mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-09 08:07:01 +02:00
Code Issues Projects Releases Wiki Activity
18,057 Commits 2,838 Branches 445 Tags 444 MiB
07e76196ba
Commit Graph

149 Commits

Author SHA1 Message Date
Jeff Mitchell
2ac644d983 Add ability to set max retries to API 2017-03-01 12:24:08 -05:00
Jordan Abderrachid
aae23b1ea1 api: add EnvVaultToken constant. (#2413) 2017-02-27 18:36:21 -05:00
Jeff Mitchell
7c4e5a775c Fix breakage for HTTP2 support due to changes in wrapping introduced in 1.8 (#2412) 2017-02-27 12:49:35 -05:00
Jason Felice
0a1e7a7be4 ConfigureTLS() sets default HttpClient if nil (#2329) 2017-02-06 17:47:56 -05:00
Vishal Nayak
20fabef08b Use Vault client's scheme for auto discovery (#2146) 2016-12-02 11:24:57 -05:00
Jeff Mitchell
d9f97198bd Set number of pester retries to zero by default and make seal command… (#2093) 
* Set number of pester retries to zero by default and make seal command return 403 if unauthorized instead of 500

* Fix build

* Use 403 instead and update test

* Change another 500 to 403
 2016-11-16 14:08:09 -05:00
Jeff Mitchell
60deff1bad Wrapping enhancements (#1927) 2016-09-28 21:01:28 -07:00
Jeff Mitchell
2a0f946f6b Don't retry on redirections. 2016-08-12 15:13:42 -04:00
vishalnayak
b01a4ff1cb Use default config and read environment by default while creating client object 2016-08-12 11:37:13 -04:00
Alex Dadgar
881d67e2fd Address comments 2016-08-02 13:17:45 -07:00
Alex Dadgar
5fccb9a83e Refactor the TLS configuration between meta.Client and the api.Config 2016-07-27 17:26:26 -07:00
Jeff Mitchell
478f420912 Migrate number of retries down by one to have it be max retries, not tries 2016-07-11 21:57:14 +00:00
Jeff Mitchell
7129fd5785 Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00
Jeff Mitchell
60df9d3461 Make the API client retry on 5xx errors. 
This should help with transient issues. Full control over min/max delays
and number of retries (and ability to turn off) is provided in the API
and via env vars.

Fix tests.
 2016-07-06 16:50:23 -04:00
Jeff Mitchell
810e914730 Add unwrap test function and some robustness around paths for the wrap lookup function 2016-05-19 11:49:46 -04:00
Jeff Mitchell
b626bfa725 Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors 2016-05-16 16:11:33 -04:00
Jeff Mitchell
a110f6cae6 Merge branch 'master-oss' into cubbyhole-the-world 2016-05-04 14:42:14 -04:00
Jeff Mitchell
d3f1176e03 Switch our tri-copy ca loading code to go-rootcerts 2016-05-03 12:23:25 -04:00
Jeff Mitchell
ff4dc0b853 Add wrap support to API/CLI 2016-05-02 02:03:23 -04:00
Robert M. Thomson
b906f22fe9 Add VAULT_TLS_SERVER_NAME environment variable 
If specified, verify a specific server name during TLS negotiation
rather than the server name in the URL.
 2016-02-25 17:28:49 +01:00
Jeff Mitchell
673c6d726a Move environment variable reading logic to API. 
This allows the same environment variables to be read, parsed, and used
from any API client as was previously handled in the CLI. The CLI now
uses the API environment variable reading capability, then overrides any
values from command line flags, if necessary.

Fixes #618
 2015-11-04 10:28:00 -05:00
Jeff Mitchell
5c0a16b16a Use cleanhttp instead of bare http.Client 2015-10-22 14:37:12 -04:00
Jeff Mitchell
0dbbef1ac0 Don't use http.DefaultClient 
This strips out http.DefaultClient everywhere I could immediately find
it. Too many things use it and then modify it in incompatible ways.

Fixes #700, I believe.
 2015-10-15 17:54:00 -04:00
Jeff Mitchell
c9c8398352 Add 301 redirect checking to the API client. 
Vault doesn't generate these, but in some cases Go's internal HTTP
handler does. For instance, during a mount-tune command, finishing the
mount path with / (as in secret/) would cause the final URL path to
contain .../mounts/secret//tune. The double slash would trigger this
behavior in Go's handler and generate a 301. Since Vault generates 307s,
this would cause the client to think that everything was okay when in
fact nothing had happened.
 2015-10-09 17:11:31 -04:00
Dejan Golja
71615a172c Increase default timeout to 30s which should allow for any operation 
to complete.
 2015-10-09 00:53:35 +11:00
Dejan Golja
4ee297408f added a sensible default timeout for the vault client 2015-10-08 18:44:00 +11:00
Jeff Mitchell
81505f5f97 Rather than use http.DefaultClient, which is simply &http.Client{}, 
create our own. This avoids some potential client race conditions when
they are setting values on the Vault API client while the default client
is being used elsewhere in other goroutines, as was seen in
consul-template.
 2015-09-03 13:47:20 -04:00
Jeff Mitchell
4d6ebab007 Change variable name for clarity 2015-09-03 13:38:24 -04:00
Jeff Mitchell
1a2c44d805 Remove redirect handling code that was never being executed (redirects are manually handled within RawRequest). Add a sync.Once to fix a potential data race with setting the CheckRedirect function on the default http.Client 2015-09-03 13:34:45 -04:00
Seth Vargo
f0b3ad6a2a Update documentation around cookies 2015-09-03 10:36:59 -04:00
Jeff Mitchell
f1a301922d Remove cookie authentication. 2015-08-21 19:46:23 -07:00
Jeff Mitchell
6f5f247b28 The docs say that if HttpClient is nil, http.DefaultClient will be used. However, the code doesn't do this, resulting in a nil dereference. 2015-06-04 14:01:10 -04:00
Seth Vargo
f0520916d6 Improve error message when TLS is disabled 
Fixes #198
 2015-05-14 10:33:38 -04:00
Mitchell Hashimoto
4f2b244d72 api: human friendly error for TLS [GH-123] 2015-05-02 13:08:35 -07:00
Seth Vargo
6a104b22db Remove api dependency on http package 2015-04-23 19:58:44 -04:00
Seth Vargo
25962851ba Use VAULT_ADDR instead 2015-04-23 11:46:22 -04:00
Seth Vargo
b3cc97d71f Add docs 2015-04-23 11:45:37 -04:00
Seth Vargo
aa94080ad8 Read environment variables for VAULT_HTTP_ADDR and VAULT_TOKEN 2015-04-23 11:43:20 -04:00
Seth Vargo
d19aa41b21 Use a pointer config instead 2015-04-23 11:13:52 -04:00
Armon Dadgar
462ff7f374 api: Support redirect for HA 2015-04-20 11:30:35 -07:00
Mitchell Hashimoto
7a54437355 command/delete 2015-04-07 11:15:20 -07:00
Mitchell Hashimoto
9784fc18f2 api: SetToken 2015-03-30 21:20:23 -07:00
Mitchell Hashimoto
f547b717a7 api: re-use proper token constant 2015-03-30 11:14:51 -07:00
Mitchell Hashimoto
78ef15d413 api: store token cookie, tests 2015-03-11 17:46:42 -05:00
Mitchell Hashimoto
8894987d0b api: document jar requirement 2015-03-11 17:46:41 -05:00
Mitchell Hashimoto
6f48a19c44 api: automatically get errors in RawRequest 2015-03-11 17:46:41 -05:00
Mitchell Hashimoto
f0c804e42a api: sys methods 2015-03-11 17:46:41 -05:00
Mitchell Hashimoto
da6210d3c1 api: start the groundwork API stuff 2015-03-09 11:38:50 -07:00
Mitchell Hashimoto
cbf2d74670 api: spec 2015-03-04 13:10:10 -08:00