Commit graph

308 commits

Author SHA1 Message Date
Jeff Mitchell a094eedce2 Add rekey nonce/backup. 2016-01-06 09:54:35 -05:00
Jeff Mitchell 80866d036d update init/rekey documentation around keybase entries 2016-01-04 14:17:51 -05:00
Jeff Mitchell 5ef7efffe3 Disable cmd/server tests for now so we can get Travis back on track 2015-12-31 08:48:53 -05:00
Jeff Mitchell c642feebe2 Remove some outdated comments 2015-12-30 21:00:27 -05:00
Jeff Mitchell 0509ad9c29 Use RenewSelf instead of Renew if the token we're renewing is the same as the client 2015-12-30 14:41:50 -05:00
Nicki Watt 442d538deb Make token-lookup functionality available via Vault CLI 2015-12-29 20:18:59 +00:00
Jeff Mitchell fefa696a33 Merge pull request #886 from ooesili/ssh-error-fetching-username
Stop panic when vault ssh username fetching fails
2015-12-29 12:17:51 -06:00
Jeff Mitchell fa1676882f Merge pull request #853 from hashicorp/issue-850
Make TokenHelper an interface and split exisiting functionality
2015-12-29 12:01:49 -06:00
Jeff Mitchell 6cdb8aeb4f Merge branch 'master' into f-disable-tls 2015-12-29 12:59:02 -05:00
Nicki Watt eb4aaad082 Using LookupSelf() API method instead of raw HTTP call for auth command 2015-12-28 01:38:00 +00:00
Wesley Merkel 5a368fa9de Stop panic when vault ssh username fetching fails 2015-12-26 15:09:07 -07:00
Wim e8e492f574 Fix ipv6 address advertisement 2015-12-22 21:40:36 +01:00
Jeff Mitchell 1a324cf347 Make TokenHelper an interface and split exisiting functionality
Functionality is split into ExternalTokenHelper, which is used if a path
is given in a configuration file, and InternalTokenHelper which is used
otherwise. The internal helper no longer shells out to the same Vault
binary, instead performing the same actions with internal code. This
avoids problems using dev mode when there are spaces in paths or when
the binary is built in a container without a shell.

Fixes #850 among others
2015-12-22 10:23:30 -05:00
Jeff Mitchell 5017907785 Move telemetry metrics up to fix one possible race, but deeper problems in go-metrics can't be solved with this 2015-12-17 16:38:17 -05:00
Jeff Mitchell db7a2083bf Allow setting the advertise address via an environment variable.
Fixes #581
2015-12-14 21:22:55 -05:00
Jeff Mitchell 1e653442cd Ensure advertise address detection runs without a specified HA backend
Ping #840
2015-12-14 21:13:27 -05:00
Jeff Mitchell 521ea42f6b Merge pull request #840 from hashicorp/issue-395
Allow separate HA physical backend.
2015-12-14 20:56:47 -05:00
Jeff Mitchell 7ce8aff906 Address review feedback 2015-12-14 17:58:30 -05:00
Mathias Lafeldt b00b476c7a Show error if output format is invalid
Rather than silently using table as a fallback.
2015-12-14 17:14:22 +01:00
Jeff Mitchell ced0835574 Allow separate HA physical backend.
With no separate backend specified, HA will be attempted on the normal
physical backend.

Fixes #395.
2015-12-14 07:59:58 -05:00
Jeff Mitchell e941f699d3 Merge pull request #832 from mlafeldt/yaml-ouput
Allow to output secrets in YAML format
2015-12-11 12:04:41 -05:00
Mathias Lafeldt 61d4ef70f4 Allow to output secrets in YAML format
This can be done with https://github.com/ghodss/yaml, which reuses
existing JSON struct tags for YAML.
2015-12-10 11:32:31 +01:00
Mathias Lafeldt 607d12174d Output secrets sorted by key
Instead of printing them in random order each time `vault read` is invoked.
2015-12-10 10:08:23 +01:00
Armon Dadgar 985717b428 server: sanity check value for 'tls_disable' 2015-11-25 11:37:57 -08:00
Jeff Mitchell 1a45696208 Add no-default-policy flag and API parameter to allow exclusion of the
default policy from a token create command.
2015-11-09 17:30:50 -05:00
Jeff Mitchell 5d5d58ffe4 Fix unmount help output 2015-11-09 15:23:49 -05:00
Jeff Mitchell 75f1c1e40c Print version on startup.
Fixes #765
2015-11-09 13:52:55 -05:00
Jeff Mitchell 32e23bea71 Move environment variable reading logic to API.
This allows the same environment variables to be read, parsed, and used
from any API client as was previously handled in the CLI. The CLI now
uses the API environment variable reading capability, then overrides any
values from command line flags, if necessary.

Fixes #618
2015-11-04 10:28:00 -05:00
Jeff Mitchell c1d8b97342 Add reset support to the unseal command.
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.

Fixes #695
2015-10-28 15:59:39 -04:00
Jeff Mitchell 7b25204a19 Fix cache disabling 2015-10-28 13:05:56 -04:00
voutasaurus 1da78942e8 Modifies documentation in output of vault server -dev
Environment variable setting is different in windows
2015-10-22 00:48:46 -07:00
Jeff Mitchell cba4e82682 Don't use http.DefaultClient
This strips out http.DefaultClient everywhere I could immediately find
it. Too many things use it and then modify it in incompatible ways.

Fixes #700, I believe.
2015-10-15 17:54:00 -04:00
Jeff Mitchell 9f0b1547bb Allow disabling the physical storage cache with 'disable_cache'.
Fixes #674.
2015-10-12 13:00:32 -04:00
Jeff Mitchell b8455be005 Support and use TTL instead of lease for token creation 2015-10-09 19:52:13 -04:00
Jeff Mitchell ee92124357 Fix output of token-create help to use ttl instead of lease 2015-10-09 19:40:30 -04:00
Jeff Mitchell aa3055f816 Fix mount-tune CLI output 2015-10-09 16:03:31 -04:00
Jeff Mitchell d39580b38c Update CLI help text for init/rekey regarding base64-encoded keys 2015-10-08 11:09:30 -04:00
Jeff Mitchell 4e0a6c5e5f Adjust warnings message to make it clear they are from the server 2015-10-07 16:18:39 -04:00
Jeff Mitchell d740fd4a6a Add the ability for warnings to be added to responses. These are
marshalled into JSON or displayed from the CLI depending on the output
mode. This allows conferring information such as "no such policy exists"
when creating a token -- not an error, but something the user should be
aware of.

Fixes #676
2015-10-07 16:18:39 -04:00
vishalnayak 145aee229e Merge branch 'master' of https://github.com/hashicorp/vault 2015-10-03 00:07:34 -04:00
Jeff Mitchell 645932a0df Remove use of os/user as it cannot be run with CGO disabled 2015-10-02 18:43:38 -07:00
vishalnayak c7fd639b2e Remove format parameter 2015-10-02 14:10:24 -04:00
vishalnayak 3dd84446ab Github backend: enable auth renewals 2015-10-02 13:33:19 -04:00
Jeff Mitchell 62ac518ae7 Switch per-mount values to strings going in and seconds coming out, like other commands. Indicate deprecation of 'lease' in the token backend. 2015-09-25 10:41:21 -04:00
Jeff Mitchell 81e535dc2d Minor updates to passthrough and additional tests 2015-09-21 16:57:41 -04:00
Jeff Mitchell e7dfb4f943 Use 'ttl_seconds' in CLI output so as not to shadow actual 'ttl' parameter 2015-09-21 16:37:37 -04:00
Jeff Mitchell 425e286f90 If there's no lease, output ttl instead of lease_duration 2015-09-21 16:37:37 -04:00
Jeff Mitchell 15e1a2281d If lease_duration is not zero, output it even if there is no lease. 2015-09-21 16:37:37 -04:00
Jeff Mitchell 9c5dcac90c Make TLS backend honor SystemView default values. Expose lease TTLs on read. Make auth command show lease TTL if one exists. Addresses most of #527 2015-09-18 14:01:28 -04:00
vishalnayak fdf05e8ead Adding type checking to ensure only BasicUi is affected 2015-09-17 11:37:21 -04:00