Commit graph

11640 commits

Author SHA1 Message Date
Michael Golowka ee2843a3b2
Update Oracle DB secrets docs to reflect support for static roles (#8168)
* Fix typos

* Update Oracle DB secrets docs to show support for Static Roles

* Add warning about username case sensitivity

* Remove warning about casing

* Fix typo

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
2020-02-13 15:11:33 -07:00
Vishal Nayak c87d34d1a4
Seal migration with Raft (#8103)
* Seal migration after unsealing

* Refactor migration fields migrationInformation in core

* Perform seal migration as part of postUnseal

* Remove the sleep logic

* Use proper seal in the unseal function

* Fix migration from Auto to Shamir

* Fix the recovery config missing issue

* Address the non-ha migration case

* Fix the multi cluster case

* Avoid re-running seal migration

* Run the post migration code in new leaders

* Fix the issue of wrong recovery being set

* Address review feedback

* Add more complete testing coverage for seal migrations.   (#8247)

* Add more complete testing coverage for seal migrations.  Also remove VAULT_ACC gate from some tests that just depend on docker, cleanup dangling recovery config in storage after migration, and fix a call in adjustCoreForSealMigration that seems broken.

* Fix the issue of wrong recovery key being set

* Adapt tests to work with multiple cores.

* Add missing line to disable raft join.

Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>

* Fix all known issues

* Remove warning

* Review feedback.

* Revert my previous change that broke raft tests.  We'll need to come back and at least comment
this once we better understand why it's needed.

* Don't allow migration between same types for now

* Disable auto to auto tests for now since it uses migration between same types which is not allowed

* Update vault/core.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Add migration logs

* Address review comments

* Add the recovery config check back

* Skip a few steps if migration is already done

* Return from waitForLeadership if migration fails

Co-authored-by: ncabatoff <nick.cabatoff@gmail.com>
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2020-02-13 16:27:31 -05:00
Calvin Leung Huang dac3382e15
external_tests: ensure derived cores are stable before proceeding on tests (#8342)
* external_tests: ensure derived cores are stable before proceeding on tests

* testhelpers: add min duration tolerance when checking stability on derived core
2020-02-13 13:18:53 -08:00
Noelle Daley 8369775247
Update CHANGELOG.md 2020-02-13 14:05:15 -06:00
Matthew Irish fb25f3dfa8
Fix transit-key context menu on the transit-key list page (#8348)
* thread backend through requests so that the transit-key model has it on list responses

* add tests for transit-key menu and serializer handling of backend

* remove changes to preview-head

Co-authored-by: Noelle Daley <noelledaley@users.noreply.github.com>
2020-02-13 14:03:28 -06:00
Angel Garbarino db053601e5
Core Usage Metrics (#8347)
* Core usage metrics v1 (merge to side-branch) (#8238)

* restructure menu layout per designs

* setup new routing that will set the stage for a metrics landing page

* fix formatting

* Revert "fix formatting"

This reverts commit e77cdec5e58cdcea49aa1b97f80238433c4f7d1e.

* fix formatting

* small styling changes

* change request routing to metrics

* rename route js file

* Core usage metrics v2 (#8263)

* restructure menu layout per designs

* setup new routing that will set the stage for a metrics landing page

* fix formatting

* Revert "fix formatting"

This reverts commit e77cdec5e58cdcea49aa1b97f80238433c4f7d1e.

* fix formatting

* small styling changes

* change request routing to metrics

* rename route js file

* setup selectable card component and api request

* add token and http request models to route and template

* add entities to route and template

* clean up

* add breadcrumbs and some clean up work

* remove unused selectable-card component

* refactor to a serializer

* move adapters, serializers, and models into metrics folder

* remove unused file

* address pr comments

* address pr comments

* Core Usage Metrics V3 (#8316)

* restructure menu layout per designs

* setup new routing that will set the stage for a metrics landing page

* fix formatting

* Revert "fix formatting"

This reverts commit e77cdec5e58cdcea49aa1b97f80238433c4f7d1e.

* fix formatting

* small styling changes

* change request routing to metrics

* rename route js file

* setup selectable card component and api request

* add token and http request models to route and template

* add entities to route and template

* clean up

* add breadcrumbs and some clean up work

* remove unused selectable-card component

* setup smaller http request bar chart

* refactor to a serializer

* move adapters, serializers, and models into metrics folder

* remove unused file

* setup change part of component

* fix broken model

* add conditional class

* setting up computed properties in new component

* small fixes

* setup components

* minor fixes

* rename

* clean up

* firefox fix

* remove shadow bars

* move out of metrics folders

* modify permissions to show difference between token entities and requests

* make tests

* fix class names and associated tests

* clean up

* fix text overflow in non-chrome browsers

* address pr comments, specifically class names and tests

* move into one component

* clean up component descriptions in comments

* small wording changes

* fix for accessibility

* address pr comments around component examples for storybook

* fix test

* fix failing test

* fix test
2020-02-13 12:44:57 -07:00
Becca Petrin 5a01a5af0f
Add Kubernetes service registration (#8249) 2020-02-13 09:56:29 -08:00
Jeff Malnick 27ad920399
Add redshift database plugin (#8299)
* feat: add redshift database plugin

* build: update vendored libraries

* docs: add reference doc for redshift variant of the database secrets engine

* feat: set middlewear type name for better metrics naming (#8346)

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
2020-02-13 09:42:30 -08:00
Jeff Mitchell 86327b8010 Bump api/sdk and fix imports 2020-02-13 10:41:16 -05:00
Jeff Mitchell b0acc1d036 Update API's sdk 2020-02-13 10:40:35 -05:00
Jeff Mitchell fedb451a12 Move reload and listenerutil into sdk 2020-02-13 10:40:02 -05:00
ncabatoff 9ed6572cc2
changelog++ 2020-02-13 09:01:49 -05:00
ncabatoff e63da2e183
Add support for telemetry option metrics_prefix (#8340)
When set, instead of starting with `vault_`, metrics will start with `${prefix}_`.
2020-02-13 09:00:32 -05:00
Jim Kalafut 64a5cbfe54
changelog++ 2020-02-12 23:48:39 -08:00
Jim Kalafut f4cafabb62
Support processing parameters sent as a URL-encoded form (#8325) 2020-02-12 14:20:22 -08:00
Jim Kalafut 2b429bbeff
changelog++ 2020-02-11 21:56:39 -08:00
Becca Petrin f671752afb
preserve state immediately (#8336) 2020-02-11 13:04:40 -08:00
Chelsea Shaw a29e0ed600
UI feature: dart sass (#8327)
* Use dart sass implementation in front end
2020-02-11 11:19:37 -06:00
Sam Salisbury 42faa3687c
ci: build website docker image only on OSS repo (#8335) 2020-02-11 17:03:54 +00:00
Sam Salisbury 7996b8f65a
upgrade to go1.13.7 (#8332) 2020-02-11 15:03:49 +00:00
Daniel Spangenberg 2ff52fc177
changelog++ 2020-02-10 15:50:23 +01:00
Daniel Spangenberg f7cfec47ea
Fix CLI namespace commands (#8315)
* Fix namespace commands help

* Fix useless prediction for namespace commands

* Add namespace prediction capability
2020-02-09 19:38:39 +01:00
Darshana Sivakumar ef687a97a6 Adding a new replication metric (WAL GC counter) (#8241)
* Adding a new replication metric (WAL GC counter)

Adding a new line about the vault.replication.wal.gc metric

* Update website/pages/docs/internals/telemetry.mdx

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2020-02-07 23:04:59 -08:00
Jim Kalafut 2ee7b76469
Bundle MongoDB Atlas (#8309) 2020-02-07 14:09:39 -08:00
Daniel Spangenberg 78e6a21d2c
changelog++ 2020-02-07 16:14:50 +01:00
Daniel Spangenberg c770a81e5c
Update CHANGELOG.md 2020-02-07 16:13:30 +01:00
Daniel Spangenberg f84288d74f
Support CLI autocompletion for nested mounts (#8303)
* Support CLI autocompletion for nested mounts

* Add test for nested autocomplete prediction
2020-02-07 15:58:30 +01:00
ncabatoff fbd4925889
Update to newest go-metrics, go mod vendor. (#8311) 2020-02-07 09:05:14 -05:00
Michel Vocks 4dc32cd260
changelog++ 2020-02-07 09:43:06 +01:00
Michel Vocks 3a4d330f64
Return error when a standby node receives a metrics request (#8280)
* Return error when a standby node receives a metrics request

* fix test

* Add documentation note
2020-02-07 09:30:25 +01:00
Jeff Malnick f46769b441
fix: rotateStatents -> rotateStatements (#8306) 2020-02-06 14:05:00 -08:00
Chelsea Shaw 12bc4fd822
changelog++ 2020-02-06 15:12:45 -06:00
Vlad Ungureanu 1081446ac9
Update vault azure api docs (#8276)
By reading the code looks like `subscription_id` and `resource_group_name` are required in the end https://github.com/hashicorp/vault-plugin-auth-azure/blob/master/path_login.go#L192-L194.
2020-02-06 12:51:34 -08:00
Chelsea Shaw 937b0550ab
[UI] clear policies in cli (#8291)
* fix: entity policies cleared from empty string in UI console

* add test for new use case of empty value
2020-02-06 12:37:38 -06:00
ncabatoff d2cc5dee0c
changelog++ 2020-02-06 13:31:36 -05:00
ncabatoff a0ac4bdd2a
Audit generate root requests and responses. (#8301) 2020-02-06 11:56:37 -05:00
Brian Choy 85877e52a4
Fix typo in vault agent injector example docs (#8302)
Fix mispelling of `annotation`.
2020-02-05 15:57:09 -08:00
Clint ed56a5974f
Update CHANGELOG.md 2020-02-05 17:02:12 -06:00
Becca Petrin 1459544630
update from github.com/hashicorp/gokrb5 to github.com/jcmturner/gokrb5/v8 (#8296) 2020-02-05 14:23:22 -08:00
ncabatoff cfcb9d2218
Update seal migration docs re limitations and different scenarios (#8298) 2020-02-05 15:30:04 -05:00
Clint 7cf8289470
Update CHANGELOG.md 2020-02-05 14:12:22 -06:00
Clint 58381ca0e7
MySQL HA: Return an error if we fail to get a lock on standby (#8229)
* return an error if we fail to get a lock on standby

* Add regression test

* minor refactoring to remove a race condition in the test
2020-02-05 14:08:48 -06:00
Clint da5a193769
Update CHANGELOG.md 2020-02-05 13:53:34 -06:00
Clint 074f897ae4
secret/database: Guard against panic with InfluxDB plugin (#8282)
* database/influx: fix panic when trying to revoke user

Guard against other nil responses

* return an error if response is nil, which is unlikely but best safe than sorry

* refactor a deeply nested statement into a function
2020-02-05 13:49:02 -06:00
ncabatoff 2c8b012d14
Changes needed so that benchmark-vault can run with Prometheus monitoring (#8295) 2020-02-05 13:45:16 -05:00
Jim Kalafut 053a06bcfa
Add links to changelog Github references (#8293)
Co-authored-by: Daniel Spangenberg <daniel@spangenberg.io>
2020-02-05 08:28:19 -08:00
Daniel Spangenberg 058ee30a62
changelog++ 2020-02-05 10:56:18 +01:00
Dan Lafeir fe80e136da
Add a specific reference to AWS IAM Unique Identifiers (#8209)
* Add specification about AWS IAM Unique Identifiers

We experienced an issue where IAM roles resources were re-provisioned with the same ARNs and no change had been made to our vault role configuration but users lost access with `-method=aws`. It wasn't immediately clear to us how IAM Unique Identifiers where being used to avoid the same situations outlined in the AWS documentation. We eventually concluded that re-provisioning the roles in our auth/aws/auth would fetch the new IAM Unique Identifiers. 

I hope that this small amendment helps people avoid this problem in the future.
2020-02-04 15:31:48 -08:00
Jamie Finnigan fa2544cf5e
fix <name> entity encoding for Secrets Engines Metrics section (#8290) 2020-02-04 15:06:10 -08:00
Daniel Spangenberg 415303cc02
Allow FQDNs in DNS Name for PKI Secrets Engine (#8288)
Fixes #4837
2020-02-04 23:46:38 +01:00