Commit graph

7842 commits

Author SHA1 Message Date
Jeff Mitchell 599f691141
Allow returning warnings and other data in 404s in the Go API (#4256)
* Allow returning list information and other data in 404s.

On read it'll output data and/or warnings on a 404 if they exist. On
list, the same behavior; the actual 'vault list' command doesn't change
behavior though in terms of output unless there are no actual keys (so
it doesn't just magically show other data).

This corrects some assumptions in response_util and wrapping.go; it also
corrects a few places in the latter where it could leak a (useless)
token in some error cases.

* Use same 404 logic in delete/put too

* Add the same secret parsing logic to the KV request functions
2018-04-03 22:35:45 -04:00
Jeff Mitchell 69a8158913
Fix race condition caught by detector in barrier view (#4261) 2018-04-03 21:39:11 -04:00
Brian Kassouf 829fcb226c
Allow for comma separated strings in the TypeCommaIntSlice field type (#4257)
* Allow for comma separated strings in the TypeCommaIntSlice field type

* Explode versions on client side

* fix deleting versions
2018-04-03 17:58:42 -07:00
Roy Sindre Norangshol a9c717b44e project is now project_id (#4251)
Verified both via vault CLI and direct curl'ing towards API endpoints.
2018-04-03 17:11:47 -04:00
Alex Dadgar 6a824383b6 Don't swallow logical.Unwrap error (#4258)
This PR fixes the error handling in the api packages logical.Unwrap
method. Previously if there was an error making the request to Vault,
the error was only returned if there was an HTTP response and the status
code was not a 404.

The new code returns all errors but does special case handling if the
response code is a 404.
2018-04-03 17:11:01 -04:00
Jeff Mitchell 8d33a0e089 Bump vkv plugin 2018-04-03 17:09:33 -04:00
Jeff Mitchell 4b687eca3f Update vkv plugin 2018-04-03 15:55:57 -04:00
Jeff Mitchell c10ae3a755 Bump vkv plugin 2018-04-03 15:04:33 -04:00
Brian Kassouf e26e821107
Don't pass the upgrade flag into the backend (#4255) 2018-04-03 11:37:34 -07:00
Jeff Mitchell 9d16593f48 Interim vkv plugin push 2018-04-03 14:34:36 -04:00
Calvin Leung Huang 6b840e6c1c
Fix compilation and tests failures (#4254) 2018-04-03 14:07:43 -04:00
Jeff Mitchell d7779fd349 Add dev-ui target 2018-04-03 13:54:33 -04:00
Chris Hoffman d854ccfc64 changelog++ 2018-04-03 13:52:30 -04:00
Chris Hoffman 4fc6364157 changelog++ 2018-04-03 13:51:28 -04:00
Brian Kassouf 39970ac23d
Move plugin env checks to their own file (#4253) 2018-04-03 10:36:14 -07:00
Matthew Irish cf1a9647f4
changelog ++ 2018-04-03 11:40:11 -05:00
Chris Hoffman a7ada08b3b
Core handling of TTLs (#4230)
* govet cleanup in token store

* adding general ttl handling to login requests

* consolidating TTL calculation to system view

* deprecate LeaseExtend

* deprecate LeaseExtend

* set the increment to the correct value

* move calculateTTL out of SystemView

* remove unused value

* add back clearing of lease id

* implement core ttl in some backends

* removing increment and issue time from lease options

* adding ttl tests, fixing some compile issue

* adding ttl tests

* fixing some explicit max TTL logic

* fixing up some tests

* removing unneeded test

* off by one errors...

* adding back some logic for bc

* adding period to return on renewal

* tweaking max ttl capping slightly

* use the appropriate precision for ttl calculation

* deprecate proto fields instead of delete

* addressing feedback

* moving TTL handling for backends to core

* mongo is a secret backend not auth

* adding estimated ttl for backends that also manage the expiration time

* set the estimate values before calling the renew request

* moving calculate TTL to framework, revert removal of increment and issue time from logical

* minor edits

* addressing feedback

* address more feedback
2018-04-03 12:20:20 -04:00
Jeff Mitchell 2bd107a806 Update logformat -> logging 2018-04-03 12:03:35 -04:00
Jeff Mitchell 5bca2265f8 Bump yarn 2018-04-03 11:04:02 -04:00
Jeff Mitchell 20816f4735 Add Makefile/Dockerfile UI bits 2018-04-03 10:46:45 -04:00
Matthew Irish 3d52c8c7c1
Merge pull request #4248 from hashicorp/oss-ui
Moving the UI to OSS
2018-04-03 09:37:31 -05:00
Chris Hoffman 35e944e485 adds ability to override default CSP with warning (#395) 2018-04-03 09:34:14 -05:00
Chris Hoffman e293fe84c3 OSS: Adding UI handlers and configurable headers (#390)
* adding UI handlers and UI header configuration

* forcing specific static headers

* properly getting UI config value from config/environment

* fixing formatting in stub UI text

* use http.Header

* case-insensitive X-Vault header check

* fixing var name

* wrap both stubbed and real UI in header handler

* adding test for >1 keys
2018-04-03 09:34:01 -05:00
Matthew Irish 7c92bb9b1d Moving UI assets to OSS 2018-04-03 09:16:57 -05:00
Jeff Mitchell f5ba4796f5
Case insensitive behavior for LDAP (#4238) 2018-04-03 09:52:43 -04:00
Brian Kassouf 2fcf66896b plugin/grpc: Fix a panic when a transport error occurs during a list (#4244) 2018-04-03 08:00:04 -04:00
Lowe Schmidt f2c302f920 Grammatical error (#4246)
As per Franklin Davis suggestion on the mailing list.
2018-04-03 07:53:38 -04:00
Vishal Nayak 1a6ff5cb80
port missed items from identity store to oss (#4242) 2018-04-02 22:17:33 -04:00
Jeff Mitchell 42d2ee04bd
Alias versioned kv as vkv when mounting (#4240) 2018-04-02 20:51:35 -04:00
Becca Petrin 03cf302e9a Move to "github.com/hashicorp/go-hclog" (#4227)
* logbridge with hclog and identical output

* Initial search & replace

This compiles, but there is a fair amount of TODO
and commented out code, especially around the
plugin logclient/logserver code.

* strip logbridge

* fix majority of tests

* update logxi aliases

* WIP fixing tests

* more test fixes

* Update test to hclog

* Fix format

* Rename hclog -> log

* WIP making hclog and logxi love each other

* update logger_test.go

* clean up merged comments

* Replace RawLogger interface with a Logger

* Add some logger names

* Replace Trace with Debug

* update builtin logical logging patterns

* Fix build errors

* More log updates

* update log approach in command and builtin

* More log updates

* update helper, http, and logical directories

* Update loggers

* Log updates

* Update logging

* Update logging

* Update logging

* Update logging

* update logging in physical

* prefixing and lowercase

* Update logging

* Move phyisical logging name to server command

* Fix som tests

* address jims feedback so far

* incorporate brians feedback so far

* strip comments

* move vault.go to logging package

* update Debug to Trace

* Update go-plugin deps

* Update logging based on review comments

* Updates from review

* Unvendor logxi

* Remove null_logger.go
2018-04-02 17:46:59 -07:00
Ben Feld 3f5d60b54b Fixed typo and adjusted line wrapping in backend help (#4239) 2018-04-02 13:51:26 -07:00
Jeff Mitchell 5590cb63c1 Merge in go-hclog 2018-04-02 16:14:46 -04:00
Jeff Mitchell 95d9e83bc3 Merge in go-hclog 2018-04-02 15:58:31 -04:00
Jeff Mitchell 85584e75f4 Update go-hclog and go-plugin 2018-04-02 14:22:52 -04:00
vishalnayak 461133b785 changelog++ 2018-04-02 10:46:51 -04:00
Vishal Nayak 96fc0c2509
Update group alias by ID (#4237)
* update group alias by id

* update docs
2018-04-02 10:42:01 -04:00
Vishal Nayak 032ca979dc
move identity docs from ent docs to oss (#4235) 2018-04-01 13:59:43 -04:00
Vishal Nayak ab3579aeb6
add entity merge API to docs (#4234) 2018-04-01 12:59:57 -04:00
LeSuisse cdd7cc1635 Update usage of the deprecated generated-root command in the documentation (#4232) 2018-03-31 11:17:08 -04:00
Seth Vargo 67b8c1c05e Encourage people to use code blocks (#4228) 2018-03-30 17:02:03 -04:00
Jeff Mitchell 49ee1113aa Move close for s3 a bit earlier in case data is returned with 404 2018-03-30 13:03:33 -04:00
Jeff Mitchell 16b5ab192f changelog++ 2018-03-30 12:43:19 -04:00
Jeff Mitchell 23e80d028f
Switch reading from S3 to io.Copy from io.ReadFull (#4225)
* Switch reading from S3 to io.Copy from io.ReadFull

If the Content-Length header wasn't being sent back, the current
behavior could panic. It's unclear when it will not be sent; it appears
to be CORS dependent. But this works around it by not trying to
preallocate a buffer of a specific size and instead just read until EOF.

In addition I noticed that Close wasn't being called.
https://docs.aws.amazon.com/sdk-for-go/api/service/s3/#GetObjectOutput
specifies that Body is an io.ReadCloser so I added a call to Close.

Fixes #4222

* Add some extra efficiency
2018-03-30 12:42:48 -04:00
Jeff Mitchell 51b34fed4c changelog++ 2018-03-30 12:42:28 -04:00
Jeff Mitchell 3172f29474 changelog++ 2018-03-30 12:37:34 -04:00
Seth Vargo b48a9878e7 Add HA support to the Google Cloud Storage backend (#4226) 2018-03-30 12:36:37 -04:00
vishalnayak da1ce85482 changelog++ 2018-03-30 12:15:11 -04:00
Vishal Nayak 55f13263c3
reintroduce flagMFA (#4223) 2018-03-30 12:11:10 -04:00
Jeff Mitchell b53f1be3ae Bump Go version check in Makefile 2018-03-30 11:55:03 -04:00
Brian Shumate bf1b8709a6 Update Consuls Secrets quick start (#4224)
- Fix typo in role name
- Drop ordered list formatting on get credential example
2018-03-30 10:46:05 -04:00