mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-09 16:17:01 +02:00
Code Issues Projects Releases Wiki Activity
1,647 Commits 2,838 Branches 445 Tags 444 MiB
67b705565e
Commit Graph

62 Commits

Author SHA1 Message Date
Caleb Tennis
d8d76a5304 Add a validation step in field data to error more quickly vs. allowing panics to happen when we go to get the data and convert it 2015-08-11 12:34:14 -04:00
Armon Dadgar
9515bf32de logical/framework: handle nil duration value. Fixes #408 2015-07-08 16:55:52 -06:00
Armon Dadgar
6a9dc00e57 Remove SetLogger, and unify on framework.Setup 2015-06-30 17:45:20 -07:00
Armon Dadgar
7b090ae1d6 logical/framework: support Salt in PathMap 2015-06-30 14:28:45 -07:00
Armon Dadgar
dcb45874bf logical/framework: adding a new duration type to convert to seconds 2015-06-17 15:56:26 -07:00
Armon Dadgar
daf94d6721 logical/framework: allow the lease max to come from existing lease 2015-06-17 14:24:12 -07:00
Armon Dadgar
2a894171ca logical/framework: simplify calculation of lease renew 2015-06-17 14:16:44 -07:00
Jonathan Sokolowski
3a2ad814bb logical/framework: Fix help text in PathMap 2015-05-15 07:56:32 +10:00
Jonathan Sokolowski
31d7426863 logical/framework: Add delete to PathMap 2015-05-14 22:28:33 +10:00
Jonathan Sokolowski
8d0ef0db75 logical/framework: Add delete to PathStruct 2015-05-14 22:25:30 +10:00
Mitchell Hashimoto
11a009d5ab logical/framework: PathMap is case insensitive by default 2015-05-11 10:27:04 -07:00
Mitchell Hashimoto
5d1baaace4 credential/github: case insensitive mappings 2015-05-11 10:24:39 -07:00
Armon Dadgar
68a99a8806 logical/framework: Generate help output even if no synopsis provided 2015-05-07 15:45:43 -07:00
Mitchell Hashimoto
33dfaaf88f logical/framework: PathMap allows hyphens in keys [GH-119] 2015-05-02 13:17:42 -07:00
Armon Dadgar
13d47848c1 logical/framework: Supporting list of path map 2015-04-23 21:44:04 -07:00
Mitchell Hashimoto
d76814e0f3 logical/framework: more flexible Pathmap and PolicyMap 2015-04-17 09:35:49 -07:00
Mitchell Hashimoto
81436dc871 logical/framework: PathStruct 2015-04-17 09:18:21 -07:00
Mitchell Hashimoto
0c8084c31f logical/framework: doc for defaultduration on secret 2015-04-13 20:42:06 -07:00
Mitchell Hashimoto
9af81182f0 logical/framework: secret lease tests 2015-04-13 15:18:27 -07:00
Mitchell Hashimoto
40027e22d3 logical/framework: allow max session time 2015-04-11 16:41:08 -07:00
Mitchell Hashimoto
cd8216c726 vault: token store allows unlimited renew 2015-04-11 16:28:16 -07:00
Mitchell Hashimoto
333d60f675 logical/framework: more tests 2015-04-11 14:51:00 -07:00
Mitchell Hashimoto
0822286acb logical/framework: AuthRenew callback, add LeaseExtend 
/cc @armon - Going with this "standard library" of callbacks approach
to make extending leases in a customizable way easy. See the docs/tests
above.
 2015-04-11 14:46:09 -07:00
Mitchell Hashimoto
a81e3bbe6a logical: add LeaseOptions.IncrementedLease() 2015-04-10 21:35:17 -07:00
Mitchell Hashimoto
333bdac62d vault: the expiration time should be relative to the issue time 2015-04-10 21:21:06 -07:00
Armon Dadgar
e15b8426b1 logical: Adding support for renew of Auth 2015-04-10 13:59:49 -07:00
Armon Dadgar
64ef2a6269 logical: Refactor LeaseOptions to share between Secret and Auth 2015-04-09 12:14:04 -07:00
Mitchell Hashimoto
61b7b71dec credential/app-id 2015-04-04 18:41:49 -07:00
Mitchell Hashimoto
8fd956391a credential/github: improve help 2015-04-04 12:18:33 -07:00
Mitchell Hashimoto
0109031e63 vault: pass a logger around to logical backends 2015-04-04 11:39:58 -07:00
Mitchell Hashimoto
d9e38470a8 logical/framework: better string values for types 2015-04-03 21:15:59 -07:00
Mitchell Hashimoto
105e68387a logical/aws: help 2015-04-03 21:10:54 -07:00
Mitchell Hashimoto
65159bd9c8 logical/framework: make help look nicer 2015-04-03 21:00:23 -07:00
Mitchell Hashimoto
e56b16b6d7 logical/framework: support root help 2015-04-03 20:36:47 -07:00
Mitchell Hashimoto
8e39a1e7d8 command/help 2015-04-02 22:42:05 -07:00
Armon Dadgar
553107a667 logical/framework: Panic if routing pattern is blank 2015-04-01 22:12:03 -07:00
Armon Dadgar
67bffd5f14 logical/framework: automatically anchor 2015-04-01 17:53:02 -07:00
Mitchell Hashimoto
fa9445fe1d logical/framework: add PolicyMap 2015-04-01 15:46:37 -07:00
Mitchell Hashimoto
10425cdb8a logical/framework: PathMap can get missing things 2015-04-01 15:46:37 -07:00
Mitchell Hashimoto
4cbe26b726 misc typos 2015-03-31 17:27:04 -07:00
Armon Dadgar
fef98675f1 logical/framework: Added missing case for TypeMap 2015-03-31 16:45:08 -07:00
Armon Dadgar
2ab45f5787 logical/framework: Adding TypeMap 2015-03-31 16:45:08 -07:00
Mitchell Hashimoto
77e35fd5f4 logical: move cred stuff over here 2015-03-30 17:46:18 -07:00
Mitchell Hashimoto
26583fb05f logical/framework: auto-extend leases if requested 2015-03-21 16:20:30 +01:00
Mitchell Hashimoto
a04df95177 logical/testing: immediate rollback, ignore RollbackMinAge 2015-03-21 11:18:33 +01:00
Mitchell Hashimoto
c872e0f788 logical/framework: rollback should return error, easier API 2015-03-21 11:08:13 +01:00
Mitchell Hashimoto
c9e64725d7 logical/framework: rollback needs to have access to request for storage 2015-03-21 11:03:59 +01:00
Mitchell Hashimoto
3456d9276c logical/aws 2015-03-20 19:03:20 +01:00
Mitchell Hashimoto
2ce92edd0f logical/framework: can specify InternalData for secret 2015-03-20 17:59:48 +01:00
Mitchell Hashimoto
e6ab3a3771 vault: clean up VaultID duplications, make secret responses clearer 
/cc @armon - This is a reasonably major refactor that I think cleans up
a lot of the logic with secrets in responses. The reason for the
refactor is that while implementing Renew/Revoke in logical/framework I
found the existing API to be really awkward to work with.

Primarily, we needed a way to send down internal data for Vault core to
store since not all the data you need to revoke a key is always sent
down to the user (for example the user than AWS key belongs to).

At first, I was doing this manually in logical/framework with
req.Storage, but this is going to be such a common event that I think
its something core should assist with. Additionally, I think the added
context for secrets will be useful in the future when we have a Vault
API for returning orphaned out keys: we can also return the internal
data that might help an operator.

So this leads me to this refactor. I've removed most of the fields in
`logical.Response` and replaced it with a single `*Secret` pointer. If
this is non-nil, then the response represents a secret. The Secret
struct encapsulates all the lease info and such.

It also has some fields on it that are only populated at _request_ time
for Revoke/Renew operations. There is precedent for this sort of
behavior in the Go stdlib where http.Request/http.Response have fields
that differ based on client/server. I copied this style.

All core unit tests pass. The APIs fail for obvious reasons but I'll fix
that up in the next commit.
 2015-03-19 23:11:42 +01:00