Commit graph

11555 commits

Author SHA1 Message Date
Angel Garbarino 9c262d82ec
Update CHANGELOG.md 2020-01-17 16:12:33 -07:00
Brian Kassouf 4a1cb93860
changelog++ 2020-01-17 14:58:35 -08:00
Brian Kassouf 1e37eadfa0
Fix panic when listener fails to startup (#8174) 2020-01-17 09:07:53 -08:00
Brian Kassouf f32a86ee7a
Create network layer abstraction to allow in-memory cluster traffic (#8173) 2020-01-16 23:03:02 -08:00
Jeff Mitchell 3956072c93 Update test var name and tidy 2020-01-16 20:18:59 -05:00
ncabatoff db4345a2e6
Factor out mysqlhelper so we can create mysql docker containers in other tests. (#8167) 2020-01-16 17:51:10 -05:00
ncabatoff 283ae11626
changelog++ 2020-01-16 15:12:33 -05:00
Calvin Leung Huang 221cd2b68f
changelog++ 2020-01-16 10:16:21 -08:00
Jeff Mitchell 34333f5046
Pull wrapping creation to a var (#8137)
* Pull a func out to a var

* Funcouttovarextension (#8153)

* Update test

Co-authored-by: Lexman <Lexman42@users.noreply.github.com>
2020-01-16 13:10:30 -05:00
Calvin Leung Huang 67c0773df9
ldap, okta: fix renewal when login policies are empty (#8072)
* ldap, okta: fix renewal when login policies are empty

* test/policy: add test for login renewal without configured policy

* test/policy: remove external dependency on tests, refactor lease duration check
2020-01-16 09:42:35 -08:00
Angel Garbarino 0209fc88bf
Update CHANGELOG.md 2020-01-16 09:45:49 -07:00
ncabatoff 88cb26e687
changelog++ 2020-01-16 11:29:35 -05:00
Angel Garbarino ddc6483673
Update CHANGELOG.md 2020-01-15 15:03:55 -07:00
Roberto Pommella Alegro 9b01d34703 Fix oidc callback to check entire storage (#7929)
* Fix oidc callback to check entire storage

In some cases, extensions or other unexpected javascript can be executed
on the oidc callback. Sometimes changing the localstorage and generating
a `storage` event before the callback component does. In such cases, the
authorization component will hang indefinitely.

A simple fix is to check for the expected `oidcState` key in the whole
localstorage instead of just the event `key`.

* Fix tests for auth-jwt

Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
2020-01-15 14:27:12 -07:00
Angel Garbarino 3b28d42bf8
Update CHANGELOG.md 2020-01-15 13:05:20 -07:00
Angel Garbarino 2fb4ee2d5a
Show permissions error on KV when you don't have access to create a secret (#8133)
* add catch for fail on save.  isError is not being set to true, so set it in the catch

* add conditionally to only catch 403 permission errors.  Otherwise it will catch and return an unhelpful error message for when you are trying to save a duplicate secret

* add in code comment

* remove catch and pass version 2 secret model to Error handler inside template

* replace Error model with modelForData to catch errors on the correct model

* add back in space

* replace error model with modelForData
2020-01-15 13:02:15 -07:00
Noelle Daley bf9002dda4
set JOBS=2 to prevent memory errors; see https://github.com/emberjs/ember.js/issues/15641#issuecomment-328496408 (#8152) 2020-01-15 09:53:18 -08:00
Michel Vocks 86ab27f35a
changelog++ 2020-01-15 12:58:49 +01:00
Michel Vocks 544ab857a7
changelog++ 2020-01-15 11:29:43 +01:00
Michel Vocks 13ebf5460c
Add TLS options per Nomad backend (#8083) 2020-01-15 11:03:38 +01:00
Vishal Nayak 26ee62a027 changelog++ 2020-01-14 16:44:16 -05:00
Jason O'Donnell e40bbb0aaf
doc: add extraArgs example to vault-helm (#8149)
* doc: add extraArgs example

* Update website/source/docs/platform/k8s/helm/configuration.html.md

Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com>

* Update website/source/docs/platform/k8s/helm/run.html.md

Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com>

* Update injector installation example

* Update website/source/docs/platform/k8s/helm/configuration.html.md

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* Update website/source/docs/platform/k8s/helm/run.html.md

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-01-14 14:14:56 -05:00
Michel Vocks feb5391767
Docs: Add vaul.token.create_root metric (#8089)
* Docs: Add vaul.token.create_root metric

* Update website/source/docs/internals/telemetry.html.md

* Add additional note
2020-01-14 15:47:10 +01:00
Vishal Nayak 8891f2ba88 Raft retry join (#7856)
* Raft retry join

* update

* Make retry join work with shamir seal

* Return upon context completion

* Update vault/raft.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Address some review comments

* send leader information slice as a parameter

* Make retry join work properly with Shamir case. This commit has a blocking issue

* Fix join goroutine exiting before the job is done

* Polishing changes

* Don't return after a successful join during unseal

* Added config parsing test

* Add test and fix bugs

* minor changes

* Address review comments

* Fix build error

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2020-01-13 17:02:16 -08:00
Becca Petrin 02c9a45c40
Fix AWS region tests (#8145)
* fix aws region tests

* strip logger

* return an error, restore tests to master

* fix extra line at import

* revert changes in spacing and comments

* Update sdk/helper/awsutil/region.go

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

* strip explicit nil value

Co-authored-by: Jim Kalafut <jim@kalafut.net>
2020-01-13 14:56:41 -08:00
Jeff Mitchell 80408beabe Bump go-kms-wrapping dep to fix a nil pointer in tests 2020-01-13 09:28:49 -05:00
Jeff Mitchell c5f9f8fc05 Update go-kms-wrapping dep 2020-01-13 09:25:11 -05:00
Jeff Mitchell 78a1d51a3a Update vendoring 2020-01-10 20:50:36 -05:00
Jeff Mitchell 6a5916fdc3 Bump sdk/api 2020-01-10 20:45:24 -05:00
Jeff Mitchell 79ba7def56 Bump api's sdk 2020-01-10 20:40:44 -05:00
Jeff Mitchell a0694943cc
Migrate built in auto seal to go-kms-wrapping (#8118) 2020-01-10 20:39:52 -05:00
Noelle Daley 3ab87306a3
changelog++ 2020-01-10 16:54:21 -08:00
Noelle Daley 864b434415
Fix delete namespaces (#8132)
* do not access items.content since it turns items into an InternalModel and breaks deleting namespaces

* remove pagination story until we have a better way to fake data in Storybook
2020-01-10 16:48:48 -08:00
Becca Petrin 9f5b4caba0 fix AWS http import 2020-01-10 15:53:56 -08:00
Becca Petrin 6291c75175
Add support for AWS instance metadata v2 (#8062)
* add support for aws instance metadata v2

* use GetDynamicData instead
2020-01-10 09:31:16 -08:00
Jeff Mitchell 156e31c740 Bump go-uuid 2020-01-10 10:43:37 -05:00
Michel Vocks 80bc527726 Fix DB static role credential rotation replication issue (#8105)
* Fix DB static role credential rotation replication issue

* Rebased and switched to new path forward options

* Removed unnecesary write to storage
2020-01-09 16:45:07 -08:00
Jim Kalafut 154b11bedd
Update Duo docs (#8127) 2020-01-09 15:58:52 -08:00
Jacob Burroughs ac974a814e Add aws metadata to identity alias (#7985)
* Add aws metadata to identity alias

This allows for writing identity token templates that include these attributes
(And including these attributes in path templates)

* Add alias metadata asserstion to IAM login check
2020-01-09 15:12:30 -08:00
Becca Petrin a94f2d3e6f
Replace deprecated AWS client instantiations (#8060)
* replace deprecated aws client instantiation

* fix imports
2020-01-09 14:58:33 -08:00
Becca Petrin c2894b8d05
Add Kerberos auth agent (#7999)
* add kerberos auth agent

* strip old comment

* changes from feedback

* strip appengine indirect dependency
2020-01-09 14:56:34 -08:00
Jim Kalafut 2c6be02579
Allow easier swapping of Go version (#8102) 2020-01-09 09:35:32 -08:00
Michel Vocks 02cdd8a6da
Fix DB root rotation replication issue (#8106)
* Fix DB root rotation replication issue

* Rebase and switch to new path forward options
2020-01-09 15:59:58 +01:00
Mike Green 57a3b72cde Docs: Add note about needing to do plugin reload on each node (#8108)
* Add note about needing to do this on each node

Specifically calling this out will heed off operators doing this on a single node and thinking it is a bug that it didn't propagate to the other nodes, secondaries, etc.

* Updated to reflect not needing to do registration on each
2020-01-08 16:09:41 -08:00
Mike Green 12fba35a7c Update docs to add example of field output for KV get (#8109)
* Add example of field output

Ordering matters here and its a constant question both from customers and new folks. This will help to show the right syntax.

* minor update to spelling and force unit test rerun

* Update example actually in example area

* Clarify last example is only unix example

* removing Unix specific example
2020-01-08 15:58:10 -08:00
Mike Green ba3c4ed9d7 Add reference to answer "where are the metrics listed"? (#8110) 2020-01-08 10:32:09 -08:00
Jeff Mitchell fb9d809d91 Add changes for renewer api/agent behavior to upgrade guide 2020-01-08 12:47:49 -05:00
Jeff Mitchell f6758d5ed6 changelog++ 2020-01-08 12:45:54 -05:00
Jason O'Donnell 038d7bfc86
doc: update vault-helm to 0.3.2 (#8119) 2020-01-08 11:41:26 -05:00
Jim Kalafut aa1761fb03
Update framework forwarding logic to handle nil system views (#8114) 2020-01-08 05:59:44 -08:00