Commit graph

287 commits

Author SHA1 Message Date
Vishal Nayak b237a3bcc2 POC: Rework. Doing away with policy file. 2015-06-24 18:13:12 -04:00
Vishal Nayak f8d164f477 SSHs to multiple users by registering the respective host keys 2015-06-19 12:59:36 -04:00
Vishal Nayak 90605c6079 merging with master 2015-06-18 20:51:11 -04:00
Vishal Nayak 8d98968a54 Roles, key renewal handled. End-to-end basic flow working. 2015-06-18 20:48:41 -04:00
Armon Dadgar 9772a72772 command/read: Ensure only a single argument. Fixes #304 2015-06-18 16:00:41 -07:00
Armon Dadgar c54868120a command/path-help: rename command, better error if sealed. Fixes #234 2015-06-18 15:56:42 -07:00
Armon Dadgar 3533d87746 command/write: adding force flag for when no data fields are necessary. Fixes #357 2015-06-18 13:51:06 -07:00
Armon Dadgar 7394c7bd8d command/server: fixing output weirdness 2015-06-18 13:48:18 -07:00
Armon Dadgar 7bd1e7d826 command/auth: warn earlier about VAULT_TOKEN 2015-06-18 13:48:04 -07:00
Armon Dadgar 28f18119e0 command/auth: warn about the VAULT_TOKEN env var. Fixes #195 2015-06-17 19:19:02 -07:00
Vishal Nayak 2aed5f8798 Implementation for storing and deleting the host information in Vault 2015-06-17 22:10:47 -04:00
Armon Dadgar 3a2adcb3b8 cmomand/read: strip path prefix if necessary. Fixes #343 2015-06-17 18:33:15 -07:00
Armon Dadgar 6bc2b06de4 server: graceful shutdown for fast failover. Fixes #308 2015-06-17 18:24:56 -07:00
Vishal Nayak cfef144dc2 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-06-17 20:34:56 -04:00
Vishal Nayak 303a7cef9a Received OTK in SSH client. Forked SSH process from CLI. Added utility file for SSH. 2015-06-17 20:33:03 -04:00
Armon Dadgar 1f963ec1bb command/token-create: provide more useful output. Fixes #337 2015-06-17 16:59:50 -07:00
Vishal Nayak 3ed73d98c2 Added: Ssh CLI command and API, config lease impl, sshConnect path to backend, http handler for Ssh connect 2015-06-17 12:39:49 -04:00
Mitchell Hashimoto 0ecf05c043 command/auth, github: improve cli docs
/cc @sethvargo
2015-06-16 10:05:11 -07:00
Seth Vargo 3a0e19cb4e Merge pull request #270 from sheldonh/no_export_vault_token
Don't recommend exporting VAULT_TOKEN
2015-06-01 11:52:40 -04:00
Armon Dadgar d605a437b6 Merge pull request #278 from Zhann/feature/add_dev_to_server_options_help
Add help info for -dev flag
2015-06-01 13:08:50 +02:00
Armon Dadgar 607fc295e5 command/rekey: use same language in rekey as init 2015-06-01 13:08:20 +02:00
Armon Dadgar fbc51109cc Merge pull request #273 from hashicorp/unseal-keys-notice
Change phrasing for unseal key notification
2015-06-01 13:06:52 +02:00
Steven De Coeyer 8155b3927e Add help info for -dev flag 2015-05-31 18:05:15 +02:00
Chris Bednarski 4e79210934 Updated phrasing to note restarts, stop, and other sealing scenarios 2015-05-28 17:07:38 -07:00
Chris Bednarski 528d0c6e28 Changed phrasing for unseal key notification 2015-05-28 17:02:09 -07:00
Armon Dadgar 7f26f5a4cb command/rekey: adding tests 2015-05-28 15:22:42 -07:00
Armon Dadgar 9a162191cd command/rekey: first pass at rekey 2015-05-28 15:08:09 -07:00
Armon Dadgar 42b91fe411 command/rotate: Adding new rotate command 2015-05-28 10:16:33 -07:00
Sheldon Hearn 6cda28f9e7 Don't recommend exporting VAULT_TOKEN
It's not needed by the dev server (which writes ~/.vault-token),
and breaks the Getting Started guide (e.g. #267).
2015-05-28 14:39:35 +02:00
Armon Dadgar 388022bac1 command/key-status: Adding new key-status command 2015-05-27 18:17:02 -07:00
Armon Dadgar 11b6abe886 Merge pull request #251 from DavidWittman/auth-prompt-without-args
Prompt for auth token when no args provided
2015-05-27 11:24:33 -07:00
David Wittman 5df1d725aa Add test for stdin input
Shamelessly borrowed this pattern from write_test.go
2015-05-23 13:23:38 -05:00
David Wittman 1411749222 Read from stdin with auth command 2015-05-23 13:23:37 -05:00
Ian Unruh 48778c5260 Add ability to read raw field from secret 2015-05-22 11:28:23 -07:00
Armon Dadgar 3713ef9fb7 command/renew: typo fix. Fixes #240 2015-05-21 11:03:25 -07:00
David Wittman fb898ecc1b Prompt for auth token when no args provided
This makes `vault auth` work as documented:

> If no -method is specified, then the token is expected. If it is not
> given on the command-line, it will be asked via user input. If the
> token is "-", it will be read from stdin.
2015-05-20 22:10:02 -05:00
Armon Dadgar a3ddd9ddb2 server: Minor copy change 2015-05-20 17:49:16 -07:00
Armon Dadgar 7e08d68e48 Merge pull request #222 from DavidWittman/config-backend-check
Fail gracefully if a physical backend is not supplied
2015-05-20 17:47:45 -07:00
Armon Dadgar 268db24819 command/listener: Request TLS client cert. Fixes #214 2015-05-20 16:01:40 -07:00
Ian Unruh faa07cc165 Improve unseal CLI message 2015-05-19 00:34:18 -07:00
David Wittman b04332f8fc Fail gracefully if a phys backend is not supplied 2015-05-18 22:55:12 -05:00
Seth Vargo 88d5d6a4c8 Use strconv.ParseBool 2015-05-15 16:41:30 -04:00
Seth Vargo a2831b0144 Explicitly check if tls_disable == 1 2015-05-15 16:39:30 -04:00
Emil Hessman f40dba1c48 command/token: add Env to Helper
Specify environment variables on the Helper rather than on
the command line.

Fixes command/token test failures on Windows.
2015-05-12 07:22:38 +02:00
Mitchell Hashimoto ce5786d133 Rename skip verify env 2015-05-11 11:27:54 -07:00
Mitchell Hashimoto 7c180fb6fd Merge pull request #181 from jefferai/fix-ca-path-walk
Fix CA path walking, and add TLS-related env vars.
2015-05-11 11:26:47 -07:00
Mitchell Hashimoto 66c8d2dd2a command: fix tests 2015-05-11 11:25:45 -07:00
Armon Dadgar 073820a6cc command/token: Use cmd on windows instead of sh 2015-05-11 11:08:08 -07:00
Mitchell Hashimoto 7bff682e8e command/*: -tls-skip-verify [GH-130] 2015-05-11 11:01:52 -07:00
Jeff Mitchell 4f8c9e8fe2 This adds one bugfix and one feature enhancement.
Bugfix: When walking a given CA path, the walk gives both files and
directories to the function. However, both were being passed in to be
read as certificates, with the result that "." (the given directory for
the CA path) would cause an error. This fixes that problem by simply
checking whether the given path in the walk is a directory or a file.

Feature enhancement: VAULT_CACERT, VAULT_CAPATH, and VAULT_INSECURE now
perform as expected.
2015-05-11 17:58:56 +00:00
Mitchell Hashimoto a3afed6811 command/meta: don't read token file if token is already set [GH-162] 2015-05-11 10:31:14 -07:00
Seth Vargo bbddaff5c9 Make the VAULT_TOKEN and VAULT_ADDR copy-pastable in dev mode
This allows someone to quickly start a dev mode server and hit the ground
running without the need to copy-paste twice.
2015-05-07 18:32:40 -04:00
Armon Dadgar b71afe54e5 Merge pull request #139 from fubar-coder/master
Escape backslash to allow usage of dev server on Windows using MinGW
2015-05-06 11:05:06 -07:00
Armon Dadgar a4b92ebb3a Merge pull request #133 from hashicorp/f-advertise
Attempt advertise address detection
2015-05-04 12:13:45 -07:00
Mark Junker 47d2cc8349 Escape backslash to allow usage of dev server on Windows using MinGW (partially fixes issue #95) 2015-05-04 09:20:40 +02:00
A.I 53d5a801e5 Fix lease_renewable output 2015-05-02 19:58:48 -07:00
Armon Dadgar c76b59812e command/server: Attempt advertise address detection 2015-05-02 15:57:40 -07:00
Mitchell Hashimoto c7ff8f8458 Merge pull request #82 from DavidWittman/75-auth-revoked-token
Check for invalid token when authing via cli
2015-05-02 13:20:57 -07:00
Mitchell Hashimoto 842a8ec818 command/format: add lease_renewable to output 2015-05-02 13:11:40 -07:00
David Wittman 2fff913263 Check for invalid token when authing via cli
If a token does not exist, the Read request returns without an
error, but the secret returned is `nil`, so we need to check for
that.

Closes #75
2015-04-28 21:50:51 -05:00
Mitchell Hashimoto 3d3274a66b command/server: fix one race condition 2015-04-28 19:11:46 -07:00
Mitchell Hashimoto d29ada47eb command/server: disable mlock in dev mode 2015-04-28 15:11:39 -07:00
Mitchell Hashimoto 006d4fccfd command/server: allow disabling mlock 2015-04-28 15:09:30 -07:00
Mitchell Hashimoto 6898c60292 command/server: warning if no mlock 2015-04-28 15:04:40 -07:00
Mitchell Hashimoto c53dc04d92 command/token: use executable path to find token helper [GH-60] 2015-04-28 14:52:55 -07:00
Matt Haggard 1346040c86 Update server.go
Did you mean "talking?"  Or something else?
2015-04-28 14:01:45 -06:00
Mitchell Hashimoto 3998804347 command: support custom CAs 2015-04-28 09:36:03 -07:00
Mitchell Hashimoto 244a0c56bc command/*: lets try to remove this before 0.1.0 2015-04-28 09:20:42 -07:00
Mitchell Hashimoto 1b0d75719d command/*: more TODO removal 2015-04-28 09:15:38 -07:00
Mitchell Hashimoto fc6569ad59 command/*: fix spacing 2015-04-28 09:15:21 -07:00
Mitchell Hashimoto 0e112bf026 command/* fill in the addr 2015-04-28 09:13:32 -07:00
Armon Dadgar ff352c32fe command/server: Catch error from core initialization. Fixes #42 2015-04-27 21:29:40 -07:00
Armon Dadgar 3b0c993909 command/write: test output 2015-04-27 15:08:03 -07:00
Armon Dadgar 4ff3acfbe3 command/write: handle writes with output 2015-04-27 14:55:43 -07:00
Armon Dadgar 06a4c6b08f command: refactor to share output formating code 2015-04-27 14:55:29 -07:00
Jack Pearkes b2a689bfc9 command/init: minor output text fix 2015-04-22 11:48:07 -07:00
Mitchell Hashimoto 3f9711fa63 command/status: no weird indentintg 2015-04-21 20:11:15 +02:00
Armon Dadgar d56a0ce2ef command/status: refactor to improve output 2015-04-20 13:37:32 -07:00
Armon Dadgar 2609977683 command/status: improve output when sealed 2015-04-20 12:21:35 -07:00
Armon Dadgar 52f8b2d8ef command/status: improve output when sealed 2015-04-20 12:19:25 -07:00
Armon Dadgar f76e5b2fc5 command: Rename seal-status to status 2015-04-20 12:11:21 -07:00
Armon Dadgar f1c97ab2cf command: Adding HA status 2015-04-20 12:08:54 -07:00
Mitchell Hashimoto fb3645214c command/token-create: add display name and one time use 2015-04-19 18:08:08 -07:00
Mitchell Hashimoto 58d476edd0 command/token-renew 2015-04-19 18:04:01 -07:00
Mitchell Hashimoto 0ebf2508e0 command/policy-delete 2015-04-19 16:36:11 -07:00
Mitchell Hashimoto 6c497a8708 command/read: handle 404s 2015-04-18 22:05:08 -07:00
Mitchell Hashimoto ee254a332e command/server: can set advertise addr 2015-04-17 12:56:31 -07:00
Mitchell Hashimoto 415e7cef22 command/server: config for setting stats addresses 2015-04-17 12:56:31 -07:00
Mitchell Hashimoto 44b634c0d5 command/server: not HA possibilities when starting 2015-04-17 12:56:31 -07:00
Armon Dadgar f04d33b170 command/server: Enable telemetry. cc: @mitchellh 2015-04-14 18:44:09 -07:00
Mitchell Hashimoto d251876363 command/read: output the duration 2015-04-13 20:42:07 -07:00
Mitchell Hashimoto 0cc0fb066b command/renew 2015-04-13 20:42:07 -07:00
Armon Dadgar 770116b8e9 command: Set minimum TLS version to 1.2 2015-04-13 19:09:44 -07:00
Mitchell Hashimoto cc21b80a64 command/unseal: update error message 2015-04-12 18:41:42 -07:00
Mitchell Hashimoto 1f084139d5 command/unseal: can accept key from command-line 2015-04-12 18:39:41 -07:00
Mitchell Hashimoto e8fec8b658 command/meta: can force config 2015-04-12 17:51:38 -07:00
Mitchell Hashimoto 4fd3bd8ab1 command: can force address 2015-04-12 17:30:19 -07:00
Mitchell Hashimoto 8ef487a4f5 command/revoke: rename vars to leaseId 2015-04-10 20:49:10 -07:00
Mitchell Hashimoto 48205d166b rename vault id to lease id all over 2015-04-10 20:35:14 -07:00
Armon Dadgar 466c7575d3 Replace VaultID with LeaseID for terminology simplification 2015-04-08 13:35:32 -07:00
Mitchell Hashimoto 9366be4895 command/auth: should let <1 args go through 2015-04-07 23:53:45 -07:00
Mitchell Hashimoto 071b72186e command/auth: unify 2015-04-07 23:29:49 -07:00
Mitchell Hashimoto 73edbebd4d command/audit-enable 2015-04-07 22:42:04 -07:00
Mitchell Hashimoto 8e3746d347 helper/kv-builder 2015-04-07 22:30:25 -07:00
Mitchell Hashimoto 71923a3abc command/audit-disable 2015-04-07 18:23:50 -07:00
Mitchell Hashimoto 0b45ffcd66 command/audit-list 2015-04-07 18:19:44 -07:00
Mitchell Hashimoto d97d9b928a command/token-revoke 2015-04-07 14:36:17 -07:00
Mitchell Hashimoto 457694c28b command/token-create: test 2015-04-07 14:22:18 -07:00
Mitchell Hashimoto ee690ee3b3 command/token-create 2015-04-07 14:20:18 -07:00
Mitchell Hashimoto 7442bc1ef6 command/delete 2015-04-07 11:15:20 -07:00
Mitchell Hashimoto f2ee82a17f command/remount 2015-04-07 10:46:47 -07:00
Mitchell Hashimoto ce0b0202ea command/unmount: better output 2015-04-07 10:39:17 -07:00
Mitchell Hashimoto a5ef1b6437 command/unmount 2015-04-07 10:38:51 -07:00
Mitchell Hashimoto 169666972a command/server: env var for dev mode 2015-04-06 10:28:17 -07:00
Mitchell Hashimoto 62f4d1dd0e credential/github: CLI handler 2015-04-06 09:53:43 -07:00
Mitchell Hashimoto c1bca480e6 command/auth: test for other methods 2015-04-06 09:40:47 -07:00
Mitchell Hashimoto ba2feae3f8 command/auth: add -method-help flag 2015-04-06 09:38:16 -07:00
Mitchell Hashimoto 22197fefa7 command/unseal: print newline after reading password 2015-04-06 09:34:08 -07:00
Mitchell Hashimoto 481628c41f command/auth: framework for supporting more auth methods 2015-04-05 20:50:18 -07:00
Mitchell Hashimoto 8bfa12297d builtin/audit: add file audit 2015-04-04 18:10:25 -07:00
Mitchell Hashimoto b0da4056a0 command/server: tests 2015-04-04 17:43:20 -07:00
Mitchell Hashimoto 929931175c command/server: log levels 2015-04-04 12:11:10 -07:00
Mitchell Hashimoto afc71d2a7b command/server: cleaner output 2015-04-04 12:06:41 -07:00
Mitchell Hashimoto 2e3d6d6a0e command/help 2015-04-02 22:42:05 -07:00
Mitchell Hashimoto 8433b3bfa6 Revert "command/policy"
This reverts commit da81ab3b4c813b0c207555b9cdf46c6e67319546.
2015-04-01 23:07:49 -07:00
Mitchell Hashimoto 4a0810dd6a command/policy 2015-04-01 23:02:03 -07:00
Mitchell Hashimoto 20d6fdf83f command/policy-write 2015-04-01 23:00:15 -07:00
Mitchell Hashimoto ca5c55c3eb command/policies: read a single policy 2015-04-01 18:50:43 -07:00
Mitchell Hashimoto a31ae896b4 command/policy-list 2015-04-01 18:46:32 -07:00
Mitchell Hashimoto e87d41d352 command/auth-disable 2015-04-01 17:14:11 -07:00
Mitchell Hashimoto f21da26766 command/auth-enable 2015-04-01 17:09:11 -07:00
Mitchell Hashimoto 8b3b10abc8 command/mounts: columnize 2015-04-01 17:01:10 -07:00
Mitchell Hashimoto 3876970564 command/read 2015-04-01 16:44:20 -07:00
Mitchell Hashimoto cee51ddde9 command/server: support CredentialBackends 2015-04-01 15:48:13 -07:00
Mitchell Hashimoto b5e4e4bf25 command/read: better UX on vault read 2015-03-31 20:50:05 -07:00
Mitchell Hashimoto d6a57d8a2b command/revoke: prefix 2015-03-31 19:33:16 -07:00
Mitchell Hashimoto bbaa137f4e command/revoke: revoke 2015-03-31 19:21:02 -07:00
Mitchell Hashimoto 67e4bdf1e4 misc typos 2015-03-31 17:27:04 -07:00
Mitchell Hashimoto 4f2ca0bca9 command/write: new format 2015-03-31 17:16:26 -07:00
Mitchell Hashimoto 19283eb5f7 command/server: dev mode 2015-03-31 16:44:47 -07:00
Mitchell Hashimoto 61efbf4930 command/mount 2015-03-31 16:29:04 -07:00
Mitchell Hashimoto eba817a21c command/auth: validate the token 2015-03-31 15:22:52 -07:00
Mitchell Hashimoto 407b32ccd5 command/seal: test should use the token 2015-03-31 11:46:55 -07:00
Mitchell Hashimoto b62d0f187b command/seal 2015-03-30 23:39:56 -07:00
Mitchell Hashimoto 78a783a1b9 command/meta: tests passing 2015-03-30 23:30:30 -07:00
Mitchell Hashimoto 27d4d861e9 command/auth: add newline so reading token doesn't output 2015-03-30 23:24:41 -07:00
Mitchell Hashimoto b2e46896f6 command/meta: add token to client if we have it 2015-03-30 23:10:59 -07:00
Mitchell Hashimoto e40d0874e1 command/auth: tests work wihtout vault installed 2015-03-30 11:07:31 -07:00
Mitchell Hashimoto 47a293579f command/auth: setting tokens works 2015-03-30 10:55:41 -07:00
Mitchell Hashimoto e3593d8bdc command: load configuration 2015-03-30 10:25:24 -07:00