open-vault/api
Alexander Scheel 5101e31857
PKI Health Check Command (#17750)
* Stub out initial health check command

This command will be used to generate health check results for the PKI
engine.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Start common health check implementation

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add common health check utilities

These utilities will collect helpers not specific to PKI health checks,
such as formatting longer durations more legibly.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add PKI health check common utils

Many health checks will need issuer and/or CRL information in order to
execute. We've centrally located these helpers to avoid particular
health checks from needing to reimplement them each time.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Adding ca_validity_period health check

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Begin using health-checks in PKI command

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Allow parsing raw requests afterwards

This shifts the last of the logic difference between Read(...) and
ReadRaw(...) to a new helper, allowing ReadRaw(...) requests to be
parsed into the same response structure afterwards as Read(...); this
allows API callers to fetch the raw secret and inspect the raw response
object in case something went wrong (error code &c) -- and when the
request succeeds, they can still get the api.Secret out.

This will be used with the PKI health check functionality, making both
LIST and READ operations use ReadRaw, and optionally parsing the secret
afterwards.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add crl_validity_period health check

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add tests for PKI health check

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix bug in raw reading with contexts

When reading raw objects, don't manually call the context cancellation:
this causes timeouts and/or EOF errors when attempting to read or parse
the response body. See message in client.RawRequestWithContext(...) for
more information.

This was causing the test suite to randomly fail, due to the context
cancelling. The test suite's client usually had a default timeout,
whereas the CLI didn't, and thus didn't exhibit the same issue.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix typo in permissions message

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Move %v->%w for errs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-11-16 09:27:56 -05:00
..
auth Update vault to v1.8.1 (#17516) 2022-10-20 11:56:55 -07:00
test-fixtures Add More TLS Tests and Verification of TLS Root Certificate (#11300) 2021-04-12 08:39:40 -07:00
api_test.go Add HTTP PATCH support to KV (#12687) 2021-10-13 15:24:31 -04:00
auth.go [Vault-5248] MFA support for api login helpers (#14900) 2022-04-15 11:13:15 -07:00
auth_test.go [Vault-5248] MFA support for api login helpers (#14900) 2022-04-15 11:13:15 -07:00
auth_token.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
client.go Added flag and env var which will disable client redirection (#17352) 2022-09-30 09:29:37 +01:00
client_test.go Added flag and env var which will disable client redirection (#17352) 2022-09-30 09:29:37 +01:00
go.mod update vault sdk and api go-plugin version to v1.4.5 (#17734) 2022-10-31 08:52:04 -05:00
go.sum update vault sdk and api go-plugin version to v1.4.5 (#17734) 2022-10-31 08:52:04 -05:00
help.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
kv.go Add a sentinel error for missing KV secrets (#16699) 2022-08-12 19:29:42 -04:00
kv_test.go Fix for KV_V2 Custom Metadata Bug (#17395) 2022-10-05 16:43:54 -07:00
kv_v1.go Add a sentinel error for missing KV secrets (#16699) 2022-08-12 19:29:42 -04:00
kv_v2.go Fix for KV_V2 Custom Metadata Bug (#17395) 2022-10-05 16:43:54 -07:00
lifetime_watcher.go update gofumpt to 0.3.1 and reformat the repo (#17055) 2022-09-07 17:31:20 -07:00
logical.go PKI Health Check Command (#17750) 2022-11-16 09:27:56 -05:00
output_policy.go Global flag that outputs minimum policy HCL required for an operation (#14899) 2022-04-27 16:35:18 -07:00
output_string.go refactor: replace strings.Replace with strings.ReplaceAll (#15392) 2022-08-03 15:22:48 -04:00
plugin_helpers.go Revert "Add mount path into the default generated openapi.json spec (#17839)" (#17890) 2022-11-10 15:39:53 -08:00
plugin_helpers_test.go Global flag that outputs minimum policy HCL required for an operation (#14899) 2022-04-27 16:35:18 -07:00
README.md Developer Quickstart docs improvements (#16199) 2022-06-30 08:50:35 -07:00
renewer_test.go TestLifetimeWatcher: Address race condition in test assertions (#15969) 2022-06-14 09:44:51 -04:00
request.go Fix SRV Lookups (#8520) 2020-03-11 14:22:58 +01:00
request_test.go Clean up request logic and use retryable's more efficient handling (#4670) 2018-06-01 09:12:43 -04:00
response.go VAULT-1303 when a request to vault fails, show namespace if set (#12196) 2021-07-30 12:32:05 -04:00
secret.go Fix integer overflows with new parseutil (#15437) 2022-05-16 13:57:19 -04:00
ssh.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
ssh_agent.go update gofumpt to 0.3.1 and reformat the repo (#17055) 2022-09-07 17:31:20 -07:00
ssh_agent_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
sys.go api: separate sys out further 2015-03-11 17:46:41 -05:00
sys_audit.go update gofumpt to 0.3.1 and reformat the repo (#17055) 2022-09-07 17:31:20 -07:00
sys_auth.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
sys_capabilities.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
sys_config_cors.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
sys_generate_root.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
sys_hastatus.go Add autopilot automated upgrades and redundancy zones (#15521) 2022-05-20 16:49:11 -04:00
sys_health.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
sys_init.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
sys_leader.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
sys_leases.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
sys_mfa.go [Vault-5248] MFA support for api login helpers (#14900) 2022-04-15 11:13:15 -07:00
sys_monitor.go api/monitor: Adding log format to monitor command and debug (#15536) 2022-05-24 13:10:53 -04:00
sys_mounts.go Vault 8305 Prevent Brute Forcing in Auth methods : Setting user lockout configuration (#17338) 2022-11-01 11:02:07 -07:00
sys_mounts_test.go Plugins: Consistently use plugin_version (#17171) 2022-09-20 12:35:50 +01:00
sys_plugins.go Plugins: Add -version flag to 'vault plugin info' (#17454) 2022-10-07 15:28:15 +01:00
sys_plugins_test.go Plugins: Add -version flag to 'vault plugin info' (#17454) 2022-10-07 15:28:15 +01:00
sys_policy.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
sys_raft.go Add autopilot automated upgrades and redundancy zones (#15521) 2022-05-20 16:49:11 -04:00
sys_rekey.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
sys_rotate.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00
sys_seal.go VAULT-8703 Add warning for dangerous undocumented overrides, if used, in status response (#17855) 2022-11-09 11:04:36 -05:00
sys_stepdown.go Replace http method strings with net/http constants (#14677) 2022-03-24 13:58:03 -04:00

Vault API

This provides the github.com/hashicorp/vault/api package which contains code useful for interacting with a Vault server.

For examples of how to use this module, see the vault-examples repo. For a step-by-step walkthrough on using these client libraries, see the developer quickstart.

GoDoc