luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
8,045 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

8045 Commits

Author SHA1 Message Date
Jeff Mitchell a59661a87a Remove unneeeded dep 2018-05-09 17:50:49 -04:00
Jeff Mitchell 7f886b5675 Update go-retryablehttp vendor 2018-05-09 17:44:53 -04:00
Jeff Kohrman ec4b839741 Add link to updated privacy policy in layout.erb (#4533) 
Added link to updated privacy policy in footer of `layout.erb` for the OSS website.
 2018-05-09 16:11:57 -04:00
Yoko fc97fc09ce
[Guide] DB Root Credential Rotation (#4508) 
* DB root credential rotation guide

* Fixed typos

* Added a note about creating a dedicated superuser

* Incorporated Chris's feedback

* Added a reference to DB root credential rotation

* Rephrase some of the languages

* Minor re-wording of a sentence
 2018-05-09 11:01:58 -07:00
Jeff Mitchell 072cd783b5 Fix another PKI test 2018-05-09 12:51:34 -04:00
Jeff Mitchell 573b403b5e Fix PKI test 2018-05-09 12:47:00 -04:00
Jeff Mitchell 2eb463aa8c Remove outdated renewer test 2018-05-09 12:33:20 -04:00
Jeff VanSickle a69e8d81b0 Update jq path for "excited" in JSON output example (#4531) 2018-05-09 08:41:41 -07:00
Jeff Mitchell eecdbb0ee8 changelog++ 2018-05-09 10:55:44 -04:00
Shelby Moore f8e1f82225 Updated proxy protocol config validation (#4528) 2018-05-09 10:53:44 -04:00
Jeff Mitchell e5f4ca83a0
Update PKI to natively use time.Duration (#4493) 
* Update PKI to natively use time.Duration

Among other things this now means PKI will output durations in seconds
like other backends, instead of as Go strings.

* Add a warning when refusing to blow away an existing root instead of just returning success

* Fix another issue found while debugging this...

The reason it wasn't caught on tests in the first place is that the ttl
and max ttl were only being compared if in addition to a provided csr, a
role was also provided. This was because the check was in the role !=
nil block instead of outside of it. This has been fixed, which made the
problem occur in all sign-verbatim cases and the changes in this PR have
now verified the fix.
 2018-05-09 10:29:54 -04:00
Jeff Mitchell 274732733e Clarify that rotate requires sudo 2018-05-09 10:19:35 -04:00
Jeff Mitchell 2ecc42ed22 Grace is deprecated so mark as such 2018-05-09 10:02:06 -04:00
tdsacilowski c19e8d0dbc Clarify HA params, fixed typos (#4527) 
* Clarify HA params, fixed typos

* Additional clarifications to listener parameters

* Updated cluster_address values
 2018-05-08 13:36:42 -07:00
Jacob Friedman 64bb0bd58a Updated link for k8s-tokenreview (#4523) 
Link for k8s-tokenreview was broken when they released a new version so I went ahead and fixed it.
 2018-05-08 13:36:12 -07:00
Jacob Friedman 67b8d3dc40 Changed DR docs page to fix generating secondary DR token (#4521) 
The docs for how to create secondary DR tokens were incorrect, which caused issues at a customer. I fixed the documentation with the proper syntax and formatting, which I copied from the perf replication docs (after changing endpoints). Can someone take a quick look for me?
 2018-05-08 13:35:48 -07:00
vishalnayak f95a913bd5 docs: s/entity/group-alias 2018-05-08 16:32:35 -04:00
Matthew Irish 5fb2be2e2b
Ember cli update to 2.15 (#4526) 
* update ember-cli to 2.15

* remove bower

* update ivy-codemirror

* update build and ci to not use bower or phantomjs
 2018-05-08 10:43:20 -05:00
Calvin Leung Huang 8708fe8d6c Move timeout declaration outside of for loop, break out early if renewed cleanly (#4522) 2018-05-07 13:47:55 -07:00
Chris Hoffman 7c0e590f54
docs update 2018-05-07 16:34:39 -04:00
Chris Hoffman e7bbe6fbed
docs updates 2018-05-07 16:33:38 -04:00
Jeff Mitchell 58bc941b71 Fix #4472 a better way 
Unlike switch, select will randomly choose from among multiple cases if
more than one are satisfiable.
 2018-05-07 16:13:04 -04:00
Jeff Mitchell e2bb955673 Revert "Close the doneCh in the renewer when we return from Renew. (#4513)" 
This reverts commit 79c708f8b6df13766830d4690e3688ccb49dc335.
 2018-05-07 16:11:39 -04:00
Jeff Mitchell 2cc4f20f18 Revert "changelog++" 
This reverts commit cd603e299cbe7377ed27cf702ba23dc8cdcc4a33.
 2018-05-07 16:11:18 -04:00
Jeff Mitchell 767d241fda changelog++ 2018-05-07 14:02:47 -04:00
Chris Hoffman d4265b59ab
changelog++ 2018-05-07 13:54:29 -04:00
Chris Hoffman 049df3da3e
updating pkcs11 docs (#4520) 2018-05-07 13:50:45 -04:00
Chris Hoffman caa48d3e60
changelog++ 2018-05-07 13:27:54 -04:00
Jim Kalafut 103de6b5e1
Simplify password generator using base62 encoder (#4514) 2018-05-04 14:22:53 -07:00
Jeff Mitchell b894050c21 changelog++ 2018-05-04 13:26:39 -04:00
Jeff Mitchell 714ecf86fc
Close the doneCh in the renewer when we return from Renew. (#4513) 
Closes #4472
 2018-05-04 13:25:08 -04:00
vishalnayak 9fcda0c1f0 changelog++ 2018-05-04 10:17:18 -04:00
Vishal Nayak df8484f7af
approle: Make invalid role_id a 400 error instead of 500 (#4470) 
* make invalid role_id a 400 error

* remove single-use validateCredentials function

* remove single-use validateBindSecretID function

* adjust the error message for CIDR check failure

* locking updates as review feedback
 2018-05-04 10:15:16 -04:00
Anthony Dong 9b06c0fb56 Fix typo in AppRole guide (#4509) 2018-05-04 10:10:21 -04:00
Jeff Mitchell ef8f23a0b2 changelog++ 2018-05-04 10:09:43 -04:00
Jeff Mitchell b1d44a7dee
Fix alias data being used for cert auth (serial number -> common name) (#4495) 
Fixes #4475
 2018-05-04 10:08:23 -04:00
Jeff 9b9be9622a Typo (#4505) 2018-05-03 13:37:44 -07:00
Jeff Mitchell c0ed57feae
Revert "proto changes (#4503)" (#4504) 
This reverts commit 14594bd76e04ff09c442738800be5fdebc45512f.
 2018-05-03 15:38:53 -04:00
Vishal Nayak 7549ea0d12
proto changes (#4503) 2018-05-03 15:23:14 -04:00
Becca Petrin d51acbde68
New proto version (#4501) 2018-05-03 10:19:39 -07:00
Jerome Cheng d180e45cf5 Fix incorrect file path in Token Helper doc (#4499) 
Vault stores the token in `~/.vault-token` and not `~/.vault_token`.
 2018-05-02 21:56:38 -07:00
Laura Uva cef1b3b75c Payload key should be dr_operation_token (#4498) 2018-05-02 18:35:51 -07:00
Nathan Valentine 608f013bf2 s/aws_region/region/ (#4497) 
The correct key name is 'region' as opposed to 'aws_region'.
 2018-05-02 14:25:03 -07:00
Matthew Irish 4c21392884
Ember cli sass update (#4496) 
* update ember-cli-sass

* update :not syntax to not use strings
 2018-05-02 09:09:41 -05:00
Fabrizio Cucci cef52dae90 Fix role of example in Kubernetes Auth Method (#4483) 
It was `test` but it should be `demo` to be aligned with the example.
 2018-05-01 15:04:53 -07:00
Jeff Mitchell 3d56e0eb5f changelog++ 2018-05-01 11:24:02 -04:00
Robison Jacka b78b9c7ebf Iterating over CSR extensions, and skipping BasicConstraints, since those should be defined by the endpoint that's performing the signing. (#4469) 2018-05-01 11:22:49 -04:00
Matthew Irish 6bd95c596c
add script defer to the demo app tag as well (#4489) 2018-04-29 22:14:54 -05:00
Vishal Nayak 7b93377d00
update token store error assertions (#4485) 2018-04-29 07:47:42 -04:00
Jeff Escalante f8c18b11d8 fix fout issue (#4477) 2018-04-27 14:34:20 -07:00