Vishal Nayak
b237a3bcc2
POC: Rework. Doing away with policy file.
2015-06-24 18:13:12 -04:00
Vishal Nayak
f8d164f477
SSHs to multiple users by registering the respective host keys
2015-06-19 12:59:36 -04:00
Vishal Nayak
90605c6079
merging with master
2015-06-18 20:51:11 -04:00
Vishal Nayak
8d98968a54
Roles, key renewal handled. End-to-end basic flow working.
2015-06-18 20:48:41 -04:00
Armon Dadgar
9772a72772
command/read: Ensure only a single argument. Fixes #304
2015-06-18 16:00:41 -07:00
Armon Dadgar
c54868120a
command/path-help: rename command, better error if sealed. Fixes #234
2015-06-18 15:56:42 -07:00
Armon Dadgar
3533d87746
command/write: adding force flag for when no data fields are necessary. Fixes #357
2015-06-18 13:51:06 -07:00
Armon Dadgar
7394c7bd8d
command/server: fixing output weirdness
2015-06-18 13:48:18 -07:00
Armon Dadgar
7bd1e7d826
command/auth: warn earlier about VAULT_TOKEN
2015-06-18 13:48:04 -07:00
Armon Dadgar
28f18119e0
command/auth: warn about the VAULT_TOKEN env var. Fixes #195
2015-06-17 19:19:02 -07:00
Vishal Nayak
2aed5f8798
Implementation for storing and deleting the host information in Vault
2015-06-17 22:10:47 -04:00
Armon Dadgar
3a2adcb3b8
cmomand/read: strip path prefix if necessary. Fixes #343
2015-06-17 18:33:15 -07:00
Armon Dadgar
6bc2b06de4
server: graceful shutdown for fast failover. Fixes #308
2015-06-17 18:24:56 -07:00
Vishal Nayak
cfef144dc2
Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault
2015-06-17 20:34:56 -04:00
Vishal Nayak
303a7cef9a
Received OTK in SSH client. Forked SSH process from CLI. Added utility file for SSH.
2015-06-17 20:33:03 -04:00
Armon Dadgar
1f963ec1bb
command/token-create: provide more useful output. Fixes #337
2015-06-17 16:59:50 -07:00
Vishal Nayak
3ed73d98c2
Added: Ssh CLI command and API, config lease impl, sshConnect path to backend, http handler for Ssh connect
2015-06-17 12:39:49 -04:00
Mitchell Hashimoto
0ecf05c043
command/auth, github: improve cli docs
...
/cc @sethvargo
2015-06-16 10:05:11 -07:00
Seth Vargo
3a0e19cb4e
Merge pull request #270 from sheldonh/no_export_vault_token
...
Don't recommend exporting VAULT_TOKEN
2015-06-01 11:52:40 -04:00
Armon Dadgar
d605a437b6
Merge pull request #278 from Zhann/feature/add_dev_to_server_options_help
...
Add help info for -dev flag
2015-06-01 13:08:50 +02:00
Armon Dadgar
607fc295e5
command/rekey: use same language in rekey as init
2015-06-01 13:08:20 +02:00
Armon Dadgar
fbc51109cc
Merge pull request #273 from hashicorp/unseal-keys-notice
...
Change phrasing for unseal key notification
2015-06-01 13:06:52 +02:00
Steven De Coeyer
8155b3927e
Add help info for -dev flag
2015-05-31 18:05:15 +02:00
Chris Bednarski
4e79210934
Updated phrasing to note restarts, stop, and other sealing scenarios
2015-05-28 17:07:38 -07:00
Chris Bednarski
528d0c6e28
Changed phrasing for unseal key notification
2015-05-28 17:02:09 -07:00
Armon Dadgar
7f26f5a4cb
command/rekey: adding tests
2015-05-28 15:22:42 -07:00
Armon Dadgar
9a162191cd
command/rekey: first pass at rekey
2015-05-28 15:08:09 -07:00
Armon Dadgar
42b91fe411
command/rotate: Adding new rotate command
2015-05-28 10:16:33 -07:00
Sheldon Hearn
6cda28f9e7
Don't recommend exporting VAULT_TOKEN
...
It's not needed by the dev server (which writes ~/.vault-token),
and breaks the Getting Started guide (e.g. #267 ).
2015-05-28 14:39:35 +02:00
Armon Dadgar
388022bac1
command/key-status: Adding new key-status command
2015-05-27 18:17:02 -07:00
Armon Dadgar
11b6abe886
Merge pull request #251 from DavidWittman/auth-prompt-without-args
...
Prompt for auth token when no args provided
2015-05-27 11:24:33 -07:00
David Wittman
5df1d725aa
Add test for stdin input
...
Shamelessly borrowed this pattern from write_test.go
2015-05-23 13:23:38 -05:00
David Wittman
1411749222
Read from stdin with auth command
2015-05-23 13:23:37 -05:00
Ian Unruh
48778c5260
Add ability to read raw field from secret
2015-05-22 11:28:23 -07:00
Armon Dadgar
3713ef9fb7
command/renew: typo fix. Fixes #240
2015-05-21 11:03:25 -07:00
David Wittman
fb898ecc1b
Prompt for auth token when no args provided
...
This makes `vault auth` work as documented:
> If no -method is specified, then the token is expected. If it is not
> given on the command-line, it will be asked via user input. If the
> token is "-", it will be read from stdin.
2015-05-20 22:10:02 -05:00
Armon Dadgar
a3ddd9ddb2
server: Minor copy change
2015-05-20 17:49:16 -07:00
Armon Dadgar
7e08d68e48
Merge pull request #222 from DavidWittman/config-backend-check
...
Fail gracefully if a physical backend is not supplied
2015-05-20 17:47:45 -07:00
Armon Dadgar
268db24819
command/listener: Request TLS client cert. Fixes #214
2015-05-20 16:01:40 -07:00
Ian Unruh
faa07cc165
Improve unseal CLI message
2015-05-19 00:34:18 -07:00
David Wittman
b04332f8fc
Fail gracefully if a phys backend is not supplied
2015-05-18 22:55:12 -05:00
Seth Vargo
88d5d6a4c8
Use strconv.ParseBool
2015-05-15 16:41:30 -04:00
Seth Vargo
a2831b0144
Explicitly check if tls_disable == 1
2015-05-15 16:39:30 -04:00
Emil Hessman
f40dba1c48
command/token: add Env to Helper
...
Specify environment variables on the Helper rather than on
the command line.
Fixes command/token test failures on Windows.
2015-05-12 07:22:38 +02:00
Mitchell Hashimoto
ce5786d133
Rename skip verify env
2015-05-11 11:27:54 -07:00
Mitchell Hashimoto
7c180fb6fd
Merge pull request #181 from jefferai/fix-ca-path-walk
...
Fix CA path walking, and add TLS-related env vars.
2015-05-11 11:26:47 -07:00
Mitchell Hashimoto
66c8d2dd2a
command: fix tests
2015-05-11 11:25:45 -07:00
Armon Dadgar
073820a6cc
command/token: Use cmd on windows instead of sh
2015-05-11 11:08:08 -07:00
Mitchell Hashimoto
7bff682e8e
command/*: -tls-skip-verify [GH-130]
2015-05-11 11:01:52 -07:00
Jeff Mitchell
4f8c9e8fe2
This adds one bugfix and one feature enhancement.
...
Bugfix: When walking a given CA path, the walk gives both files and
directories to the function. However, both were being passed in to be
read as certificates, with the result that "." (the given directory for
the CA path) would cause an error. This fixes that problem by simply
checking whether the given path in the walk is a directory or a file.
Feature enhancement: VAULT_CACERT, VAULT_CAPATH, and VAULT_INSECURE now
perform as expected.
2015-05-11 17:58:56 +00:00
Mitchell Hashimoto
a3afed6811
command/meta: don't read token file if token is already set [GH-162]
2015-05-11 10:31:14 -07:00
Seth Vargo
bbddaff5c9
Make the VAULT_TOKEN and VAULT_ADDR copy-pastable in dev mode
...
This allows someone to quickly start a dev mode server and hit the ground
running without the need to copy-paste twice.
2015-05-07 18:32:40 -04:00
Armon Dadgar
b71afe54e5
Merge pull request #139 from fubar-coder/master
...
Escape backslash to allow usage of dev server on Windows using MinGW
2015-05-06 11:05:06 -07:00
Armon Dadgar
a4b92ebb3a
Merge pull request #133 from hashicorp/f-advertise
...
Attempt advertise address detection
2015-05-04 12:13:45 -07:00
Mark Junker
47d2cc8349
Escape backslash to allow usage of dev server on Windows using MinGW (partially fixes issue #95 )
2015-05-04 09:20:40 +02:00
A.I
53d5a801e5
Fix lease_renewable output
2015-05-02 19:58:48 -07:00
Armon Dadgar
c76b59812e
command/server: Attempt advertise address detection
2015-05-02 15:57:40 -07:00
Mitchell Hashimoto
c7ff8f8458
Merge pull request #82 from DavidWittman/75-auth-revoked-token
...
Check for invalid token when authing via cli
2015-05-02 13:20:57 -07:00
Mitchell Hashimoto
842a8ec818
command/format: add lease_renewable
to output
2015-05-02 13:11:40 -07:00
David Wittman
2fff913263
Check for invalid token when authing via cli
...
If a token does not exist, the Read request returns without an
error, but the secret returned is `nil`, so we need to check for
that.
Closes #75
2015-04-28 21:50:51 -05:00
Mitchell Hashimoto
3d3274a66b
command/server: fix one race condition
2015-04-28 19:11:46 -07:00
Mitchell Hashimoto
d29ada47eb
command/server: disable mlock in dev mode
2015-04-28 15:11:39 -07:00
Mitchell Hashimoto
006d4fccfd
command/server: allow disabling mlock
2015-04-28 15:09:30 -07:00
Mitchell Hashimoto
6898c60292
command/server: warning if no mlock
2015-04-28 15:04:40 -07:00
Mitchell Hashimoto
c53dc04d92
command/token: use executable path to find token helper [GH-60]
2015-04-28 14:52:55 -07:00
Matt Haggard
1346040c86
Update server.go
...
Did you mean "talking?" Or something else?
2015-04-28 14:01:45 -06:00
Mitchell Hashimoto
3998804347
command: support custom CAs
2015-04-28 09:36:03 -07:00
Mitchell Hashimoto
244a0c56bc
command/*: lets try to remove this before 0.1.0
2015-04-28 09:20:42 -07:00
Mitchell Hashimoto
1b0d75719d
command/*: more TODO removal
2015-04-28 09:15:38 -07:00
Mitchell Hashimoto
fc6569ad59
command/*: fix spacing
2015-04-28 09:15:21 -07:00
Mitchell Hashimoto
0e112bf026
command/* fill in the addr
2015-04-28 09:13:32 -07:00
Armon Dadgar
ff352c32fe
command/server: Catch error from core initialization. Fixes #42
2015-04-27 21:29:40 -07:00
Armon Dadgar
3b0c993909
command/write: test output
2015-04-27 15:08:03 -07:00
Armon Dadgar
4ff3acfbe3
command/write: handle writes with output
2015-04-27 14:55:43 -07:00
Armon Dadgar
06a4c6b08f
command: refactor to share output formating code
2015-04-27 14:55:29 -07:00
Jack Pearkes
b2a689bfc9
command/init: minor output text fix
2015-04-22 11:48:07 -07:00
Mitchell Hashimoto
3f9711fa63
command/status: no weird indentintg
2015-04-21 20:11:15 +02:00
Armon Dadgar
d56a0ce2ef
command/status: refactor to improve output
2015-04-20 13:37:32 -07:00
Armon Dadgar
2609977683
command/status: improve output when sealed
2015-04-20 12:21:35 -07:00
Armon Dadgar
52f8b2d8ef
command/status: improve output when sealed
2015-04-20 12:19:25 -07:00
Armon Dadgar
f76e5b2fc5
command: Rename seal-status to status
2015-04-20 12:11:21 -07:00
Armon Dadgar
f1c97ab2cf
command: Adding HA status
2015-04-20 12:08:54 -07:00
Mitchell Hashimoto
fb3645214c
command/token-create: add display name and one time use
2015-04-19 18:08:08 -07:00
Mitchell Hashimoto
58d476edd0
command/token-renew
2015-04-19 18:04:01 -07:00
Mitchell Hashimoto
0ebf2508e0
command/policy-delete
2015-04-19 16:36:11 -07:00
Mitchell Hashimoto
6c497a8708
command/read: handle 404s
2015-04-18 22:05:08 -07:00
Mitchell Hashimoto
ee254a332e
command/server: can set advertise addr
2015-04-17 12:56:31 -07:00
Mitchell Hashimoto
415e7cef22
command/server: config for setting stats addresses
2015-04-17 12:56:31 -07:00
Mitchell Hashimoto
44b634c0d5
command/server: not HA possibilities when starting
2015-04-17 12:56:31 -07:00
Armon Dadgar
f04d33b170
command/server: Enable telemetry. cc: @mitchellh
2015-04-14 18:44:09 -07:00
Mitchell Hashimoto
d251876363
command/read: output the duration
2015-04-13 20:42:07 -07:00
Mitchell Hashimoto
0cc0fb066b
command/renew
2015-04-13 20:42:07 -07:00
Armon Dadgar
770116b8e9
command: Set minimum TLS version to 1.2
2015-04-13 19:09:44 -07:00
Mitchell Hashimoto
cc21b80a64
command/unseal: update error message
2015-04-12 18:41:42 -07:00
Mitchell Hashimoto
1f084139d5
command/unseal: can accept key from command-line
2015-04-12 18:39:41 -07:00
Mitchell Hashimoto
e8fec8b658
command/meta: can force config
2015-04-12 17:51:38 -07:00
Mitchell Hashimoto
4fd3bd8ab1
command: can force address
2015-04-12 17:30:19 -07:00
Mitchell Hashimoto
8ef487a4f5
command/revoke: rename vars to leaseId
2015-04-10 20:49:10 -07:00
Mitchell Hashimoto
48205d166b
rename vault id to lease id all over
2015-04-10 20:35:14 -07:00
Armon Dadgar
466c7575d3
Replace VaultID with LeaseID for terminology simplification
2015-04-08 13:35:32 -07:00
Mitchell Hashimoto
9366be4895
command/auth: should let <1 args go through
2015-04-07 23:53:45 -07:00
Mitchell Hashimoto
071b72186e
command/auth: unify
2015-04-07 23:29:49 -07:00
Mitchell Hashimoto
73edbebd4d
command/audit-enable
2015-04-07 22:42:04 -07:00
Mitchell Hashimoto
8e3746d347
helper/kv-builder
2015-04-07 22:30:25 -07:00
Mitchell Hashimoto
71923a3abc
command/audit-disable
2015-04-07 18:23:50 -07:00
Mitchell Hashimoto
0b45ffcd66
command/audit-list
2015-04-07 18:19:44 -07:00
Mitchell Hashimoto
d97d9b928a
command/token-revoke
2015-04-07 14:36:17 -07:00
Mitchell Hashimoto
457694c28b
command/token-create: test
2015-04-07 14:22:18 -07:00
Mitchell Hashimoto
ee690ee3b3
command/token-create
2015-04-07 14:20:18 -07:00
Mitchell Hashimoto
7442bc1ef6
command/delete
2015-04-07 11:15:20 -07:00
Mitchell Hashimoto
f2ee82a17f
command/remount
2015-04-07 10:46:47 -07:00
Mitchell Hashimoto
ce0b0202ea
command/unmount: better output
2015-04-07 10:39:17 -07:00
Mitchell Hashimoto
a5ef1b6437
command/unmount
2015-04-07 10:38:51 -07:00
Mitchell Hashimoto
169666972a
command/server: env var for dev mode
2015-04-06 10:28:17 -07:00
Mitchell Hashimoto
62f4d1dd0e
credential/github: CLI handler
2015-04-06 09:53:43 -07:00
Mitchell Hashimoto
c1bca480e6
command/auth: test for other methods
2015-04-06 09:40:47 -07:00
Mitchell Hashimoto
ba2feae3f8
command/auth: add -method-help flag
2015-04-06 09:38:16 -07:00
Mitchell Hashimoto
22197fefa7
command/unseal: print newline after reading password
2015-04-06 09:34:08 -07:00
Mitchell Hashimoto
481628c41f
command/auth: framework for supporting more auth methods
2015-04-05 20:50:18 -07:00
Mitchell Hashimoto
8bfa12297d
builtin/audit: add file audit
2015-04-04 18:10:25 -07:00
Mitchell Hashimoto
b0da4056a0
command/server: tests
2015-04-04 17:43:20 -07:00
Mitchell Hashimoto
929931175c
command/server: log levels
2015-04-04 12:11:10 -07:00
Mitchell Hashimoto
afc71d2a7b
command/server: cleaner output
2015-04-04 12:06:41 -07:00
Mitchell Hashimoto
2e3d6d6a0e
command/help
2015-04-02 22:42:05 -07:00
Mitchell Hashimoto
8433b3bfa6
Revert "command/policy"
...
This reverts commit da81ab3b4c813b0c207555b9cdf46c6e67319546.
2015-04-01 23:07:49 -07:00
Mitchell Hashimoto
4a0810dd6a
command/policy
2015-04-01 23:02:03 -07:00
Mitchell Hashimoto
20d6fdf83f
command/policy-write
2015-04-01 23:00:15 -07:00
Mitchell Hashimoto
ca5c55c3eb
command/policies: read a single policy
2015-04-01 18:50:43 -07:00
Mitchell Hashimoto
a31ae896b4
command/policy-list
2015-04-01 18:46:32 -07:00
Mitchell Hashimoto
e87d41d352
command/auth-disable
2015-04-01 17:14:11 -07:00
Mitchell Hashimoto
f21da26766
command/auth-enable
2015-04-01 17:09:11 -07:00
Mitchell Hashimoto
8b3b10abc8
command/mounts: columnize
2015-04-01 17:01:10 -07:00
Mitchell Hashimoto
3876970564
command/read
2015-04-01 16:44:20 -07:00
Mitchell Hashimoto
cee51ddde9
command/server: support CredentialBackends
2015-04-01 15:48:13 -07:00
Mitchell Hashimoto
b5e4e4bf25
command/read: better UX on vault read
2015-03-31 20:50:05 -07:00
Mitchell Hashimoto
d6a57d8a2b
command/revoke: prefix
2015-03-31 19:33:16 -07:00
Mitchell Hashimoto
bbaa137f4e
command/revoke: revoke
2015-03-31 19:21:02 -07:00
Mitchell Hashimoto
67e4bdf1e4
misc typos
2015-03-31 17:27:04 -07:00
Mitchell Hashimoto
4f2ca0bca9
command/write: new format
2015-03-31 17:16:26 -07:00
Mitchell Hashimoto
19283eb5f7
command/server: dev mode
2015-03-31 16:44:47 -07:00
Mitchell Hashimoto
61efbf4930
command/mount
2015-03-31 16:29:04 -07:00
Mitchell Hashimoto
eba817a21c
command/auth: validate the token
2015-03-31 15:22:52 -07:00
Mitchell Hashimoto
407b32ccd5
command/seal: test should use the token
2015-03-31 11:46:55 -07:00
Mitchell Hashimoto
b62d0f187b
command/seal
2015-03-30 23:39:56 -07:00
Mitchell Hashimoto
78a783a1b9
command/meta: tests passing
2015-03-30 23:30:30 -07:00
Mitchell Hashimoto
27d4d861e9
command/auth: add newline so reading token doesn't output
2015-03-30 23:24:41 -07:00
Mitchell Hashimoto
b2e46896f6
command/meta: add token to client if we have it
2015-03-30 23:10:59 -07:00
Mitchell Hashimoto
e40d0874e1
command/auth: tests work wihtout vault installed
2015-03-30 11:07:31 -07:00
Mitchell Hashimoto
47a293579f
command/auth: setting tokens works
2015-03-30 10:55:41 -07:00
Mitchell Hashimoto
e3593d8bdc
command: load configuration
2015-03-30 10:25:24 -07:00