Commit graph

12355 commits

Author SHA1 Message Date
Theron Voran a7522738b9
docs: Updating vault-helm service_registration docs (#9417)
* Adding notes about ingress and route requirements

Specifically that they require vault 1.4 with service_registration
enabled. Also removed a stray block about extraVolumes.
2020-07-10 13:02:51 -07:00
Michael Golowka 23a3375f98
Add links to API docs (#9442) 2020-07-10 12:55:43 -06:00
ncabatoff c822a4bffb
Modifying base can break tests that share the same coreConfig passed to NewTestCluster. (#9451) 2020-07-10 13:11:18 -04:00
Noelle Daley 8b396133db
fix linting failures by upgrading prettier (#9443) 2020-07-09 21:05:40 -07:00
Calvin Leung Huang 40c2219919
gomod: vendor update (#9446) 2020-07-09 16:32:12 -07:00
Josh Black 38fc012817
Backport the pieces of the replication API changes (#9425) 2020-07-09 15:11:37 -07:00
Noelle Daley 032ffcaff2
Ui/fix ui tests (#9438)
* fix linting errors

* don't show primary url if we don't have any primaries

* Revert "fix linting errors"

This reverts commit a56d371272868d93024c557a6d5807be6eadda57.

* run all component tests always
2020-07-09 15:04:56 -07:00
Alexander Bezobchuk f7c1907683
Merge PR #9437: tests: Port #1315 from enterprise 2020-07-09 17:16:31 -04:00
Seth Vargo d00adf89c9
physical/spanner: use separate client for updating locks (#9423)
* physical/spanner: use separate client for updating locks

We believe this mitigates an issue where a large influx of requests
cause the leader to be unable to update the lock table (since it cannot
grab a client from the pool or the client has no more open connections),
which causes cascading failure.
2020-07-09 13:52:29 -07:00
Seth Vargo 95a2d61651
physical/gcs: use separate client for updating locks (#9424)
* physical/gcs: use separate client for updating locks

* Address review comments

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-07-09 13:40:50 -07:00
Jim Kalafut 2e25323fba
changelog++ 2020-07-09 13:40:02 -07:00
Brian Kassouf f8df68b673
seal: Fix issue migrating from Auto->Shamir and improve tests (#9430)
* Fix issue migrating from Auto->Shamir and improve tests

* Undo newline

* fix panic in test

* Fix test panic
2020-07-09 12:28:17 -07:00
ncabatoff 9ea38545a7
Update sentinel dependencies. (#9427) 2020-07-08 15:04:11 -04:00
Mark Gritter ca21cb93df
Documentation fixes on metric names (#9419)
Make the names of WAL metrics exactly match their implementation.
Add `vault` prefix to be consistent everywhere.

Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>
2020-07-08 13:16:42 -05:00
Andrej van der Zee 8f305b1531
Add option allowed_domains_template enabling identity templating for issuing PKI certs. (#8509) 2020-07-08 12:52:25 -04:00
Jim Kalafut 76bb906195
changelog++ 2020-07-08 08:56:54 -07:00
Larry Eichenbaum f5fcf04a73
Document OSS->ENT upgrade process (#9414) 2020-07-08 09:17:27 -04:00
Michael Golowka 6d86988d0b
Update GCP auth docs with warning about token impersonation (#9418) 2020-07-07 17:09:12 -06:00
Angel Garbarino d4d2ba7694
Ui/small replication action fixes (#9387)
* fix issue where if dr is not enabled, the breadcrumb link did not work.  Now if DR not enabled, the breadcrumb says replication and links back to rep index.

* show black nav when cluster is not initialized and is loading, no need for menu items and because NavHeader component and the icon live in the app and not addons I cannot access them without moving them.  I figured the black bar was enough, and it wasn't worth moving just for that

* conditional change the breadcrumb link in Disaster Recovery based on what page they are currently on (details or manage).  Before the breadcrumb link didn't do anything if they were on the manage page

* fix slow modal loading after demoting a dr secondary.  due to shamir modal not being in the addon engine and erroring out.

* to prevent confusing transition state during dr demotion, set new property on cluster and compare the mode of the dr which changes from primary to secondary during demotion.  If dr mode changes, showing loading status

* get more specific about conditional so loader does not some on disabling, but only on demote

* remove concurrency from onSubmit

* revert all concurency, I think this is solved by the removal of shamir in the dom

* reverse order

* cleanup

* forgot that tricky layout, hopefull this will fix test

* remove page container, it's not needed

* remove breadcrumbs if DR secondary

* remove pageType no now longer using

* remove conditional that is no longer hit
2020-07-07 13:09:01 -06:00
Angel Garbarino 0ba68d9c18
set default to 30 days for pki ca cert (#9405) 2020-07-07 13:07:50 -06:00
Alexander Bezobchuk a282864793
Merge PR #9342: Resource Quotas Doc 2020-07-07 11:42:01 -04:00
Sam Salisbury a9aa4d301f
update gopsutil@01afd763e6c0 + go mod vendor (#9346)
- This version of gopsutil fixes the build for FreeBSD.
- See https://github.com/shirou/gopsutil/pull/895
2020-07-07 16:14:48 +01:00
Clint 7a7dd7379f
Update CHANGELOG.md
Update links that were swapped
2020-07-07 06:13:14 -05:00
Alexander Bezobchuk dfb28a8fcc
Merge PR #9390: http: revert resource quota changes 2020-07-07 00:05:28 -04:00
Calvin Leung Huang 67444d85b8
test/migration: ensure that leader client is used for storage read check (#9403) 2020-07-06 16:22:07 -07:00
Jeff Escalante dcc05e8aed
learn -> tutorials in subnav (#9391) 2020-07-06 18:47:59 -04:00
Jim Kalafut 7110e11cc1
changelog++ 2020-07-06 12:48:48 -07:00
Scott Miller dfbc60cc49
Add mount type to request earlier, so it is populated on audit entries even if the request fails authorization (#9389) 2020-07-06 11:17:41 -05:00
Trishank Karthik Kuppusamy 94b4545a69
Merge PR #9388: Update tokens.mdx 2020-07-06 09:22:50 -04:00
DevOps Rob 230656ccf4
adding a note to the docs to make it clear that the token needs to be unlimited to create child tokens (#9397) 2020-07-03 09:00:14 -07:00
Calvin Leung Huang 80ea138b9e
scripts: make build.sh gocmd aware (#9394) 2020-07-02 17:45:41 -07:00
Brian Kassouf a6a5e951e9
changelog++ 2020-07-02 16:59:30 -07:00
Meggie 866576cde8
Changing changelog headers and update version (#9393) 2020-07-02 19:46:41 -04:00
Brian Kassouf 90ed4d7eac
Fix UI in dev mode 2020-07-02 15:18:57 -07:00
Mike Jarmy 804106904b
Update CHANGELOG.md 2020-07-02 17:57:45 -04:00
Noelle Daley d93249b2ca
Update CHANGELOG.md 2020-07-02 14:26:48 -07:00
Mike Jarmy 769cfbfadb
Update CHANGELOG.md 2020-07-02 17:22:44 -04:00
Jeff Escalante a3371f6242
🌷Website Maintenance (#9140)
* another round of maintenance

- apply stylelint
- run eslint across all files
- remove unneeded font import
- add jsconfig and import from absolute pahts
- remove unneeded experimental nextjs config
- update all dependencies

* refreshing with the latest dep updates
2020-07-02 14:24:34 -04:00
Geoffrey Grosenbach 93b37de1bc
Mention Linux packages on install page (#9314)
* Update install docs to mention Linux packages

We now build packages for Debian, Ubuntu, CentOS, etc. This removes language
about "we have no plans to build packages" and adds links to step by step guides
for adding a GPG key and the official repository.

* Fix URL to Learn Vault install page

A Linux section previously existed but now it is in the general install section.

* Fix Markdown for multi-step compile from source

The steps were previously marked up as an ordered list but the numbers didn't
display correctly. This outdents the code so it's a series of paragraphs instead
of an ordered list.
2020-07-02 13:51:02 -04:00
Roger Berlind 15d8ed3f82
request.connection.remote_addr only has IP (#9326)
* request.connection.remote_addr only has IP

The request.connection.remote_addr property exposed to Sentinel only has an IP.
It does not include a port.
I tested this in a policy with `print("remote address:", request.connection.remote_addr)` and got back 150.10.0.26.

* Update website/pages/docs/enterprise/sentinel/properties.mdx

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-07-02 10:47:44 -07:00
Jim Kalafut 0cd66b516f
Update README.md (#9378) 2020-07-02 08:58:08 -07:00
Jim Kalafut bb8242119a
Update bug_report.md (#9385) 2020-07-02 08:55:33 -07:00
Chelsea Shaw d282a2071c
DR secondary generate operation token styling updates (#9355)
* Match spacing, content, and styling better to designs on DR secondary generate operation token

* Clarify language around OTP and DR secondary operation token
2020-07-02 10:52:06 -05:00
Alexander Bezobchuk f1534a0ed0
Add nil check for quota manager (#9379)
* Add nil check for quota manager

* Add missing nil checks
2020-07-01 18:14:33 -07:00
Noelle Daley cf94e19b03
Update CHANGELOG.md 2020-07-01 17:28:59 -07:00
Noelle Daley bd8281b4ae
upgrade storybook and babel deps (#9371) 2020-07-01 16:28:16 -07:00
Chelsea Shaw 1f55f5d602
Add dr_operation_token_primary to hashed submit value (#9370) 2020-07-01 16:03:57 -05:00
Alexander Bezobchuk fb9cd9db2a
Merge PR #9372: Fix Unauthenticated list 2020-07-01 16:02:14 -04:00
Mark Gritter 707fdea702
Don't return quota error on revoke. (#9374)
Changed log messages to be clearer about quota operations.
This should fix enterprise unit test failures.
2020-07-01 14:41:42 -05:00
Calvin Leung Huang 37c0e51142
logical/system: re-introduce ns-awareness in pathInternalUIMountsRead (#9373) 2020-07-01 12:37:11 -07:00