Commit graph

7724 commits

Author SHA1 Message Date
Andy Manoske 9c1db25639
Update index.html.md 2018-04-05 15:16:28 -07:00
Matthew Irish 4b885c080c
Ui request forwarding error (#4275)
* add ember-cli-content-security-policy
* only enable client side CSP when not in production - the go side handles this otherwise
* add service that handles and stores CSP violations via the securitypolicyviolation event
* update auth form component to show a specialized message when there's a CSP error
* move to computed prop for showing the CSP error message
* fix typos
2018-04-05 16:36:33 -05:00
Jeff Mitchell 7d520e53a5 Update auth-gcp plugin 2018-04-05 17:34:27 -04:00
Matthew Irish 3a734d7cb4
UI - first RC feedback (#4278)
* add hasSentinel to the version service
* use hasSentinel instead of features directly
* type='button' strikes again
* pass url param in tab links to ensure hrefs are updated
* 404 when the item_type is invalid for the identity route
2018-04-05 16:08:18 -05:00
Yoko 3dd3247006
Auto Unseal with AWS KMS guide (#4277)
* WIP

* Added auto unseal

* Converting to a guide

* Added little more explanations

* Minor fixes

* Fixed a typo

* Fixed a typo

* Changed auto unseal to auto-unseal

* Found more typo... fixed
2018-04-05 13:28:39 -07:00
Jeff Mitchell 27db47828b Bump kv plugin 2018-04-05 14:09:19 -04:00
Jeff Mitchell 0776c65e15
Move colorable statements to fix Windows support. (#4287)
This puts it in the main command level.

Fixes #4070
2018-04-05 13:28:02 -04:00
Calvin Leung Huang 63b2698289 Do not fail if api_addr and cluster_addr are empty (#4286) 2018-04-05 12:54:15 -04:00
Vishal Nayak 28e3eb9e2c
Errwrap everywhere (#4252)
* package api

* package builtin/credential

* package builtin/logical

* package command

* package helper

* package http and logical

* package physical

* package shamir

* package vault

* package vault

* address feedback

* more fixes
2018-04-05 11:49:21 -04:00
Vishal Nayak ef60ded908
TypeDurationSecond for ttl and max_ttl (#4268)
* use typedurationsecond for ttl and max_ttl

* address review feedback
2018-04-04 17:47:18 -04:00
Geoffrey Grosenbach 22c1766fc1 Correct the page title to read re-wrapping (#4274)
The title in the metadata used `re-rapping` instead of `re-wrapping`. This one line change fixes the spelling.
2018-04-04 16:55:46 -04:00
Quinn Stearns d8dab90113 Rename Example Key from "value" to "foo" (#4270)
It is slightly confusing to have the first example include a key named "Value". This can create a slight hump to grokking what's happening in this early step of the README. Here we rename the key to "foo" to help indicate it's dynamic nature.
2018-04-04 16:22:27 -04:00
Jeff Mitchell a84e2bcc25
Don't allow api/cluster addresses to be the same. (#4272)
People make this mistake quite often and it causes real issues.
2018-04-04 16:15:07 -04:00
Calvin Leung Huang f392620cb8
Dockerize rabbitmq secret backend (#4271) 2018-04-04 16:09:26 -04:00
Brian Kassouf aa9c93a680
changelog++ 2018-04-04 09:29:27 -07:00
Brian Kassouf 43496861c5
command/kv: Update the 404 parsing logic (#4269) 2018-04-04 09:26:06 -07:00
Jeff Mitchell 0b417bd03a Merge branch 'master' of https://github.com/hashicorp/vault into master-oss 2018-04-04 12:19:25 -04:00
Jeff Mitchell 4b936ea976 changelog++ 2018-04-04 12:19:21 -04:00
Yoko 7ef337ad86
Vault HA with Consul guide (#4187)
* Vault HA guide draft

* Fixed node_id to say node_name based on Brian's input

* Fixed the unwanted hyperlink

* Vault HA guide

* Updated the description of the Vault HA guide

* Typo fixes

* Added a reference to Vault HA with Consule guide

* Incorporated Teddy's feedback

* Fixed an env var name

* Vault configuration has been updated: 'api_addr'
2018-04-04 08:25:06 -07:00
Jeff Mitchell 3b9454978c
Cut version 0.10.0-rc1 2018-04-04 10:45:23 -04:00
Jeff Mitchell 44ab14674e Add ui tag to bin target 2018-04-04 10:44:20 -04:00
Seth Vargo a90467289a Rename Google things to say "Google", update telemetry (#4267) 2018-04-04 10:37:44 -04:00
Jeff Mitchell 92bedc6c31 Bump prerelease tag 2018-04-04 10:34:59 -04:00
Chris Hoffman 384b0c0b74
update azure plugin (#4266) 2018-04-04 08:02:37 -04:00
Chris Hoffman 8250da87a9
Fix a few missing TTL core changes (#4265)
* Fix missing ttl handling in backends

* fix test
2018-04-04 06:43:21 -04:00
Jeff Mitchell fe2fa0030f
Rejig 404 handling again. (#4264)
Done this way, existing tests pass, and it makes logical sense, so we're
likely to have the least impact like this.
2018-04-04 04:41:46 -04:00
Jeff Mitchell 1481dd35b5 Revert "On 404 if there is no actual body, return orig err. (#4262)"
This reverts commit 389c88482059a1db90a0e8ad985b1a0eeda13070.
2018-04-04 03:50:24 -04:00
Jeff Mitchell f6f3153b3d
Allow not showing expirations, and don't log when skipToken (#4263)
The latter removes a case where a token being revoked would end up
logging twice.
2018-04-04 03:07:10 -04:00
Brian Kassouf 62ce5ec91d
Versioned K/V docs (#4259)
* Work on kv docs

* Add more kv docs

* Update kv docs

* More docs updates

* address some review coments
2018-04-03 23:22:41 -07:00
Jeff Mitchell 4f2e26bbe7
On 404 if there is no actual body, return orig err. (#4262)
This keeps better backwards compat; we'll only swallow the original
error if there's actually other data or warnings returned.
2018-04-04 01:57:08 -04:00
Jeff Mitchell 4a45851681 Update plugins 2018-04-03 22:40:35 -04:00
Jeff Mitchell 409524a829 Stretch the renewer test a bit to give Travis some more time to deal with it 2018-04-03 22:36:14 -04:00
Jeff Mitchell 599f691141
Allow returning warnings and other data in 404s in the Go API (#4256)
* Allow returning list information and other data in 404s.

On read it'll output data and/or warnings on a 404 if they exist. On
list, the same behavior; the actual 'vault list' command doesn't change
behavior though in terms of output unless there are no actual keys (so
it doesn't just magically show other data).

This corrects some assumptions in response_util and wrapping.go; it also
corrects a few places in the latter where it could leak a (useless)
token in some error cases.

* Use same 404 logic in delete/put too

* Add the same secret parsing logic to the KV request functions
2018-04-03 22:35:45 -04:00
Jeff Mitchell 69a8158913
Fix race condition caught by detector in barrier view (#4261) 2018-04-03 21:39:11 -04:00
Brian Kassouf 829fcb226c
Allow for comma separated strings in the TypeCommaIntSlice field type (#4257)
* Allow for comma separated strings in the TypeCommaIntSlice field type

* Explode versions on client side

* fix deleting versions
2018-04-03 17:58:42 -07:00
Roy Sindre Norangshol a9c717b44e project is now project_id (#4251)
Verified both via vault CLI and direct curl'ing towards API endpoints.
2018-04-03 17:11:47 -04:00
Alex Dadgar 6a824383b6 Don't swallow logical.Unwrap error (#4258)
This PR fixes the error handling in the api packages logical.Unwrap
method. Previously if there was an error making the request to Vault,
the error was only returned if there was an HTTP response and the status
code was not a 404.

The new code returns all errors but does special case handling if the
response code is a 404.
2018-04-03 17:11:01 -04:00
Jeff Mitchell 8d33a0e089 Bump vkv plugin 2018-04-03 17:09:33 -04:00
Jeff Mitchell 4b687eca3f Update vkv plugin 2018-04-03 15:55:57 -04:00
Jeff Mitchell c10ae3a755 Bump vkv plugin 2018-04-03 15:04:33 -04:00
Brian Kassouf e26e821107
Don't pass the upgrade flag into the backend (#4255) 2018-04-03 11:37:34 -07:00
Jeff Mitchell 9d16593f48 Interim vkv plugin push 2018-04-03 14:34:36 -04:00
Calvin Leung Huang 6b840e6c1c
Fix compilation and tests failures (#4254) 2018-04-03 14:07:43 -04:00
Jeff Mitchell d7779fd349 Add dev-ui target 2018-04-03 13:54:33 -04:00
Chris Hoffman d854ccfc64 changelog++ 2018-04-03 13:52:30 -04:00
Chris Hoffman 4fc6364157 changelog++ 2018-04-03 13:51:28 -04:00
Brian Kassouf 39970ac23d
Move plugin env checks to their own file (#4253) 2018-04-03 10:36:14 -07:00
Matthew Irish cf1a9647f4
changelog ++ 2018-04-03 11:40:11 -05:00
Chris Hoffman a7ada08b3b
Core handling of TTLs (#4230)
* govet cleanup in token store

* adding general ttl handling to login requests

* consolidating TTL calculation to system view

* deprecate LeaseExtend

* deprecate LeaseExtend

* set the increment to the correct value

* move calculateTTL out of SystemView

* remove unused value

* add back clearing of lease id

* implement core ttl in some backends

* removing increment and issue time from lease options

* adding ttl tests, fixing some compile issue

* adding ttl tests

* fixing some explicit max TTL logic

* fixing up some tests

* removing unneeded test

* off by one errors...

* adding back some logic for bc

* adding period to return on renewal

* tweaking max ttl capping slightly

* use the appropriate precision for ttl calculation

* deprecate proto fields instead of delete

* addressing feedback

* moving TTL handling for backends to core

* mongo is a secret backend not auth

* adding estimated ttl for backends that also manage the expiration time

* set the estimate values before calling the renew request

* moving calculate TTL to framework, revert removal of increment and issue time from logical

* minor edits

* addressing feedback

* address more feedback
2018-04-03 12:20:20 -04:00
Jeff Mitchell 2bd107a806 Update logformat -> logging 2018-04-03 12:03:35 -04:00