mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-27 09:31:10 +02:00
Code Issues Projects Releases Wiki Activity
9,692 Commits 2,836 Branches 445 Tags
Commit Graph

9692 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeff Mitchell
5f38044103 Merge pull request #1342 from hashicorp/use-json-number 
Use UseNumber() on json.Decoder to have numbers be json.Number objects
 2016-04-20 16:22:01 -04:00
Jeff Mitchell
b44d2c01c0 Use UseNumber() on json.Decoder to have numbers be json.Number objects 
instead of float64. This fixes some display bugs.
 2016-04-20 18:38:20 +00:00
Jeff Mitchell
ccce78a6d0 Add vault-php-sdk to libraries page 2016-04-20 13:59:39 +00:00
Jeff Mitchell
d7e8587a9f Update tests for change in raw blacklisting 2016-04-19 20:26:26 +00:00
Jeff Mitchell
161e71adf3 There's no good story around accessing any of core via /sys/raw, so blacklist it all 2016-04-19 16:01:15 +00:00
Jeff Mitchell
28c97b4914 Change recovery options in init to be 'key'-less 2016-04-18 17:02:07 +00:00
Jeff Mitchell
e5b089de0f Add check against seal type to catch errors before we attempt to use the data 2016-04-15 18:16:48 -04:00
Jeff Mitchell
e702a63320 Backtick "region" in S3 config 2016-04-15 17:03:35 -04:00
Jeff Mitchell
921730c052 Merge pull request #1336 from hashicorp/b-sigint-handler 
Fix SIGINT handling.
 2016-04-15 13:14:37 -04:00
Jeff Mitchell
6cf1b79fe1 Move recovery info behind the barrier 2016-04-15 17:04:29 +00:00
Sean Chittenden
bc570e74f3 Fix SIGINT handling. 
No signal handler was setup to receive SIGINT.  I didn't investigate to
see if signal(2) mask was setup (ala `SIG_IGN`) or if sigprocmask(2) is
being used, but in either case, the correct behavior is to capture and
treat SIGINT the same as SIGTERM.  At some point in the future these two
signals may affect the running process differently, but we will clarify
that difference in the future.
 2016-04-15 10:03:22 -07:00
Jeff Mitchell
94d6b3ce94 Add Finalize method to seal. 2016-04-14 20:37:34 +00:00
Vishal Nayak
00327a6027 Merge pull request #1332 from hashicorp/fix-revocation-output 
Clarify output of idempotent calls
 2016-04-14 11:52:28 -04:00
vishalnayak
e53b9dbadb Provide clarity for output statements of idempotent calls. 2016-04-14 15:46:45 +00:00
vishalnayak
691052c3f4 Clarify token-revoke operation 2016-04-14 15:34:01 +00:00
Jeff Mitchell
5d7824e657 changelog++ 2016-04-14 08:11:02 -04:00
Jeff Mitchell
0deed9c541 Merge pull request #1331 from hashicorp/fix-role-suffix-renew 
Register the token entry's path instead of the request path, to handl…
 2016-04-14 08:09:46 -04:00
Jeff Mitchell
8056bf0573 Register the token entry's path instead of the request path, to handle role suffixes correctly 2016-04-14 08:08:28 -04:00
Jeff Mitchell
1c85268eeb Merge pull request #1330 from hashicorp/sethvargo/clarify_delete 
Clarify delete operation
 2016-04-14 06:11:53 -04:00
Jeff Mitchell
0f3beefce5 Make period output nicer -- seconds rather than duration 2016-04-14 06:10:22 -04:00
Seth Vargo
f170066c19
Clarify delete operation 
One thing that has been a point of confusion for users is Vault's
response when deleting a key that does not actually exist in the system.
For example, consider:

    $ vault delete secret/foo
    Success! Deleted 'secret/foo'

This message is misleading if the secret does not exist, especially if
the same command is run twice in a row.

Obviously the reason for this is clear - returning an error if a secret
does not exist would reveal the existence of a secret (the same reason
everything on S3 is a 403 or why GitHub repos 404 instead of 403 if you
do not have permission to view them).

I think we can make the UX a little bit better by adding just a few
words to the output:

    $ vault delete secret/foo
    Success! Deleted 'secret/foo' if it existed

This makes it clear that the operation was only performed if the secret
existed, but it does not reveal any more information.
 2016-04-14 10:38:10 +01:00
Jeff Mitchell
d273a051c7 Check for seal status when initing and change logic order to avoid defer 2016-04-14 01:13:59 +00:00
Seth Vargo
525329d2fa Add missing path-helps and clarify subpaths in tables 2016-04-13 22:15:54 +01:00
Seth Vargo
ff0366f6fe Only show params if there are fields 2016-04-13 22:15:06 +01:00
Vishal Nayak
4c5af806ef Merge pull request #1327 from Banno/vet-cleanup 
go vet cleanup
 2016-04-13 15:48:25 -04:00
Adam Shannon
e0df8e9e88 all: Cleanup from running go vet 2016-04-13 14:38:29 -05:00
Seth Vargo
716f780cf1 Hint that you don't need to run auth twice 
This came up twice, in two different training courses. The UX is a
little confusing here on the CLI. Users are used to running:

    $ vault auth abcd-1234...

So when they auth using a method, the output leads them to believe the
need to "re-auth" as the generated token:

    $ vault auth -method=userpass username=foo password=bar
    Successfully authenticated!
    token: defg-5678...

A number of users then run:

    $ vault auth defg-5678

I've added some helpful text to hint this is not required if the method
is not "token".
 2016-04-13 19:45:48 +01:00
Jeff Mitchell
110c483ffc Update cert website docs 2016-04-13 16:28:23 +00:00
Seth Vargo
a262d36288 Not strictly required 2016-04-12 21:55:04 +01:00
Seth Vargo
a263c9e6d4 Add a page for step-by-step gpg/keybase 2016-04-12 21:44:07 +01:00
Jeff Mitchell
250aa228df Merge pull request #1323 from hashicorp/sethvargo/ws_md 
Update website push script to fix metadata
 2016-04-12 16:24:42 -04:00
Seth Vargo
abaae732d8 Update website push script to fix metadata 2016-04-12 20:15:51 +01:00
Vishal Nayak
21f18c86c4 Merge pull request #1321 from sidick/fix-token-renew-typo 
Should be renew not revoke
 2016-04-12 09:10:13 -04:00
Simon Dick
5f936c4a07 Should be renew not revoke 2016-04-12 14:04:26 +01:00
Jeff Mitchell
58c98e5242 Merge pull request #1317 from hashicorp/vault-acc 
Skip acceptance tests if VAULT_ACC is not set
 2016-04-11 20:15:04 -04:00
vishalnayak
f61b277e36 Skip acceptance tests if VAULT_ACC is not set 2016-04-11 20:00:15 -04:00
Jeff Mitchell
0fd47f1f14 Merge pull request #1316 from kunickiaj/patch-1 
Add unofficial client library written in Kotlin
 2016-04-11 12:42:21 -04:00
Adam Kunicki
08af95b9e0 Add unofficial client library written in Kotlin 
I've been working on a Vault client written in Kotlin. Still a work in progress but will soon be on-par with the official Ruby client.
 2016-04-11 09:37:42 -07:00
Jeff Mitchell
7cf20c7360 Merge pull request #1314 from chiefy/patch-1 
Update github doc with note about slugifying team
 2016-04-10 12:55:07 -04:00
Christopher "Chief" Najewicz
14ae646878 Update github doc with note about slugifying team 2016-04-10 11:11:40 -04:00
Jeff Mitchell
487cf3eddd changelog++ 2016-04-09 18:30:37 -04:00
Jeff Mitchell
e1d2d985a9 Merge pull request #1312 from hashicorp/issue-911 
Add list support to userpass users.
 2016-04-09 18:29:30 -04:00
Jeff Mitchell
ca221009d4 Add list support to userpass users. Remove some unneeded existence 
checks. Remove paths from requiring root.

Fixes #911
 2016-04-09 18:28:55 -04:00
Kevin Pike
450f8675e6 Do not provide a default lease 2016-04-08 09:50:47 -07:00
Kevin Pike
a557bdebcc Remove example parameters 2016-04-08 09:49:10 -07:00
Kevin Pike
72f910e222 List roles 2016-04-08 09:46:25 -07:00
Kevin Pike
862afdb355 Support verify_connection flag 2016-04-08 09:44:15 -07:00
Kevin Pike
226a89d75e Fix username generation 2016-04-08 09:32:29 -07:00
Kevin Pike
9733770010 Fix RabbitMQ documentation 
PostgreSQL -> RabbitMQ
 2016-04-08 09:30:20 -07:00
Kevin Pike
ae6b145b6f Fix RabbitMQ URLs 2016-04-08 09:29:00 -07:00