* Disallow adding CA's serial to revocation list
* Allow disabling revocation list generation. This returns an empty (but
signed) list, but does not affect tracking of revocations so turning it
back on will populate the list properly.
* WIP - ACL Namespace
* WIP - ACL Namepaces
* WIP
* WIP
* WIP
* WIP
* WIP
* Added UI screenshots
* Added summary at the end
* Added the Web UI steps in Step 5
* Update multi-tenant.html.md
Updated text to ensure that we use the final "ship" name of namespaces (namespaces vs. ACL Namespaces) and introduced some industry-specific terminology (highlighting this is about Secure Multi-Tenancy)
* Nomad: updating max token length to 256
* Initial support for supporting custom max token name length for Nomad
* simplify/correct tests
* document nomad max_token_name_length
* removed support for max token length env var. Rename field for clarity
* cleanups after removing env var support
* move RandomWithPrefix to testhelpers
* fix spelling
* Remove default 256 value. Use zero as a sentinel value and ignore it
* update docs
* Slight cleanup around mysql ha lock implementation
* Removes some duplication around lock table naming
* Escapes lock table name with backticks to handle weird characters
* Lock table defaults to regular table name + "_lock"
* Drop lock table after tests run
* Add `ha_enabled` option for mysql storage
It defaults to false, and we gate a few things like creating the lock
table and preparing lock related statements on it
* add namespace sidebar item
* depend on ember-inflector directly
* list-view and list-item components
* fill out components and render empty namespaces page
* list namespaces in access
* add menu contextual component to list item
* popup contextual component
* full crud for namespaces
* add namespaces service and picker component
* split application and vault.cluster templates and controllers, add namespace query param, add namespace-picker to vault.namespace template
* remove usage of href-to
* remove ember-href-to from deps
* add ember-responsive
* start styling the picker and link to appropriate namespaces, use ember-responsive to render picker in different places based on the breakpoint
* get query param working and save ns to authdata when authenticating, feed through ns in application adapter
* move to observer on the controller for setting state on the service
* set state in the beforeModel hook and clear the ember data model cache
* nav to secrets on change and make error handling more resilient utilizing the method that atlas does to eagerly update URLs
* add a list of sys endpoints in a helper
* hide header elements if not in the root namespace
* debounce namespace input on auth, fix 404 for auth method fetch, move auth method fetch to a task on the auth-form component and refretch on namespace change
* fix display of supported engines and exclusion of sys and identity engines
* don't fetch replication status if you're in a non-root namespace
* hide seal sub-menu if not in the root namespace
* don't autocomplete auth form inputs
* always send some requests to the root namespace
* use methodType and engineType instead of type in case there it is ns_ prefixed
* use sys/internal/ui/namespaces to fetch the list in the dropdown
* don't use model for namespace picker and always make the request to the token namespace
* fix header handling for fetch calls
* use namespace-reminder component on creation and edit forms throughout the application
* add namespace-reminder to the console
* add flat
* add deepmerge for creating the tree in the menu
* delayed rendering for animation timing
* design and code feedback on the first round
* white text in the namespace picker
* fix namespace picker issues with root keys
* separate path-to-tree
* add tests for path-to-tree util
* hide picker if you're in the root ns and you can't access other namespaces
* show error message if you enter invalid characters for namespace path
* return a different model if we dont have the namespaces feature and show upgrade page
* if a token has a namespace_path, use that as the root user namespace and transition them there on login
* use token namespace for user, but use specified namespace to log in
* always renew tokens in the token namespace
* fix edition-badge test
This commit changes the selected text background color to a more
contrasting one. It also unifies colors of focused/not focused editor.
Focused editor is now indicated by the blinking cursor, which is a
more popular solution.
etcd storage stores all Vault data under a prefix.
The default prefix is "/vault/" according to source codes.
However, the default prefix shown in the website is "vault/".
If the access to etcd is restricted to this wrong prefix, vault
cannot use etcd.