Commit graph

7741 commits

Author SHA1 Message Date
Chris Hoffman f6a3a76f25
Docs for configuration UI headers (#4313)
* adding /sys/config/ui headers

* adding /sys/config/ui headers
2018-04-09 12:21:02 -04:00
Chris Hoffman 19f9f6ee89
Root Credential Rotation Docs (#4312)
* updating root credential docs

* more docs updates

* more docs updates
2018-04-09 12:20:29 -04:00
Yoko c30133d415
AppRole with Terraform & Chef (#4200)
* WIP - Teddy's webinar

* WIP

* Added more details with diagram

* Fixed a typo

* Added a note about terraform bug with 0.11.4 & 0.11.5

* Minor adjustment

* Fixed typos

* Added matching CLI commands

* Added extra speace for readability
2018-04-09 08:50:50 -07:00
Calvin Leung Huang 656a762e0a
Dockerize mssql secret backend tests (#4290)
* Dockerize mssql secret backend tests

* Extend total mysql container timeout to 1 minute
2018-04-09 10:46:52 -04:00
Chris Hoffman 2bb7452828
changelog++ 2018-04-09 09:40:51 -04:00
Chris Hoffman 28479e6f20
changelog++ 2018-04-09 09:33:14 -04:00
Matthew Irish cff34e983f
UI - pki updates (#4291)
* add require_cn to pki roles
* add policy_identifiers and basic_constraints_valid_for_non_ca to pki role form
* add new fields to the PKI docs
* add add_basic_constraints field
2018-04-08 21:09:29 -05:00
Chris Hoffman 71c0b749b5
Fix deadlock in root credential rotation (#4309)
* fix deadlock in root credential rotation

* add more logging of errors

* adding cassandra test
2018-04-08 13:34:59 -04:00
Jeff Mitchell d2a9ac9c32 changelog++ 2018-04-07 21:08:32 -04:00
Jeff Mitchell 36c507b273 Update vault-plugin-auth-gcp to get client invalidation fix 2018-04-07 21:07:43 -04:00
Chris Hoffman e1edbbde4f
update azure plugin (#4306) 2018-04-07 11:20:22 -04:00
Chris Hoffman 40dc317f41
Prevent returning password in reads of connection config info (#4300)
* prevent returning password in reads of connection config info

* fixing a test

* masking password in connection url on reads

* addressing feedback

* removing extra check
2018-04-07 11:06:04 -04:00
Chris Hoffman cbcf31c570
remove token from curl request for login paths (#4303) 2018-04-06 18:10:59 -04:00
Jeff Mitchell 510a57e7de Update CLI coloring 2018-04-06 14:38:56 -04:00
Calvin Leung Huang 172cb7ee6a
Extend the TTL on the token for renewer auth test (#4297) 2018-04-06 12:24:01 -04:00
Calvin Leung Huang fb81016252
Fix output-related tests (#4288)
* Fix command tests

* More test fixes

* Use backticks to escape quoted strings

* More test fixes

* Fix mismatched error output failures

* Fix mismatched error output failures
2018-04-05 20:43:29 -04:00
Yoko f039404a8a
Added in-region DR scenario diagram (#4292)
This is a replica of the PR 4243 which has already been approved.
2018-04-05 16:08:55 -07:00
Andy Manoske 9c1db25639
Update index.html.md 2018-04-05 15:16:28 -07:00
Matthew Irish 4b885c080c
Ui request forwarding error (#4275)
* add ember-cli-content-security-policy
* only enable client side CSP when not in production - the go side handles this otherwise
* add service that handles and stores CSP violations via the securitypolicyviolation event
* update auth form component to show a specialized message when there's a CSP error
* move to computed prop for showing the CSP error message
* fix typos
2018-04-05 16:36:33 -05:00
Jeff Mitchell 7d520e53a5 Update auth-gcp plugin 2018-04-05 17:34:27 -04:00
Matthew Irish 3a734d7cb4
UI - first RC feedback (#4278)
* add hasSentinel to the version service
* use hasSentinel instead of features directly
* type='button' strikes again
* pass url param in tab links to ensure hrefs are updated
* 404 when the item_type is invalid for the identity route
2018-04-05 16:08:18 -05:00
Yoko 3dd3247006
Auto Unseal with AWS KMS guide (#4277)
* WIP

* Added auto unseal

* Converting to a guide

* Added little more explanations

* Minor fixes

* Fixed a typo

* Fixed a typo

* Changed auto unseal to auto-unseal

* Found more typo... fixed
2018-04-05 13:28:39 -07:00
Jeff Mitchell 27db47828b Bump kv plugin 2018-04-05 14:09:19 -04:00
Jeff Mitchell 0776c65e15
Move colorable statements to fix Windows support. (#4287)
This puts it in the main command level.

Fixes #4070
2018-04-05 13:28:02 -04:00
Calvin Leung Huang 63b2698289 Do not fail if api_addr and cluster_addr are empty (#4286) 2018-04-05 12:54:15 -04:00
Vishal Nayak 28e3eb9e2c
Errwrap everywhere (#4252)
* package api

* package builtin/credential

* package builtin/logical

* package command

* package helper

* package http and logical

* package physical

* package shamir

* package vault

* package vault

* address feedback

* more fixes
2018-04-05 11:49:21 -04:00
Vishal Nayak ef60ded908
TypeDurationSecond for ttl and max_ttl (#4268)
* use typedurationsecond for ttl and max_ttl

* address review feedback
2018-04-04 17:47:18 -04:00
Geoffrey Grosenbach 22c1766fc1 Correct the page title to read re-wrapping (#4274)
The title in the metadata used `re-rapping` instead of `re-wrapping`. This one line change fixes the spelling.
2018-04-04 16:55:46 -04:00
Quinn Stearns d8dab90113 Rename Example Key from "value" to "foo" (#4270)
It is slightly confusing to have the first example include a key named "Value". This can create a slight hump to grokking what's happening in this early step of the README. Here we rename the key to "foo" to help indicate it's dynamic nature.
2018-04-04 16:22:27 -04:00
Jeff Mitchell a84e2bcc25
Don't allow api/cluster addresses to be the same. (#4272)
People make this mistake quite often and it causes real issues.
2018-04-04 16:15:07 -04:00
Calvin Leung Huang f392620cb8
Dockerize rabbitmq secret backend (#4271) 2018-04-04 16:09:26 -04:00
Brian Kassouf aa9c93a680
changelog++ 2018-04-04 09:29:27 -07:00
Brian Kassouf 43496861c5
command/kv: Update the 404 parsing logic (#4269) 2018-04-04 09:26:06 -07:00
Jeff Mitchell 0b417bd03a Merge branch 'master' of https://github.com/hashicorp/vault into master-oss 2018-04-04 12:19:25 -04:00
Jeff Mitchell 4b936ea976 changelog++ 2018-04-04 12:19:21 -04:00
Yoko 7ef337ad86
Vault HA with Consul guide (#4187)
* Vault HA guide draft

* Fixed node_id to say node_name based on Brian's input

* Fixed the unwanted hyperlink

* Vault HA guide

* Updated the description of the Vault HA guide

* Typo fixes

* Added a reference to Vault HA with Consule guide

* Incorporated Teddy's feedback

* Fixed an env var name

* Vault configuration has been updated: 'api_addr'
2018-04-04 08:25:06 -07:00
Jeff Mitchell 3b9454978c
Cut version 0.10.0-rc1 2018-04-04 10:45:23 -04:00
Jeff Mitchell 44ab14674e Add ui tag to bin target 2018-04-04 10:44:20 -04:00
Seth Vargo a90467289a Rename Google things to say "Google", update telemetry (#4267) 2018-04-04 10:37:44 -04:00
Jeff Mitchell 92bedc6c31 Bump prerelease tag 2018-04-04 10:34:59 -04:00
Chris Hoffman 384b0c0b74
update azure plugin (#4266) 2018-04-04 08:02:37 -04:00
Chris Hoffman 8250da87a9
Fix a few missing TTL core changes (#4265)
* Fix missing ttl handling in backends

* fix test
2018-04-04 06:43:21 -04:00
Jeff Mitchell fe2fa0030f
Rejig 404 handling again. (#4264)
Done this way, existing tests pass, and it makes logical sense, so we're
likely to have the least impact like this.
2018-04-04 04:41:46 -04:00
Jeff Mitchell 1481dd35b5 Revert "On 404 if there is no actual body, return orig err. (#4262)"
This reverts commit 389c88482059a1db90a0e8ad985b1a0eeda13070.
2018-04-04 03:50:24 -04:00
Jeff Mitchell f6f3153b3d
Allow not showing expirations, and don't log when skipToken (#4263)
The latter removes a case where a token being revoked would end up
logging twice.
2018-04-04 03:07:10 -04:00
Brian Kassouf 62ce5ec91d
Versioned K/V docs (#4259)
* Work on kv docs

* Add more kv docs

* Update kv docs

* More docs updates

* address some review coments
2018-04-03 23:22:41 -07:00
Jeff Mitchell 4f2e26bbe7
On 404 if there is no actual body, return orig err. (#4262)
This keeps better backwards compat; we'll only swallow the original
error if there's actually other data or warnings returned.
2018-04-04 01:57:08 -04:00
Jeff Mitchell 4a45851681 Update plugins 2018-04-03 22:40:35 -04:00
Jeff Mitchell 409524a829 Stretch the renewer test a bit to give Travis some more time to deal with it 2018-04-03 22:36:14 -04:00
Jeff Mitchell 599f691141
Allow returning warnings and other data in 404s in the Go API (#4256)
* Allow returning list information and other data in 404s.

On read it'll output data and/or warnings on a 404 if they exist. On
list, the same behavior; the actual 'vault list' command doesn't change
behavior though in terms of output unless there are no actual keys (so
it doesn't just magically show other data).

This corrects some assumptions in response_util and wrapping.go; it also
corrects a few places in the latter where it could leak a (useless)
token in some error cases.

* Use same 404 logic in delete/put too

* Add the same secret parsing logic to the KV request functions
2018-04-03 22:35:45 -04:00