Jeff Mitchell
a094eedce2
Add rekey nonce/backup.
2016-01-06 09:54:35 -05:00
Jeff Mitchell
80866d036d
update init/rekey documentation around keybase entries
2016-01-04 14:17:51 -05:00
Jeff Mitchell
5ef7efffe3
Disable cmd/server tests for now so we can get Travis back on track
2015-12-31 08:48:53 -05:00
Jeff Mitchell
c642feebe2
Remove some outdated comments
2015-12-30 21:00:27 -05:00
Jeff Mitchell
0509ad9c29
Use RenewSelf instead of Renew if the token we're renewing is the same as the client
2015-12-30 14:41:50 -05:00
Nicki Watt
442d538deb
Make token-lookup functionality available via Vault CLI
2015-12-29 20:18:59 +00:00
Jeff Mitchell
fefa696a33
Merge pull request #886 from ooesili/ssh-error-fetching-username
...
Stop panic when vault ssh username fetching fails
2015-12-29 12:17:51 -06:00
Jeff Mitchell
fa1676882f
Merge pull request #853 from hashicorp/issue-850
...
Make TokenHelper an interface and split exisiting functionality
2015-12-29 12:01:49 -06:00
Jeff Mitchell
6cdb8aeb4f
Merge branch 'master' into f-disable-tls
2015-12-29 12:59:02 -05:00
Nicki Watt
eb4aaad082
Using LookupSelf() API method instead of raw HTTP call for auth command
2015-12-28 01:38:00 +00:00
Wesley Merkel
5a368fa9de
Stop panic when vault ssh username fetching fails
2015-12-26 15:09:07 -07:00
Wim
e8e492f574
Fix ipv6 address advertisement
2015-12-22 21:40:36 +01:00
Jeff Mitchell
1a324cf347
Make TokenHelper an interface and split exisiting functionality
...
Functionality is split into ExternalTokenHelper, which is used if a path
is given in a configuration file, and InternalTokenHelper which is used
otherwise. The internal helper no longer shells out to the same Vault
binary, instead performing the same actions with internal code. This
avoids problems using dev mode when there are spaces in paths or when
the binary is built in a container without a shell.
Fixes #850 among others
2015-12-22 10:23:30 -05:00
Jeff Mitchell
5017907785
Move telemetry metrics up to fix one possible race, but deeper problems in go-metrics can't be solved with this
2015-12-17 16:38:17 -05:00
Jeff Mitchell
db7a2083bf
Allow setting the advertise address via an environment variable.
...
Fixes #581
2015-12-14 21:22:55 -05:00
Jeff Mitchell
1e653442cd
Ensure advertise address detection runs without a specified HA backend
...
Ping #840
2015-12-14 21:13:27 -05:00
Jeff Mitchell
521ea42f6b
Merge pull request #840 from hashicorp/issue-395
...
Allow separate HA physical backend.
2015-12-14 20:56:47 -05:00
Jeff Mitchell
7ce8aff906
Address review feedback
2015-12-14 17:58:30 -05:00
Mathias Lafeldt
b00b476c7a
Show error if output format is invalid
...
Rather than silently using table as a fallback.
2015-12-14 17:14:22 +01:00
Jeff Mitchell
ced0835574
Allow separate HA physical backend.
...
With no separate backend specified, HA will be attempted on the normal
physical backend.
Fixes #395 .
2015-12-14 07:59:58 -05:00
Jeff Mitchell
e941f699d3
Merge pull request #832 from mlafeldt/yaml-ouput
...
Allow to output secrets in YAML format
2015-12-11 12:04:41 -05:00
Mathias Lafeldt
61d4ef70f4
Allow to output secrets in YAML format
...
This can be done with https://github.com/ghodss/yaml , which reuses
existing JSON struct tags for YAML.
2015-12-10 11:32:31 +01:00
Mathias Lafeldt
607d12174d
Output secrets sorted by key
...
Instead of printing them in random order each time `vault read` is invoked.
2015-12-10 10:08:23 +01:00
Armon Dadgar
985717b428
server: sanity check value for 'tls_disable'
2015-11-25 11:37:57 -08:00
Jeff Mitchell
1a45696208
Add no-default-policy flag and API parameter to allow exclusion of the
...
default policy from a token create command.
2015-11-09 17:30:50 -05:00
Jeff Mitchell
5d5d58ffe4
Fix unmount help output
2015-11-09 15:23:49 -05:00
Jeff Mitchell
75f1c1e40c
Print version on startup.
...
Fixes #765
2015-11-09 13:52:55 -05:00
Jeff Mitchell
32e23bea71
Move environment variable reading logic to API.
...
This allows the same environment variables to be read, parsed, and used
from any API client as was previously handled in the CLI. The CLI now
uses the API environment variable reading capability, then overrides any
values from command line flags, if necessary.
Fixes #618
2015-11-04 10:28:00 -05:00
Jeff Mitchell
c1d8b97342
Add reset support to the unseal command.
...
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.
Fixes #695
2015-10-28 15:59:39 -04:00
Jeff Mitchell
7b25204a19
Fix cache disabling
2015-10-28 13:05:56 -04:00
voutasaurus
1da78942e8
Modifies documentation in output of vault server -dev
...
Environment variable setting is different in windows
2015-10-22 00:48:46 -07:00
Jeff Mitchell
cba4e82682
Don't use http.DefaultClient
...
This strips out http.DefaultClient everywhere I could immediately find
it. Too many things use it and then modify it in incompatible ways.
Fixes #700 , I believe.
2015-10-15 17:54:00 -04:00
Jeff Mitchell
9f0b1547bb
Allow disabling the physical storage cache with 'disable_cache'.
...
Fixes #674 .
2015-10-12 13:00:32 -04:00
Jeff Mitchell
b8455be005
Support and use TTL instead of lease for token creation
2015-10-09 19:52:13 -04:00
Jeff Mitchell
ee92124357
Fix output of token-create help to use ttl instead of lease
2015-10-09 19:40:30 -04:00
Jeff Mitchell
aa3055f816
Fix mount-tune CLI output
2015-10-09 16:03:31 -04:00
Jeff Mitchell
d39580b38c
Update CLI help text for init/rekey regarding base64-encoded keys
2015-10-08 11:09:30 -04:00
Jeff Mitchell
4e0a6c5e5f
Adjust warnings message to make it clear they are from the server
2015-10-07 16:18:39 -04:00
Jeff Mitchell
d740fd4a6a
Add the ability for warnings to be added to responses. These are
...
marshalled into JSON or displayed from the CLI depending on the output
mode. This allows conferring information such as "no such policy exists"
when creating a token -- not an error, but something the user should be
aware of.
Fixes #676
2015-10-07 16:18:39 -04:00
vishalnayak
145aee229e
Merge branch 'master' of https://github.com/hashicorp/vault
2015-10-03 00:07:34 -04:00
Jeff Mitchell
645932a0df
Remove use of os/user as it cannot be run with CGO disabled
2015-10-02 18:43:38 -07:00
vishalnayak
c7fd639b2e
Remove format parameter
2015-10-02 14:10:24 -04:00
vishalnayak
3dd84446ab
Github backend: enable auth renewals
2015-10-02 13:33:19 -04:00
Jeff Mitchell
62ac518ae7
Switch per-mount values to strings going in and seconds coming out, like other commands. Indicate deprecation of 'lease' in the token backend.
2015-09-25 10:41:21 -04:00
Jeff Mitchell
81e535dc2d
Minor updates to passthrough and additional tests
2015-09-21 16:57:41 -04:00
Jeff Mitchell
e7dfb4f943
Use 'ttl_seconds' in CLI output so as not to shadow actual 'ttl' parameter
2015-09-21 16:37:37 -04:00
Jeff Mitchell
425e286f90
If there's no lease, output ttl instead of lease_duration
2015-09-21 16:37:37 -04:00
Jeff Mitchell
15e1a2281d
If lease_duration is not zero, output it even if there is no lease.
2015-09-21 16:37:37 -04:00
Jeff Mitchell
9c5dcac90c
Make TLS backend honor SystemView default values. Expose lease TTLs on read. Make auth command show lease TTL if one exists. Addresses most of #527
2015-09-18 14:01:28 -04:00
vishalnayak
fdf05e8ead
Adding type checking to ensure only BasicUi is affected
2015-09-17 11:37:21 -04:00