Commit graph

761 commits

Author SHA1 Message Date
Jeff Mitchell d1803098ae Merge branch 'master-oss' into sethvargo/cli-magic 2018-01-03 14:02:31 -05:00
Jeff Mitchell 821d62c1cc
Allow log level to be specified in an env var (#3721) 2017-12-19 17:12:23 -05:00
Chris Hoffman 0bacec0184
adding recovery info to seal status (#3706) 2017-12-18 09:58:14 -05:00
Chris Hoffman 164849f056
Add support for encrypted TLS key files (#3685) 2017-12-15 17:33:55 -05:00
Chris Hoffman 822ce95dc4
adding ability to override temp dir in dev cluster (#3673) 2017-12-11 18:02:35 -05:00
Jeff Mitchell 548629e8ef Port over some changes 2017-11-30 09:43:07 -05:00
Jeff Mitchell 304e1b96b8 Use Seal Type instead of Type in status output for less confusion 2017-11-21 12:14:00 -05:00
Chris Hoffman 9e79e9b397
generate token functions to share common names (#3576) 2017-11-13 15:44:26 -05:00
Jeff Mitchell ccfcac17fe grpclogfaker should use or, not and, to check whether to log 2017-11-13 15:37:00 -05:00
Jeff Mitchell 2b78bc2a9b
Port over bits (#3575) 2017-11-13 15:31:32 -05:00
Calvin Leung Huang 87feab4492
Docs update related to new top-level config values (#3556)
* Add new top level config value docs, add VAULT_API_ADDR, purge old references

* Fix indentation

* Update wording on ha.html

* Add section on split data/HA mode

* Fix grammar
2017-11-10 20:06:07 -05:00
Jeff Mitchell a5c821532c Don't output log level twice in three node mode 2017-11-10 16:33:16 -05:00
Jeff Mitchell e66c4b11d5 Add core numbers to output in dev three node 2017-11-10 16:21:46 -05:00
Brian Kassouf ab3b625a3b
Add API methods for creating a DR Operation Token and make generate root accept strategy types (#3565)
* Add API and Command code for generating a DR Operation Token

* Update generate root to accept different token strategies
2017-11-10 10:19:42 -08:00
Calvin Leung Huang 882f85740b Move HA-related config values to top level (#3550)
* Move HA-related config values to top level

* Add config2.hcl test-fixture
2017-11-08 14:19:41 -05:00
Calvin Leung Huang 0762ac14cf aws_region->region on awskms config 2017-11-02 16:31:16 -04:00
Vishal Nayak 7bae606662
External identity groups (#3447)
* external identity groups

* add local LDAP groups as well to group aliases

* add group aliases for okta credential backend

* Fix panic in tests

* fix build failure

* remove duplicated struct tag

* add test steps to test out removal of group member during renewals

* Add comment for having a prefix check in router

* fix tests

* s/parent_id/canonical_id

* s/parent/canonical in comments and errors
2017-11-02 16:05:48 -04:00
Jeff Mitchell d229d7d5b0
Redo API locking (#3508)
* Redo the API client quite a bit to make the behavior of NewClient more
predictable and add locking to make it safer to use with Clone() and if
multiple goroutines for some reason decide to change things.

Along the way I discovered that currently, the x/net/http2 package is
broke with the built-in h2 support in released Go. For those using
DefaultConfig (the vast majority of cases) this will be a non-event.
Others can manually call http2.ConfigureTransport as needed. We should
keep an eye on commits on that repo and consider more updates before
release. Alternately we could go back revisions but miss out on bug
fixes; my theory is that this is not a purposeful break and I'll be
following up on this in the Go issue tracker.

In a few tests that don't use NewTestCluster, either for legacy or other
reasons, ensure that http2.ConfigureTransport is called.

* Use tls config cloning

* Don't http2.ConfigureServer anymore as current Go seems to work properly without requiring the http2 package

* Address feedback
2017-11-02 09:30:04 -05:00
Jeff Mitchell e0669746b6
Add seal type to seal-status output. (#3516) 2017-11-01 21:00:41 -05:00
Seth Vargo 2bb2ed11d3
Use renamed method 2017-10-24 09:39:51 -04:00
Jeff Mitchell 713d5d5307
Don't swallow errors on token functions. 2017-10-24 09:39:35 -04:00
Seth Vargo 82cc9664f0
Update to use hidden commands 2017-10-24 09:39:34 -04:00
Seth Vargo 0b15e790d4
Fix bad rebase
Apparently I can't git...
2017-10-24 09:39:34 -04:00
Seth Vargo f2110b5a4e
More consistent output 2017-10-24 09:34:30 -04:00
Seth Vargo f5543844f3
Use a unified helper for seal output 2017-10-24 09:34:12 -04:00
Seth Vargo 51a27b758b
Resolve the most painful merge conflict known on earth 2017-10-24 09:34:12 -04:00
Seth Vargo 578f9a4872
Use vault login instead of vault list in example 2017-10-24 09:32:15 -04:00
Seth Vargo c5665920f6
Standardize on "auth method"
This removes all references I could find to:

- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend

in favor of the unified:

- auth method
2017-10-24 09:32:15 -04:00
Seth Vargo acb33eaa3f
Write all the deprecated commands together 2017-10-24 09:30:48 -04:00
Seth Vargo f851309361
Add a custom flag for specifying "system" ttls 2017-10-24 09:30:48 -04:00
Seth Vargo e1b63d4803
Move more formatting into base_helpers 2017-10-24 09:30:48 -04:00
Seth Vargo dbd07addf5
Update write command 2017-10-24 09:30:48 -04:00
Seth Vargo 3ad4f5dcf1
Update unwrap command 2017-10-24 09:30:48 -04:00
Seth Vargo 71ed308e6c
Update version command 2017-10-24 09:30:48 -04:00
Seth Vargo 05b18b8e4f
Update status command 2017-10-24 09:30:48 -04:00
Seth Vargo c4ccbf3ab3
Update ssh command 2017-10-24 09:30:48 -04:00
Seth Vargo 5b78a9905c
Update server command 2017-10-24 09:30:48 -04:00
Seth Vargo b982365fbb
Add "operator" subcommand 2017-10-24 09:30:48 -04:00
Seth Vargo 204006bd56
Rename mounts to secrets engines and add the subcommand 2017-10-24 09:30:48 -04:00
Seth Vargo d71decc112
Update read command 2017-10-24 09:30:48 -04:00
Seth Vargo 2f8bf3c71f
Add "policy" subcommand 2017-10-24 09:30:48 -04:00
Seth Vargo 0800385283
Update path-help command 2017-10-24 09:30:48 -04:00
Seth Vargo 6fc5f05c4b
Update list command 2017-10-24 09:30:47 -04:00
Seth Vargo 76de999b34
Add lease subcommand 2017-10-24 09:30:47 -04:00
Seth Vargo 02341c3b6a
Update delete command 2017-10-24 09:30:47 -04:00
Seth Vargo 810c0afe38
Predict "generic" as a secrets engine 2017-10-24 09:30:47 -04:00
Seth Vargo 1488ba6d72
Add token as a subcommand 2017-10-24 09:30:47 -04:00
Seth Vargo 5aab30091e
Make audit a subcommand 2017-10-24 09:30:47 -04:00
Seth Vargo 939495c7bb
Add login subcommand
This replaces the "auth" part of "vault auth"
2017-10-24 09:30:47 -04:00
Seth Vargo 69784a3bf1
Introduce auth as a subcommand 2017-10-24 09:30:47 -04:00