Commit Graph

947 Commits

Author SHA1 Message Date
Jeff Mitchell 9395f6c5d7
Add `-version` support to tuning commands. (#4323)
Although not used for any auth mounts right now, it seemed appropriate
to add it for parity since internally it maps to the same endpoint.
2018-04-09 21:12:09 -04:00
Jeff Mitchell b1136383c9 Only trigger version output if the version flag is the only flag set 2018-04-09 21:03:11 -04:00
Jeff Mitchell 2d5120fe2a Bump KV plugin and allow `-version` to work 2018-04-09 16:33:01 -04:00
Jeff Mitchell 4372548fd7
Simplify color handling quite a lot (#4289)
This always specifies a color UI, but explicitly marks the output as
noncolorable if we don't want color. This allows getting rid of our
hacky Output function in favor of cli's normal functions.
2018-04-09 16:18:17 -04:00
Jeff Mitchell 5b0885ae49 Add options to detail output to mounts/auth list CLI commands 2018-04-09 15:42:18 -04:00
Jeff Mitchell 0535f46e27 Make standard secret/ mount version 1, but upgrade to v2 in dev mode. 2018-04-09 15:37:36 -04:00
Becca Petrin abb621752f Clean up error string formatting (#4304) 2018-04-09 14:35:21 -04:00
Brian Kassouf a8b8ca136e
KV: Update 'versioned' naming to 'v2' (#4293)
* Update 'versioned' naming to 'v2'

* Make sure options are set

* Fix description of auth flag

* Review feedback
2018-04-09 09:39:32 -07:00
Calvin Leung Huang fb81016252
Fix output-related tests (#4288)
* Fix command tests

* More test fixes

* Use backticks to escape quoted strings

* More test fixes

* Fix mismatched error output failures

* Fix mismatched error output failures
2018-04-05 20:43:29 -04:00
Jeff Mitchell 0776c65e15
Move colorable statements to fix Windows support. (#4287)
This puts it in the main command level.

Fixes #4070
2018-04-05 13:28:02 -04:00
Calvin Leung Huang 63b2698289 Do not fail if api_addr and cluster_addr are empty (#4286) 2018-04-05 12:54:15 -04:00
Vishal Nayak 28e3eb9e2c
Errwrap everywhere (#4252)
* package api

* package builtin/credential

* package builtin/logical

* package command

* package helper

* package http and logical

* package physical

* package shamir

* package vault

* package vault

* address feedback

* more fixes
2018-04-05 11:49:21 -04:00
Jeff Mitchell a84e2bcc25
Don't allow api/cluster addresses to be the same. (#4272)
People make this mistake quite often and it causes real issues.
2018-04-04 16:15:07 -04:00
Brian Kassouf 43496861c5
command/kv: Update the 404 parsing logic (#4269) 2018-04-04 09:26:06 -07:00
Jeff Mitchell fe2fa0030f
Rejig 404 handling again. (#4264)
Done this way, existing tests pass, and it makes logical sense, so we're
likely to have the least impact like this.
2018-04-04 04:41:46 -04:00
Jeff Mitchell 599f691141
Allow returning warnings and other data in 404s in the Go API (#4256)
* Allow returning list information and other data in 404s.

On read it'll output data and/or warnings on a 404 if they exist. On
list, the same behavior; the actual 'vault list' command doesn't change
behavior though in terms of output unless there are no actual keys (so
it doesn't just magically show other data).

This corrects some assumptions in response_util and wrapping.go; it also
corrects a few places in the latter where it could leak a (useless)
token in some error cases.

* Use same 404 logic in delete/put too

* Add the same secret parsing logic to the KV request functions
2018-04-03 22:35:45 -04:00
Brian Kassouf 829fcb226c
Allow for comma separated strings in the TypeCommaIntSlice field type (#4257)
* Allow for comma separated strings in the TypeCommaIntSlice field type

* Explode versions on client side

* fix deleting versions
2018-04-03 17:58:42 -07:00
Chris Hoffman e293fe84c3 OSS: Adding UI handlers and configurable headers (#390)
* adding UI handlers and UI header configuration

* forcing specific static headers

* properly getting UI config value from config/environment

* fixing formatting in stub UI text

* use http.Header

* case-insensitive X-Vault header check

* fixing var name

* wrap both stubbed and real UI in header handler

* adding test for >1 keys
2018-04-03 09:34:01 -05:00
Becca Petrin 03cf302e9a Move to "github.com/hashicorp/go-hclog" (#4227)
* logbridge with hclog and identical output

* Initial search & replace

This compiles, but there is a fair amount of TODO
and commented out code, especially around the
plugin logclient/logserver code.

* strip logbridge

* fix majority of tests

* update logxi aliases

* WIP fixing tests

* more test fixes

* Update test to hclog

* Fix format

* Rename hclog -> log

* WIP making hclog and logxi love each other

* update logger_test.go

* clean up merged comments

* Replace RawLogger interface with a Logger

* Add some logger names

* Replace Trace with Debug

* update builtin logical logging patterns

* Fix build errors

* More log updates

* update log approach in command and builtin

* More log updates

* update helper, http, and logical directories

* Update loggers

* Log updates

* Update logging

* Update logging

* Update logging

* Update logging

* update logging in physical

* prefixing and lowercase

* Update logging

* Move phyisical logging name to server command

* Fix som tests

* address jims feedback so far

* incorporate brians feedback so far

* strip comments

* move vault.go to logging package

* update Debug to Trace

* Update go-plugin deps

* Update logging based on review comments

* Updates from review

* Unvendor logxi

* Remove null_logger.go
2018-04-02 17:46:59 -07:00
Seth Vargo b48a9878e7 Add HA support to the Google Cloud Storage backend (#4226) 2018-03-30 12:36:37 -04:00
Vishal Nayak 55f13263c3
reintroduce flagMFA (#4223) 2018-03-30 12:11:10 -04:00
Seth Vargo b2d2c9236d Add dev flags for local plugin testing (#4188) 2018-03-28 17:36:55 -04:00
Jeff Mitchell 08f4bcab62 Merge branch '0.10-beta' into master-oss 2018-03-28 14:40:09 -04:00
Seth Vargo f0dd5ae61f Always use a local test server (#4207)
Some commands didn't setup a local test server since they didn't need
it. Other commands didn't setup a local test server because Seth forgot.

Long story short, I kept seeing weird requests to my Vault server when I
ran tests, and that should never happen. This ensures all test requests
will go to a test Vault instance.

Benchmarks show this adds 0.4s to the command test suite.
2018-03-28 10:34:37 -04:00
Jeff Mitchell 2f90e0c2e1 Merge branch 'master-oss' into 0.10-beta 2018-03-27 12:40:30 -04:00
Seth Vargo b665909b09 Add API functions and completions for plugins (#4194) 2018-03-26 13:40:33 -04:00
Jim Kalafut 7842557e62 Fix minor docs and help text issues (#4184) 2018-03-22 09:29:59 -04:00
Jeff Mitchell 22fc62dbd5 Fix some command help output formatting 2018-03-21 23:58:16 -04:00
Jeff Mitchell 85a86acfc9 Fix tests 2018-03-21 23:50:44 -04:00
Jeff Mitchell 2bb4e7535a Add gcp secrets 2018-03-21 23:07:16 -04:00
Brian Kassouf 3324d6dd12 Add kv backend (#4181) 2018-03-21 22:56:52 -04:00
Calvin Leung Huang 25792df5a9
Passthrough request headers (#4172)
* Add passthrough request headers for secret/auth mounts

* Update comments

* Fix SyncCache deletion of passthrough_request_headers

* Remove debug line

* Case-insensitive header comparison

* Remove unnecessary allocation

* Short-circuit filteredPassthroughHeaders if there's nothing to filter

* Add whitelistedHeaders list

* Update router logic after merge

* Add whitelist test

* Add lowercase x-vault-kv-client to whitelist

* Add back const

* Refactor whitelist logic
2018-03-21 19:56:47 -04:00
Brian Kassouf 5c84c36915
command/kv: Add a "kv" subcommand for using the key-value store (#4168)
* Add more cli subcommands

* Add metadata commands

* Add more subcommands

* Update cli

* Move archive commands to delete

* Add helpers for making http calls to the kv backend

* rename cli header

* Format the various maps from kv

* Add list command

* Update help text

* Add a command to enable versioning on a backend

* Rename enable-versions command

* Some review feedback

* Fix listing of top level keys

* Fix issue when metadata is nil

* Add test for lising top level keys

* Fix some typos

* Add a note about deleting all versions
2018-03-21 15:02:41 -07:00
Chris Hoffman 695eae6ede
adding azure auth plugin (#4180) 2018-03-21 17:35:31 -04:00
Brian Kassouf cc625e19ee
Add options to mount tune and mount endpoints in preparation for versioning (#4155)
* Add some requirements for versioned k/v

* Add a warning message when an upgrade is triggered

* Add path help values

* Make the kv header a const

* Add the uid to mount entry instead of options map

* Pass the backend aware uuid to the mounts and plugins

* Fix comment

* Add options to secret/auth enable and tune CLI commands (#4170)

* Switch mount/tune options to use TypeKVPairs (#4171)

* switching options to TypeKVPairs, adding bool parse for versioned flag

* flipping bool check

* Fix leases coming back from non-leased pluin kv store

* add a test for updating mount options

* Fix tests
2018-03-21 12:04:27 -07:00
Josh Soref 73b1fde82f Spelling (#4119) 2018-03-20 14:54:10 -04:00
Calvin Leung Huang f86881c295
Unauthenticated endpoint to list secret and auth mounts (#4134)
* Add audit hmac values to AuthConfigInput and AuthConfigOutput, fix docs

* docs: Add ttl params to auth enable endpoint

* Rewording of go string to simply string

* Add audit hmac keys as CLI flags on auth/secrets enable

* Fix copypasta mistake

* WIP on auth-list endpoint

* Rename variable to be singular, add CLI flag, show value in auth and secrets list

* Add audit hmac keys to auth and secrets list

* Only set config values if they exist

* Fix http sys/auth tests

* More auth plugin_name test fixes

* Rename tag internal_ui_show_mount to _ui_show_mount

* Add tests

* Make endpoint unauthed

* Rename field to listing_visibility

* Add listing-visibility to cli tune commands

* Use ListingVisiblityType

* Fix type conversion

* Do not actually change token's value on testHttpGet

* Remove unused ListingVisibilityAuth, use const in pathInternalUIMountsRead
2018-03-19 23:16:33 -04:00
Jeff Mitchell 735efccd6e Make the error message that comes from parsing the config file more
useful.

Fixes #2080
2018-03-19 19:40:51 -04:00
Calvin Leung Huang edfe77ff85
Add non-hmac flags for cli secrets/auth tune commands (#4151)
* Add non-hmac params for cli secrets/auth tune

* Fix value assignment mismatch
2018-03-19 09:56:57 -04:00
Jeff Mitchell 61c26fdf57 Fix compile 2018-03-16 13:55:56 -04:00
Jeff Mitchell 1cef14036f Have deprecated commands pass on address and token helper too 2018-03-16 13:52:08 -04:00
Jeff Mitchell cc0b430b77 Use runopts-provided address if given, without overriding 2018-03-16 13:41:32 -04:00
Jeff Mitchell 1b6c62ff53 Allow sending address through RunCustom 2018-03-16 13:14:32 -04:00
Jeff Mitchell e6bc62bfc6 Make help output use any custom stderr 2018-03-16 12:59:52 -04:00
Jeff Mitchell 3504ca61c8 Change base command template to runopts and allow specifying stdout/stderr 2018-03-16 12:31:26 -04:00
Jeff Mitchell 067052f304 Add RunCustom command to allow passing in a TokenHelper 2018-03-16 11:31:00 -04:00
Calvin Leung Huang 3108860d4b
Audit HMAC values on AuthConfig (#4077)
* Add audit hmac values to AuthConfigInput and AuthConfigOutput, fix docs

* docs: Add ttl params to auth enable endpoint

* Rewording of go string to simply string

* Add audit hmac keys as CLI flags on auth/secrets enable

* Fix copypasta mistake

* Add audit hmac keys to auth and secrets list

* Only set config values if they exist

* Fix http sys/auth tests

* More auth plugin_name test fixes

* Pass API values into MountEntry's config when creating auth/secrets mount

* Update usage wording
2018-03-09 14:32:28 -05:00
Lukasz Jagiello 6530a5e396 Vault status formatting (#4073)
```
:~# vault status
Key                     Value
---                     -----
Seal Type               shamir
Sealed                  false
Total Shares            8
Threshold               2
Version                 0.9.5
Cluster Name            vault-cluster-8c85f1aa
Cluster ID              aaaaaaaa-1111-2222-3333-444444444444
HA Enabled              true
HA Cluster              https://10.0.0.1:8201
HA Mode                 standby
Active Node Address:    https://10.0.0.1:8200
```

`Active Node Address:` - is the only one with a colon at the end.

This PR fix that output style issue.
2018-03-05 07:40:59 -05:00
Jeff Mitchell e073e7fc68 Don't output warning about not storing the token if the user uses
-token-only during `vault login`.
2018-03-01 21:02:54 -05:00
Jeff Mitchell ba459d238e
Fix confusing error messages around help for 'vault auth' (#4058)
Fixes #4056
2018-03-01 10:55:24 -05:00
Paddy 2b2bc2a911 Create a new command/config subpackage. (#4055)
* Create a new command/config subpackage.

This PR extracts the functions associated with loading and parsing
configs, and the DefaultTokenHelper, into a command/config subpackage,
just like TokenHelpers are in the command/token subpackage. The goal is
to allow other clients (in this case, the Vault and Nomad Terraform
providers, but in theory any client that wants to lean on Vault's
default behaviour) to reuse this logic and not drift from Vault, without
vendoring the entirety of Vault.

To retain backwards compatibility, I didn't remove any functions from
the command package; I just copied them into the command/config package,
and update the functions in the command package to call through to the
config package.
2018-02-28 20:09:21 -05:00
Bharath B 699f9246e6 Config parameter "tls_disable_client_certs" is wrongly evaluated. (#4049) 2018-02-28 10:07:23 -05:00
Jeff Mitchell f1bd0cbe74
Use atomic values in seal to avoid some data races (#4040) 2018-02-23 17:18:48 -05:00
Calvin Leung Huang 1bb4d165e7
Add TTL related config options on auth enable (#4019) 2018-02-22 10:26:29 -05:00
Jeff Mitchell 4bff53c771 Force trace mode in three-node 2018-02-22 01:44:19 -05:00
Jeff Mitchell 4669f37c78 Add four cluster flag 2018-02-22 00:23:37 -05:00
Max Walther e58855cdd4 Fix bug with vault cli when reading an individual field containing a Printf formatting verb (#4005) 2018-02-19 09:29:45 -05:00
Jeff Mitchell 8451b195d4
Handle missed error case in seal status output format (#4001)
Fixes #3998
2018-02-17 20:52:42 -05:00
Jeff Mitchell 5a1312ef30 Also exclude init command from race detector 2018-02-16 11:09:36 -05:00
Jeff Mitchell 8c8e006276
Allow formatted data when using -field and -format together. (#3987)
* Allow formatted data when using -field and -format together.

As a special case, allows "data" to be passed in to get the entire data
struct output.

* If data exists in the output map use that instead when special casing
2018-02-15 09:11:56 -05:00
Seth Vargo cd930b1173 Add support for Google Cloud Spanner (#3977) 2018-02-14 20:31:20 -05:00
Jeff Mitchell a787f97a9c
Re-add lost stored-shares parameter to operator rekey command. (#3974)
Also change the rekey API to not require explicitly setting values to 1.

Fixes #3969
2018-02-14 16:10:45 -05:00
Seth Vargo d838195241 Remove mlock warning when mlock is explicitly disabled (#3979) 2018-02-14 15:11:33 -05:00
Jeff Mitchell 76972f32ad
Add newline on non-ttl output (#3967)
Output is formatted with newlines in mind, so without this those get
lost and things get funky due to multiple outputs running together.
2018-02-13 14:46:57 -05:00
Jeff Mitchell 084f0abb22 Make fmt 2018-02-12 21:01:14 -05:00
Paul Stack 3c683dba92 Adding Manta Storage Backend (#3720)
This PR adds a new Storage Backend for Triton's Object Storage - Manta

```
make testacc TEST=./physical/manta
==> Checking that code complies with gofmt requirements...
==> Checking that build is using go version >= 1.9.1...
go generate
VAULT_ACC=1 go test -tags='vault' ./physical/manta -v  -timeout 45m
=== RUN   TestMantaBackend
--- PASS: TestMantaBackend (61.18s)
PASS
ok  	github.com/hashicorp/vault/physical/manta	61.210s
```

Manta behaves differently to how S3 works - it has no such concepts of Buckets - it is merely a filesystem style object store

Therefore, we have chosen the approach of when writing a secret `foo` it will actually map (on disk) as foo/.vault_value

The reason for this is because if we write the secret `foo/bar` and then try and Delete a key using the name `foo` then Manta
will complain that the folder is not empty because `foo/bar` exists. Therefore, `foo/bar` is written as `foo/bar/.vault_value`

The value of the key is *always* written to a directory tree of the name and put in a `.vault_value` file.
2018-02-12 18:22:41 -05:00
Calvin Leung Huang 60732577f5
CLI Enhancements (#3897)
* Use Colored UI if stdout is a tty

* Add format options to operator unseal

* Add format test on operator unseal

* Add -no-color output flag, and use BasicUi if no-color flag is provided

* Move seal status formatting logic to OutputSealStatus

* Apply no-color to warnings from DeprecatedCommands as well

* Add OutputWithFormat to support arbitrary data, add format option to auth list

* Add ability to output arbitrary list data on TableFormatter

* Clear up switch logic on format

* Add format option for list-related commands

* Add format option to rest of commands that returns a client API response

* Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead

* Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead

* Remove -no-color flag, use env var exclusively to toggle colored output

* Fix compile

* Remove -no-color flag in main.go

* Add missing FlagSetOutputFormat

* Fix generate-root/decode test

* Migrate init functions to main.go

* Add no-color flag back as hidden

* Handle non-supported data types for TableFormatter.OutputList

* Pull formatting much further up to remove the need to use c.flagFormat (#3950)

* Pull formatting much further up to remove the need to use c.flagFormat

Also remove OutputWithFormat as the logic can cause issues.

* Use const for env var

* Minor updates

* Remove unnecessary check

* Fix SSH output and some tests

* Fix tests

* Make race detector not run on generate root since it kills Travis these days

* Update docs

* Update docs

* Address review feedback

* Handle --format as well as -format
2018-02-12 18:12:16 -05:00
rmbrad 393bdd75a0 Fixes for SSH command CA mode (#3922)
* Add `valid-principals` flag to SSH command CA mode options

* Fix SSH command CA mode host certificate validation
2018-02-12 17:53:34 -05:00
Jeff Mitchell 3f62c42fc7 Fix race in approle integ test 2018-02-09 17:01:10 -05:00
Vishal Nayak 81c66efd6d
AppRole/Identity: Fix for race when creating an entity during login (#3932)
* possible fix for race in approle login while creating entity

* Add a test that hits the login request concurrently

* address review comments
2018-02-09 10:40:56 -05:00
Jeff Mitchell a449d07689 Exclude rekey command tests from race detector 2018-02-08 13:34:45 -05:00
Jed da955a8f1b Lil typo fixes (#3925)
Read through the initial docs and noticed a few typos
2018-02-07 09:38:11 -05:00
Vishal Nayak b20b7ef61d
command/ssh: create and reuse the api client (#3909)
* pass around the api client

* reuse the client object in the base command
2018-02-06 13:06:17 -05:00
Jeff Mitchell 642b88c76a go vet fixes 2018-02-05 14:26:31 -05:00
Jeff Mitchell 20465d8040 Add centrify CLI handler support 2018-02-05 10:56:57 -05:00
Chris Hoffman ffa6fdaf1e
Adding tests to ensure all backends are mountable (#3861) 2018-02-01 11:30:04 -05:00
Jeff Mitchell 1b982750f5 (Re...)Add Nomad secrets engine.
Fixes #3858
2018-01-28 14:38:19 -05:00
Vishal Nayak 7be7bc1754
Redirect server output warnings to stdout (#3831) 2018-01-22 20:58:27 -05:00
Chris Hoffman b22b065206 adding back -dr-token flag to generate-root command (#3818) 2018-01-19 19:25:45 -05:00
Jeff Mitchell e5e4307713 Add centrify plugin as builtin 2018-01-19 06:03:33 -05:00
Jeff Mitchell ffe3ae9118 Add gcp and kubernetes back now that they're updated 2018-01-19 05:56:34 -05:00
Jeff Mitchell 33b68ebf3d Remove context from a few extraneous places 2018-01-19 03:44:06 -05:00
Brian Kassouf 2f19de0305 Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 01:44:44 -05:00
Vishal Nayak b826c56686
SHA2-256 salting for AppID (#3806)
* Use SHA2-256 hash with prefix to upgrade the paths

* test the SHA1 upgrade to SHA256

* Remove hash identifier and the delimiter; use 's' instead

* Added API test to verify the correctness of the fix

* Fix broken test

* remove unneeded test
2018-01-17 19:48:32 -05:00
Jeff Mitchell 5a6a7900ae Change next major release of Vault to 0.11 or later to make it less scary 2018-01-17 19:31:52 -05:00
Jeff Mitchell cef171e4ea Fix outdated test 2018-01-10 11:33:53 -05:00
Jeff Mitchell d1803098ae Merge branch 'master-oss' into sethvargo/cli-magic 2018-01-03 14:02:31 -05:00
Jeff Mitchell 821d62c1cc
Allow log level to be specified in an env var (#3721) 2017-12-19 17:12:23 -05:00
Chris Hoffman 0bacec0184
adding recovery info to seal status (#3706) 2017-12-18 09:58:14 -05:00
Chris Hoffman 164849f056
Add support for encrypted TLS key files (#3685) 2017-12-15 17:33:55 -05:00
Chris Hoffman 822ce95dc4
adding ability to override temp dir in dev cluster (#3673) 2017-12-11 18:02:35 -05:00
Jeff Mitchell 548629e8ef Port over some changes 2017-11-30 09:43:07 -05:00
Jeff Mitchell 304e1b96b8 Use Seal Type instead of Type in status output for less confusion 2017-11-21 12:14:00 -05:00
Chris Hoffman 9e79e9b397
generate token functions to share common names (#3576) 2017-11-13 15:44:26 -05:00
Jeff Mitchell ccfcac17fe grpclogfaker should use or, not and, to check whether to log 2017-11-13 15:37:00 -05:00
Jeff Mitchell 2b78bc2a9b
Port over bits (#3575) 2017-11-13 15:31:32 -05:00
Calvin Leung Huang 87feab4492
Docs update related to new top-level config values (#3556)
* Add new top level config value docs, add VAULT_API_ADDR, purge old references

* Fix indentation

* Update wording on ha.html

* Add section on split data/HA mode

* Fix grammar
2017-11-10 20:06:07 -05:00
Jeff Mitchell a5c821532c Don't output log level twice in three node mode 2017-11-10 16:33:16 -05:00
Jeff Mitchell e66c4b11d5 Add core numbers to output in dev three node 2017-11-10 16:21:46 -05:00
Brian Kassouf ab3b625a3b
Add API methods for creating a DR Operation Token and make generate root accept strategy types (#3565)
* Add API and Command code for generating a DR Operation Token

* Update generate root to accept different token strategies
2017-11-10 10:19:42 -08:00
Calvin Leung Huang 882f85740b Move HA-related config values to top level (#3550)
* Move HA-related config values to top level

* Add config2.hcl test-fixture
2017-11-08 14:19:41 -05:00
Calvin Leung Huang 0762ac14cf aws_region->region on awskms config 2017-11-02 16:31:16 -04:00
Vishal Nayak 7bae606662
External identity groups (#3447)
* external identity groups

* add local LDAP groups as well to group aliases

* add group aliases for okta credential backend

* Fix panic in tests

* fix build failure

* remove duplicated struct tag

* add test steps to test out removal of group member during renewals

* Add comment for having a prefix check in router

* fix tests

* s/parent_id/canonical_id

* s/parent/canonical in comments and errors
2017-11-02 16:05:48 -04:00
Jeff Mitchell d229d7d5b0
Redo API locking (#3508)
* Redo the API client quite a bit to make the behavior of NewClient more
predictable and add locking to make it safer to use with Clone() and if
multiple goroutines for some reason decide to change things.

Along the way I discovered that currently, the x/net/http2 package is
broke with the built-in h2 support in released Go. For those using
DefaultConfig (the vast majority of cases) this will be a non-event.
Others can manually call http2.ConfigureTransport as needed. We should
keep an eye on commits on that repo and consider more updates before
release. Alternately we could go back revisions but miss out on bug
fixes; my theory is that this is not a purposeful break and I'll be
following up on this in the Go issue tracker.

In a few tests that don't use NewTestCluster, either for legacy or other
reasons, ensure that http2.ConfigureTransport is called.

* Use tls config cloning

* Don't http2.ConfigureServer anymore as current Go seems to work properly without requiring the http2 package

* Address feedback
2017-11-02 09:30:04 -05:00
Jeff Mitchell e0669746b6
Add seal type to seal-status output. (#3516) 2017-11-01 21:00:41 -05:00
Seth Vargo 2bb2ed11d3
Use renamed method 2017-10-24 09:39:51 -04:00
Jeff Mitchell 713d5d5307
Don't swallow errors on token functions. 2017-10-24 09:39:35 -04:00
Seth Vargo 82cc9664f0
Update to use hidden commands 2017-10-24 09:39:34 -04:00
Seth Vargo 0b15e790d4
Fix bad rebase
Apparently I can't git...
2017-10-24 09:39:34 -04:00
Seth Vargo f2110b5a4e
More consistent output 2017-10-24 09:34:30 -04:00
Seth Vargo f5543844f3
Use a unified helper for seal output 2017-10-24 09:34:12 -04:00
Seth Vargo 51a27b758b
Resolve the most painful merge conflict known on earth 2017-10-24 09:34:12 -04:00
Seth Vargo 578f9a4872
Use vault login instead of vault list in example 2017-10-24 09:32:15 -04:00
Seth Vargo c5665920f6
Standardize on "auth method"
This removes all references I could find to:

- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend

in favor of the unified:

- auth method
2017-10-24 09:32:15 -04:00
Seth Vargo acb33eaa3f
Write all the deprecated commands together 2017-10-24 09:30:48 -04:00
Seth Vargo f851309361
Add a custom flag for specifying "system" ttls 2017-10-24 09:30:48 -04:00
Seth Vargo e1b63d4803
Move more formatting into base_helpers 2017-10-24 09:30:48 -04:00
Seth Vargo dbd07addf5
Update write command 2017-10-24 09:30:48 -04:00
Seth Vargo 3ad4f5dcf1
Update unwrap command 2017-10-24 09:30:48 -04:00
Seth Vargo 71ed308e6c
Update version command 2017-10-24 09:30:48 -04:00
Seth Vargo 05b18b8e4f
Update status command 2017-10-24 09:30:48 -04:00
Seth Vargo c4ccbf3ab3
Update ssh command 2017-10-24 09:30:48 -04:00
Seth Vargo 5b78a9905c
Update server command 2017-10-24 09:30:48 -04:00
Seth Vargo b982365fbb
Add "operator" subcommand 2017-10-24 09:30:48 -04:00
Seth Vargo 204006bd56
Rename mounts to secrets engines and add the subcommand 2017-10-24 09:30:48 -04:00
Seth Vargo d71decc112
Update read command 2017-10-24 09:30:48 -04:00
Seth Vargo 2f8bf3c71f
Add "policy" subcommand 2017-10-24 09:30:48 -04:00
Seth Vargo 0800385283
Update path-help command 2017-10-24 09:30:48 -04:00
Seth Vargo 6fc5f05c4b
Update list command 2017-10-24 09:30:47 -04:00
Seth Vargo 76de999b34
Add lease subcommand 2017-10-24 09:30:47 -04:00
Seth Vargo 02341c3b6a
Update delete command 2017-10-24 09:30:47 -04:00
Seth Vargo 810c0afe38
Predict "generic" as a secrets engine 2017-10-24 09:30:47 -04:00
Seth Vargo 1488ba6d72
Add token as a subcommand 2017-10-24 09:30:47 -04:00
Seth Vargo 5aab30091e
Make audit a subcommand 2017-10-24 09:30:47 -04:00
Seth Vargo 939495c7bb
Add login subcommand
This replaces the "auth" part of "vault auth"
2017-10-24 09:30:47 -04:00
Seth Vargo 69784a3bf1
Introduce auth as a subcommand 2017-10-24 09:30:47 -04:00
Seth Vargo d85c6a43c0
Wire all commands together 2017-10-24 09:30:47 -04:00
Seth Vargo f7782df97e
Update write command 2017-10-24 09:30:47 -04:00
Seth Vargo f7c9fe6d20
Update version command 2017-10-24 09:30:47 -04:00
Seth Vargo ca6e002235
Update unwrap command 2017-10-24 09:30:47 -04:00
Seth Vargo 0c0d90913a
update unseal command 2017-10-24 09:30:47 -04:00
Seth Vargo 2f0eb0a216
Update unmount command 2017-10-24 09:30:46 -04:00
Seth Vargo c63e1a7b96
Update token-revoke command 2017-10-24 09:30:46 -04:00
Seth Vargo 5dcd51302e
Update token-renew command 2017-10-24 09:30:46 -04:00
Seth Vargo 5cd62171f9
Update token-lookup command 2017-10-24 09:30:46 -04:00
Seth Vargo ad28d1d82a
Update token-create command 2017-10-24 09:30:46 -04:00
Seth Vargo c14629cb5d
Update step-down command 2017-10-24 09:30:46 -04:00
Seth Vargo 530144f7f7
Update status command 2017-10-24 09:30:46 -04:00
Seth Vargo 1d91e96c8e
Update ssh command 2017-10-24 09:30:46 -04:00
Seth Vargo 3f7f8b20bb
Update seal command 2017-10-24 09:30:46 -04:00