Jeff Mitchell
9095e202d7
Update vendoring
2017-06-05 10:51:53 -04:00
Mevan Samaratunga
731a7f187f
fixed bug where the project name was not being read from configuration if it was provided via the "tenant" attribute. this was causing the swift client to crash with an EOF error. ( #2803 )
2017-06-05 10:48:39 -04:00
Jeff Mitchell
898d3f12fe
changelog++
2017-06-05 10:06:12 -04:00
Jeff Mitchell
8f2ba268a0
Fix instantiation of salt funcs in app-id structs
2017-06-05 10:04:54 -04:00
Jeff Mitchell
357200763e
changelog++
2017-06-03 08:17:02 -04:00
Eugene Bekker
b55d972d24
Fixes #2789 ( #2790 )
2017-06-03 08:15:37 -04:00
Jeff Mitchell
dad291c93c
Add plugin_directory to configuration page ( #2801 )
...
Fixes #2795
2017-06-03 08:11:03 -04:00
Dan Stark
9f6b77598e
Fixes typos in error message and comment for AWS auth CLI ( #2798 )
2017-06-02 17:35:25 -07:00
Brian Kassouf
74931c750f
changelog++
2017-06-01 15:24:27 -07:00
Igor Katson
88118dce0f
Add max_parallel parameter to MySQL backend. ( #2760 )
...
* Add max_parallel parameter to MySQL backend.
This limits the number of concurrent connections, so that vault does not die
suddenly from "Too many connections".
This can happen when e.g. vault starts up, and tries to load all the
existing leases in parallel. At the time of writing this, the value
ExpirationRestoreWorkerCount in vault/helper/consts/const.go is set to
64, meaning that if there are enough leases in the vault's DB, it will
generate AT LEAST 64 concurrent connections to MySQL when loading the
data during start-up. On certain configurations, e.g. smaller AWS
RDS/Aurora instances, this will cause Vault to fail startup.
* Fix a typo in mysql storage readme
2017-06-01 15:20:32 -07:00
vishalnayak
7550b79ce8
Fix policy tests
2017-06-01 17:22:34 -04:00
Andrew Paulin
776019963b
Support custom renewal statements in Postgres ( #2788 )
...
* Support custom renewal statements in Postgres
* Refactored out default/custom renew methods
2017-06-01 13:18:16 -07:00
Chris Hoffman
2ba85b49c7
Adding auth/aws-ec2 redirect to new docs location
2017-06-01 11:18:19 -04:00
Jeff Mitchell
9319307398
Add govendor to bootstrap
2017-06-01 10:18:48 -04:00
Matthew Irish
5fb495c8bf
changelog ++
2017-05-31 13:41:34 -05:00
Vishal Nayak
128907172f
doc: leases are generated only for dynamic secrets ( #2772 )
...
* doc: leases are generated only for dynamic secrets
* Address review feedback
2017-05-31 09:47:17 -04:00
Jeff Mitchell
1a8b760790
Bump Go version in cross Dockerfile
2017-05-30 14:33:56 -04:00
Jeff Mitchell
88c0367fa6
Add grpc keepalives as a fallback option for our heartbeating
2017-05-26 13:32:13 -04:00
Vishal Nayak
3696c9b779
Input checks for policy rules ( #2771 )
...
* Input checks for policy rules
* Address review feedback
2017-05-26 10:48:41 -04:00
vishalnayak
cac8d34d41
changelog++
2017-05-26 08:40:22 -04:00
Andrew
e33e489eee
Improve EC2 describe instances performance ( #2766 )
...
Query the EC2 API for the instance ID rather than filter the results of
all instances.
2017-05-26 08:38:01 -04:00
Jeff Mitchell
435f1def27
Have step-down request forward.
...
Unlike seal, this command has no meaning other than on the active node,
so when issuing it the expected behavior would be for whichever node is
currently active to step down.
2017-05-25 11:57:59 -04:00
vishalnayak
5957d9889d
changelog++
2017-05-25 11:00:20 -04:00
Vishal Nayak
3c968260a8
Cert verification for non-CA certs ( #2761 )
...
* Cert verification for non-CA certs
* Added test case to ensure login fails with expired non-CA cert
* Address review feedback
2017-05-25 10:49:09 -04:00
Jeff Mitchell
72a5b5e23b
Fix tests
2017-05-25 09:00:49 -04:00
Jeff Mitchell
df33f70df4
Heartbeat immediately upon connection
2017-05-24 21:45:51 -04:00
Jeff Mitchell
ee27dfc37a
Finish dep update
2017-05-24 21:16:17 -04:00
Jeff Mitchell
3d7db4248f
Rename peer cluster cache
2017-05-24 21:10:32 -04:00
Jeff Mitchell
948af0a12b
Bump grpc after they fixed their panic
2017-05-24 21:07:45 -04:00
Jeff Mitchell
5c230c796b
Add peer cluster address cache
2017-05-24 20:51:53 -04:00
Jeff Mitchell
bbe27aaedf
Add heartbeating and cluster address sharing to request forwarding ( #2762 )
2017-05-24 15:06:56 -04:00
Jeff Mitchell
9807f77bb8
Fix brokenness from Consul API updates
2017-05-24 11:10:59 -04:00
Jeff Mitchell
9d4801b1e8
Revert grpc back a version (they introduced a panic) and clean up a bunch of old request forwarding stuff
2017-05-24 10:38:48 -04:00
Jeff Mitchell
af0d347766
Revert azure vendor updates
2017-05-24 10:12:06 -04:00
Jeff Mitchell
01e1754749
Bump deps
2017-05-24 09:40:58 -04:00
Jeff Mitchell
0d4e7fba69
Remove non-gRPC request forwarding
2017-05-24 09:34:59 -04:00
Jeff Mitchell
44c2ef9601
Bump version to 0.7.3-dev
2017-05-23 20:42:13 -04:00
Jeff Mitchell
ca2bfe25c6
changelog++
2017-05-23 20:41:40 -04:00
Jeff Mitchell
9f681ea4cf
Use auth-saved cert name during renewals to avoid a panic. ( #2755 )
2017-05-23 20:41:01 -04:00
Jeff Mitchell
7cc72a9066
Delay salt initialization for audit backends
2017-05-23 20:36:20 -04:00
Jeff Mitchell
4693881fe9
Update some path-help in datakey
2017-05-23 10:04:32 -04:00
Vishal Nayak
58b68dc35e
doc: PKI API table of contents ( #2756 )
...
* Add a table of contents for api/secret/pki
* Fix the read certificate link
2017-05-23 09:19:47 -04:00
Ryon
7d4fb9c8e4
Update news section with March 22 webinar video ( #2663 )
2017-05-22 20:19:52 -04:00
Michael Ansel
03dbe3f175
Ignore go-zookeeper lock children ( #2724 )
2017-05-22 13:23:28 -04:00
Jeff Mitchell
6a39ccc8d6
Remove comment about a non-existent validation section
...
Fixes #2524
2017-05-22 12:37:51 -04:00
vishalnayak
1a20ded897
changelog++
2017-05-21 20:17:29 -04:00
Vishal Nayak
2557693aa3
Added host key call back for ssh config ( #2752 )
2017-05-21 20:16:13 -04:00
vishalnayak
9bbeff3f44
doc: Fix the sample input value for cache_size
2017-05-19 12:32:44 -04:00
emily
aa40d2cff6
add gofmt checks to Vault and format existing code ( #2745 )
2017-05-19 08:34:17 -04:00
sprohaska
90be96989a
logical/aws: Fix typo in warning message ( #2747 )
...
Signed-off-by: Steffen Prohaska <prohaska@zib.de>
2017-05-19 06:20:54 -04:00