Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add possibility to specify type in create_token #393

Merged
merged 2 commits into from Mar 29, 2019

Conversation

Projects
None yet
3 participants
@uepoch
Copy link
Contributor

commented Feb 15, 2019

All errors related to explicit_max_ttl / root batch token / ... will get thrown by server

Add possibility to specify type in create_token
All errors related to explicit_max_ttl / root batch token / ... will get thrown by server
@jeffwecan

This comment has been minimized.

Copy link
Collaborator

commented Feb 18, 2019

Thanks @uepoch! Just need a couple style changes to get the tests passing here:

./hvac/v1/__init__.py:342:1: W293 blank line contains whitespace
./hvac/v1/__init__.py:344:9: E303 too many blank lines (2)

Also wouldn't mind if you added an integration test case to cover the new kwarg being added here 😉.

@jeffwecan jeffwecan added the token label Feb 18, 2019

@jeffwecan jeffwecan added this to the 0.7.3 milestone Feb 18, 2019

@uepoch

This comment has been minimized.

Copy link
Contributor Author

commented Feb 18, 2019

Alright, will do that this evening

@codecov-io

This comment has been minimized.

Copy link

commented Mar 28, 2019

Codecov Report

Merging #393 into develop will decrease coverage by 0.11%.
The diff coverage is 100%.

@@             Coverage Diff             @@
##           develop     #393      +/-   ##
===========================================
- Coverage    91.55%   91.43%   -0.12%     
===========================================
  Files           44       45       +1     
  Lines         2273     2359      +86     
===========================================
+ Hits          2081     2157      +76     
- Misses         192      202      +10
Impacted Files Coverage Δ
hvac/v1/__init__.py 86.13% <100%> (-0.03%) ⬇️
hvac/api/secrets_engines/aws.py 98.21% <0%> (-1.79%) ⬇️
hvac/api/auth_methods/kubernetes.py 97.77% <0%> (ø)
hvac/utils.py 75.53% <0%> (+0.53%) ⬆️
hvac/api/auth_methods/__init__.py 75% <0%> (+1.31%) ⬆️

@jeffwecan jeffwecan merged commit 7a102d2 into hvac:develop Mar 29, 2019

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

jsporna added a commit to jsporna/hvac that referenced this pull request Apr 4, 2019

Update fork (#1)
* Release v0.7.2 (hvac#371)

* Tweak Travis CI Configuration (hvac#360)

* drop sudo: false

* remove explicit dist

* simplify build matrix

* change flake8 toxenv name to avoid matching tox-travis default prefixes

* Remove unnecessary `export PATH` "script" step

* Simplify env from list to k/v string

* Clarifying comment re: flake8

* Simplify "allowed failures" row matching

* Speed up overall build time with fast_finish: true

* Rearrange comment to same line being commented on

* Include python 3.7 build jobs

* Bump 0.11 and 1.0 Vault vers to latest patch ver

* Also run flake8 for python 3.7

* Also include "py37" on the tox side of things

* Keep "dist: xenial" for python 3.7 availability

* Tweak flake8 job names for readability

* Shorten comment

* Backporting Master (hvac#362)

* fix double slash (hvac#352)

When called, double slash results in 301 HTTP code and the redirect which is necessary

* Release v0.7.1 (hvac#357)

* Develop is the new integration branch

* Handle "Misses" for Identity Secrets Lookups (hvac#331)

* Regression tests for group lookup misses

* Return None for group lookup misses

* Regression tests for entity lookup misses

* Return None for entity lookup misses

* Also update docstrings

* Move Test Cases out of Package Directory (hvac#334)

* use utils function to get test data path

* rename test => tests and move contents into config_files subdir

* Move scripts subdir under tests dir in root

* Move generate.sh into scripts subdir

* Update paths in generate_test_cert.sh

* clean up config_files readme a smidge

* move test dir into repo root dir

* update import paths

* start breaking out test utils into module

* Break out mock_github_request_handler

* Break out hvac_integration_test_case

* Break out server_manager

* Remove .coveragerc until / unless it is needed once again

* Add Okta Auth Method Class (hvac#341)

* Rename auth subdir under unit_tests

* bonus GCP docs heading fix

* Add Okta auth method docs

* Add Okta auth method test cases

* Add Okta auth method class implementation

* Add pretty_print arg to create_or_update_policy (hvac#342)

* Add pretty_print arg

* Skip new test on Vault v0.11.0

* Bump Vault Versions - Vault v1.0.0 (hvac#344)

* fix TOXENV for 3.6 jobs

* Drop v0.8.3, add v1.0.0

* Update readme

* Handle different response keys in Vault v1.0.0

* Also work around new list response return type

* Add get_generate_root_otp utils method for v1.0.0 and/or previous vers

* Update missed TOXENV arg under allow_failures dict

* Call out why v0.11.0 is hanging about

* Clarify name/purpose of vault ver comparison methods

* Fix identity group conditionals (hvac#346)

* Add regression tests

* Fix member entity/group ids logic in group methods

* DRY up conditional logic

* Add missing docstring content

* Gcp login doc update for issue 345 (hvac#350)

* Clarify source links

* add google-api-python-client example

* Clean up unintentional modification

* Fix For read_health_status() Exception Handling (hvac#347)

* Add url param for create_client

* Install consul for test cases involving Vault HA

* Update test harness with optional Vault HA / consul set up

* Add regerssion test cases for issue hvac#339

* Add raise_exception param to requests

* Use raise_exception param in read_health_status method

* Add ipaddress module per github.com/urllib3/urllib3/issues/1117?

Somehow ended up with this urllib3 error for python 2.7 otherwise:
"urllib3.connection: ERROR: Certificate did not match expected hostname:
127.0.0.1. Certificate: {'serialNumber': u'8D267F50728FF454',
'subject': ((('commonName', u'localhost'),),),
'notAfter': 'May 14 22:44:13 2025 GMT',
'notBefore': u'May 17 22:44:13 2015 GMT',
'subjectAltName': (('DNS', 'localhost'), ('IP Address', '127.0.0.1')),
'issuer': ((('commonName', u'localhost'),),), 'version': 3L}

* Clarify docstring a bit

* Also add cases to cover both HEAD and GET methods

* Remove standby node magic strings; use method instead

* Fix seal_status Call (hvac#354)

* Add regression tests

* Fix seal_status call

* More meaningful assertion

* Fix Request Redirection Handling (hvac#348)

* simplify chained comparison

* Ensure regression unit test case coverage for paths/redirects

* Revert redirection handling back to the requests module

* Handle double slashes in paths

* Fix syntax for python 2.7

* Log when we transform a requested url

* Explictly assert that we have the expect requests in mocker history

* Clarify lease docs (hvac#355)

* Updates for upcoming release 0.7.1

* Bump patch version to 0.7.1

* prune tests from packages (hvac#356)

* Wait for test kvv2 secrets engine to show up in list (hvac#361)

* Set "skip_missing_interpreters" to true in global tox config (hvac#363)

* Set "skip_missing_interpreters" to true in global tox config

* go full env string expansion 😝 cause why not

* Fix For Intermittent Health Test Case Failure (hvac#364)

* Ensure we get an active node when needed

* Remove unneeded debug call

* Simplify flake8 env for travis-ci + tox (hvac#365)

* Simplify flake8 env for travis-ci + tox

* Add missing comma

* Test Documentation Compilation (hvac#366)

* Update docs requirements to be more explicit

* Test that docs can build cleanly

* Fix m2r requirement

* Clearer job name

* Default to first python ver in the matrix...

* Further clarify job name

* Reorder tox directives a smidge...

* Cleanup setup.py a bit (hvac#367)

* Update author / author_email

* Move some auxiliary logic into methods

* gmai.com -> gmail.com

* reorder author names

* Use pip-compile For All Requirements (hvac#368)

* Add section covering requirement updates

* Add .in req files, breakout parser (pyhcl) extra_require

* pip-compile all the things

* Pull in latest reqs for docs for good measure

* Add update-all-reqs Makefile targets

* Define "parser" requirements in just one place

* Add clarifying comment

* Simplify new Makefile targets a smidge

* comment bout comments

* Makefile clarifying comment

* Use abs paths starting from setup.py location

* Also dynamically populate install_requires

* Revert requirements loading in setup.py; tis a silly thing to do

* Bump install_requires / extras_require min versions

* Drop extra "parser" requirements as its not strictly needed

* Drop use of "version" file (hvac#369)

* Drop use of "version" file

* Clarify updated bumpversion release step

* Fix grammerz

* Remove inadvertently committed hvac/version file

* Organize imports

* Add AWS Secrets Engine Class (hvac#370)

* auto generated script

* Include Docs

* "Implement" Aws class

* Tweak docstrings and whatnot

* Param tweaks

* update convert ttl for aws secrets return values

* First pass on aws secrets engine tests

* Fix headings

* Cleanup unused mock server logic, additional role params

* Accept policy_document dict param type

* Start filling in aws secrets docs

* E501 line too long (162 > 160 characters)

* First pass at handling legacy params

* Different status code from Vault v0.11.0 :\

* Fill in legacy_params-related comments / docstrings

* Also update docs

* Add contents section and upper case heading

* Adding a Twitter Badge (hvac#372)

* Split up icons with linebreaks

* Add Twitter badge for @hvac_python

* Adding Header image (hvac#373)

* Add header image

* Update twitter handle

* Update content email and test URLs

* Commit header image

* Update header image URL to final resting place

* Changelog updates for v0.7.2 release

* Update release steps

* Update copyright date

* Bump version: 0.7.1 → 0.7.2

* Clean up vestigial version target reference

* Add Kubernetes Auth Method (hvac#408)

* Release v0.7.2 (hvac#371)

* Tweak Travis CI Configuration (hvac#360)

* drop sudo: false

* remove explicit dist

* simplify build matrix

* change flake8 toxenv name to avoid matching tox-travis default prefixes

* Remove unnecessary `export PATH` "script" step

* Simplify env from list to k/v string

* Clarifying comment re: flake8

* Simplify "allowed failures" row matching

* Speed up overall build time with fast_finish: true

* Rearrange comment to same line being commented on

* Include python 3.7 build jobs

* Bump 0.11 and 1.0 Vault vers to latest patch ver

* Also run flake8 for python 3.7

* Also include "py37" on the tox side of things

* Keep "dist: xenial" for python 3.7 availability

* Tweak flake8 job names for readability

* Shorten comment

* Backporting Master (hvac#362)

* fix double slash (hvac#352)

When called, double slash results in 301 HTTP code and the redirect which is necessary

* Release v0.7.1 (hvac#357)

* Develop is the new integration branch

* Handle "Misses" for Identity Secrets Lookups (hvac#331)

* Regression tests for group lookup misses

* Return None for group lookup misses

* Regression tests for entity lookup misses

* Return None for entity lookup misses

* Also update docstrings

* Move Test Cases out of Package Directory (hvac#334)

* use utils function to get test data path

* rename test => tests and move contents into config_files subdir

* Move scripts subdir under tests dir in root

* Move generate.sh into scripts subdir

* Update paths in generate_test_cert.sh

* clean up config_files readme a smidge

* move test dir into repo root dir

* update import paths

* start breaking out test utils into module

* Break out mock_github_request_handler

* Break out hvac_integration_test_case

* Break out server_manager

* Remove .coveragerc until / unless it is needed once again

* Add Okta Auth Method Class (hvac#341)

* Rename auth subdir under unit_tests

* bonus GCP docs heading fix

* Add Okta auth method docs

* Add Okta auth method test cases

* Add Okta auth method class implementation

* Add pretty_print arg to create_or_update_policy (hvac#342)

* Add pretty_print arg

* Skip new test on Vault v0.11.0

* Bump Vault Versions - Vault v1.0.0 (hvac#344)

* fix TOXENV for 3.6 jobs

* Drop v0.8.3, add v1.0.0

* Update readme

* Handle different response keys in Vault v1.0.0

* Also work around new list response return type

* Add get_generate_root_otp utils method for v1.0.0 and/or previous vers

* Update missed TOXENV arg under allow_failures dict

* Call out why v0.11.0 is hanging about

* Clarify name/purpose of vault ver comparison methods

* Fix identity group conditionals (hvac#346)

* Add regression tests

* Fix member entity/group ids logic in group methods

* DRY up conditional logic

* Add missing docstring content

* Gcp login doc update for issue 345 (hvac#350)

* Clarify source links

* add google-api-python-client example

* Clean up unintentional modification

* Fix For read_health_status() Exception Handling (hvac#347)

* Add url param for create_client

* Install consul for test cases involving Vault HA

* Update test harness with optional Vault HA / consul set up

* Add regerssion test cases for issue hvac#339

* Add raise_exception param to requests

* Use raise_exception param in read_health_status method

* Add ipaddress module per github.com/urllib3/urllib3/issues/1117?

Somehow ended up with this urllib3 error for python 2.7 otherwise:
"urllib3.connection: ERROR: Certificate did not match expected hostname:
127.0.0.1. Certificate: {'serialNumber': u'8D267F50728FF454',
'subject': ((('commonName', u'localhost'),),),
'notAfter': 'May 14 22:44:13 2025 GMT',
'notBefore': u'May 17 22:44:13 2015 GMT',
'subjectAltName': (('DNS', 'localhost'), ('IP Address', '127.0.0.1')),
'issuer': ((('commonName', u'localhost'),),), 'version': 3L}

* Clarify docstring a bit

* Also add cases to cover both HEAD and GET methods

* Remove standby node magic strings; use method instead

* Fix seal_status Call (hvac#354)

* Add regression tests

* Fix seal_status call

* More meaningful assertion

* Fix Request Redirection Handling (hvac#348)

* simplify chained comparison

* Ensure regression unit test case coverage for paths/redirects

* Revert redirection handling back to the requests module

* Handle double slashes in paths

* Fix syntax for python 2.7

* Log when we transform a requested url

* Explictly assert that we have the expect requests in mocker history

* Clarify lease docs (hvac#355)

* Updates for upcoming release 0.7.1

* Bump patch version to 0.7.1

* prune tests from packages (hvac#356)

* Wait for test kvv2 secrets engine to show up in list (hvac#361)

* Set "skip_missing_interpreters" to true in global tox config (hvac#363)

* Set "skip_missing_interpreters" to true in global tox config

* go full env string expansion 😝 cause why not

* Fix For Intermittent Health Test Case Failure (hvac#364)

* Ensure we get an active node when needed

* Remove unneeded debug call

* Simplify flake8 env for travis-ci + tox (hvac#365)

* Simplify flake8 env for travis-ci + tox

* Add missing comma

* Test Documentation Compilation (hvac#366)

* Update docs requirements to be more explicit

* Test that docs can build cleanly

* Fix m2r requirement

* Clearer job name

* Default to first python ver in the matrix...

* Further clarify job name

* Reorder tox directives a smidge...

* Cleanup setup.py a bit (hvac#367)

* Update author / author_email

* Move some auxiliary logic into methods

* gmai.com -> gmail.com

* reorder author names

* Use pip-compile For All Requirements (hvac#368)

* Add section covering requirement updates

* Add .in req files, breakout parser (pyhcl) extra_require

* pip-compile all the things

* Pull in latest reqs for docs for good measure

* Add update-all-reqs Makefile targets

* Define "parser" requirements in just one place

* Add clarifying comment

* Simplify new Makefile targets a smidge

* comment bout comments

* Makefile clarifying comment

* Use abs paths starting from setup.py location

* Also dynamically populate install_requires

* Revert requirements loading in setup.py; tis a silly thing to do

* Bump install_requires / extras_require min versions

* Drop extra "parser" requirements as its not strictly needed

* Drop use of "version" file (hvac#369)

* Drop use of "version" file

* Clarify updated bumpversion release step

* Fix grammerz

* Remove inadvertently committed hvac/version file

* Organize imports

* Add AWS Secrets Engine Class (hvac#370)

* auto generated script

* Include Docs

* "Implement" Aws class

* Tweak docstrings and whatnot

* Param tweaks

* update convert ttl for aws secrets return values

* First pass on aws secrets engine tests

* Fix headings

* Cleanup unused mock server logic, additional role params

* Accept policy_document dict param type

* Start filling in aws secrets docs

* E501 line too long (162 > 160 characters)

* First pass at handling legacy params

* Different status code from Vault v0.11.0 :\

* Fill in legacy_params-related comments / docstrings

* Also update docs

* Add contents section and upper case heading

* Adding a Twitter Badge (hvac#372)

* Split up icons with linebreaks

* Add Twitter badge for @hvac_python

* Adding Header image (hvac#373)

* Add header image

* Update twitter handle

* Update content email and test URLs

* Commit header image

* Update header image URL to final resting place

* Changelog updates for v0.7.2 release

* Update release steps

* Update copyright date

* Bump version: 0.7.1 → 0.7.2

* Clean up vestigial version target reference

* add auth method for Kubernetes

* add tests for Kubernetes auth method

* add function  for check certificate PEM format

* update project common files

* change dict multiline to oneline

* fix gcp integration tests with bound_service_accounts

* Add support for setting VAULT_ADDR and VAULT_TOKEN via env vars (hvac#411)

* Fix delete_role_secret_id_accessor method (hvac#375)

* Fix delete_role_secret_id_accessor method

* Fix unit test as well

* hvac#376 : fix length in transit.generate_random_bytes() (hvac#377)

The parameter in the HTTP request was incorrect according to the
latest vault API
https://www.vaultproject.io/api/secret/transit/index.html

* Update Test Runs With Latest Vault Versions (1.0.3 & 1.1.0) (hvac#396)

* test with the latest vault 1.0.X (1.0.3)

* Add in 1.1.0, drop 0.9.6

* Explictly enable kv v1 secrets engine

* Ensure kv v1 secrets engine under /secret for legacy test cases

* Explictly enable kv v1 secrets engine for sys test classes

* fix indentation

* -Fixed AWS sts generation to use POST rather than GET. (hvac#392)

* Add possibility to specify type in create_token (hvac#393)

* Add possibility to specify type in create_token

All errors related to explicit_max_ttl / root batch token / ... will get thrown by server

* Fix E303/W293 flake8 complaints

* Add initial retrieve_mount_option method

* Fix recovery_threshold / recovery_shares conditional

* fix docstring typo

* Fix allowed kv versions logic

* Tweak server manager logic a bit

* Add doctest for getting started bits

* Add missing colon in docstring

* Fix getting-started link

* Drop stray comments

* Ensure kv engine enabled for v1.1.0 doctests

* Bump requested go version so we can build Vault HEAD ref (hvac#412)

* Fix formatting

* drop stray character / typo

* Do no run doctest during readthedocs builds

* Changelog updates for v0.8.0 release

* Bump version: 0.7.2 → 0.8.0

* Drop RST markup that made it into the readme

* Hacky workaround / fork of doctest for RTD builds

* Drop remaining HVAC_RENDER_DOCTESTS references

* Clarify some wording

* Ignore forked sphinx ext for the purposes of flake8 for now

* Revert "Fix recovery_threshold / recovery_shares conditional"

This reverts commit e363738.

* Changelog updates for v0.8.1 release

* Bump version: 0.8.0 → 0.8.1

* Actually do not install tests

In hvac#294 `tests` directory was moved out from `hvac` with the intention to not
install tests into site-packages. However, find_packages() still finds and
installs it, this time as a top-level package. Pass it into exclude to really
skip it.

Same thing for `docs`.

* Fix precedence of `VAULT_ADDR` environment variable vs client `url` parameter

Fixes hvac#421.

The vault CLI priorities the `-address` flag over the `VAULT_ADDR`
environment variable. This commit aligns hvac to that behaviour.

* Move client default url value to client constants

* Changelog updates for v0.8.2 release

* Bump version: 0.8.1 → 0.8.2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.