Sean Chittenden
230b59f34c
Stub out service discovery functionality
...
Hook asynchronous notifications into Core to change the status of vault based on its active/standby, and sealed/unsealed status.
2016-04-25 18:00:54 -07:00
Sean Chittenden
0c23acb818
Comment nits
2016-04-25 18:00:54 -07:00
Jeff Mitchell
d77f9e0583
Update vendoring
2016-04-26 00:18:04 +00:00
Jeff Mitchell
398ed86d04
Split out TestSeal
2016-04-26 00:14:16 +00:00
Jeff Mitchell
8d4e5aacae
Change seal test name in command package
2016-04-26 00:12:14 +00:00
Jeff Mitchell
f00beb4e32
Update azure backend for newer sdk
2016-04-26 00:08:07 +00:00
Jeff Mitchell
81137128b9
changelog++
2016-04-25 19:56:18 +00:00
Jeff Mitchell
a481bff2b1
Fix commenting S3 -> Azure
2016-04-25 19:53:07 +00:00
Jeff Mitchell
c12dcba9bc
Merge pull request #1266 from sepiroth887/azure_backend
...
added Azure Blobstore backend support
2016-04-25 15:53:09 -04:00
Jeff Mitchell
0f0a6ae368
Merge pull request #1282 from rileytg/patch-1
...
change github example team to admins
2016-04-25 15:45:01 -04:00
Jeff Mitchell
267b13c1ba
Merge pull request #1326 from hashicorp/sethvargo/hint_noreauth
...
Hint that you don't need to run auth twice
2016-04-25 15:43:55 -04:00
Jeff Mitchell
164168a5c5
Merge pull request #1350 from hashicorp/sealtests
...
Add seal tests and update generate-root and others to handle dualseal.
2016-04-25 15:40:46 -04:00
Jeff Mitchell
98d09b0dc6
Add seal tests and update generate-root and others to handle dualseal.
2016-04-25 19:39:04 +00:00
Jeff Mitchell
30ba5b7887
Merge pull request #1291 from mmickan/ssh-keyinstall-perms
...
Ensure authorized_keys file is readable when uninstalling an ssh key
2016-04-25 14:00:37 -04:00
Jeff Mitchell
f293b1bb98
Merge pull request #1328 from hashicorp/sethvargo/path-help
...
Add missing path-helps and clarify subpaths in tables
2016-04-25 13:53:06 -04:00
Jeff Mitchell
a331f0e62f
Merge pull request #1348 from hashicorp/sethvargo/referrer
...
Do not allow referrer to modify the parent
2016-04-23 09:45:19 -04:00
Seth Vargo
da1735e396
Do not allow referrer to modify the parent
...
http://mathiasbynens.github.io/rel-noopener/
2016-04-22 23:41:09 -04:00
Vishal Nayak
8f5ba88186
Merge pull request #1343 from hashicorp/b-doc-wordsmith
...
Wordsmith the docs around the `list` command.
2016-04-20 19:09:38 -04:00
Sean Chittenden
f6bec6e017
Wordsmith the docs around the `list` command.
...
Prompted by: feedback from conference attendees at PGConf '16
2016-04-20 18:13:58 -04:00
Jeff Mitchell
e68de75e83
Next version will likely not be 0.6.0
2016-04-20 20:24:17 +00:00
Jeff Mitchell
04816ed25e
changelog++
2016-04-20 20:23:08 +00:00
Jeff Mitchell
521a3865dc
Merge pull request #1342 from hashicorp/use-json-number
...
Use UseNumber() on json.Decoder to have numbers be json.Number objects
2016-04-20 16:22:01 -04:00
Jeff Mitchell
4e53f4b1a4
Use UseNumber() on json.Decoder to have numbers be json.Number objects
...
instead of float64. This fixes some display bugs.
2016-04-20 18:38:20 +00:00
Jeff Mitchell
ee8dd1ab6a
Add vault-php-sdk to libraries page
2016-04-20 13:59:39 +00:00
Jeff Mitchell
62058a0ff8
Update tests for change in raw blacklisting
2016-04-19 20:26:26 +00:00
Jeff Mitchell
556039344a
There's no good story around accessing any of core via /sys/raw, so blacklist it all
2016-04-19 16:01:15 +00:00
Jeff Mitchell
055a8e04e4
Change recovery options in init to be 'key'-less
2016-04-18 17:02:07 +00:00
Jeff Mitchell
b4620d5d04
Add check against seal type to catch errors before we attempt to use the data
2016-04-15 18:16:48 -04:00
Jeff Mitchell
d7ba52f86b
Backtick "region" in S3 config
2016-04-15 17:03:35 -04:00
Jeff Mitchell
d844be4df5
Merge pull request #1336 from hashicorp/b-sigint-handler
...
Fix SIGINT handling.
2016-04-15 13:14:37 -04:00
Jeff Mitchell
9bc24be343
Move recovery info behind the barrier
2016-04-15 17:04:29 +00:00
Sean Chittenden
069d9cf021
Fix SIGINT handling.
...
No signal handler was setup to receive SIGINT. I didn't investigate to
see if signal(2) mask was setup (ala `SIG_IGN`) or if sigprocmask(2) is
being used, but in either case, the correct behavior is to capture and
treat SIGINT the same as SIGTERM. At some point in the future these two
signals may affect the running process differently, but we will clarify
that difference in the future.
2016-04-15 10:03:22 -07:00
Jeff Mitchell
119238149b
Add Finalize method to seal.
2016-04-14 20:37:34 +00:00
Vishal Nayak
eae78f2ef7
Merge pull request #1332 from hashicorp/fix-revocation-output
...
Clarify output of idempotent calls
2016-04-14 11:52:28 -04:00
vishalnayak
5c336297ad
Provide clarity for output statements of idempotent calls.
2016-04-14 15:46:45 +00:00
vishalnayak
b7178846c1
Clarify token-revoke operation
2016-04-14 15:34:01 +00:00
Jeff Mitchell
148e6926f9
changelog++
2016-04-14 08:11:02 -04:00
Jeff Mitchell
1a044e0b57
Merge pull request #1331 from hashicorp/fix-role-suffix-renew
...
Register the token entry's path instead of the request path, to handl…
2016-04-14 08:09:46 -04:00
Jeff Mitchell
53773f12e3
Register the token entry's path instead of the request path, to handle role suffixes correctly
2016-04-14 08:08:28 -04:00
Jeff Mitchell
bb0dd624e1
Merge pull request #1330 from hashicorp/sethvargo/clarify_delete
...
Clarify delete operation
2016-04-14 06:11:53 -04:00
Jeff Mitchell
ae2d000de4
Make period output nicer -- seconds rather than duration
2016-04-14 06:10:22 -04:00
Seth Vargo
54c414abb2
Clarify delete operation
...
One thing that has been a point of confusion for users is Vault's
response when deleting a key that does not actually exist in the system.
For example, consider:
$ vault delete secret/foo
Success! Deleted 'secret/foo'
This message is misleading if the secret does not exist, especially if
the same command is run twice in a row.
Obviously the reason for this is clear - returning an error if a secret
does not exist would reveal the existence of a secret (the same reason
everything on S3 is a 403 or why GitHub repos 404 instead of 403 if you
do not have permission to view them).
I think we can make the UX a little bit better by adding just a few
words to the output:
$ vault delete secret/foo
Success! Deleted 'secret/foo' if it existed
This makes it clear that the operation was only performed if the secret
existed, but it does not reveal any more information.
2016-04-14 10:38:10 +01:00
Jeff Mitchell
a4ff72841e
Check for seal status when initing and change logic order to avoid defer
2016-04-14 01:13:59 +00:00
Seth Vargo
03c09341a4
Add missing path-helps and clarify subpaths in tables
2016-04-13 22:15:54 +01:00
Seth Vargo
86455b4720
Only show params if there are fields
2016-04-13 22:15:06 +01:00
Vishal Nayak
2bc3c12b7d
Merge pull request #1327 from Banno/vet-cleanup
...
go vet cleanup
2016-04-13 15:48:25 -04:00
Adam Shannon
fb07d07ad9
all: Cleanup from running go vet
2016-04-13 14:38:29 -05:00
Seth Vargo
217035d081
Hint that you don't need to run auth twice
...
This came up twice, in two different training courses. The UX is a
little confusing here on the CLI. Users are used to running:
$ vault auth abcd-1234...
So when they auth using a method, the output leads them to believe the
need to "re-auth" as the generated token:
$ vault auth -method=userpass username=foo password=bar
Successfully authenticated!
token: defg-5678...
A number of users then run:
$ vault auth defg-5678
I've added some helpful text to hint this is not required if the method
is not "token".
2016-04-13 19:45:48 +01:00
Jeff Mitchell
b90286996f
Update cert website docs
2016-04-13 16:28:23 +00:00
Jeff Mitchell
abf0e84bb8
Merge pull request #1323 from hashicorp/sethvargo/ws_md
...
Update website push script to fix metadata
2016-04-12 16:24:42 -04:00