Commit graph

988 commits

Author SHA1 Message Date
Calvin Leung Huang e99957aed9
Support registering plugin with name only (#5787)
* Support registering plugin with name only

* Make RegisterPlugin backwards compatible

* Add CLI backwards compat command to plugin info and deregister

* Add server-side deprecation warnings if old read/dereg API endpoints are called

* Address feedback
2018-11-15 14:33:11 -08:00
Jeff Mitchell 3de2ebd256 Explicitly state that secrets move doesn't work across namespaces 2018-11-07 11:07:19 -05:00
Becca Petrin 7bd22e6779
Run all builtins as plugins (#5536) 2018-11-06 17:21:24 -08:00
Calvin Leung Huang ef8f40647a Bump timeout due to potential backoff retry delay (#5706) 2018-11-06 11:06:06 -08:00
Calvin Leung Huang 46f37f3363
Add HSMAutoDeprecated for ent upgrade (#5704) 2018-11-06 09:42:03 -08:00
Jeff Mitchell 41649c1511 Clean up stored barrier keys after migration to shamir (#5671) 2018-11-05 14:06:39 -05:00
Calvin Leung Huang c5c6588f7e
Bump timeout due to potential backoff retry delay (#5663) 2018-11-02 13:22:15 -07:00
Jim Kalafut b1bc2a6b2b
Fix a few vet warnings (#5674) 2018-11-02 13:21:44 -07:00
Becca Petrin f99d65bdc3 fix typo in test name 2018-11-01 16:06:35 -07:00
Dilan Bellinghoven 5109be59a6 command/agent/sink/sink.go: This fix solves the problem where when multiple file sinks are specified in the agent HCL file, there is unexpected behavior (#5610) 2018-11-01 14:44:13 -07:00
Brian Shumate 9c06c53542 Fix typo (#5661) 2018-11-01 10:13:20 -04:00
Jim Kalafut 11d7f7eb13
Add memory profiling for custom builds (#5584) 2018-10-31 11:11:45 -07:00
Jeff Mitchell 605a7e30ad
Add the ability for secret IDs in agent approle to be wrapped (#5654) 2018-10-30 20:53:49 -04:00
Jeff Mitchell 6d20c8fce2
Add approle agent method removing secret ID file by default. (#5648)
Also, massively update tests.
2018-10-30 14:09:04 -04:00
Aleksey Zhukov 5361205d5b WIP Agent AppRole auto-auth (#5621) 2018-10-30 12:17:19 -04:00
Chris Hoffman 8c88eb3e2a
Add -dev-auto-seal option (#5629)
* adding a -dev-auto-seal option

* adding logger to TestSeal
2018-10-29 09:30:24 -04:00
Jeff Mitchell 2c17930aaf
Remove agent reauthentication on new credentials. (#5615)
Functionality is left in for use in testing (where it is indeed quite
useful).

Fixes #5522
2018-10-27 10:45:55 -07:00
Jim Kalafut fa462c72f9
Fix command panic by returning empty (not nil) map (#5603)
Fixes #5600
2018-10-24 13:08:40 -07:00
Jeff Mitchell 91a970b81d Fix build 2018-10-23 15:09:35 -04:00
Jeff Mitchell a979f49cd7 Add disable-indexing 2018-10-23 15:03:17 -04:00
Jeff Mitchell 2526ce2ce6 Fix build 2018-10-23 04:12:23 -04:00
Jeff Mitchell b2f2568a21 Merge branch 'master-oss' into 1.0-beta-oss 2018-10-23 04:02:28 -04:00
Jeff Mitchell fe770ed284 Change deprecation warning to 1.1 2018-10-23 02:44:57 -04:00
Chris Hoffman dec2eb88b6 adding gcpkms secrets engine (#784) 2018-10-22 23:39:25 -07:00
Jeff Mitchell 82992d6097
Seal migration (OSS) (#781) 2018-10-22 23:34:02 -07:00
Vishal Nayak 699b18ee09 Fix flag name for kv help text (#5580) 2018-10-22 15:22:43 -04:00
Calvin Leung Huang a08ccbffa7
[Review Only] Autoseal OSS port (#757)
* Port awskms autoseal

* Rename files

* WIP autoseal

* Fix protobuf conflict

* Expose some structs to properly allow encrypting stored keys

* Update awskms with the latest changes

* Add KeyGuard implementation to abstract encryption/decryption of keys

* Fully decouple seal.Access implementations from sealwrap structs

* Add extra line to proto files, comment update

* Update seal_access_entry.go

* govendor sync

* Add endpoint info to configureAWSKMSSeal

* Update comment

* Refactor structs

* Update make proto

* Remove remove KeyGuard, move encrypt/decrypt to autoSeal

* Add rest of seals, update VerifyRecoveryKeys, add deps

* Fix some merge conflicts via govendor updates

* Rename SealWrapEntry to EncryptedBlobInfo

* Remove barrier type upgrade check in oss

* Add key to EncryptedBlobInfo proto

* Update barrierTypeUpgradeCheck signature
2018-10-19 14:43:57 -07:00
Jeff Mitchell 224fbd4a88 Merge branch 'master-oss' into 1.0-beta-oss 2018-10-16 10:08:03 -04:00
Jeff Mitchell 04e3f9b0f3
Add LastWAL in leader/health output (#5523) 2018-10-16 09:38:44 -04:00
Jeff Mitchell a64fc7d7cb
Batch tokens (#755) 2018-10-15 12:56:24 -04:00
Jeff Mitchell af73c5872d
Buffer authhandler output channel to prevent hang on shutdown (#5507)
Fixes #5026
2018-10-15 11:02:53 -04:00
Jim Kalafut 123e34f4a7
Don't copy HA lock file during migration (#5503) 2018-10-12 09:29:15 -07:00
Jeff Mitchell 646bfc6d5d
Warn when users don't configure api_addr (#5496)
Fixes some sources of user strife
2018-10-10 14:52:00 -04:00
Calvin Leung Huang b47e648ddf
Logger cleanup (#5480) 2018-10-09 09:43:17 -07:00
Jim Kalafut bd4a7c57c6 Fix 'vault auth' panic (#5473)
Running 'vault auth' with no parameters was panicking:

panic: assignment to entry in nil map
	github.com/hashicorp/vault/command/login.go:255 +0xdee

Now it will show help.
2018-10-05 16:05:26 -07:00
JohnVonNeumann eba56f3f23 Update operator_init.go (#5441)
Minor grammar fix.
2018-10-01 17:19:13 -07:00
Jim Kalafut 43d498983c
Retry failing migration check instead of exiting (#5427) 2018-10-01 14:35:35 -07:00
Jeff Mitchell ef144c4c25 Send initialized information via sys/seal-status (#5424) 2018-09-27 14:03:37 -07:00
Jim Kalafut d9d93e42a8
Fix server command test (#5407)
The addition of CheckMigration to the server startup process means
that physical backends in this test need to be able to respond to Get() without error.
2018-09-26 14:52:11 -07:00
Jim Kalafut c1f7e4a276
Fix wording in log message (#5399) 2018-09-25 16:52:03 -07:00
Jim Kalafut 4c80debe63
Add physical backend migrator command (#5143) 2018-09-25 16:18:22 -07:00
Seth Vargo 743161abd4 Also format TTLs in non-secret responses (#5367) 2018-09-21 09:54:18 -04:00
Becca Petrin 74d4d0ccc0
add alicloud secrets engine (#5352) 2018-09-19 08:42:28 -07:00
Jeff Mitchell 43aebacfa8 Fix default_max_request_duration HCL name and update docs (#5321)
* Fix default_max_request_duration HCL name and update docs

* Update tcp.html.md
2018-09-18 14:30:21 -07:00
Jeff Mitchell 919b968c27
The big one (#5346) 2018-09-17 23:03:00 -04:00
Jim Kalafut eb6c165e29
Improve CLI error message (#5327) 2018-09-13 08:23:36 -07:00
Becca Petrin b2ff87c9c2
Poll for new creds in the AWS auth agent (#5300) 2018-09-12 13:30:57 -07:00
Becca Petrin 625592c5e6
update to match aws (#5315) 2018-09-11 11:10:50 -07:00
Jeff Mitchell 1837c571ec
Fix authhandler-based wrapping in agent (#5316) 2018-09-11 13:10:11 -04:00
Jeff Mitchell c28ed23972
Allow most parts of Vault's logging to have its level changed on-the-fly (#5280)
* Allow most parts of Vault's logging to have its level changed on-the-fly

* Use a const for not set
2018-09-05 15:52:54 -04:00