luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
9,153 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

959 Commits

Author SHA1 Message Date
Jeff Mitchell 04e3f9b0f3
Add LastWAL in leader/health output (#5523) 2018-10-16 09:38:44 -04:00
Jeff Mitchell af73c5872d
Buffer authhandler output channel to prevent hang on shutdown (#5507) 
Fixes #5026
 2018-10-15 11:02:53 -04:00
Jim Kalafut 123e34f4a7
Don't copy HA lock file during migration (#5503) 2018-10-12 09:29:15 -07:00
Jeff Mitchell 646bfc6d5d
Warn when users don't configure api_addr (#5496) 
Fixes some sources of user strife
 2018-10-10 14:52:00 -04:00
Calvin Leung Huang b47e648ddf
Logger cleanup (#5480) 2018-10-09 09:43:17 -07:00
Jim Kalafut bd4a7c57c6 Fix 'vault auth' panic (#5473) 
Running 'vault auth' with no parameters was panicking:

panic: assignment to entry in nil map
	github.com/hashicorp/vault/command/login.go:255 +0xdee

Now it will show help.
 2018-10-05 16:05:26 -07:00
JohnVonNeumann eba56f3f23 Update operator_init.go (#5441) 
Minor grammar fix.
 2018-10-01 17:19:13 -07:00
Jim Kalafut 43d498983c
Retry failing migration check instead of exiting (#5427) 2018-10-01 14:35:35 -07:00
Jeff Mitchell ef144c4c25 Send initialized information via sys/seal-status (#5424) 2018-09-27 14:03:37 -07:00
Jim Kalafut d9d93e42a8
Fix server command test (#5407) 
The addition of CheckMigration to the server startup process means
that physical backends in this test need to be able to respond to Get() without error.
 2018-09-26 14:52:11 -07:00
Jim Kalafut c1f7e4a276
Fix wording in log message (#5399) 2018-09-25 16:52:03 -07:00
Jim Kalafut 4c80debe63
Add physical backend migrator command (#5143) 2018-09-25 16:18:22 -07:00
Seth Vargo 743161abd4 Also format TTLs in non-secret responses (#5367) 2018-09-21 09:54:18 -04:00
Becca Petrin 74d4d0ccc0
add alicloud secrets engine (#5352) 2018-09-19 08:42:28 -07:00
Jeff Mitchell 43aebacfa8 Fix default_max_request_duration HCL name and update docs (#5321) 
* Fix default_max_request_duration HCL name and update docs

* Update tcp.html.md
 2018-09-18 14:30:21 -07:00
Jeff Mitchell 919b968c27
The big one (#5346) 2018-09-17 23:03:00 -04:00
Jim Kalafut eb6c165e29
Improve CLI error message (#5327) 2018-09-13 08:23:36 -07:00
Becca Petrin b2ff87c9c2
Poll for new creds in the AWS auth agent (#5300) 2018-09-12 13:30:57 -07:00
Becca Petrin 625592c5e6
update to match aws (#5315) 2018-09-11 11:10:50 -07:00
Jeff Mitchell 1837c571ec
Fix authhandler-based wrapping in agent (#5316) 2018-09-11 13:10:11 -04:00
Jeff Mitchell c28ed23972
Allow most parts of Vault's logging to have its level changed on-the-fly (#5280) 
* Allow most parts of Vault's logging to have its level changed on-the-fly

* Use a const for not set
 2018-09-05 15:52:54 -04:00
Becca Petrin 7e0e49656a Add AliCloud auth to the Vault Agent (#5179) 2018-09-05 11:56:30 -04:00
Jim Kalafut f03fc41ba2
Fix server test that fails build under 1.11 (#5264) 
command/server_test.go:147:2: finished declared but not used
vet: typecheck failures
 2018-09-04 11:35:28 -06:00
Brian Kassouf c603a8b811
Add performance standby status to status output (#5192) 
* Add performance standby status to status output

* Update ha.go
 2018-08-27 10:01:07 -07:00
Jeff Mitchell ac79655f8a Sync some changes over 2018-08-27 12:03:43 -04:00
Jeff Mitchell ae285d29a3 Sync over 2018-08-27 12:02:57 -04:00
Jeff Mitchell 9cd7c05269
Change deprecation warnings from 0.11 or later to 0.12. (#5176) 
Also remove a deprecated parameter that we warned would be removed since
0.8.
 2018-08-24 12:16:37 -04:00
Jeff Mitchell aec9a689a0 Sync over some stuff 2018-08-24 12:09:03 -04:00
Becca Petrin c0f2f21d97 Auth handler shutdown logic (#5170) 2018-08-24 09:17:14 -04:00
Jeff Mitchell 362a92945e Don't resetnamed 2018-08-23 15:04:18 -04:00
Calvin Leung Huang 5812a84c28
command/namespace: Move trailing slash check to the end (#5163) 2018-08-22 15:49:24 -07:00
Jeff Mitchell 66a0029195 Sync some ns stuff to api/command 2018-08-22 14:37:40 -04:00
Jeff Mitchell 3b01b29056
Pass in an ErrorLog to http.Server (#5135) 
Fixes #5108
 2018-08-21 11:23:18 -04:00
Jim Kalafut a8e81ce393 Initial import of Azure Secrets (#5120) 
* Initial import of Azure Secrets

* Update vendor folder
 2018-08-16 12:18:06 -07:00
Becca Petrin 8e8095163e Add alicloud auth (#5123) 
* add alicloud auth commands

* add dependencies
 2018-08-16 12:17:49 -07:00
Jeff Mitchell f1d72abb39 Remove injection into top routes (#5101) 2018-08-14 15:29:22 -04:00
Jeff Mitchell c3e063f2a6 Fix read test 2018-08-14 14:20:49 -04:00
Jeff Mitchell 74175b29af
Add support for passing args via `vault read` (#5093) 
We support this in the API as of 0.10.2 so read should support it too.

Trivially tested with some log info:

`core: data: data="map[string]interface {}{"zip":[]string{"zap", "zap2"}}"`
 2018-08-13 22:00:26 -04:00
Nándor István Krácser b9fab6375b Alibaba Object Storage support (#4783) 2018-08-13 17:03:24 -04:00
Jeff Mitchell 9d1a427949 Port over some ns stuff 2018-08-10 12:17:17 -04:00
Jeff Mitchell fb3c7eb449 Port some ns stuff over 2018-08-10 12:13:11 -04:00
Jeff Mitchell a6d0ae5890
Add exit-after-auth functionality to agent (#5013) 
This allows it to authenticate once, then exit once all sinks have
reported success. Useful for things like an init container vs. a
sidecard container.

Also adds command-level testing of it.
 2018-07-30 10:37:04 -04:00
Paul Nicholson c761a9a8f2 agent: kubernetes: add missing slash in token path (#5010) 2018-07-29 15:50:18 -04:00
Jeff Mitchell e72890e83f
VSI (#4985) 2018-07-24 22:02:27 -04:00
Jeff Mitchell 4261618d10 Add request timeouts in normal request path and to expirations (#4971) 
* Add request timeouts in normal request path and to expirations

* Add ability to adjust default max request duration

* Some test fixes

* Ensure tests have defaults set for max request duration

* Add context cancel checking to inmem/file

* Fix tests

* Fix tests

* Set default max request duration to basically infinity for this release for BC

* Address feedback
 2018-07-24 14:50:49 -07:00
Jeff Mitchell 9687ccc8fa Tackle #4929 a different way (#4932) 
* Tackle #4929 a different way

This turns c.sealed into an atomic, which allows us to call sealInternal
without a lock. By doing so we can better control lock grabbing when a
condition causing the standby loop to get out of active happens. This
encapsulates that logic into two distinct pieces (although they could
be combined into one), and makes lock guarding more understandable.

* Re-add context canceling to the non-HA version of sealInternal

* Return explicitly after stopCh triggered
 2018-07-24 13:57:25 -07:00
Michael Russell c66544381a Make the SSH executable path configurable (#4937) 
Making this configurable is useful for windows users which may not be
using the default `ssh` executable. It also means that users can point to a
specify SSH executable if multiple are available.
 2018-07-17 17:47:07 -07:00
Julien Blache c8fb9ed6a8 FoundationDB physical backend (#4900) 2018-07-16 10:18:09 -04:00
Michael Russell b6dfe372fd Allow vault ssh to work with single ssh args like -v (#4825) 2018-07-16 10:11:56 -04:00
zhogov 5c472429c2 Fixed parsing of environment variables (#4925) 2018-07-13 10:45:35 -07:00