mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-17 12:07:02 +02:00
Code Issues Projects Releases Wiki Activity
9,508 Commits 2,844 Branches 445 Tags 454 MiB
ef4e5103e9
Commit Graph

998 Commits

Author SHA1 Message Date
Calvin Leung Huang
e9751fdfc5 Set request token entry within fetchACLTokenEntryAndEntity (#5880) 2018-12-03 11:57:53 -05:00
Clint Shryock
b24487aee5
fix typo in comment 2018-11-28 10:06:23 -06:00
Matthew Irish
6bbd3976b9
plumb policy-override flag to the CLI (#5826) 2018-11-20 11:33:00 -06:00
Becca Petrin
e3eee5b4fb Restore plugin name for backwards compatibility (#5825) 
* re-add plugin name for backwards compat

* add plugin name to table for backwards compat

* conditionally set the plugin name

* Update command/auth_list.go

Co-Authored-By: tyrannosaurus-becks <beccapetrin@posteo.net>

* Update command/secrets_list.go

Co-Authored-By: tyrannosaurus-becks <beccapetrin@posteo.net>

* update auth and secrets list commands

* add comments regarding deprecation
 2018-11-19 16:41:17 -08:00
Julien Balestra
662618854d agent: fix auth when multiple redirects (#5814) 2018-11-19 15:50:42 -08:00
Clint
4ad10f138d Agent kube projected token (#5725) 
* Add support for custom JWT path in Agent: kubernetes auth

- add support for "token_path" configuration
- add a reader for mocking in tests

* add documentation for token_path
 2018-11-19 14:28:17 -08:00
Calvin Leung Huang
cb9998cd8f
Mount tune options (#5809) 
* Refactor mount tune to support upsert options values and unset options.

* Do not allow unsetting options map

* add secret tune version regression test

* Only accept valid options version

* s/meVersion/optVersion/
 2018-11-19 14:23:25 -08:00
Brian Kassouf
9e2111e78d
Wrap storage calls with encoding checks (#5819) 
* Add encoding backend

* More work on encoding checks

* Update error message

* Update physical/encoding.go

* Disable key checks if configured
 2018-11-19 13:13:16 -08:00
Jim Kalafut
2b548e2de9
Show migration check error (#5806) 2018-11-16 15:09:35 -08:00
Calvin Leung Huang
3d8e73cec9 Continue on plugin registration error in dev mode (#5791) 
* Continue on plugin registration error in dev mode

* Continue only on unknown type error

* Continue only on unknown type error

* Print plugin registration error on exit

Co-Authored-By: calvn <cleung2010@gmail.com>
 2018-11-15 16:55:24 -08:00
Calvin Leung Huang
c6832a8099
Support registering plugin with name only (#5787) 
* Support registering plugin with name only

* Make RegisterPlugin backwards compatible

* Add CLI backwards compat command to plugin info and deregister

* Add server-side deprecation warnings if old read/dereg API endpoints are called

* Address feedback
 2018-11-15 14:33:11 -08:00
Jeff Mitchell
31ddb809c8 Explicitly state that secrets move doesn't work across namespaces 2018-11-07 11:07:19 -05:00
Becca Petrin
fb89af7cfa
Run all builtins as plugins (#5536) 2018-11-06 17:21:24 -08:00
Calvin Leung Huang
0974e52c24 Bump timeout due to potential backoff retry delay (#5706) 2018-11-06 11:06:06 -08:00
Calvin Leung Huang
c4b31d5bda
Add HSMAutoDeprecated for ent upgrade (#5704) 2018-11-06 09:42:03 -08:00
Jeff Mitchell
bc9bbeb21b Clean up stored barrier keys after migration to shamir (#5671) 2018-11-05 14:06:39 -05:00
Calvin Leung Huang
16bb0b33cb
Bump timeout due to potential backoff retry delay (#5663) 2018-11-02 13:22:15 -07:00
Jim Kalafut
5dc74f4af5
Fix a few vet warnings (#5674) 2018-11-02 13:21:44 -07:00
Becca Petrin
818cf583a1 fix typo in test name 2018-11-01 16:06:35 -07:00
Dilan Bellinghoven
f99afb9575 command/agent/sink/sink.go: This fix solves the problem where when multiple file sinks are specified in the agent HCL file, there is unexpected behavior (#5610) 2018-11-01 14:44:13 -07:00
Brian Shumate
e2c77b2f48 Fix typo (#5661) 2018-11-01 10:13:20 -04:00
Jim Kalafut
b2ead22689
Add memory profiling for custom builds (#5584) 2018-10-31 11:11:45 -07:00
Jeff Mitchell
0b5d3bf8a0
Add the ability for secret IDs in agent approle to be wrapped (#5654) 2018-10-30 20:53:49 -04:00
Jeff Mitchell
e5ccac6a39
Add approle agent method removing secret ID file by default. (#5648) 
Also, massively update tests.
 2018-10-30 14:09:04 -04:00
Aleksey Zhukov
e9d855217b WIP Agent AppRole auto-auth (#5621) 2018-10-30 12:17:19 -04:00
Chris Hoffman
caf81bc28c
Add -dev-auto-seal option (#5629) 
* adding a -dev-auto-seal option

* adding logger to TestSeal
 2018-10-29 09:30:24 -04:00
Jeff Mitchell
45f80ee028
Remove agent reauthentication on new credentials. (#5615) 
Functionality is left in for use in testing (where it is indeed quite
useful).

Fixes #5522
 2018-10-27 10:45:55 -07:00
Jim Kalafut
732a3fa60b
Fix command panic by returning empty (not nil) map (#5603) 
Fixes #5600
 2018-10-24 13:08:40 -07:00
Jeff Mitchell
6b0782989a Fix build 2018-10-23 15:09:35 -04:00
Jeff Mitchell
41deb88d68 Add disable-indexing 2018-10-23 15:03:17 -04:00
Jeff Mitchell
c87251b399 Fix build 2018-10-23 04:12:23 -04:00
Jeff Mitchell
ee49d7aa18 Merge branch 'master-oss' into 1.0-beta-oss 2018-10-23 04:02:28 -04:00
Jeff Mitchell
05f92994ed Change deprecation warning to 1.1 2018-10-23 02:44:57 -04:00
Chris Hoffman
107ba2ab9a adding gcpkms secrets engine (#784) 2018-10-22 23:39:25 -07:00
Jeff Mitchell
2f5b464bc9
Seal migration (OSS) (#781) 2018-10-22 23:34:02 -07:00
Vishal Nayak
ba028e0884 Fix flag name for kv help text (#5580) 2018-10-22 15:22:43 -04:00
Calvin Leung Huang
3d1f0d76c0
[Review Only] Autoseal OSS port (#757) 
* Port awskms autoseal

* Rename files

* WIP autoseal

* Fix protobuf conflict

* Expose some structs to properly allow encrypting stored keys

* Update awskms with the latest changes

* Add KeyGuard implementation to abstract encryption/decryption of keys

* Fully decouple seal.Access implementations from sealwrap structs

* Add extra line to proto files, comment update

* Update seal_access_entry.go

* govendor sync

* Add endpoint info to configureAWSKMSSeal

* Update comment

* Refactor structs

* Update make proto

* Remove remove KeyGuard, move encrypt/decrypt to autoSeal

* Add rest of seals, update VerifyRecoveryKeys, add deps

* Fix some merge conflicts via govendor updates

* Rename SealWrapEntry to EncryptedBlobInfo

* Remove barrier type upgrade check in oss

* Add key to EncryptedBlobInfo proto

* Update barrierTypeUpgradeCheck signature
 2018-10-19 14:43:57 -07:00
Jeff Mitchell
231c325770 Merge branch 'master-oss' into 1.0-beta-oss 2018-10-16 10:08:03 -04:00
Jeff Mitchell
bc33dbd13d
Add LastWAL in leader/health output (#5523) 2018-10-16 09:38:44 -04:00
Jeff Mitchell
a58d313d2b
Batch tokens (#755) 2018-10-15 12:56:24 -04:00
Jeff Mitchell
d7655a9db0
Buffer authhandler output channel to prevent hang on shutdown (#5507) 
Fixes #5026
 2018-10-15 11:02:53 -04:00
Jim Kalafut
46ccb88184
Don't copy HA lock file during migration (#5503) 2018-10-12 09:29:15 -07:00
Jeff Mitchell
a00233648f
Warn when users don't configure api_addr (#5496) 
Fixes some sources of user strife
 2018-10-10 14:52:00 -04:00
Calvin Leung Huang
0b2350bc15
Logger cleanup (#5480) 2018-10-09 09:43:17 -07:00
Jim Kalafut
c4dc44a920 Fix 'vault auth' panic (#5473) 
Running 'vault auth' with no parameters was panicking:

panic: assignment to entry in nil map
	github.com/hashicorp/vault/command/login.go:255 +0xdee

Now it will show help.
 2018-10-05 16:05:26 -07:00
JohnVonNeumann
c628d8b37c Update operator_init.go (#5441) 
Minor grammar fix.
 2018-10-01 17:19:13 -07:00
Jim Kalafut
3d1f6e6f7c
Retry failing migration check instead of exiting (#5427) 2018-10-01 14:35:35 -07:00
Jeff Mitchell
382f28ee24 Send initialized information via sys/seal-status (#5424) 2018-09-27 14:03:37 -07:00
Jim Kalafut
370477f761
Fix server command test (#5407) 
The addition of CheckMigration to the server startup process means
that physical backends in this test need to be able to respond to Get() without error.
 2018-09-26 14:52:11 -07:00
Jim Kalafut
4753f4a440
Fix wording in log message (#5399) 2018-09-25 16:52:03 -07:00