut 4066a1d09c
Correct API docs examples (#6963) 2019-06-24 07:39:34 -07:00
Jeff Mitchell 3efbc128c5
Cut version 1.2.0-beta1 2019-06-24 00:36:17 -04:00
Jeff Mitchell b700389cdd Fix test 2019-06-23 23:05:51 -04:00
Jeff Mitchell 7f6e6ec5c3 changelog++ 2019-06-23 22:00:15 -04:00
Jeff Mitchell cf93f60bb1
Allow turning on client auth in test clusters (#6958) 2019-06-23 21:50:27 -04:00
Jeff Mitchell ce9d76c516 Update vendoring 2019-06-23 21:18:45 -04:00
Jeff Mitchell cc03357925 Update SDK version 2019-06-23 21:18:08 -04:00
Jeff Mitchell 9747c46e7b Make CA certificate optional in ClientTLSConfig 2019-06-23 21:17:39 -04:00
Jeff Mitchell 2dea5185b3 Update vendor 2019-06-23 20:33:45 -04:00
Clint 4b00597609
Combined Database backend: remove create/delete support (#6951)
* remove create/update database user for static accounts

* update tests after create/delete removed

* small cleanups

* update postgresql setcredentials test
2019-06-23 15:58:07 -05:00
Jeff Mitchell 5a5f679f20 Bump sdk 2019-06-23 10:49:48 -04:00
Vishal Nayak 06f30a7947
Move tls config creation to tlsutil (#6956)
* Move tls config creation to tlsutil

* Update sdk/helper/tlsutil/tlsutil.go

Co-Authored-By: Jim Kalafut <jim@kalafut.net>

* address review comments
2019-06-22 21:51:52 -04:00
Jim Kalafut c7283f99ed
Update JWT tips (#6955) 2019-06-21 14:50:12 -07:00
Vishal Nayak 9296ca1f8c
raft join tls (#6932) 2019-06-21 17:41:07 -04:00
Jeff Mitchell a0760a4877 changelog++ 2019-06-21 17:05:51 -04:00
Matthew Irish f0d7dc9a6d
UI - add kmip engine (#6936)
* add kmip engine

* adjust where kmip engine is mounted and sketch out routes

* add secret mount path service to share params to engines

* move list-controller and list-route mixins to core addon and adjust imports

* properly link kmip secrets from the secrets list page

* tweak routes and add list controllers

* stub out some models and adapters

* fix mixin exports

* move a bunch of components into the core addon

* use new empty yield in list-view in the namespace template

* scopes list using list-view and list-item components

* simplify and flatten routes, templates for all of the list pages

* role show route and template and scope create template

* add ember-router-helpers

* add more packages to the dependencies of the core addon

* add field-group-show component for listing fields from a model

* move more components to the shared addon

* make configure and configuration routes work and save a generated model

* save and list scopes

* role create, list, read

* list credentials properly

* move allowed attributes to field group

* show allowed operations on role details page

* add kmip logo to mount secrets engine list page

* add role edit page

* show all model attributes on role show page

* enable role edit

* fix newFields error by creating open api role model on the role list route

* only show selected fields on role edit page

* do not send scope and backend attrs to api

* move path-or-array to core addon

* move string-list component to core addon

* remove extra top border when there is only one field group

* add icons for all of the list pages

* update kmip config model so defaultValue doesn't error

* generate credentials

* credential create and show

* only show kmip when feature is enabled

* fix saving of TTL fields generated from Open API

* move masked-input and list-pagination components to core addon

* add param on edit form to allow for calling onSave after render happens

* polish credential show page and redirect there after generating credentials

* add externalLink for kmip engine

* add kmip-breadcrumb component

* use kmip-breadcrumb component

* add linkPrefix param to linked-block component to allow for routing programmatically inside an engine

* redirect to the right place when enabling kmip

* fix linting

* review feedback

* update signature for path-help usage

* fix ttl field expansion test

* remove role filed from role form, fix generate redirect

* remove field-group-show because it's in the core addon

* remove bottom rule from show pages

* fix Max TTL displayAttrs for ssh role

* update edit-form to take fields or attrs

* fix linting

* remove listenAddrs and set default val on ttl if a val is passed in
2019-06-21 16:05:45 -05:00
Jeff Mitchell 7c4eca5fb3
Pass context to Cassandra queries (#6954) 2019-06-21 17:04:50 -04:00
Jim Kalafut 1074b5046f
Minor clean up JWT provider docs (#6952) 2019-06-21 11:49:08 -07:00
Anner J. Bonilla c98caa2cd7 update azure instructions (#6858)
Update instructions in regards to azure AD Authentication and OIDC
2019-06-21 11:28:12 -07:00
Brian Kassouf 17b46e2979
Fix key upgrade and raft tests (#6949) 2019-06-21 11:38:21 -06:00
Jim Kalafut 2bf5db4fe8 Add OIDC token generation to Identity (#6900)
* Add OIDC token generation to Identity

There are a few open TODOs and some remaining cleanup, but this is
functionally complete and ready for review.

(Tests will being added soon.)

* Simplified key update endpoint

* Cache the config

* Fix Issuer handling

* Suppose base64-encoded templates (#6919)

* Cache JWKS and switch to go-cache (#6918)

* Address review comments

* Add warning if neither Issue nor api_addr are set

* adds tests (#6937)

* adds help synopsis and descriptions to the framework path for the oid… (#6930)

* adds help synopsis and descriptions to the framework path for the oidc backend

* Update vault/identity_store_oidc.go

Co-Authored-By: Jim Kalafut <jim@kalafut.net>

* Add Now parameter to PopulateStringInput

* Addressing review comments

* Refactor template processing to improve mode-specific handling

* adds a test for the periodic func (#6943)

* adds a test for the periodic func

* removes commented out code

* adds a comment

* Add comments
2019-06-21 10:23:39 -07:00
Brian Kassouf 5d0c68ca74
Fix 32-bit builds (#6948) 2019-06-21 09:52:02 -06:00
Madalyn 8338b9b0e3
OpenAPI CRUD views (#6702)
Dynamically generate views from OpenAPI document to List/CRUD LDAP users and groups in the UI
2019-06-21 11:18:26 -04:00
Madalyn a2606ddccf
update OpenAPI output to use DisplayAttributes struct (#6928) 2019-06-21 11:08:08 -04:00
Jeff Mitchell 633a6099f2 Vendor and prep for beta 2019-06-20 23:43:02 -04:00