Commit Graph

59 Commits

Author SHA1 Message Date
Jeff Mitchell 5dff6a9e1a Update deps 2016-09-12 15:16:55 -04:00
Jeff Mitchell 487e05d25c Update deps 2016-09-02 18:05:09 -04:00
Jeff Mitchell d2239d22d9 Use hkdf for transit key derivation for new keys (#1812)
Use hkdf for transit key derivation for new keys
2016-08-30 16:29:09 -04:00
Jeff Mitchell 58b32e5432 Convert to logxi 2016-08-21 18:13:37 -04:00
Jeff Mitchell bdcfe05517 Clustering enhancements (#1747) 2016-08-19 11:03:53 -04:00
Jeff Mitchell 37320f8798 Request forwarding (#1721)
Add request forwarding.
2016-08-15 09:42:42 -04:00
Jeff Mitchell c1a46349fa Change to keybase openpgp fork as it has important fixes 2016-08-11 08:31:43 -04:00
Jeff Mitchell 3c2aae215c Fix tests and update mapstructure 2016-08-08 16:00:31 -04:00
Jeff Mitchell 1a1ccfedd0 Update Consul lib to use headers for tokens 2016-08-02 17:05:24 -04:00
Jeff Mitchell 4242c70f73 Bump deps before RC 2016-07-26 09:55:35 -04:00
Jeff Mitchell 984a48c195 Update vendored deps 2016-07-22 20:11:59 -04:00
matt maier 6519c224ac Circonus integration for telemetry metrics 2016-07-22 15:49:23 -04:00
Matt Hurne 75a5fbd8fe Merge branch 'master' into mongodb-secret-backend 2016-07-19 10:38:45 -04:00
Jeff Mitchell 04cfa4f88d Whoops, fix vendoring 2016-07-11 23:13:26 +00:00
Jeff Mitchell 57cdb58374 Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00
Matt Hurne 8232de5095 Merge branch 'master' into mongodb-secret-backend 2016-07-09 21:14:21 -04:00
Matt Hurne da0bd77dc4 Merge branch 'master' into mongodb-secret-backend 2016-07-07 21:24:40 -04:00
Jeff Mitchell 4146ebed9c Add go-retryablehttp dep 2016-07-07 10:42:08 -04:00
Jeff Mitchell 1da55a151c Update dockertest dep 2016-07-05 15:13:42 -04:00
Matt Hurne 292c2fad69 Merge branch 'master' into mongodb-secret-backend 2016-07-01 20:39:13 -04:00
Jeff Mitchell 04e863c750 Incorporate consul dockertest review feedback 2016-07-01 14:16:38 -04:00
Jeff Mitchell db211a4b61 Migrate Consul acceptance tests to Docker 2016-07-01 13:59:56 -04:00
Matt Hurne acf4b0b637 Merge branch 'master' into mongodb-secret-backend 2016-06-30 16:43:53 -04:00
Jeff Mitchell 0d185b1dca Minor mode update for some deps 2016-06-30 14:52:28 -04:00
Jeff Mitchell a709c3dfba Merge branch 'master-oss' into dockerize-pg-secret-tests 2016-06-30 14:21:05 -04:00
Jeff Mitchell 53b798145d Remove accidental patch file 2016-06-30 14:19:42 -04:00
Jeff Mitchell eb676bb807 Update deps 2016-06-30 14:19:03 -04:00
Jeff Mitchell dc15faabe3 Add needed package 2016-06-30 14:03:13 -04:00
Jeff Mitchell 22e83ae7f5 Dockerize Postgres secret backend acceptance tests
Additionally enable them on all unit test runs.
2016-06-30 13:46:39 -04:00
Matt Hurne 5e8c912048 Add mongodb secret backend 2016-06-29 08:33:06 -04:00
Jeff Mitchell a49cc0a4a5 Update deps, this time removing appengine/go1.7 filter 2016-06-08 16:23:42 -04:00
Jeff Mitchell b299e7d16b Update deps 2016-06-08 16:14:05 -04:00
Jeff Mitchell da6371ffc3 Merge remote-tracking branch 'origin/master' into pr-1425 2016-06-08 12:10:29 -04:00
Jeff Mitchell 18ac72500f Change vendoring 2016-06-08 12:10:12 -04:00
Jeff Mitchell 95f3726f1c Migrate to go-uuid 2016-06-08 10:36:16 -04:00
Jeff Mitchell 1873c32cb2 Update deps 2016-06-08 10:33:08 -04:00
Jeff Mitchell a6c4d6b47d Update/add vendor 2016-06-03 10:29:46 -04:00
Jeff Mitchell 11160ae271 Update vendoring 2016-06-01 10:24:48 -04:00
sayden c68e16a6d0 Zookeeper vendor package updated to fix issue https://github.com/samuel/go-zookeeper/pull/102 2016-05-25 10:32:43 +02:00
Stuart Glenn 6a9ffd9091 Add vendor of ncw/swift for OpenStack Swift backend 2016-05-17 10:22:34 -05:00
Jeff Mitchell 3e71221839 Merge remote-tracking branch 'origin/master' into aws-auth-backend 2016-05-05 10:04:52 -04:00
Jeff Mitchell 28279d193e Update deps 2016-05-03 13:23:05 -04:00
Jeff Mitchell 45a120f491 Switch our tri-copy ca loading code to go-rootcerts 2016-05-03 12:23:25 -04:00
Jeff Mitchell 6ef30efae6 Bump deps. 2016-05-02 20:11:05 -04:00
Jeff Mitchell 3c5ab2352f Add vendored pkcs7 lib 2016-04-29 14:33:08 +00:00
Sean Chittenden 6b2c83564e Teach Vault how to register with Consul
Vault will now register itself with Consul.  The active node can be found using `active.vault.service.consul`.  All standby vaults are available via `standby.vault.service.consul`.  All unsealed vaults are considered healthy and available via `vault.service.consul`.  Change in status and registration is event driven and should happen at the speed of a write to Consul (~network RTT + ~1x fsync(2)).

Healthy/active:

```
curl -X GET 'http://127.0.0.1:8500/v1/health/service/vault?pretty' && echo;
[
    {
        "Node": {
            "Node": "vm1",
            "Address": "127.0.0.1",
            "TaggedAddresses": {
                "wan": "127.0.0.1"
            },
            "CreateIndex": 3,
            "ModifyIndex": 20
        },
        "Service": {
            "ID": "vault:127.0.0.1:8200",
            "Service": "vault",
            "Tags": [
                "active"
            ],
            "Address": "127.0.0.1",
            "Port": 8200,
            "EnableTagOverride": false,
            "CreateIndex": 17,
            "ModifyIndex": 20
        },
        "Checks": [
            {
                "Node": "vm1",
                "CheckID": "serfHealth",
                "Name": "Serf Health Status",
                "Status": "passing",
                "Notes": "",
                "Output": "Agent alive and reachable",
                "ServiceID": "",
                "ServiceName": "",
                "CreateIndex": 3,
                "ModifyIndex": 3
            },
            {
                "Node": "vm1",
                "CheckID": "vault-sealed-check",
                "Name": "Vault Sealed Status",
                "Status": "passing",
                "Notes": "Vault service is healthy when Vault is in an unsealed status and can become an active Vault server",
                "Output": "",
                "ServiceID": "vault:127.0.0.1:8200",
                "ServiceName": "vault",
                "CreateIndex": 19,
                "ModifyIndex": 19
            }
        ]
    }
]
```

Healthy/standby:

```
[snip]
        "Service": {
            "ID": "vault:127.0.0.2:8200",
            "Service": "vault",
            "Tags": [
                "standby"
            ],
            "Address": "127.0.0.2",
            "Port": 8200,
            "EnableTagOverride": false,
            "CreateIndex": 17,
            "ModifyIndex": 20
        },
        "Checks": [
            {
                "Node": "vm2",
                "CheckID": "serfHealth",
                "Name": "Serf Health Status",
                "Status": "passing",
                "Notes": "",
                "Output": "Agent alive and reachable",
                "ServiceID": "",
                "ServiceName": "",
                "CreateIndex": 3,
                "ModifyIndex": 3
            },
            {
                "Node": "vm2",
                "CheckID": "vault-sealed-check",
                "Name": "Vault Sealed Status",
                "Status": "passing",
                "Notes": "Vault service is healthy when Vault is in an unsealed status and can become an active Vault server",
                "Output": "",
                "ServiceID": "vault:127.0.0.2:8200",
                "ServiceName": "vault",
                "CreateIndex": 19,
                "ModifyIndex": 19
            }
        ]
    }
]
```

Sealed:

```
        "Checks": [
            {
                "Node": "vm2",
                "CheckID": "serfHealth",
                "Name": "Serf Health Status",
                "Status": "passing",
                "Notes": "",
                "Output": "Agent alive and reachable",
                "ServiceID": "",
                "ServiceName": "",
                "CreateIndex": 3,
                "ModifyIndex": 3
            },
            {
                "Node": "vm2",
                "CheckID": "vault-sealed-check",
                "Name": "Vault Sealed Status",
                "Status": "critical",
                "Notes": "Vault service is healthy when Vault is in an unsealed status and can become an active Vault server",
                "Output": "Vault Sealed",
                "ServiceID": "vault:127.0.0.2:8200",
                "ServiceName": "vault",
                "CreateIndex": 19,
                "ModifyIndex": 38
            }
        ]
```
2016-04-25 18:01:13 -07:00
Sean Chittenden 2060766107 Update vendor'ed version of hashicorp/consul/lib
Note: Godeps.json not updated
2016-04-25 18:00:54 -07:00
Jeff Mitchell d77f9e0583 Update vendoring 2016-04-26 00:18:04 +00:00
Jeff Mitchell c12dcba9bc Merge pull request #1266 from sepiroth887/azure_backend
added Azure Blobstore backend support
2016-04-25 15:53:09 -04:00
vishalnayak e3a1ee92b5 Utility Enhancements 2016-04-05 20:32:59 -04:00