Commit graph

2325 commits

Author SHA1 Message Date
Jeff Mitchell d6693129de Create a "default" policy with sensible rules.
It is forced to be included with each token, but can be changed (but not
deleted).

Fixes #732
2015-11-09 15:44:09 -05:00
Jeff Mitchell 1a621b7000 Minor test fix 2015-11-09 15:37:30 -05:00
Jeff Mitchell c9e3699751 Merge pull request #769 from hashicorp/issue-769
Don't require root tokens for mount and policy endpoints.
2015-11-09 15:29:56 -05:00
Jeff Mitchell 8673f36b34 Don't require root tokens for mount and policy endpoints. 2015-11-09 15:29:21 -05:00
Jeff Mitchell 5d5d58ffe4 Fix unmount help output 2015-11-09 15:23:49 -05:00
Jeff Mitchell 9d9bf9f2f8 Merge pull request #768 from hashicorp/issue-765
Print version on startup.
2015-11-09 13:53:33 -05:00
Jeff Mitchell 75f1c1e40c Print version on startup.
Fixes #765
2015-11-09 13:52:55 -05:00
Jeff Mitchell 3717b31b63 Merge pull request #766 from hashicorp/issue-766
Display whether a token is an orphan on lookup.
2015-11-09 13:20:42 -05:00
Jeff Mitchell 5783f547ab Display whether a token is an orphan on lookup. 2015-11-09 13:19:59 -05:00
Jeff Mitchell 10913e2e6b Update cert documentation to note requiring sudo access. 2015-11-06 16:09:42 -05:00
Jeff Mitchell f098e1dd07 Tag with dev for builds 2015-11-06 13:39:30 -05:00
Jeff Mitchell 7aa3faa626 Rename core's 'policy' to 'policyStore' for clarification 2015-11-06 12:07:42 -05:00
Jeff Mitchell b987c47c9e Merge pull request #759 from hashicorp/remove-root-warning
Remove warning about nonexistent root policy by using GetPolicy instead
2015-11-06 11:37:39 -05:00
Jeff Mitchell 7d8371c4a3 Remove warning about nonexistent root policy by using GetPolicy instead
of the listing function.
2015-11-06 11:36:40 -05:00
Jeff Mitchell ffa879d6e2 Update S3 docs 2015-11-06 09:26:09 -05:00
Jeff Mitchell b1a445dfbf Changelogify 2015-11-06 09:22:30 -05:00
Jeff Mitchell 601f85a934 Merge pull request #758 from ys/s3-bucket-config-var
Allow s3 bucket to come from config vars
2015-11-06 09:21:35 -05:00
Yannick 8a594a7f61 Allow s3 bucket to come from config vars 2015-11-06 14:05:29 +01:00
Greg Brockman 141a71974a Correct typo in comment 2015-11-06 00:41:14 -08:00
Greg Brockman 171bd84330 Add support for etcd over TLS 2015-11-06 00:41:14 -08:00
Jeff Mitchell fde0bbf4b3 Merge pull request #752 from hashicorp/issue-749
Fix removing secondary index from exp manager.
2015-11-05 19:43:11 -05:00
Jeff Mitchell a121941925 Merge pull request #751 from hashicorp/issue-618
Move environment variable reading logic to API.
2015-11-05 19:42:16 -05:00
Jeff Mitchell 483f4f8b8d Add canonical import path to main package for those using golang-builder 2015-11-05 16:44:20 -05:00
Jeff Mitchell 26572d3798 Merge pull request #754 from hashicorp/issue-753
Switch etcd default port to 2379, in line with 2.x.
2015-11-05 09:48:26 -05:00
Jeff Mitchell 08dbc70c9f Switch etcd default port to 2379, in line with 2.x.
Fixes #753
2015-11-05 09:47:50 -05:00
Jeff Mitchell 9fff3a350d Don't use the semaphore library as it's racy; instead use a simple
buffered channel. Passes all tests, including inmem, which uses it.
2015-11-04 12:27:13 -05:00
Jeff Mitchell 395d6bead4 Fix removing secondary index from exp manager.
Due to a typo, revoking ensures that index entries are created rather
than removed. This adds a failing, then fixed test case (and helper
function) to ensure that index entries are properly removed on revoke.

Fixes #749
2015-11-04 10:50:31 -05:00
Jeff Mitchell 32e23bea71 Move environment variable reading logic to API.
This allows the same environment variables to be read, parsed, and used
from any API client as was previously handled in the CLI. The CLI now
uses the API environment variable reading capability, then overrides any
values from command line flags, if necessary.

Fixes #618
2015-11-04 10:28:00 -05:00
Jeff Mitchell f8c13ed69f Changelog++ 2015-11-04 09:42:07 -05:00
Jeff Mitchell 9550ac565e Merge pull request #750 from svanharmelen/f-configurable-s3-endpoint
Add an option to configure the S3 endpoint
2015-11-04 09:40:44 -05:00
Sander van Harmelen 4ad533a5ba Add a line to the documentation to describe the new feature 2015-11-04 15:36:24 +01:00
Sander van Harmelen c65b63d152 Add an option to configure the S3 endpoint
This enables the use of other (AWS S3 compatible) S3 endpoints.
2015-11-04 15:04:36 +01:00
Jeff Mitchell 94b15b78bc Update godeps 2015-11-04 08:53:58 -05:00
Jeff Mitchell d4e2dc2e72 Merge pull request #745 from hashicorp/issue-714
Allow creating Consul management tokens
2015-11-03 15:30:13 -05:00
Jeff Mitchell 54d47957b5 Allow creating Consul management tokens
Fixes #714
2015-11-03 15:29:58 -05:00
Jeff Mitchell a4322afedb Merge pull request #746 from hashicorp/issue-677
Add a PermitPool to physical and consul/inmem
2015-11-03 15:26:58 -05:00
Jeff Mitchell 7f44a1b812 Add configuration parameter for max parallel connections to Consul 2015-11-03 15:26:07 -05:00
Jeff Mitchell 73e3aa1d64 Add create-orphan to documentation 2015-11-03 15:15:33 -05:00
Jeff Mitchell 4f6ad849b8 Merge pull request #703 from hashicorp/crlsets
Implement CRLs for the cert authentication backend
2015-11-03 15:13:08 -05:00
Jeff Mitchell c794c1ea11 Merge pull request #748 from hashicorp/create-orphan-http
Add ability to create orphan tokens from the API
2015-11-03 15:12:42 -05:00
Jeff Mitchell 6ccded7a2f Add ability to create orphan tokens from the API 2015-11-03 15:12:21 -05:00
Jeff Mitchell 1b83eefd97 Address review feedback 2015-11-03 14:48:05 -05:00
Jeff Mitchell bf2e553785 Add a PermitPool to physical and consul/inmem
The permit pool controls the number of outstanding operations that can
be queued for Consul (and inmem, for testing purposes). This prevents
possible situations where Vault launches thousands of concurrent
connections to Consul if e.g. a huge number of leases need to be
expired.

Fixes #677
2015-11-03 11:49:20 -05:00
Jeff Mitchell c7493fca65 Changelogify 2015-11-03 11:43:57 -05:00
Jeff Mitchell d3f7546602 Fix trailing whitespace complaints 2015-11-03 10:52:20 -05:00
Jeff Mitchell 5e72453b49 Use TypeDurationSecond instead of TypeString 2015-11-03 10:52:20 -05:00
Jeff Mitchell f0a25ed581 Clarify that CRLs are not fetched by Vault 2015-11-03 10:52:20 -05:00
Jeff Mitchell 154fc24777 Address first round of feedback from review 2015-11-03 10:52:20 -05:00
Jeff Mitchell 59cc61cc79 Add documentation for CRLs and some minor cleanup. 2015-11-03 10:52:20 -05:00
Jeff Mitchell 5d562693bd Add tests for the crls path, and fix a couple bugs 2015-11-03 10:52:20 -05:00