mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-25 16:41:08 +02:00
Code Issues Projects Releases Wiki Activity
9,692 Commits 2,840 Branches 445 Tags
Commit Graph

9692 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeff Mitchell
ee7add27d7 Merge pull request #931 from hashicorp/sethvargo/deploy 
Add scripts to deploy via Atlas
 2016-01-14 13:47:57 -05:00
Seth Vargo
7d759586b1 Add scripts to deploy via Atlas 2016-01-14 13:42:53 -05:00
Seth Vargo
9e14bb66f2 Use HTTPS + www where appropriate 2016-01-14 13:42:47 -05:00
Seth Vargo
128805a359 ImageOptim 2016-01-14 13:42:34 -05:00
Seth Vargo
f214841d20 Fix image asset URLs 2016-01-14 13:42:28 -05:00
Seth Vargo
abf2c9f9bd Remove Heroku stuff 2016-01-14 13:42:13 -05:00
Jeff Mitchell
fc41309120 Version 0.4.1 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJWls/HAAoJEFGFLYc0j/xMarQH/i6rW+wLm9DadkFV23jwjttt
 TRumTPDoBxHQDoB0wkC4CmA8UiZnzc68o5OlxisC8KAz/89HWZf8sUDxkOSY1vUX
 BGDkiv+KF6LiDRAdDyIqK6PYUkKHaJgue9Vnwu5+1iRv1sjK5PyPb992Wmt/DtOM
 nRn8Hn5qmmDCUm79TKXpZNMs/CRx21VM7q2Sm139kLzTr0Qg2Oyxcp3mB8TR7LtV
 ATdMQ//HzL/tGJ6Yw7zkgZzdf7EMFFO1SSVqAzqag6kqNqwjvmDGrQaTzkdl7anv
 72zMXqVcryeSL6DRZuR+OrHs63aaoTwIXcqO56nBrZ1NAEqkI0oCcvDZNLt7yi4=
 =YCXl
 -----END PGP SIGNATURE-----

Merge tag 'v0.4.1'

Version 0.4.1
 2016-01-14 09:57:21 -05:00
Jeff Mitchell
1a807d58cb
Cut version 0.4.1 v0.4.1 2016-01-13 17:29:16 -05:00
Jeff Mitchell
3ba925b379 Bump values to 0.4.1 2016-01-13 17:28:17 -05:00
Jeff Mitchell
21f91f73bb Update deps, and adjust usage of go-uuid to match new return values 2016-01-13 13:40:08 -05:00
Jeff Mitchell
239164733c changelog++ 2016-01-12 21:19:25 -05:00
Jeff Mitchell
87dbe89d17 Use logical operations instead of strings for comparison 2016-01-12 21:16:31 -05:00
Jeff Mitchell
9e4d9aebfc Merge pull request #914 from hashicorp/acl-rework 
More granular ACL capabilities
 2016-01-12 21:11:52 -05:00
Jeff Mitchell
fc38dd464e Store uint32s in radix 2016-01-12 17:24:01 -05:00
Jeff Mitchell
1a3908cd1d Cleanup 2016-01-12 17:10:48 -05:00
Jeff Mitchell
37dc15f249 Convert map to bitmap 2016-01-12 17:08:10 -05:00
Jeff Mitchell
25ed301313 Add some commenting around create/update 2016-01-12 15:13:54 -05:00
Jeff Mitchell
45b96ed140 Address some more review feedback 2016-01-12 15:09:16 -05:00
Jeff Mitchell
a51f5f2946 Clean up HelpOperation 2016-01-12 14:34:49 -05:00
Jeff Mitchell
e12f396ffa changelog++ 2016-01-12 09:31:07 -05:00
Jeff Mitchell
36bf4f5f90 Merge pull request #924 from richardzone/patch-1 
Fix typo
 2016-01-12 09:30:40 -05:00
Ziyi, LIU
8f76fc2e5f Fix typo 
Change "...implements is own login endpoint..." to "...implements its own login endpoint..."
 2016-01-12 22:22:13 +08:00
Jeff Mitchell
a0e8f169dd changelog++ 2016-01-12 08:47:33 -05:00
Jeff Mitchell
0478a4f7c2 Fix read panic when an empty argument is given. 
Fixes #923
 2016-01-12 08:46:49 -05:00
Jeff Mitchell
8a086a17d7 Update audit sys docs 2016-01-11 19:08:23 -05:00
Eric Kidd
51a9be0520 etcd: Allow disabling sync for load balanced etcd 
Some etcd configurations (such as that provided by compose.io) place the
etcd cluster behind multiple load balancers or proxies.  In this
configuration, calling Sync (or AutoSync) on the etcd client will
replace the load balancer addresses with the underlying etcd server
address.

This will cause the etcd client to bypass the load balancers, and may
cause the connection to fail completely if the etcd servers are
protected by a firewall.

This patch provides a "sync" option for the etcd backend, which defaults
to the current behavior, but which can be used to turn off of sync.
This corresponds to etcdctl's --no-sync option.
 2016-01-11 13:56:58 -05:00
Eric Kidd
46c9f372fd etcd: Document existing username and password options 
These options were present in the source code, but not in the
documentation.  They're needed to connect to some hosted etcd services.
 2016-01-11 11:30:51 -05:00
Jeff Mitchell
4fa678131a Make sure VAULT_TOKEN is empty during unit tests 2016-01-09 14:47:55 -05:00
Jeff Mitchell
37c6e2d0ae changelog++ 2016-01-09 14:21:36 -05:00
Jeff Mitchell
ae15fa423a Merge pull request #878 from seiffert/dynamodb_backend 
Add DynamoDB physical backend.
 2016-01-09 14:16:15 -05:00
Jeff Mitchell
996cb54b99 Fix up PGP tests from earlier code fixes 2016-01-08 22:21:41 -05:00
Jeff Mitchell
d4f85c7241 Don't allow a policy with no name, even though it is a valid slice member 2016-01-08 21:23:40 -05:00
Jeff Mitchell
71e320eae8 Lotsa warnings if you choose not to be safe 2016-01-08 17:35:07 -05:00
Jeff Mitchell
1c9b00524f Use an array of keys so that if the same fingerprint is used none are lost when using PGP key backup 2016-01-08 14:29:23 -05:00
Jeff Mitchell
839b804e43 Some minor rekey backup fixes 2016-01-08 14:09:40 -05:00
Jeff Mitchell
f3ef23318d Create more granular ACL capabilities. 
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.

Fixes #724 (and others).
 2016-01-08 13:05:14 -05:00
Jeff Mitchell
45e32756ea WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Paul Seiffert
28adc366aa Add documentation for the DynamoDB backend 2016-01-08 17:34:31 +01:00
Paul Seiffert
02b9e2debe Add recovery option to DynamoDB backend 
When Vault is killed without the chance to clean up the lock
entry in DynamoDB, no further Vault nodes can become leaders after
that.

To recover from this situation, this commit adds an environment
variable and a configuration flag that when set to "1" causes Vault
to delete the lock entry from DynamoDB.
 2016-01-08 17:31:37 +01:00
Paul Seiffert
4384afb99d Explicitly read AWS credentials from environment 2016-01-08 17:31:37 +01:00
Paul Seiffert
46843685f2 Godeps: install new requirements from AWS SDK 2016-01-08 17:31:37 +01:00
Paul Seiffert
8d4e9507b7 Add tests for DynamoDB backend 2016-01-08 17:31:37 +01:00
Paul Seiffert
eef866f60f Implement DynamoDB physical HA backend 2016-01-08 17:31:37 +01:00
Jeff Mitchell
ae8d8e453f changelog++ 2016-01-07 11:36:32 -05:00
Jeff Mitchell
2ed6ae9015 Merge pull request #912 from hashicorp/fix-renew-regression 
Have 'sys/renew' return the value provided in Secret.
 2016-01-07 11:35:52 -05:00
Jeff Mitchell
336550cb7c Have 'sys/renew' return the value provided in Secret. 
Fixes a regression introduced in 0.3.
 2016-01-07 11:35:09 -05:00
Jeff Mitchell
74564d9b7a Also convert policy store cache to 2q. 
Ping #908
 2016-01-07 09:26:08 -05:00
Jeff Mitchell
0324b695dc changelog++ 2016-01-07 09:22:45 -05:00
Jeff Mitchell
2e9c7a894b Merge pull request #908 from hashicorp/physical-2q 
Replace physical cache with TwoQueue instead of LRU.
 2016-01-07 09:22:15 -05:00
Jeff Mitchell
1706d90da2 Replace physical cache with TwoQueue instead of LRU. 2016-01-07 09:21:33 -05:00