Commit graph

800 commits

Author SHA1 Message Date
Jeff Mitchell
b445783d65 Don't output log level twice in three node mode 2017-11-10 16:33:16 -05:00
Jeff Mitchell
547e18f9ed Add core numbers to output in dev three node 2017-11-10 16:21:46 -05:00
Brian Kassouf
6fc21d88e2
Add API methods for creating a DR Operation Token and make generate root accept strategy types (#3565)
* Add API and Command code for generating a DR Operation Token

* Update generate root to accept different token strategies
2017-11-10 10:19:42 -08:00
Calvin Leung Huang
faccf38997 Move HA-related config values to top level (#3550)
* Move HA-related config values to top level

* Add config2.hcl test-fixture
2017-11-08 14:19:41 -05:00
Calvin Leung Huang
c7b5b8b0b4 aws_region->region on awskms config 2017-11-02 16:31:16 -04:00
Vishal Nayak
66642a0935
External identity groups (#3447)
* external identity groups

* add local LDAP groups as well to group aliases

* add group aliases for okta credential backend

* Fix panic in tests

* fix build failure

* remove duplicated struct tag

* add test steps to test out removal of group member during renewals

* Add comment for having a prefix check in router

* fix tests

* s/parent_id/canonical_id

* s/parent/canonical in comments and errors
2017-11-02 16:05:48 -04:00
Jeff Mitchell
41568317e0
Redo API locking (#3508)
* Redo the API client quite a bit to make the behavior of NewClient more
predictable and add locking to make it safer to use with Clone() and if
multiple goroutines for some reason decide to change things.

Along the way I discovered that currently, the x/net/http2 package is
broke with the built-in h2 support in released Go. For those using
DefaultConfig (the vast majority of cases) this will be a non-event.
Others can manually call http2.ConfigureTransport as needed. We should
keep an eye on commits on that repo and consider more updates before
release. Alternately we could go back revisions but miss out on bug
fixes; my theory is that this is not a purposeful break and I'll be
following up on this in the Go issue tracker.

In a few tests that don't use NewTestCluster, either for legacy or other
reasons, ensure that http2.ConfigureTransport is called.

* Use tls config cloning

* Don't http2.ConfigureServer anymore as current Go seems to work properly without requiring the http2 package

* Address feedback
2017-11-02 09:30:04 -05:00
Jeff Mitchell
962ef74cb2
Add seal type to seal-status output. (#3516) 2017-11-01 21:00:41 -05:00
Seth Vargo
661fac88a4
Use renamed method 2017-10-24 09:39:51 -04:00
Jeff Mitchell
5256da0fab
Don't swallow errors on token functions. 2017-10-24 09:39:35 -04:00
Seth Vargo
b2f0c0d92d
Update to use hidden commands 2017-10-24 09:39:34 -04:00
Seth Vargo
be7c31f695
Fix bad rebase
Apparently I can't git...
2017-10-24 09:39:34 -04:00
Seth Vargo
80e757c3b2
More consistent output 2017-10-24 09:34:30 -04:00
Seth Vargo
9c76f0b2e5
Use a unified helper for seal output 2017-10-24 09:34:12 -04:00
Seth Vargo
23d1d9a1ac
Resolve the most painful merge conflict known on earth 2017-10-24 09:34:12 -04:00
Seth Vargo
3da398de34
Use vault login instead of vault list in example 2017-10-24 09:32:15 -04:00
Seth Vargo
b8e4b0d515
Standardize on "auth method"
This removes all references I could find to:

- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend

in favor of the unified:

- auth method
2017-10-24 09:32:15 -04:00
Seth Vargo
bd703adacd
Write all the deprecated commands together 2017-10-24 09:30:48 -04:00
Seth Vargo
3a84897213
Add a custom flag for specifying "system" ttls 2017-10-24 09:30:48 -04:00
Seth Vargo
b4d9d1517b
Move more formatting into base_helpers 2017-10-24 09:30:48 -04:00
Seth Vargo
d4e46e97f2
Update write command 2017-10-24 09:30:48 -04:00
Seth Vargo
54b6254763
Update unwrap command 2017-10-24 09:30:48 -04:00
Seth Vargo
f8b71c9baa
Update version command 2017-10-24 09:30:48 -04:00
Seth Vargo
cf0c219668
Update status command 2017-10-24 09:30:48 -04:00
Seth Vargo
6b5685a91f
Update ssh command 2017-10-24 09:30:48 -04:00
Seth Vargo
22dd8a23d7
Update server command 2017-10-24 09:30:48 -04:00
Seth Vargo
ef86e95eff
Add "operator" subcommand 2017-10-24 09:30:48 -04:00
Seth Vargo
387cce957e
Rename mounts to secrets engines and add the subcommand 2017-10-24 09:30:48 -04:00
Seth Vargo
d4b68970f3
Update read command 2017-10-24 09:30:48 -04:00
Seth Vargo
a34b2dae9f
Add "policy" subcommand 2017-10-24 09:30:48 -04:00
Seth Vargo
d695dbf111
Update path-help command 2017-10-24 09:30:48 -04:00
Seth Vargo
67611bfcd3
Update list command 2017-10-24 09:30:47 -04:00
Seth Vargo
9a80d9a8f8
Add lease subcommand 2017-10-24 09:30:47 -04:00
Seth Vargo
6b75e6e2bf
Update delete command 2017-10-24 09:30:47 -04:00
Seth Vargo
36eccfb424
Predict "generic" as a secrets engine 2017-10-24 09:30:47 -04:00
Seth Vargo
b50d7d69bd
Add token as a subcommand 2017-10-24 09:30:47 -04:00
Seth Vargo
98b356d7f1
Make audit a subcommand 2017-10-24 09:30:47 -04:00
Seth Vargo
5c5d06ecd7
Add login subcommand
This replaces the "auth" part of "vault auth"
2017-10-24 09:30:47 -04:00
Seth Vargo
fc535647fc
Introduce auth as a subcommand 2017-10-24 09:30:47 -04:00
Seth Vargo
b96015a386
Wire all commands together 2017-10-24 09:30:47 -04:00
Seth Vargo
9d1b0e640f
Update write command 2017-10-24 09:30:47 -04:00
Seth Vargo
f161584f0d
Update version command 2017-10-24 09:30:47 -04:00
Seth Vargo
01d4b5dd09
Update unwrap command 2017-10-24 09:30:47 -04:00
Seth Vargo
80c3d4f319
update unseal command 2017-10-24 09:30:47 -04:00
Seth Vargo
a84b6e4173
Update unmount command 2017-10-24 09:30:46 -04:00
Seth Vargo
621774e425
Update token-revoke command 2017-10-24 09:30:46 -04:00
Seth Vargo
c2a78c6cfe
Update token-renew command 2017-10-24 09:30:46 -04:00
Seth Vargo
618665bf8d
Update token-lookup command 2017-10-24 09:30:46 -04:00
Seth Vargo
eee5edb102
Update token-create command 2017-10-24 09:30:46 -04:00
Seth Vargo
ba5712ef4f
Update step-down command 2017-10-24 09:30:46 -04:00
Seth Vargo
bd33fe3c73
Update status command 2017-10-24 09:30:46 -04:00
Seth Vargo
9eb5978d1d
Update ssh command 2017-10-24 09:30:46 -04:00
Seth Vargo
f5b791108b
Update seal command 2017-10-24 09:30:46 -04:00
Seth Vargo
0380caedd9
Update rotate command 2017-10-24 09:30:46 -04:00
Seth Vargo
8df5905c34
Update revoke command 2017-10-24 09:30:46 -04:00
Seth Vargo
c6380da6ce
Update renew command 2017-10-24 09:30:46 -04:00
Seth Vargo
02dd8b975e
Update remount command 2017-10-24 09:30:46 -04:00
Seth Vargo
ec1677f3e7
Update rekey command 2017-10-24 09:30:46 -04:00
Seth Vargo
ad1482e123
Update read command 2017-10-24 09:29:37 -04:00
Seth Vargo
0d598a7f1e
Update policy-write command 2017-10-24 09:29:37 -04:00
Seth Vargo
cfd378187a
Update policy-list command 2017-10-24 09:29:37 -04:00
Seth Vargo
eece6eea4a
Update policy-delete command 2017-10-24 09:29:36 -04:00
Seth Vargo
f244e03fda
Update path-help command 2017-10-24 09:29:36 -04:00
Seth Vargo
3a0af6b8eb
Update mounts command 2017-10-24 09:29:36 -04:00
Seth Vargo
8f6a5c4a45
Update mount-tune command 2017-10-24 09:28:07 -04:00
Seth Vargo
5cc5b6c6a6
Update mount command 2017-10-24 09:28:07 -04:00
Seth Vargo
1047792f2d
Update list command 2017-10-24 09:28:07 -04:00
Seth Vargo
f93e3e3e70
Update key-status command 2017-10-24 09:28:07 -04:00
Seth Vargo
a3c4e35848
Update init command 2017-10-24 09:28:07 -04:00
Seth Vargo
6028c84a02
Update generate-root command 2017-10-24 09:28:07 -04:00
Seth Vargo
9d4e8c3529
Update format to not use colored UI for json/yaml 2017-10-24 09:28:07 -04:00
Seth Vargo
d38abb665b
Update delete command 2017-10-24 09:28:07 -04:00
Seth Vargo
a7589f7613
Update capabilities command 2017-10-24 09:28:06 -04:00
Seth Vargo
ae4bf4eec7
Add new auth-list command 2017-10-24 09:28:06 -04:00
Seth Vargo
4e55d014f5
Add new auth-help command 2017-10-24 09:28:06 -04:00
Seth Vargo
5988dfc436
Update auth-enable command 2017-10-24 09:28:06 -04:00
Seth Vargo
fb5fc77209
Update auth-disable command 2017-10-24 09:28:06 -04:00
Seth Vargo
9ff68fffa2
Update auth command 2017-10-24 09:28:06 -04:00
Seth Vargo
ca28cde14b
Update audit-list command 2017-10-24 09:28:06 -04:00
Seth Vargo
78160740f0
Update audit-enable command 2017-10-24 09:28:06 -04:00
Seth Vargo
3186d0d562
Update audit-disable command 2017-10-24 09:28:06 -04:00
Seth Vargo
738e4ea286
Add more testing helper functions 2017-10-24 09:28:06 -04:00
Seth Vargo
c81fc5b013
Remove wrapping tests
There are no dedicated tests for this, but ttl wrapping is littered throughout other tests
2017-10-24 09:28:06 -04:00
Seth Vargo
94df25dbf7
Detect terminal and use the output writer for raw fields
If the value is being "piped", we don't print colors or the newline character at the end. If it's not, we still give users pretty when selecting a raw field/value.
2017-10-24 09:28:06 -04:00
Seth Vargo
48ab42c32f
Add helper for decrypting via PGP in tests 2017-10-24 09:28:06 -04:00
Seth Vargo
fc58acbd7e
Remove unused file for tests 2017-10-24 09:28:06 -04:00
Seth Vargo
0cfb558f0b
Add more predictors 2017-10-24 09:28:06 -04:00
Seth Vargo
e3fff2a788
Read env config for predictions 2017-10-24 09:28:05 -04:00
Seth Vargo
2a4404c20a
Expand and centralize helpers 2017-10-24 09:28:05 -04:00
Seth Vargo
125f055903
Cleanup base flags a bit 2017-10-24 09:28:05 -04:00
Seth Vargo
4bd867c56a
Use a TokenHelper method
It's weird to have two different helper funcs that can return different errors
2017-10-24 09:28:05 -04:00
Seth Vargo
fceddbe724
Allow hiding flags 2017-10-24 09:28:05 -04:00
Seth Vargo
4d9a42aa20
Add an in-mem token helper for testing 2017-10-24 09:27:19 -04:00
Seth Vargo
1552436a12
Add interface assertions for token helpers
This will ensure they meet the right API
2017-10-24 09:27:19 -04:00
Seth Vargo
47a633b83e
Drop cli and meta packages
This centralizes all command-related things in the command package
2017-10-24 09:27:19 -04:00
Seth Vargo
792527bb83
Unwrap cli.Ui to get to the underlying writer
This allows us to write without a newline character, since the Ui
interface doesn't expose a direct Write() method.
2017-10-24 09:26:45 -04:00
Seth Vargo
b67f9404a8
Only print default values if they are non-zero 2017-10-24 09:26:44 -04:00
Seth Vargo
eacb3de759
More arbitrary function for wrapping at a length 2017-10-24 09:26:44 -04:00
Seth Vargo
eb4ab6840d
Delegate usage to the UI 2017-10-24 09:26:44 -04:00
Seth Vargo
3a1479bc8c
Make predict it's own struct
The previous architecture would create an API client many times, slowing down the CLI exponentially for each new command added.
2017-10-24 09:26:44 -04:00