mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-15 19:17:02 +02:00
403b94eb34
* Update ember-cli to ~3.20
* Remove bad optional-feature
* Remove ember-fetch dep
* re-install ember-fetch
* update model fragments pr
* update ember model fragments correct package name
* update ember composable helpers to solve array helper error
* update ember-concurrency
* add back engine dependencies, automatically removed during ember-cli-upgrade
* make author-form-options component js file otherwise error
* for now comment out withTestWaiter
* add eslint-node and fix if not with unless in templates
* fix linting for tab index of false is now -1 and add type button to all buttons without types
* fix href errors for linting, likely have to come back and fix
* using eslint fix flag to fix all this.gets
* ember modules codemode removed files that had module twice, will fix in next commit
* finish codemode ember-data-codemod needed to rename const model
* more this.get removal codemode did not work
* cont. removal of this.get
* stop mixin rules until figure out how to reconfig them all
* smaller eslint ignores
* get codemode
* testing app small fixes to bring it back after all the changes
* small changes to eslint
* test removal of getProperties
* fix issue with baseKey because value could be unknown needed to add a question mark in nested get
* smaller linting fixes
* get nested fixes
* small linting error fixes
* small linting changes
* working through more small linting changes
* another round of linting modifications
* liniting fixes
* ember module codemod
* quinit dom codemod
* angle bracket codemod
* discovered that components must have js files
* ran all codemods this is all that's left
* small changes to fix get needs two object, should not have been using get.
* fix issue with one input in form field
* fun times with set and onChange from oninput
* fix issue with model not being passed through on secret-edit-display
* fix issue with yarn run test not working, revert without npm run all
* linting and small fix when loading without a selectAuthBackend
* fix failing test with ui-wizard issue
* fix test failure due to model not being asked for correctly with new changes, probably run into this more.
* fix issue with component helper and at props specific to wizard
* rename log to clilog due to conflict with new eslint rule
* small changes for test failures
* component helper at fixes
* Revert to old component style something with new one broke this and can't figure it out for now
* small fishy smelling test fixes will revisit
* small test changes
* more small test changes, appears upgrade treats spaces differently
* comment out code and test that no longer seems relevant but confirm
* clean run on component test though still some potential timing issues on ui-console test
* fixing one auth test issue and timing issue on enable-test
* small mods
* fix this conditional check from upgrade
* linting fixes after master merge
* package updates using yarn upgrade-interactive
* update libraries that did not effect any of the test failures.
* update ember truth helpers library
* settling tests
* Fix ui-panel control group output
* fix features selection test failures
* Fix auth tests (x-vault-token)
* fix shared test
* fix issue with data null on backend
* Revert "Fix auth tests (x-vault-token)"
This reverts commit 89cb174b2f.
* Fix auth tests (x-vault-token) without updating this.set
* Update redirect-to tests
* fix wrapped token test
* skip some flaky test
* fix issue with href and a tags vs buttons
* fix linting
* updates to get tests running (#10409)
* yarn isntall
* increasing resource_class
* whoops
* trying large
* back to xlarge
* Fix param issue on transform item routes
* test fixes
* settle on policies (old) test
* fix browserstack test warning and skips of test confirmed worked
* Fix redirect-to test
* skips
* fix transformation test and skip some kmip
* Skip tests
* Add meep marker to remaining failing tests
* Skip test with failing component
* rever skip on secret-create test
* Skip piece of test that fails due to navigation-input
* fix settings test where can and skip in others after confirming
* fix circle ci test failures
* ssh role settle
* Fix navigate-input and add settled to test
* Remove extra import
* secret cubbyhole and alicloud
* Add settled to gcpkms test
* settles on redirect to test
* Bump browserstack test resource to large
* Update browserstack resource size to xlarge
* update todos
* add back in withTestWaiter
* try and fix credentials conditional action added comment instead
* Update volatile computed properies to get functions
* this step was never reached and we never defined secretType anywhere so I removed
* add settled to policy old test
* Fix navigate-input on policies and leases
* replace ssh test with no var hoping that helps and add settled to other failing tests, unskip console tests
* kmip, transit, role test remove a skip and add in settled
* fix hover copy button, had to remove some testing functionality
* Remove private router service
* remove skip on control ssh and ui panel, fix search select by restructuring how to read the error
* final bit of working through skipped test
* Replace clearNonGlobalModels by linking directly to namespace with href-to
* Remove unused var
* Fix role-ssh id bug by updating form-field-from-model to form-field-group-loop
* Fix transit create id would not update
* Update option toggle selector for ssh-role
* Fix ssh selector
* cleanup pt1
* small clean up
* cleanup part2
* Fix computed on pricing-metrics-form
* small cleanup based on chelseas comments.
Co-authored-by: Chelsea Shaw <chelshaw.dev@gmail.com>
Co-authored-by: Sarah Thompson <sthompson@hashicorp.com>
216 lines
5.9 KiB
JavaScript
216 lines
5.9 KiB
JavaScript
import AdapterError from '@ember-data/adapter/error';
|
|
import { inject as service } from '@ember/service';
|
|
import { assign } from '@ember/polyfills';
|
|
import { hash, resolve } from 'rsvp';
|
|
import { assert } from '@ember/debug';
|
|
import { pluralize } from 'ember-inflector';
|
|
|
|
import ApplicationAdapter from './application';
|
|
|
|
const ENDPOINTS = [
|
|
'health',
|
|
'seal-status',
|
|
'tokens',
|
|
'token',
|
|
'seal',
|
|
'unseal',
|
|
'init',
|
|
'capabilities-self',
|
|
'license',
|
|
];
|
|
|
|
const REPLICATION_ENDPOINTS = {
|
|
reindex: 'reindex',
|
|
recover: 'recover',
|
|
status: 'status',
|
|
|
|
primary: ['enable', 'disable', 'demote', 'secondary-token', 'revoke-secondary'],
|
|
|
|
secondary: ['enable', 'disable', 'promote', 'update-primary'],
|
|
};
|
|
|
|
const REPLICATION_MODES = ['dr', 'performance'];
|
|
export default ApplicationAdapter.extend({
|
|
version: service(),
|
|
namespaceService: service('namespace'),
|
|
shouldBackgroundReloadRecord() {
|
|
return true;
|
|
},
|
|
|
|
findRecord(store, type, id, snapshot) {
|
|
let fetches = {
|
|
health: this.health(),
|
|
sealStatus: this.sealStatus().catch(e => e),
|
|
};
|
|
if (this.version.isEnterprise && this.namespaceService.inRootNamespace) {
|
|
fetches.replicationStatus = this.replicationStatus().catch(e => e);
|
|
}
|
|
return hash(fetches).then(({ health, sealStatus, replicationStatus }) => {
|
|
let ret = {
|
|
id,
|
|
name: snapshot.attr('name'),
|
|
};
|
|
ret = assign(ret, health);
|
|
if (sealStatus instanceof AdapterError === false) {
|
|
ret = assign(ret, { nodes: [sealStatus] });
|
|
}
|
|
if (replicationStatus && replicationStatus instanceof AdapterError === false) {
|
|
ret = assign(ret, replicationStatus.data);
|
|
}
|
|
return resolve(ret);
|
|
});
|
|
},
|
|
|
|
pathForType(type) {
|
|
return type === 'cluster' ? 'clusters' : pluralize(type);
|
|
},
|
|
|
|
health() {
|
|
return this.ajax(this.urlFor('health'), 'GET', {
|
|
data: {
|
|
standbycode: 200,
|
|
sealedcode: 200,
|
|
uninitcode: 200,
|
|
drsecondarycode: 200,
|
|
performancestandbycode: 200,
|
|
},
|
|
unauthenticated: true,
|
|
});
|
|
},
|
|
|
|
features() {
|
|
return this.ajax(`${this.urlFor('license')}/features`, 'GET', {
|
|
unauthenticated: true,
|
|
});
|
|
},
|
|
|
|
sealStatus() {
|
|
return this.ajax(this.urlFor('seal-status'), 'GET', { unauthenticated: true });
|
|
},
|
|
|
|
seal() {
|
|
return this.ajax(this.urlFor('seal'), 'PUT');
|
|
},
|
|
|
|
unseal(data) {
|
|
return this.ajax(this.urlFor('unseal'), 'PUT', {
|
|
data,
|
|
unauthenticated: true,
|
|
});
|
|
},
|
|
|
|
initCluster(data) {
|
|
return this.ajax(this.urlFor('init'), 'PUT', {
|
|
data,
|
|
unauthenticated: true,
|
|
});
|
|
},
|
|
|
|
authenticate({ backend, data }) {
|
|
const { role, jwt, token, password, username, path } = data;
|
|
const url = this.urlForAuth(backend, username, path);
|
|
const verb = backend === 'token' ? 'GET' : 'POST';
|
|
let options = {
|
|
unauthenticated: true,
|
|
};
|
|
if (backend === 'token') {
|
|
options.headers = {
|
|
'X-Vault-Token': token,
|
|
};
|
|
} else if (backend === 'jwt' || backend === 'oidc') {
|
|
options.data = { role, jwt };
|
|
} else {
|
|
options.data = token ? { token, password } : { password };
|
|
}
|
|
|
|
return this.ajax(url, verb, options);
|
|
},
|
|
|
|
urlFor(endpoint) {
|
|
if (!ENDPOINTS.includes(endpoint)) {
|
|
throw new Error(
|
|
`Calls to a ${endpoint} endpoint are not currently allowed in the vault cluster adapater`
|
|
);
|
|
}
|
|
return `${this.buildURL()}/${endpoint}`;
|
|
},
|
|
|
|
urlForAuth(type, username, path) {
|
|
const authBackend = type.toLowerCase();
|
|
const authURLs = {
|
|
github: 'login',
|
|
jwt: 'login',
|
|
oidc: 'login',
|
|
userpass: `login/${encodeURIComponent(username)}`,
|
|
ldap: `login/${encodeURIComponent(username)}`,
|
|
okta: `login/${encodeURIComponent(username)}`,
|
|
radius: `login/${encodeURIComponent(username)}`,
|
|
token: 'lookup-self',
|
|
};
|
|
const urlSuffix = authURLs[authBackend];
|
|
const urlPrefix = path && authBackend !== 'token' ? path : authBackend;
|
|
if (!urlSuffix) {
|
|
throw new Error(`There is no auth url for ${type}.`);
|
|
}
|
|
return `/v1/auth/${urlPrefix}/${urlSuffix}`;
|
|
},
|
|
|
|
urlForReplication(replicationMode, clusterMode, endpoint) {
|
|
let suffix;
|
|
const errString = `Calls to replication ${endpoint} endpoint are not currently allowed in the vault cluster adapater`;
|
|
if (clusterMode) {
|
|
assert(errString, REPLICATION_ENDPOINTS[clusterMode].includes(endpoint));
|
|
suffix = `${replicationMode}/${clusterMode}/${endpoint}`;
|
|
} else {
|
|
assert(errString, REPLICATION_ENDPOINTS[endpoint]);
|
|
suffix = `${endpoint}`;
|
|
}
|
|
return `${this.buildURL()}/replication/${suffix}`;
|
|
},
|
|
|
|
replicationStatus() {
|
|
return this.ajax(`${this.buildURL()}/replication/status`, 'GET', { unauthenticated: true });
|
|
},
|
|
|
|
replicationDrPromote(data, options) {
|
|
const verb = options && options.checkStatus ? 'GET' : 'PUT';
|
|
return this.ajax(`${this.buildURL()}/replication/dr/secondary/promote`, verb, {
|
|
data,
|
|
unauthenticated: true,
|
|
});
|
|
},
|
|
|
|
generateDrOperationToken(data, options) {
|
|
let verb = options && options.checkStatus ? 'GET' : 'PUT';
|
|
if (options.cancel) {
|
|
verb = 'DELETE';
|
|
}
|
|
let url = `${this.buildURL()}/replication/dr/secondary/generate-operation-token/`;
|
|
if (!data || data.pgp_key || data.attempt) {
|
|
// start the generation
|
|
url = url + 'attempt';
|
|
} else {
|
|
// progress the operation
|
|
url = url + 'update';
|
|
}
|
|
return this.ajax(url, verb, {
|
|
data,
|
|
unauthenticated: true,
|
|
});
|
|
},
|
|
|
|
replicationAction(action, replicationMode, clusterMode, data) {
|
|
assert(
|
|
`${replicationMode} is an unsupported replication mode.`,
|
|
replicationMode && REPLICATION_MODES.includes(replicationMode)
|
|
);
|
|
|
|
const url =
|
|
action === 'recover' || action === 'reindex'
|
|
? this.urlForReplication(replicationMode, null, action)
|
|
: this.urlForReplication(replicationMode, clusterMode, action);
|
|
|
|
return this.ajax(url, 'POST', { data });
|
|
},
|
|
});
|