This changes (*Config).Merge to merge all fields of a Config.
Previously, when merging Configs, some configuration fields were
ignored and completely lost, including APIAddr, ClusterAddr, and
a couple boolean fields. This only occurs when using multiple config
files and does not affect single config files (even when loading from
a directory -- Merge is only called after a second file is loaded).
- Fix APIAddr not being merged.
- Fix ClusterAddr not being merged.
- Fix DisablePrintableCheck not being merged.
- Fix DisableClustering not being merged. The DisableClusteringRaw
value is also preserved so that it can be used in overrides for
storage fields.
- Use merged top-level config as storage field overrides.
- Update config dir test fixtures to set some fields missed by
(*Config).Merge previously.
Roughly 25% of calls to logical.ErrorResponse() include an inner fmt.Sprintf() call.
This PR would simplify these cases:
`return logical.ErrorResponse(fmt.Sprintf("unable to read role '%s'", role))`
could become
`return logical.ErrorResponse("unable to read role '%s'", role)`
With only a single parameter passed in, behavior is unchanged.
* add permissions service
* start template helper
* match prefixed paths
* gate sidebar links
* land on first page user has access to
* show nav when user first logs in
* clear paths when user logs out
* add tests
* implement feedback
* show all nav items if no policy is found
* update onboarding wizard
* fix some unrelated tests
* add support for namespaces
* gate wizard
* unstage package and lockfile
The static-assets target has a dependency on *either* ember-dist or
ember-dist-dev, so these targets must not execute in parallel. Since
this is an either/or dependency, it cannot be expressed as a regular
dependency unless the targets are refactored somehow.
Fixes: 7a312d7c37bb ("Add Makefile/Dockerfile UI bits")
* Upgrade to new Cloud KMS client libraries
We recently released the new Cloud KMS client libraries which use GRPC
instead of HTTP. They are faster and look nicer (</opinion>), but more
importantly they drastically simplify a lot of the logic around client
creation, encryption, and decryption. In particular, we can drop all the
logic around looking up credentials and base64-encoding/decoding.
Tested on a brand new cluster (no pre-existing unseal keys) and against
a cluster with stored keys from a previous version of Vault to ensure no
regressions.
* Use the default scopes the client requests
The client already does the right thing here, so we don't need to
surface it, especially since we aren't allowing users to configure it.
* Fixed the broken link
* Fixing the broken link
* Fixes redirect to Tokens guide
The separate redirect within learn.hashicorp.com will be fixed on its own repo.
* Adding the CLI flag placement info
* Adding the definition of 'options' and 'args'
* tweaked the wording a little bit
* Added more description in the example
* Added a link to 'Flags' in the doc for options def
* Make useCache explicit everywhere in lock manager
This also clears up a case where we could insert into the cache when it
wasn't active
* Address feedback
* Fix a couple of instances where we are using LIST verb
We specify it for the wrapping lookup function but for broader
compatibility with proxies and such we want to filter it to a GET. In a
couple of places we weren't doing that, so this updates those locations.