Commit graph

12157 commits

Author SHA1 Message Date
Mark Gritter a82862a118
Utility for collecting new gauge metrics (#9017) 2020-05-19 17:54:43 -05:00
Jeff Mitchell 623d58deaf Bump api/sdk 2020-05-19 18:19:12 -04:00
Clint c468d84e8d
Update CHANGELOG.md 2020-05-19 17:19:02 -05:00
Jeff Mitchell 7bc65c48de Bump api's sdk 2020-05-19 18:18:38 -04:00
Jeff Mitchell 41d5727d9d
Port encrypted config shared bits to a separate PR (#9037)
* Port encrypted config shared bits to a separate PR

* Address feedback
2020-05-19 18:15:30 -04:00
Clint 8bd8d7dba6
secrets/database: return any error from rotations (#8997) 2020-05-19 12:05:09 -05:00
ncabatoff 6291b40e34
Don't include username or password of proxy env vars when logging them. (#9022) 2020-05-19 10:07:46 -04:00
Clint 638fab75f2
Update CHANGELOG.md 2020-05-19 06:26:45 -05:00
Clint b523d30bd2
Update CHANGELOG
Move note on fixing an OpenLDAP to the `1.4.2` section
2020-05-19 06:25:38 -05:00
Brian Kassouf 89f553f4bf
changelog++ 2020-05-18 18:53:33 -07:00
Brian Kassouf c8dde052f2
storage/raft: Advertise the configured cluster address (#9008)
* storage/raft: Advertise the configured cluster address

* Don't allow raft to start with unspecified IP

* Fix concurrent map write panic

* Add test file

* changelog++

* changelog++

* changelog++

* Update tcp_layer.go

* Update tcp_layer.go

* Only set the adverise addr if set
2020-05-18 18:22:25 -07:00
Brian Kassouf 1bb0bd489d
storage/raft: Add committed and applied indexes to the status output (#9011)
* storage/raft: Add committed and applied indexes to the status output

* Update api vendor

* changelog++

* Update http/sys_leader.go

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-05-18 16:07:27 -07:00
Clint 01b1f0dd42
Update CHANGELOG.md 2020-05-18 16:00:21 -05:00
Clint 86a62130fd
Update to latest version of vault-plugin-secrets-openldap (#9006) 2020-05-18 15:59:11 -05:00
Jason O'Donnell 1845ef6d2e
doc: add environment variable template example (#9019)
* doc: add environment variable template example

* Update website/pages/docs/platform/k8s/injector/examples.mdx

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
2020-05-18 15:51:17 -04:00
Becca Petrin d7a6011b3e
Fix AWS auth renewals (#8991)
* fix aws auth renewals

* Update builtin/credential/aws/path_login.go

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

* debug log missing account_ids

* strip tests and related changes

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-05-18 11:10:36 -07:00
Theron Voran b7a9fb8566
docs: updating helm configuration (#8973)
Added helm configs that were changed/added in vault-helm
0.5.0. Also corrected the data type of a few config parameters.
2020-05-18 11:08:40 -07:00
Jeff Mitchell 6cb26312af
Fix code copied from gogo using a different proto import (#9009) 2020-05-15 13:45:22 -07:00
Calvin Leung Huang d9bb58197e
changelog++ 2020-05-15 11:17:51 -07:00
Calvin Leung Huang 8cefbca1c9
Refactor service registration (#8976)
* serivceregistration: refactor service registration logic to run later

* move state check to the internal func

* sr/kubernetes: update setInitialStateInternal godoc

* sr/kubernetes: remove return in setInitialState

* core/test: fix mockServiceRegistration

* address review feedback
2020-05-15 11:06:58 -07:00
Michael Golowka 8d754f552b
Enable root user credential rotation in MongoDB (#8540)
* Enable root user credential rotation in MongoDB

This takes its logic from the SetCredentials function with some changes
(ex: it's generating a password rather than taking one as a parameter).

This will error if the username isn't specified in the config. Since
Mongo defaults to unauthorized, this seemed like an easy check to make
to prevent strange behaviors when it tries to rotate the "" user.
2020-05-15 11:24:10 -06:00
Csongor Halmai dd8c10bb76
fix missing line-continuation in sample code (#9005) 2020-05-15 08:29:32 -04:00
Tyler Reid fbbd4fcf2d
docs: fix agent listener link (#9003) 2020-05-15 06:51:52 -05:00
Jeff Mitchell b4f5d38916
Update to latest go-kms-wrapping and fix protos/etcd (#8996) 2020-05-14 18:45:10 -04:00
Mike Jarmy 8f0183a981
move resuable storage test to avoid creating import cycle (#8999) 2020-05-14 13:53:56 -04:00
Jeff Mitchell 2f5f0049db
Switch bootstrap (except CI) over to using pinned versions from go.mod (#9000) 2020-05-14 13:45:12 -04:00
Scott Miller d1ba50384a
Soften the warning language on PKCS #1 v1.5 padding (#8988)
* Soften the warning language on PKCS #1 v1.5 padding
2020-05-14 12:29:21 -05:00
Jeff Mitchell 8d6c679241 Update sdk in go.mod files 2020-05-14 12:42:14 -04:00
Jeff Mitchell 4f7e98f091 Remove mistaken build flag 2020-05-14 10:44:02 -04:00
Jeff Mitchell fea001199b Make aws and transit wrapper funcs a var again 2020-05-14 09:58:03 -04:00
Jeff Mitchell 1d3d89e2aa
Create configutil and move some common config and setup functions there (#8362) 2020-05-14 09:19:27 -04:00
Mike Jarmy 724af764bb
Test reusable storage (#8983)
* stub out reusable storage test

* implement reusable inmem test

* work on reusable raft test

* stub out simple raft test

* switch to reusable raft storage

* cleanup tests

* cleanup tests

* refactor tests

* verify raft configuration

* cleanup tests

* stub out reuseStorage

* use common base address across clusters

* attempt to reuse raft cluster

* tinker with test

* fix typo

* start debugging

* debug raft configuration

* add BaseClusterListenPort to TestCluster options

* use BaseClusterListenPort in test

* raft join works now

* misc cleanup of raft tests

* use configurable base port for raft test

* clean up raft tests

* add parallelized tests for all backends

* clean up reusable storage tests

* remove debugging code from startClusterListener()

* improve comments in testhelpers

* improve comments in teststorage

* improve comments and test logging

* fix typo in vault/testing

* fix typo in comments

* remove debugging code

* make number of cores parameterizable in test
2020-05-14 08:31:02 -04:00
Jim Kalafut 5825b23013
Add 1.4.1 upgrade guide (#8981) 2020-05-13 16:55:32 -07:00
Jason O'Donnell f65cd64696
doc: add notes about injector annotations (#8992) 2020-05-13 16:43:34 -04:00
Clement Chauplannaz c33cd93b93
Typo in policies.mdx (#8850) 2020-05-13 15:17:41 -04:00
Steven Robertson d9c5a6130a
fixes roleset GET to say 'read' instead of 'delete' (#8799) 2020-05-13 15:13:34 -04:00
ncabatoff 98f32a94a9
Static roles aren't supported yet for atlas. (#8989) 2020-05-13 12:13:29 -04:00
Mark Gritter bd766d7bae
Metrics wrapper that adds the cluster name as a label. (#8961) 2020-05-12 21:00:59 -05:00
Vishal Nayak 934186ba82 Vendor update 2020-05-12 18:05:47 -04:00
Scott Miller 8805a7b45c
Warn in the documentation against the use of CKM_RSA_PKCS. (#8982)
* Warn in the documentation against the use of CKM_RSA_PKCS

* tweak

* Roger roger.
2020-05-12 10:56:41 -05:00
Mike Jarmy 1fc9b0799a
Update CHANGELOG.md 2020-05-12 09:02:51 -04:00
Vishal Nayak 72c4e3c7af
Doc: seal migration update (#8724)
* Doc: seal migration update

* s/Auto Unseal/KMS Seal

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* s/Recovery/recovery

* remove 'at this point'

* Address review comments

* Address review feedback

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Address review comments

Co-authored-by: Meggie <meggie@hashicorp.com>
2020-05-12 01:02:59 -04:00
Andrew N Golovkov 753b2c135a
More helpful errors when import bundled certificates (#8951)
* helpful errors: print not only CN but also exactly what we are comparing
* helpful errors: return different errors for non-existent and unknown keys
* helpful errors: print error about encrypted key instead of "private key not found"
2020-05-11 17:01:10 -06:00
Nicole Forrester 77ad037d9c
Add vault docs redirects & remove deprecated database docs (#8922)
* website: add redirects for old database docs
* delete deprecated database docs
2020-05-11 14:20:40 -06:00
Scott G. Miller 4e6dc7e9ab changelog++ 2020-05-11 14:18:44 -05:00
Scott G. Miller fa8ddc3392 changelog++ 2020-05-11 14:17:51 -05:00
Scott Miller c3b6db2f26
Reject requests read and write requests to cubbyhole with an empty path (#8971)
* Reject requests read and write requests to cubbyhole with an empty path
2020-05-11 14:15:36 -05:00
Scott Miller 16cc804086
Upgrade go-ldap to 3.1.10, containing the send race fix (#8937)
* Upgrade go-ldap to 3.1.10, containing the send race fix
2020-05-11 11:28:01 -05:00
Aleksandr Yakimenko 182bfc86f8
Fix minor typos in docs (#8965) 2020-05-11 11:12:48 -04:00
Patrick Bernal c68c5016da
taking out for now due to perms issue (#8969) 2020-05-11 10:03:15 -04:00