mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-15 19:17:02 +02:00
Code Issues Projects Releases Wiki Activity
2,571 Commits 2,844 Branches 445 Tags 454 MiB
a1d242f18c
Commit Graph

325 Commits

Author SHA1 Message Date
James Tancock
6ab184596f Docs typo in server command 2016-01-28 08:26:49 +00:00
Jeff Mitchell
98fada78e4 Fix test on 1.6 by comparing to nil instead of a nil-defined map 2016-01-22 21:26:06 -05:00
Jeff Mitchell
479775806e Add -check flag to init. 
Fixes #949
 2016-01-22 13:06:40 -05:00
Jeff Mitchell
2667f08f97 Only allow listing on folders and enforce this. Also remove string sorting from Consul backend as it's not a requirement and other backends don't do it. 2016-01-22 10:07:32 -05:00
Jeff Mitchell
f1b843d773 Remove bare option, prevent writes ending in slash, and return an exact file match as "." 2016-01-22 10:07:32 -05:00
Jeff Mitchell
f8e569ae0a Address some review feedback 2016-01-22 10:07:32 -05:00
Jeff Mitchell
2613343c3d Updates and documentation 2016-01-22 10:07:32 -05:00
Jeff Mitchell
4b67fd139f Add list capability, which will work with the generic and cubbyhole 
backends for the moment. This is pretty simple; it just adds the actual
capability to make a list call into both the CLI and the HTTP handler.
The real meat was already in those backends.
 2016-01-22 10:07:32 -05:00
Jeff Mitchell
2c4da115ff Add -decode flag verification 2016-01-21 12:18:57 -05:00
Jeff Mitchell
e9538f1441 RootGeneration->GenerateRoot 2016-01-19 18:28:10 -05:00
Jeff Mitchell
a25514d4f7 Address most of the review feedback 2016-01-19 18:28:10 -05:00
Jeff Mitchell
4cc7694a3a Add the ability to generate root tokens via unseal keys. 2016-01-19 18:28:10 -05:00
Jeff Mitchell
3ecd88bd5c Allow ASCII-armored PGP pub keys to be passed into -pgp-keys. 
Fixes #940
 2016-01-18 17:01:52 -05:00
Jeff Mitchell
0478a4f7c2 Fix read panic when an empty argument is given. 
Fixes #923
 2016-01-12 08:46:49 -05:00
Jeff Mitchell
996cb54b99 Fix up PGP tests from earlier code fixes 2016-01-08 22:21:41 -05:00
Jeff Mitchell
71e320eae8 Lotsa warnings if you choose not to be safe 2016-01-08 17:35:07 -05:00
Jeff Mitchell
839b804e43 Some minor rekey backup fixes 2016-01-08 14:09:40 -05:00
Jeff Mitchell
027c84c62a Add rekey nonce/backup. 2016-01-06 09:54:35 -05:00
Jeff Mitchell
139ab81f58 update init/rekey documentation around keybase entries 2016-01-04 14:17:51 -05:00
Jeff Mitchell
b0f075cc1f Disable cmd/server tests for now so we can get Travis back on track 2015-12-31 08:48:53 -05:00
Jeff Mitchell
5f49615fc1 Remove some outdated comments 2015-12-30 21:00:27 -05:00
Jeff Mitchell
70561c0fe2 Use RenewSelf instead of Renew if the token we're renewing is the same as the client 2015-12-30 14:41:50 -05:00
Nicki Watt
05c9e5b5ad Make token-lookup functionality available via Vault CLI 2015-12-29 20:18:59 +00:00
Jeff Mitchell
f8682021c5 Merge pull request #886 from ooesili/ssh-error-fetching-username 
Stop panic when vault ssh username fetching fails
 2015-12-29 12:17:51 -06:00
Jeff Mitchell
3dec78a4d5 Merge pull request #853 from hashicorp/issue-850 
Make TokenHelper an interface and split exisiting functionality
 2015-12-29 12:01:49 -06:00
Jeff Mitchell
eabfb472ca Merge branch 'master' into f-disable-tls 2015-12-29 12:59:02 -05:00
Nicki Watt
658b99c115 Using LookupSelf() API method instead of raw HTTP call for auth command 2015-12-28 01:38:00 +00:00
Wesley Merkel
59c5ccb36f Stop panic when vault ssh username fetching fails 2015-12-26 15:09:07 -07:00
Wim
fb92a7a802 Fix ipv6 address advertisement 2015-12-22 21:40:36 +01:00
Jeff Mitchell
c15974cbdd Make TokenHelper an interface and split exisiting functionality 
Functionality is split into ExternalTokenHelper, which is used if a path
is given in a configuration file, and InternalTokenHelper which is used
otherwise. The internal helper no longer shells out to the same Vault
binary, instead performing the same actions with internal code. This
avoids problems using dev mode when there are spaces in paths or when
the binary is built in a container without a shell.

Fixes #850 among others
 2015-12-22 10:23:30 -05:00
Jeff Mitchell
88f05bec4d Move telemetry metrics up to fix one possible race, but deeper problems in go-metrics can't be solved with this 2015-12-17 16:38:17 -05:00
Jeff Mitchell
d7cb3c9f94 Allow setting the advertise address via an environment variable. 
Fixes #581
 2015-12-14 21:22:55 -05:00
Jeff Mitchell
6e46e56b21 Ensure advertise address detection runs without a specified HA backend 
Ping #840
 2015-12-14 21:13:27 -05:00
Jeff Mitchell
32bfc884c7 Merge pull request #840 from hashicorp/issue-395 
Allow separate HA physical backend.
 2015-12-14 20:56:47 -05:00
Jeff Mitchell
b1f815d7f8 Address review feedback 2015-12-14 17:58:30 -05:00
Mathias Lafeldt
05f0cde643 Show error if output format is invalid 
Rather than silently using table as a fallback.
 2015-12-14 17:14:22 +01:00
Jeff Mitchell
4f51b6e3c9 Allow separate HA physical backend. 
With no separate backend specified, HA will be attempted on the normal
physical backend.

Fixes #395.
 2015-12-14 07:59:58 -05:00
Jeff Mitchell
55e2417b11 Merge pull request #832 from mlafeldt/yaml-ouput 
Allow to output secrets in YAML format
 2015-12-11 12:04:41 -05:00
Mathias Lafeldt
073e4c872e Allow to output secrets in YAML format 
This can be done with https://github.com/ghodss/yaml, which reuses
existing JSON struct tags for YAML.
 2015-12-10 11:32:31 +01:00
Mathias Lafeldt
459be44363 Output secrets sorted by key 
Instead of printing them in random order each time `vault read` is invoked.
 2015-12-10 10:08:23 +01:00
Armon Dadgar
5c085d3718 server: sanity check value for 'tls_disable' 2015-11-25 11:37:57 -08:00
Jeff Mitchell
f600e3ac29 Add no-default-policy flag and API parameter to allow exclusion of the 
default policy from a token create command.
 2015-11-09 17:30:50 -05:00
Jeff Mitchell
60697f3c70 Fix unmount help output 2015-11-09 15:23:49 -05:00
Jeff Mitchell
904e1ee600 Print version on startup. 
Fixes #765
 2015-11-09 13:52:55 -05:00
Jeff Mitchell
673c6d726a Move environment variable reading logic to API. 
This allows the same environment variables to be read, parsed, and used
from any API client as was previously handled in the CLI. The CLI now
uses the API environment variable reading capability, then overrides any
values from command line flags, if necessary.

Fixes #618
 2015-11-04 10:28:00 -05:00
Jeff Mitchell
d7f528a768 Add reset support to the unseal command. 
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.

Fixes #695
 2015-10-28 15:59:39 -04:00
Jeff Mitchell
40486da446 Fix cache disabling 2015-10-28 13:05:56 -04:00
voutasaurus
fbf21b5f2d Modifies documentation in output of vault server -dev 
Environment variable setting is different in windows
 2015-10-22 00:48:46 -07:00
Jeff Mitchell
0dbbef1ac0 Don't use http.DefaultClient 
This strips out http.DefaultClient everywhere I could immediately find
it. Too many things use it and then modify it in incompatible ways.

Fixes #700, I believe.
 2015-10-15 17:54:00 -04:00
Jeff Mitchell
676970574b Allow disabling the physical storage cache with 'disable_cache'. 
Fixes #674.
 2015-10-12 13:00:32 -04:00