isbric
e6e20e9eb3
Correct spelling of error message ( #7630 )
2019-10-11 11:14:41 -04:00
kuritonasu
f5b7c55532
Minor typo fix ( #7631 )
2019-10-11 11:12:38 -04:00
ncabatoff
cbc00365f5
Revert "Minor typo fix ( #7628 )" ( #7629 )
...
This reverts commit 6093eec62e4b43a1c7e0a20d352756c00271faf0.
2019-10-11 10:52:39 -04:00
kuritonasu
0dcf563e04
Minor typo fix ( #7628 )
2019-10-11 10:52:07 -04:00
Chris Hoffman
ad575396a4
changelog++
2019-10-11 10:47:09 -04:00
Michel Vocks
8b1c1e1abe
changelog++
2019-10-11 09:10:29 +02:00
Jason O'Donnell
71122111e3
changelog++
2019-10-10 15:01:40 -04:00
Jack Kleeman
de7489124f
Close cassandra session if we fail to validate it ( #7613 )
...
Currently in the C* database plugin, connection validation errors, as
well as a parsing error, can lead us to return an error and never use an
open gocql session, which may in fact have many open connections. These
connections stay open forever. If you end up in an error loop due to,
for example, a problem with permissions, you will eventually exhaust
file descriptors on the machine.
We simply need to close the session if we aren't going to use it.
2019-10-10 11:45:59 -07:00
Jason O'Donnell
e7974b5a14
bug: VAULT_CLUSTER_ADDR not used in raft ( #7619 )
...
* bug: VAULT_CLUSTER_ADDR not used in raft
* Make env take precedence
2019-10-10 11:42:59 -07:00
Jim Kalafut
1f875770e0
changelog++
2019-10-10 10:34:33 -07:00
Jim Kalafut
1c8dbb07f7
changelog++
2019-10-10 10:16:07 -07:00
ncabatoff
192c926e87
changelog++
2019-10-10 08:19:52 -04:00
Matthew Irish
07613fc4a6
pgp list fix ( #7542 )
...
* add data selectors
* add tests for pgp-list component and refactor so initialization works
* fix comment
* fix linting
* add else statement
2019-10-09 21:09:25 -05:00
Vlad Fedosov
dc3a8c175a
New third-party tool added ( #7596 )
2019-10-09 15:56:34 -04:00
Chris Hoffman
72f6101768
changelog++
2019-10-09 15:41:43 -04:00
Matthew Irish
2658f902bc
don't abort transitions if you're already on that route ( #7602 )
2019-10-09 11:38:20 -05:00
Chris Hoffman
5a51377978
changelog++
2019-10-09 10:38:20 -04:00
Gerardo Di Giacomo
884067097c
fixed panic in #7485 ( #7546 )
2019-10-09 10:22:46 -04:00
ncabatoff
c16e3bbceb
Cache whether we've been initialized to reduce load on storage ( #7549 )
2019-10-08 17:52:38 -04:00
Brian Kassouf
f43f84a354
Port over cache refresh changes ( #7599 )
2019-10-08 13:23:43 -07:00
Calvin Leung Huang
f9199ceede
changelog++
2019-10-08 11:04:10 -07:00
Mike Jarmy
5986ce922d
add counters for active service tokens, and identity entities ( #7541 )
2019-10-08 13:58:19 -04:00
Calvin Leung Huang
d8875b1991
sys/config: config state endpoint ( #7424 )
...
* sys/config: initial work on adding config state endpoint
* server/config: add tests, fix Sanitized method
* thread config through NewTestCluster's config to avoid panic on dev modes
* properly guard endpoint against request forwarding
* add http tests, guard against panics on nil RawConfig
* ensure non-nil rawConfig on NewTestCluster cores
* update non-forwarding logic
* fix imports; use no-forward handler
* add missing config test fixture; update gitignore
* return sanitized config as a map
* fix test, use deep.Equal to check for equality
* fix http test
* minor comment fix
* config: change Sanitized to return snake-cased keys, update tests
* core: hold rlock when reading config; add docstring
* update docstring
2019-10-08 10:57:15 -07:00
Jim Kalafut
2e4c9995ac
changelog++
2019-10-08 08:54:08 -07:00
James Stoker
49c9352f75
Add config parameter to Azure storage backend to allow specifying the ARM endpoint to support Azure Stack. ( #7567 )
2019-10-08 08:51:36 -07:00
Michel Vocks
a0c122926a
Unauth metrics: Fix missing parse form and error response ( #7569 )
...
* Unauth metrics: Fix missing parse form and error response
* Change metrics error response to text/plain content type always
2019-10-08 14:55:25 +02:00
Matthew Irish
7f80626162
UI - namespace fixes ( #7587 )
...
* check for model in the edit form before rolling back
* make sure namespace service name is consistent in the auth service
* actually tell it what service to inject
2019-10-07 20:41:04 -05:00
Calvin Leung Huang
9622a351ae
docs: add sys/pprof API docs ( #7562 )
...
* docs: add sys/pprof api docs
* fix header
2019-10-07 11:55:17 -04:00
Calvin Leung Huang
dd02d94a41
docs: add sys/host-info API docs ( #7563 )
...
* docs: add sys/host-info api docs
* remove extra closing bracket in sample response
2019-10-07 11:54:48 -04:00
Michel Vocks
f8c233a63b
Docs: Add unauthenticated metrics access docs ( #7566 )
2019-10-07 11:54:09 -04:00
Aric
a2b70c7bc7
Update index.html.md ( #7580 )
...
"before storage data at rest" seems like it was intended to read either "before storing data at rest" or "before storage of data at rest".
2019-10-07 11:53:17 -04:00
Brian Shumate
66a3218331
Typo ( #7586 )
2019-10-07 08:08:18 -07:00
Anton Soroko
1ef95b240c
Remove unused code in kv_get.go ( #7583 )
2019-10-07 10:18:04 -04:00
Brian Shumate
4b5be69252
Docs: update plugin_dir ( #7585 )
...
- Add note that plugin_dir value cannot be a symlink
2019-10-07 10:17:12 -04:00
Brian Shumate
41374ecd82
Add note about plugin_directory ( #7584 )
...
- Note that plugin_directory cannot be a symbolic link
2019-10-07 09:59:34 -04:00
Noelle Daley
71e2263534
Update CHANGELOG.md
2019-10-04 14:17:41 -07:00
Noelle Daley
899f0dc2cb
do not swallow ControlGroupErrors when viewing or editing kvv2 secrets ( #7504 )
...
* do not swallow ControlGroupErrors when viewing or editing kvv2 secrets
* test kv v2 control group workflow
* do not manually clearModelCache when logging out since this already happens when leaving the logout route
* remove pauseTest
* update comments
* wip - looking into why restricted user can see the control group protected secret after it has already been unwrapped once
* strip version from query params so we can unwrap a secret after it is authorized
* use attachCapabilities instead of lazyCapabilities to ensure models are cleaned up properly
* remove comment
* make ControlGroupError extend AdapterError
* fix broken redirect_to test
* one day i will remember to remove my debugger statements; today is not that day
* no need to check for a ControlGroupError since it extends an AdapterError
* see if using EmberError instead of AdapterError fixes the browserstack tests
* Revert "see if using EmberError instead of AdapterError fixes the browserstack tests"
This reverts commit 14ddd67cacbf1ccecb8cc2d1f59a2c273866da72.
2019-10-04 13:15:33 -07:00
Jim Kalafut
e9560ea13c
Fix transit docs env var typo ( #7572 )
...
Fixes #7570
2019-10-04 12:45:02 -07:00
Brian Shumate
77311bf24f
Docs: update Transit Secrets Engine Create Key ( #7568 )
...
- Use type that supports derivation in sample payload
2019-10-04 10:56:18 -07:00
Calvin Leung Huang
7a385a7854
update go.mod and sdk/go.mod
2019-10-04 09:40:23 -07:00
Nick Cabatoff
85e387439e
go mod vendor and go mod tidy
2019-10-04 09:14:37 -04:00
Michel Vocks
a7a6dd55a5
Add config parameter to allow unauthenticated metrics access ( #7550 )
...
* Implement config parameter to allow unathenticated metricss access
* Add unit test for unauthenticated metrics access parameter
* go mod tidy
2019-10-04 09:29:51 +02:00
Calvin Leung Huang
8239612352
sys/pprof: fix pprof index description ( #7564 )
2019-10-03 17:02:41 -07:00
Calvin Leung Huang
920fa1452b
sys/host-info: fix host-info description typo ( #7565 )
2019-10-03 17:02:19 -07:00
Chris Hoffman
cd4fd558b9
changelog++
2019-10-03 18:49:43 -04:00
Chris Hoffman
a61ca9d311
changelog++
2019-10-03 18:48:51 -04:00
Michael Gaffney
6b1e1909e9
core: re-encrypt barrier and recovery keys if the unseal key is updated ( #7493 )
...
Seal keys can be rotated. When this happens, the barrier and recovery
keys should be re-encrypted with the new seal key. This change
automatically re-encrypts the barrier and recovery keys with the latest
seal key on the active node during the 'postUnseal' phase.
2019-10-03 16:40:18 -04:00
Jeff Mitchell
49f7e290ff
changelog++
2019-10-03 16:12:17 -04:00
Jeff Mitchell
4252f5c9e4
Add AES128-GCM96 support to transit ( #7555 )
2019-10-03 16:11:43 -04:00
Calvin Leung Huang
f714060c47
changelog++
2019-10-03 10:46:02 -07:00
