luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
6657 commits 1 branch 0 tags 214 MiB
Commit graph

60 commits

Author SHA1 Message Date
Jeff Mitchell 8e271dcbdc More syncing 2017-10-23 16:52:56 -04:00
Billie Cleek 3033a7beb6 do not panic when Client.Transport is not *http.Transport (#3440) 2017-10-10 08:46:54 -04:00
Jeff Mitchell 3cf4e3e142 Fix panic when setting a client http client with no transport (#3437) 
Fixes #3436
 2017-10-09 08:49:20 -04:00
Marcus Söderberg 3d00731fda Add http headers to the api client (#3394) 2017-10-06 14:27:58 -04:00
Jeff Mitchell d2410e3399 gofmt 2017-08-02 19:38:35 -04:00
nrhall-deshaw 888e1e3859 Add SRV record functionality for client side host/port discovery of Vault (#3035) 
* added SRV record functionality for client side port discovery of Vault

* Add a check on returned address length
 2017-08-02 19:19:06 -04:00
Gobin Sougrakpam 2ddbc4a939 Adding option to set custom vault client timeout using env variable VAULT_CLIENT_TIMEOUT (#3022) 2017-07-18 09:48:31 -04:00
Seth Vargo 084064389e Add a convenience function for copying a client (#2887) 2017-06-20 04:08:15 +01:00
emily aa40d2cff6 add gofmt checks to Vault and format existing code (#2745) 2017-05-19 08:34:17 -04:00
Lee Avital bf34484d9d Respect the configured address's path in the client (#2588) 2017-04-13 14:06:38 -04:00
pkrolikowski 0fb75d9e89 Pass user/pass for HTTP Basic Authentication in URL parameters (#2469) 2017-03-10 07:19:23 -05:00
Jeff Mitchell 5ef2b0145b Add ability to set max retries to API 2017-03-01 12:24:08 -05:00
Jordan Abderrachid fa77e7cfa2 api: add EnvVaultToken constant. (#2413) 2017-02-27 18:36:21 -05:00
Jeff Mitchell 2cc0906b33 Fix breakage for HTTP2 support due to changes in wrapping introduced in 1.8 (#2412) 2017-02-27 12:49:35 -05:00
Jason Felice ec10a9171d ConfigureTLS() sets default HttpClient if nil (#2329) 2017-02-06 17:47:56 -05:00
Vishal Nayak ad09acb479 Use Vault client's scheme for auto discovery (#2146) 2016-12-02 11:24:57 -05:00
Jeff Mitchell 97ca3292a4 Set number of pester retries to zero by default and make seal command… (#2093) 
* Set number of pester retries to zero by default and make seal command return 403 if unauthorized instead of 500

* Fix build

* Use 403 instead and update test

* Change another 500 to 403
 2016-11-16 14:08:09 -05:00
Jeff Mitchell b45a481365 Wrapping enhancements (#1927) 2016-09-28 21:01:28 -07:00
Jeff Mitchell 9c33224928 Don't retry on redirections. 2016-08-12 15:13:42 -04:00
vishalnayak ff22640015 Use default config and read environment by default while creating client object 2016-08-12 11:37:13 -04:00
Alex Dadgar 92ede0db17 Address comments 2016-08-02 13:17:45 -07:00
Alex Dadgar f5d56ad8f8 Refactor the TLS configuration between meta.Client and the api.Config 2016-07-27 17:26:26 -07:00
Jeff Mitchell a6682405a3 Migrate number of retries down by one to have it be max retries, not tries 2016-07-11 21:57:14 +00:00
Jeff Mitchell 57cdb58374 Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00
Jeff Mitchell 7023eafc67 Make the API client retry on 5xx errors. 
This should help with transient issues. Full control over min/max delays
and number of retries (and ability to turn off) is provided in the API
and via env vars.

Fix tests.
 2016-07-06 16:50:23 -04:00
Jeff Mitchell 05b2d4534c Add unwrap test function and some robustness around paths for the wrap lookup function 2016-05-19 11:49:46 -04:00
Jeff Mitchell c4431a7e30 Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors 2016-05-16 16:11:33 -04:00
Jeff Mitchell 99a5b4402d Merge branch 'master-oss' into cubbyhole-the-world 2016-05-04 14:42:14 -04:00
Jeff Mitchell 45a120f491 Switch our tri-copy ca loading code to go-rootcerts 2016-05-03 12:23:25 -04:00
Jeff Mitchell 1ffd5653c6 Add wrap support to API/CLI 2016-05-02 02:03:23 -04:00
Robert M. Thomson 024407518b Add VAULT_TLS_SERVER_NAME environment variable 
If specified, verify a specific server name during TLS negotiation
rather than the server name in the URL.
 2016-02-25 17:28:49 +01:00
Jeff Mitchell 32e23bea71 Move environment variable reading logic to API. 
This allows the same environment variables to be read, parsed, and used
from any API client as was previously handled in the CLI. The CLI now
uses the API environment variable reading capability, then overrides any
values from command line flags, if necessary.

Fixes #618
 2015-11-04 10:28:00 -05:00
Jeff Mitchell 22c65c0c07 Use cleanhttp instead of bare http.Client 2015-10-22 14:37:12 -04:00
Jeff Mitchell cba4e82682 Don't use http.DefaultClient 
This strips out http.DefaultClient everywhere I could immediately find
it. Too many things use it and then modify it in incompatible ways.

Fixes #700, I believe.
 2015-10-15 17:54:00 -04:00
Jeff Mitchell b5d674d94e Add 301 redirect checking to the API client. 
Vault doesn't generate these, but in some cases Go's internal HTTP
handler does. For instance, during a mount-tune command, finishing the
mount path with / (as in secret/) would cause the final URL path to
contain .../mounts/secret//tune. The double slash would trigger this
behavior in Go's handler and generate a 301. Since Vault generates 307s,
this would cause the client to think that everything was okay when in
fact nothing had happened.
 2015-10-09 17:11:31 -04:00
Dejan Golja 87c84db51b Increase default timeout to 30s which should allow for any operation 
to complete.
 2015-10-09 00:53:35 +11:00
Dejan Golja ea17b85d94 added a sensible default timeout for the vault client 2015-10-08 18:44:00 +11:00
Jeff Mitchell 2002406155 Rather than use http.DefaultClient, which is simply &http.Client{}, 
create our own. This avoids some potential client race conditions when
they are setting values on the Vault API client while the default client
is being used elsewhere in other goroutines, as was seen in
consul-template.
 2015-09-03 13:47:20 -04:00
Jeff Mitchell bc2d914905 Change variable name for clarity 2015-09-03 13:38:24 -04:00
Jeff Mitchell c56fd6b3fc Remove redirect handling code that was never being executed (redirects are manually handled within RawRequest). Add a sync.Once to fix a potential data race with setting the CheckRedirect function on the default http.Client 2015-09-03 13:34:45 -04:00
Seth Vargo 6f248425a6 Update documentation around cookies 2015-09-03 10:36:59 -04:00
Jeff Mitchell a8ef0e8a80 Remove cookie authentication. 2015-08-21 19:46:23 -07:00
Jeff Mitchell 2de991ac7a The docs say that if HttpClient is nil, http.DefaultClient will be used. However, the code doesn't do this, resulting in a nil dereference. 2015-06-04 14:01:10 -04:00
Seth Vargo fc2ac74c5f Improve error message when TLS is disabled 
Fixes #198
 2015-05-14 10:33:38 -04:00
Mitchell Hashimoto d4155ef9d8 api: human friendly error for TLS [GH-123] 2015-05-02 13:08:35 -07:00
Seth Vargo cc25b8b15c Remove api dependency on http package 2015-04-23 19:58:44 -04:00
Seth Vargo e5fca055f7 Use VAULT_ADDR instead 2015-04-23 11:46:22 -04:00
Seth Vargo 835e14dda0 Add docs 2015-04-23 11:45:37 -04:00
Seth Vargo b421689ab4 Read environment variables for VAULT_HTTP_ADDR and VAULT_TOKEN 2015-04-23 11:43:20 -04:00
Seth Vargo 3fa76e0ea9 Use a pointer config instead 2015-04-23 11:13:52 -04:00