luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
12711 commits 1 branch 0 tags 214 MiB
Commit graph

201 commits

Author SHA1 Message Date
Jim Kalafut d2bb399d95
Update kubernetes auth plugin (#9195) 2020-06-19 15:47:13 -07:00
Michael Golowka 7502813335
Add password_policy field to Azure docs (#9249) 
* Add password_policy field
* Updated vault-plugin-secrets-azure to v0.6.1
* A bunch of other libraries also got updated at the same time because of the plugin update
 2020-06-18 13:25:59 -06:00
Michael Golowka f77bcc53c4
Move sdk/helper/random -> helper/random (#9226) 
* This package is new for 1.5 so this is not a breaking change.
* This is being moved because this code was originally intended to be used
within plugins, however the design of password policies has changed such
that this is no longer needed. Thus, this code doesn't need to be in the
public SDK.
 2020-06-17 14:24:38 -06:00
Scott Miller 883524c71c
Add backend type to audit logs (#9167) 
Add a mount_type field to audit log requests and responses.
 2020-06-16 07:22:33 -05:00
Austin Gebauer 1fe041689d
Update GCP secrets plugin (#9231) 2020-06-15 18:24:12 -07:00
Austin Gebauer 7aba2ada56
Update oracle cloud infrastructure auth plugin to v0.5.5 (#9210) 2020-06-15 10:11:20 -07:00
Michael Golowka 1a8b7765bc
Add password policies to Active Directory secret engine (#9144) 
* Also updates AD docs to reflect password policies
 2020-06-15 10:36:17 -06:00
Brian Kassouf 3b4ba9d1fb
Upgrade raft library (#9170) 
* Upgrade raft library

* Update vendor

* Update physical/raft/snapshot_test.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update physical/raft/snapshot_test.go

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
 2020-06-08 16:34:20 -07:00
Clint dd9c3b9133
Sync Protobuf dependencies between core and sdk (#9154) 
* update go.mod/sum for root and sdk folders to sync protobuf versions

* run 'go mod vendor'

* bump github.com/golang/protobuf to v1.4.2
 2020-06-05 14:15:12 -05:00
Michael Golowka 438345c390
Update OpenLDAP secret engine to v0.1.3 (#9123) 
* Adds ability to use password policies

Operations:
Updated go.mod for OpenLDAP to v0.1.3
Ran `go mod tidy`
Ran `go mod vendor`
 2020-06-03 10:37:00 -06:00
Jim Kalafut 34fab8ae09
Update gcp secrets plugin (#9004) 2020-06-01 11:02:33 -07:00
ncabatoff 8870b2e51c
Add mongodbatlas static roles support (#8987) 
* Refactor PG container creation.
* Rework rotation tests to use shorter sleeps.
* Refactor rotation tests.
* Add a static role rotation test for MongoDB Atlas.
 2020-05-29 14:21:23 -04:00
Michael Golowka b52950f884
Add user configurable password policies available to secret engines (#8637) 
* Add random string generator with rules engine

This adds a random string generation library that validates random
strings against a set of rules. The library is designed for use as generating
passwords, but can be used to generate any random strings.
 2020-05-27 12:28:00 -06:00
Jeff Mitchell 7e5d68a73e
Bump go-kms-wrapping to remove proto warning, and vendor (#9066) 2020-05-22 10:48:50 -04:00
Josh Black 6e92c8cbd2
Add a new "vault monitor" command (#8477) 
Add a new "vault monitor" command

Co-authored-by: ncabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>
 2020-05-21 13:07:50 -07:00
Clint 39de184f1f
Update vault-plugin-secret-ad dependency (#9025) 2020-05-20 12:47:37 -07:00
Jeff Mitchell 623d58deaf Bump api/sdk 2020-05-19 18:19:12 -04:00
Clint 86a62130fd
Update to latest version of vault-plugin-secrets-openldap (#9006) 2020-05-18 15:59:11 -05:00
Jeff Mitchell b4f5d38916
Update to latest go-kms-wrapping and fix protos/etcd (#8996) 2020-05-14 18:45:10 -04:00
Scott Miller 16cc804086
Upgrade go-ldap to 3.1.10, containing the send race fix (#8937) 
* Upgrade go-ldap to 3.1.10, containing the send race fix
 2020-05-11 11:28:01 -05:00
ncabatoff 55609f1d38
Ensure that the .vault-token file writen by vault login always has the correct permissions and ownership. (#8867) 2020-04-27 19:55:13 -04:00
Jim Kalafut 053c2b3cf6
Update go.mod to corrected plugin tags (#8759) 
This addresses an issue found in #8696 which was determined to be due to
the Go module proxy having a cached copy of a tag that doesn't match the
official version (due a build prep error weeks ago). All of the repos
got new patch versions, but the content is identical.
 2020-04-17 11:50:19 -07:00
Jim Kalafut b7fc72d5ec
Update go.mod and vendoring (#8752) 
This primarily ports updates made during the 1.4 release to master.
 2020-04-16 12:07:07 -07:00
Brian Kassouf 2e7d682586
Update triton-go package (#8751) 2020-04-16 09:57:37 -07:00
Jim Kalafut 5c4796bb55
Update MongoDB Atlas secrets plugin (#8669) 2020-04-03 15:47:17 -07:00
Tommy Murphy a936a77f01
stackdriver: metric label extraction (#8073) 
* stackdriver: use label extraction and add debug config

* go.mod: update go-metrics-stackdriver

* vendor go-metrics-stackdriver
 2020-03-13 07:58:45 +01:00
ncabatoff 5fe1ab766b
Add option to detect deadlocks in Core.stateLock using build tag deadlock (#8524) 2020-03-10 16:01:20 -04:00
ncabatoff c9ff95ec70
Update to go-metrics 1.3.3 for Prometheus performance improvements. (#8507) 2020-03-09 09:54:55 -04:00
Jason O'Donnell 524e871343
secrets/openldap: update go.mod (#8475) 
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
 2020-03-06 11:52:28 -05:00
Brian Kassouf d4f72f792f go mod vendor 2020-02-20 10:15:11 -08:00
Sam Salisbury b929348a31 go mod vendor 2020-02-20 09:16:19 +00:00
Jim Kalafut 2e8826744f
Update plugin dependencies (#8371) 
* Update plugin dependencies

* Update vendoring
 2020-02-18 09:55:04 -08:00
Jeff Mitchell 844b2c3a5d Bump API/SDK and adapt to move from SDK stuff 2020-02-15 14:58:05 -05:00
Jason O'Donnell dd9f25a118
Add OpenLDAP Secret Plugin (#8360) 
* Add openldap secret plugin

* go mod vendor

* Revert to go-ldap 3.1.3

* go mod vendor
 2020-02-15 13:21:07 -05:00
Jeff Mitchell 38679f4baa Update vendoring 2020-02-14 17:55:06 -05:00
Becca Petrin 5f19ff828c
update kerberos dependency (#8353) 2020-02-14 11:13:28 -08:00
Jim Kalafut 2ee7b76469
Bundle MongoDB Atlas (#8309) 2020-02-07 14:09:39 -08:00
ncabatoff fbd4925889
Update to newest go-metrics, go mod vendor. (#8311) 2020-02-07 09:05:14 -05:00
Becca Petrin 1459544630
update from github.com/hashicorp/gokrb5 to github.com/jcmturner/gokrb5/v8 (#8296) 2020-02-05 14:23:22 -08:00
ncabatoff 03b14d8a64
Upgrade okta sdk lib (#8143) 
Upgrade to new official Okta sdk lib.  Since it requires an API token, use old unofficial okta lib for no-apitoken case. 

Update test to use newer field names.  Remove obsolete test invalidated by #4798.  Properly handle case where an error was expected and didn't occur.
 2020-02-03 12:51:10 -05:00
Michel Vocks 2bde6a3a5a
Bump etcd client API dep (#8037) 2020-01-29 15:16:38 +01:00
Michel Vocks f695eb737b
Add Consul TLS options to access API endpoint (#8253) 2020-01-29 09:44:35 +01:00
Michel Vocks 027ada452e
Mongodb driver switch to mongo-driver (#8140) 
* Switch mongodb driver to mongo-driver

* Tidy mod

* Make writeConcern private

* Implement review feedback

* Add retry functionality

* Added backoff time

* go mod vendor

* Fix failing test

* goimport
 2020-01-24 09:32:47 +01:00
Jeff Mitchell 1ba3b87eab Bump sdk 2020-01-23 14:25:35 -05:00
Jeff Mitchell ef44e226a9 Bump sdk and go-hclog and vendor 2020-01-23 14:12:19 -05:00
Jeff Mitchell 3956072c93 Update test var name and tidy 2020-01-16 20:18:59 -05:00
Michel Vocks 13ebf5460c
Add TLS options per Nomad backend (#8083) 2020-01-15 11:03:38 +01:00
Jeff Mitchell 80408beabe Bump go-kms-wrapping dep to fix a nil pointer in tests 2020-01-13 09:28:49 -05:00
Jeff Mitchell c5f9f8fc05 Update go-kms-wrapping dep 2020-01-13 09:25:11 -05:00
Jeff Mitchell 78a1d51a3a Update vendoring 2020-01-10 20:50:36 -05:00
Jeff Mitchell a0694943cc
Migrate built in auto seal to go-kms-wrapping (#8118) 2020-01-10 20:39:52 -05:00
Brian Kassouf 549faf47f2
Add identity templating helper to sdk/framework (#8088) 
* Add identity templating helper to sdk/framework

* Cleanup a bit

* Fix length issue when groups/aliases are filtered due to ns

* review feedback
 2020-01-06 10:16:52 -08:00
Jeff Mitchell d873e7ba3c Update master's sdk/api 2019-12-18 16:36:50 -05:00
Becca Petrin c9b0e372ac
update vault-plugin-secrets-ad to v0.6.2 (#8049) 2019-12-18 09:23:09 -08:00
Joel Thompson ed20dbf4f7 Bump aws-sdk-go to v1.25.41 (#7458) 
This is in support of #7450 and #7924
 2019-12-16 16:43:00 -08:00
Becca Petrin a7383b6d86
Add Kerberos SPNEGO auth plugin (#7908) 2019-12-11 11:18:37 -08:00
ncabatoff fde5e55ce9
Handle otherName SANs in CSRs (#6163) 
If a CSR contains a SAN of type otherName, encoded in UTF-8, and the signing role specifies use_csr_sans, the otherName SAN will be included in the signed cert's SAN extension.

Allow single star in allowed_other_sans to match any OtherName.  Update documentation to clarify globbing behaviour.
 2019-12-11 10:16:44 -05:00
Jim Kalafut 6000a12380 Update GCP secrets plugin (#7869) 2019-11-12 11:59:26 -08:00
Clint 847fcf8551 Update how Vault Agent configures Consul Templates internal logger (#7822) 
* fix up logger in Vault Agent Template

* update deps
 2019-11-12 11:29:29 -08:00
Brian Kassouf 29f12581a8 Update SDK 2019-11-11 19:41:52 -08:00
Brian Kassouf f8085f518f Update plugins 2019-11-11 19:28:09 -08:00
Jeff Mitchell 7b803e92a3 Update API/vendoring 2019-11-08 11:40:12 -05:00
Jeff Mitchell a8aa5f0dd3 go-ldap update; bump dep, api, secrets-ad plugin, and vendor 2019-11-08 11:24:46 -05:00
Sam Salisbury b589fbfbd9
ci: switch to go1.12.12 on machine executors (#7703) 
* ci: switch to go1.12.12 on machine executors

- This brings in recent ci changes from the release/1.2.x branch.

* go mod vendor

* ci: remove ent build tags

* ci: fix gopath

* go mod vendor

* ci: ensure yarn install

* ci: add debug commands

* ci: debugging

* ci: increment yarn cache; remove debugging

* ci: remove redundant yarn install
 2019-11-06 13:15:06 +00:00
Calvin Leung Huang 8c31e45860
hostutil: query stats with context, update gopsutil, refactor tests (#7769) 
* hostutil: query stats with context, update gopsutil, refactor tests

* go mod vendor

* minor comment wording
 2019-11-01 10:12:22 -07:00
Jeff Mitchell df43802f14 Vendor 2019-10-28 11:34:28 -04:00
Sam Salisbury 8f0c38f78d
run go mod vendor (#7736) 2019-10-25 13:35:22 +01:00
Jeff Mitchell c4df00f193 Fix kv mod import and vendoring 2019-10-18 08:57:32 -04:00
Lexman c86fe212c0
oss changes for entropy augmentation feature (#7670) 
* oss changes for entropy augmentation feature

* fix oss command/server/config tests

* update go.sum

* fix logical_system and http/ tests

* adds vendored files

* removes unused variable
 2019-10-17 10:33:00 -07:00
Calvin Leung Huang d2dbb8c963
Vault Debug (#7375) 
* cli: initial work on debug; server-status target

* debug: add metrics capture target (#7376)

* check against DR secondary

* debug: add compression

* refactor check into preflight func

* debug: set short test time on tests, fix exit code bug

* debug: use temp dir for output on tests

* debug: use mholt/archiver for compression

* first pass on adding pprof

* use logger for output

* refactor polling target capture logic

* debug: poll and collect replication status

* debug: poll and collect host-info; rename output files and collection refactor

* fix comments

* add archive test; fix bugs found

* rename flag name to singular target

* add target output test; scaffold other tests cases

* debug/test: add pprof and index file tests

* debug/test: add min timing check tests

* debug: fix index gen race and collection goroutine race

* debug: extend archive tests, handle race between program exit and polling goroutines

* update docstring

* debug: correctly add to pollingWg

* debug: add config target support

* debug: don't wait on interrupt shutdown; add file exists unit tests

* move pprof bits into its goroutine

* debug: skip empty metrics and some pprof file creation if permission denied, add matching unit test

* address comments and feedback

* Vault debug using run.Group (#7658)

* debug: switch to use oklog/run.Group

* debug: use context to cancel requests and interrupt rungroups.

* debug: trigger the first interval properly

* debug: metrics collection should use metrics interval

* debug: add missing continue on metrics error

* debug: remove the use of buffered chan to trigger first interval

* debug: don't shadow BaseCommand's client, properly block on interval capture failures

* debug: actually use c.cachedClient everywhere

* go mod vendor

* debug: run all pprof in goroutines; bump pprof timings in tests to reduce flakiness

* debug: update help text
 2019-10-15 15:39:19 -07:00
Becca Petrin e8432f1ebe
update ad secrets plugin for check-out feature (#7617) 2019-10-14 11:17:05 -07:00
Brian Kassouf 1167fad704
Improve raft write performance by utilizing FSM Batching (#7527) 
* Start benchmark work

* Add batching FSM function

* dedupe some code

* Update dependency on chunking FSM

* fix raft external tests

* fix go.mod

* Add batching test

* uncomment test

* update raft deps

* update vendor

* Update physical/raft/fsm.go

Co-Authored-By: Michel Vocks <michelvocks@gmail.com>

* Update physical/raft/fsm.go
 2019-10-14 09:25:07 -06:00
ncabatoff c16e3bbceb
Cache whether we've been initialized to reduce load on storage (#7549) 2019-10-08 17:52:38 -04:00
Nick Cabatoff 85e387439e go mod vendor and go mod tidy 2019-10-04 09:14:37 -04:00
Jim Kalafut 63393ea1cc
Update vendor dir (#7539) 2019-10-01 08:03:32 -07:00
Jeff Mitchell bdb59e7f51 Bump api/sdk and vendoring 2019-09-19 09:43:23 -04:00
Jeff Mitchell ba236306e2 Update api/sdk. Let kr/pty stay for now so it stops going in on every build 2019-09-18 09:12:57 -04:00
Jeff Mitchell 86d14691f4 Bump sdk and vendoring 2019-09-17 11:38:03 -04:00
Jim Kalafut b3fbcb2809
Update JWT auth dep (#7427) 2019-09-05 10:24:08 -07:00
Jim Kalafut 051bc15da3
Bundle OCI Auth method (#7422) 2019-09-04 16:46:00 -07:00
Jeff Mitchell d2376354f7 Update API and revendor 2019-09-04 12:46:30 -04:00
Aaron Bennett 9994307c6c update dependencies (#7390) 2019-09-03 16:08:50 -04:00
Jeff Malnick 8fdb5f62c4
feat: bump vault-plugin-auth-kubernetes to pick up support for projected tokens feature (#7386) 2019-08-30 11:53:06 -07:00
Jeff Mitchell 0d39d0507a Update api 2019-08-26 15:49:51 -04:00
Becca Petrin 64ecf46fb6
rename pcf to cf maintaining backwards compat (#7346) 2019-08-26 09:55:08 -07:00
Jeff Mitchell 21ccbdeffe Update vendor folder 2019-08-22 11:07:25 -04:00
Jeff Mitchell 88e1885c1c Updating plugin deps 2019-08-14 17:23:29 -04:00
Jim Kalafut 3e7a2211bf Update PCF Auth plugin (#7306) 2019-08-14 09:43:04 -04:00
Jeff Mitchell f7358e66bb Bump sdk/api 2019-08-05 18:03:40 -04:00
Jeff Mitchell cfffaa5f09 Updating plugin deps 2019-07-30 00:26:33 -04:00
Jeff Mitchell 23b1b27cec Update api/sdk 2019-07-30 00:24:27 -04:00
Jeff Mitchell e3ef0d3051 Pull in updated secrets-ad plugin 2019-07-29 18:10:13 -04:00
Brian Kassouf bdfa2c7828
Add additional raft chunk test (#7192) 
* Add an end-to-end raft chunk test

* Apply suggestions from code review

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>
 2019-07-29 14:11:46 -07:00
Jeff Mitchell abcae3830f Updating plugin deps 2019-07-25 13:01:47 -04:00
Jeff Mitchell 6ca4fa02df Bump api/sdk 2019-07-25 12:59:29 -04:00
Jeff Mitchell 6e22d14ff7 Updating plugin deps 2019-07-25 12:38:07 -04:00
Jeff Mitchell 1288e59857 Pull in tagged api/sdk 2019-07-25 12:17:13 -04:00
Jeff Mitchell 0425db59ab
Raft chunk snapshotting (#7185) 
Support chunking, including snapshot handling
 2019-07-24 20:44:13 -04:00
Jeff Mitchell d2a5a3035c Vendor deps 2019-07-24 13:42:50 -04:00
Jeff Mitchell fd376b4bdf Use ChunkingConfigurationStore for raft 2019-07-23 10:59:21 -04:00