Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update fork #1

Merged
merged 46 commits into from Apr 4, 2019

Conversation

Projects
None yet
@jsporna
Copy link
Owner

commented Apr 4, 2019

update fork

jeffwecan and others added some commits Jan 1, 2019

Release v0.7.2 (hvac#371)
* Tweak Travis CI Configuration (hvac#360)

* drop sudo: false

* remove explicit dist

* simplify build matrix

* change flake8 toxenv name to avoid matching tox-travis default prefixes

* Remove unnecessary `export PATH` "script" step

* Simplify env from list to k/v string

* Clarifying comment re: flake8

* Simplify "allowed failures" row matching

* Speed up overall build time with fast_finish: true

* Rearrange comment to same line being commented on

* Include python 3.7 build jobs

* Bump 0.11 and 1.0 Vault vers to latest patch ver

* Also run flake8 for python 3.7

* Also include "py37" on the tox side of things

* Keep "dist: xenial" for python 3.7 availability

* Tweak flake8 job names for readability

* Shorten comment

* Backporting Master (hvac#362)

* fix double slash (hvac#352)

When called, double slash results in 301 HTTP code and the redirect which is necessary

* Release v0.7.1 (hvac#357)

* Develop is the new integration branch

* Handle "Misses" for Identity Secrets Lookups (hvac#331)

* Regression tests for group lookup misses

* Return None for group lookup misses

* Regression tests for entity lookup misses

* Return None for entity lookup misses

* Also update docstrings

* Move Test Cases out of Package Directory (hvac#334)

* use utils function to get test data path

* rename test => tests and move contents into config_files subdir

* Move scripts subdir under tests dir in root

* Move generate.sh into scripts subdir

* Update paths in generate_test_cert.sh

* clean up config_files readme a smidge

* move test dir into repo root dir

* update import paths

* start breaking out test utils into module

* Break out mock_github_request_handler

* Break out hvac_integration_test_case

* Break out server_manager

* Remove .coveragerc until / unless it is needed once again

* Add Okta Auth Method Class (hvac#341)

* Rename auth subdir under unit_tests

* bonus GCP docs heading fix

* Add Okta auth method docs

* Add Okta auth method test cases

* Add Okta auth method class implementation

* Add pretty_print arg to create_or_update_policy (hvac#342)

* Add pretty_print arg

* Skip new test on Vault v0.11.0

* Bump Vault Versions - Vault v1.0.0 (hvac#344)

* fix TOXENV for 3.6 jobs

* Drop v0.8.3, add v1.0.0

* Update readme

* Handle different response keys in Vault v1.0.0

* Also work around new list response return type

* Add get_generate_root_otp utils method for v1.0.0 and/or previous vers

* Update missed TOXENV arg under allow_failures dict

* Call out why v0.11.0 is hanging about

* Clarify name/purpose of vault ver comparison methods

* Fix identity group conditionals (hvac#346)

* Add regression tests

* Fix member entity/group ids logic in group methods

* DRY up conditional logic

* Add missing docstring content

* Gcp login doc update for issue 345 (hvac#350)

* Clarify source links

* add google-api-python-client example

* Clean up unintentional modification

* Fix For read_health_status() Exception Handling (hvac#347)

* Add url param for create_client

* Install consul for test cases involving Vault HA

* Update test harness with optional Vault HA / consul set up

* Add regerssion test cases for issue hvac#339

* Add raise_exception param to requests

* Use raise_exception param in read_health_status method

* Add ipaddress module per github.com/urllib3/urllib3/issues/1117?

Somehow ended up with this urllib3 error for python 2.7 otherwise:
"urllib3.connection: ERROR: Certificate did not match expected hostname:
127.0.0.1. Certificate: {'serialNumber': u'8D267F50728FF454',
'subject': ((('commonName', u'localhost'),),),
'notAfter': 'May 14 22:44:13 2025 GMT',
'notBefore': u'May 17 22:44:13 2015 GMT',
'subjectAltName': (('DNS', 'localhost'), ('IP Address', '127.0.0.1')),
'issuer': ((('commonName', u'localhost'),),), 'version': 3L}

* Clarify docstring a bit

* Also add cases to cover both HEAD and GET methods

* Remove standby node magic strings; use method instead

* Fix seal_status Call (hvac#354)

* Add regression tests

* Fix seal_status call

* More meaningful assertion

* Fix Request Redirection Handling (hvac#348)

* simplify chained comparison

* Ensure regression unit test case coverage for paths/redirects

* Revert redirection handling back to the requests module

* Handle double slashes in paths

* Fix syntax for python 2.7

* Log when we transform a requested url

* Explictly assert that we have the expect requests in mocker history

* Clarify lease docs (hvac#355)

* Updates for upcoming release 0.7.1

* Bump patch version to 0.7.1

* prune tests from packages (hvac#356)

* Wait for test kvv2 secrets engine to show up in list (hvac#361)

* Set "skip_missing_interpreters" to true in global tox config (hvac#363)

* Set "skip_missing_interpreters" to true in global tox config

* go full env string expansion 😝 cause why not

* Fix For Intermittent Health Test Case Failure (hvac#364)

* Ensure we get an active node when needed

* Remove unneeded debug call

* Simplify flake8 env for travis-ci + tox (hvac#365)

* Simplify flake8 env for travis-ci + tox

* Add missing comma

* Test Documentation Compilation (hvac#366)

* Update docs requirements to be more explicit

* Test that docs can build cleanly

* Fix m2r requirement

* Clearer job name

* Default to first python ver in the matrix...

* Further clarify job name

* Reorder tox directives a smidge...

* Cleanup setup.py a bit (hvac#367)

* Update author / author_email

* Move some auxiliary logic into methods

* gmai.com -> gmail.com

* reorder author names

* Use pip-compile For All Requirements (hvac#368)

* Add section covering requirement updates

* Add .in req files, breakout parser (pyhcl) extra_require

* pip-compile all the things

* Pull in latest reqs for docs for good measure

* Add update-all-reqs Makefile targets

* Define "parser" requirements in just one place

* Add clarifying comment

* Simplify new Makefile targets a smidge

* comment bout comments

* Makefile clarifying comment

* Use abs paths starting from setup.py location

* Also dynamically populate install_requires

* Revert requirements loading in setup.py; tis a silly thing to do

* Bump install_requires / extras_require min versions

* Drop extra "parser" requirements as its not strictly needed

* Drop use of "version" file (hvac#369)

* Drop use of "version" file

* Clarify updated bumpversion release step

* Fix grammerz

* Remove inadvertently committed hvac/version file

* Organize imports

* Add AWS Secrets Engine Class (hvac#370)

* auto generated script

* Include Docs

* "Implement" Aws class

* Tweak docstrings and whatnot

* Param tweaks

* update convert ttl for aws secrets return values

* First pass on aws secrets engine tests

* Fix headings

* Cleanup unused mock server logic, additional role params

* Accept policy_document dict param type

* Start filling in aws secrets docs

* E501 line too long (162 > 160 characters)

* First pass at handling legacy params

* Different status code from Vault v0.11.0 :\

* Fill in legacy_params-related comments / docstrings

* Also update docs

* Add contents section and upper case heading

* Adding a Twitter Badge (hvac#372)

* Split up icons with linebreaks

* Add Twitter badge for @hvac_python

* Adding Header image (hvac#373)

* Add header image

* Update twitter handle

* Update content email and test URLs

* Commit header image

* Update header image URL to final resting place

* Changelog updates for v0.7.2 release

* Update release steps

* Update copyright date

* Bump version: 0.7.1 → 0.7.2

* Clean up vestigial version target reference
Add Kubernetes Auth Method (hvac#408)
* Release v0.7.2 (hvac#371)

* Tweak Travis CI Configuration (hvac#360)

* drop sudo: false

* remove explicit dist

* simplify build matrix

* change flake8 toxenv name to avoid matching tox-travis default prefixes

* Remove unnecessary `export PATH` "script" step

* Simplify env from list to k/v string

* Clarifying comment re: flake8

* Simplify "allowed failures" row matching

* Speed up overall build time with fast_finish: true

* Rearrange comment to same line being commented on

* Include python 3.7 build jobs

* Bump 0.11 and 1.0 Vault vers to latest patch ver

* Also run flake8 for python 3.7

* Also include "py37" on the tox side of things

* Keep "dist: xenial" for python 3.7 availability

* Tweak flake8 job names for readability

* Shorten comment

* Backporting Master (hvac#362)

* fix double slash (hvac#352)

When called, double slash results in 301 HTTP code and the redirect which is necessary

* Release v0.7.1 (hvac#357)

* Develop is the new integration branch

* Handle "Misses" for Identity Secrets Lookups (hvac#331)

* Regression tests for group lookup misses

* Return None for group lookup misses

* Regression tests for entity lookup misses

* Return None for entity lookup misses

* Also update docstrings

* Move Test Cases out of Package Directory (hvac#334)

* use utils function to get test data path

* rename test => tests and move contents into config_files subdir

* Move scripts subdir under tests dir in root

* Move generate.sh into scripts subdir

* Update paths in generate_test_cert.sh

* clean up config_files readme a smidge

* move test dir into repo root dir

* update import paths

* start breaking out test utils into module

* Break out mock_github_request_handler

* Break out hvac_integration_test_case

* Break out server_manager

* Remove .coveragerc until / unless it is needed once again

* Add Okta Auth Method Class (hvac#341)

* Rename auth subdir under unit_tests

* bonus GCP docs heading fix

* Add Okta auth method docs

* Add Okta auth method test cases

* Add Okta auth method class implementation

* Add pretty_print arg to create_or_update_policy (hvac#342)

* Add pretty_print arg

* Skip new test on Vault v0.11.0

* Bump Vault Versions - Vault v1.0.0 (hvac#344)

* fix TOXENV for 3.6 jobs

* Drop v0.8.3, add v1.0.0

* Update readme

* Handle different response keys in Vault v1.0.0

* Also work around new list response return type

* Add get_generate_root_otp utils method for v1.0.0 and/or previous vers

* Update missed TOXENV arg under allow_failures dict

* Call out why v0.11.0 is hanging about

* Clarify name/purpose of vault ver comparison methods

* Fix identity group conditionals (hvac#346)

* Add regression tests

* Fix member entity/group ids logic in group methods

* DRY up conditional logic

* Add missing docstring content

* Gcp login doc update for issue 345 (hvac#350)

* Clarify source links

* add google-api-python-client example

* Clean up unintentional modification

* Fix For read_health_status() Exception Handling (hvac#347)

* Add url param for create_client

* Install consul for test cases involving Vault HA

* Update test harness with optional Vault HA / consul set up

* Add regerssion test cases for issue hvac#339

* Add raise_exception param to requests

* Use raise_exception param in read_health_status method

* Add ipaddress module per github.com/urllib3/urllib3/issues/1117?

Somehow ended up with this urllib3 error for python 2.7 otherwise:
"urllib3.connection: ERROR: Certificate did not match expected hostname:
127.0.0.1. Certificate: {'serialNumber': u'8D267F50728FF454',
'subject': ((('commonName', u'localhost'),),),
'notAfter': 'May 14 22:44:13 2025 GMT',
'notBefore': u'May 17 22:44:13 2015 GMT',
'subjectAltName': (('DNS', 'localhost'), ('IP Address', '127.0.0.1')),
'issuer': ((('commonName', u'localhost'),),), 'version': 3L}

* Clarify docstring a bit

* Also add cases to cover both HEAD and GET methods

* Remove standby node magic strings; use method instead

* Fix seal_status Call (hvac#354)

* Add regression tests

* Fix seal_status call

* More meaningful assertion

* Fix Request Redirection Handling (hvac#348)

* simplify chained comparison

* Ensure regression unit test case coverage for paths/redirects

* Revert redirection handling back to the requests module

* Handle double slashes in paths

* Fix syntax for python 2.7

* Log when we transform a requested url

* Explictly assert that we have the expect requests in mocker history

* Clarify lease docs (hvac#355)

* Updates for upcoming release 0.7.1

* Bump patch version to 0.7.1

* prune tests from packages (hvac#356)

* Wait for test kvv2 secrets engine to show up in list (hvac#361)

* Set "skip_missing_interpreters" to true in global tox config (hvac#363)

* Set "skip_missing_interpreters" to true in global tox config

* go full env string expansion 😝 cause why not

* Fix For Intermittent Health Test Case Failure (hvac#364)

* Ensure we get an active node when needed

* Remove unneeded debug call

* Simplify flake8 env for travis-ci + tox (hvac#365)

* Simplify flake8 env for travis-ci + tox

* Add missing comma

* Test Documentation Compilation (hvac#366)

* Update docs requirements to be more explicit

* Test that docs can build cleanly

* Fix m2r requirement

* Clearer job name

* Default to first python ver in the matrix...

* Further clarify job name

* Reorder tox directives a smidge...

* Cleanup setup.py a bit (hvac#367)

* Update author / author_email

* Move some auxiliary logic into methods

* gmai.com -> gmail.com

* reorder author names

* Use pip-compile For All Requirements (hvac#368)

* Add section covering requirement updates

* Add .in req files, breakout parser (pyhcl) extra_require

* pip-compile all the things

* Pull in latest reqs for docs for good measure

* Add update-all-reqs Makefile targets

* Define "parser" requirements in just one place

* Add clarifying comment

* Simplify new Makefile targets a smidge

* comment bout comments

* Makefile clarifying comment

* Use abs paths starting from setup.py location

* Also dynamically populate install_requires

* Revert requirements loading in setup.py; tis a silly thing to do

* Bump install_requires / extras_require min versions

* Drop extra "parser" requirements as its not strictly needed

* Drop use of "version" file (hvac#369)

* Drop use of "version" file

* Clarify updated bumpversion release step

* Fix grammerz

* Remove inadvertently committed hvac/version file

* Organize imports

* Add AWS Secrets Engine Class (hvac#370)

* auto generated script

* Include Docs

* "Implement" Aws class

* Tweak docstrings and whatnot

* Param tweaks

* update convert ttl for aws secrets return values

* First pass on aws secrets engine tests

* Fix headings

* Cleanup unused mock server logic, additional role params

* Accept policy_document dict param type

* Start filling in aws secrets docs

* E501 line too long (162 > 160 characters)

* First pass at handling legacy params

* Different status code from Vault v0.11.0 :\

* Fill in legacy_params-related comments / docstrings

* Also update docs

* Add contents section and upper case heading

* Adding a Twitter Badge (hvac#372)

* Split up icons with linebreaks

* Add Twitter badge for @hvac_python

* Adding Header image (hvac#373)

* Add header image

* Update twitter handle

* Update content email and test URLs

* Commit header image

* Update header image URL to final resting place

* Changelog updates for v0.7.2 release

* Update release steps

* Update copyright date

* Bump version: 0.7.1 → 0.7.2

* Clean up vestigial version target reference

* add auth method for Kubernetes

* add tests for Kubernetes auth method

* add function  for check certificate PEM format

* update project common files

* change dict multiline to oneline

* fix gcp integration tests with bound_service_accounts
Fix delete_role_secret_id_accessor method (hvac#375)
* Fix delete_role_secret_id_accessor method

* Fix unit test as well
hvac#376 : fix length in transit.generate_random_bytes() (hvac#377)
The parameter in the HTTP request was incorrect according to the
latest vault API
https://www.vaultproject.io/api/secret/transit/index.html
Update Test Runs With Latest Vault Versions (1.0.3 & 1.1.0) (hvac#396)
* test with the latest vault 1.0.X (1.0.3)

* Add in 1.1.0, drop 0.9.6

* Explictly enable kv v1 secrets engine

* Ensure kv v1 secrets engine under /secret for legacy test cases

* Explictly enable kv v1 secrets engine for sys test classes

* fix indentation
Add possibility to specify type in create_token (hvac#393)
* Add possibility to specify type in create_token

All errors related to explicit_max_ttl / root batch token / ... will get thrown by server

* Fix E303/W293 flake8 complaints
Update Readme + Add Doctests (hvac#413)
* Add initial retrieve_mount_option method

* Fix recovery_threshold / recovery_shares conditional

* fix docstring typo

* Fix allowed kv versions logic

* Tweak server manager logic a bit

* Add doctest for getting started bits

* Add missing colon in docstring

* Fix getting-started link

* Drop stray comments

* Ensure kv engine enabled for v1.1.0 doctests

* Fix formatting

jeffwecan and others added some commits Mar 29, 2019

Merge pull request hvac#417 from jeffwecan/revert_regression
Revert "Fix recovery_threshold / recovery_shares conditional"
Eugene Toder
Actually do not install tests
In hvac#294 `tests` directory was moved out from `hvac` with the intention to not
install tests into site-packages. However, find_packages() still finds and
installs it, this time as a top-level package. Pass it into exclude to really
skip it.

Same thing for `docs`.
Merge pull request hvac#418 from eltoder/dont-install-tests
Actually do not install tests
@mira-minarik

This comment has been minimized.

Copy link

commented on hvac/v1/__init__.py in 591f6d1 Apr 2, 2019

This line overrides url parameter value passed in call. It is very wrong when i am working with more vault servers.

This comment has been minimized.

Copy link
Collaborator

replied Apr 2, 2019

I'll take a look at what we can do to tweak things. I assume unsetting the VAULT_ADDR env var before instantiating this class when needed doesn't fit in your workflow?

This comment has been minimized.

Copy link

replied Apr 2, 2019

I also just got bitten by this, quite confusing and in contrast with the docs that do not mention that url will be silently ignored if VAULT_ADDR is also set

This comment has been minimized.

Copy link
Collaborator

replied Apr 4, 2019

FYI this behavior has been tweaked to at least allow explicit arguments to the url parameter to take precedence over the VAULT_ADDR env var (if that env var isn't set, the previous default is used. if the env var is set and you want to use the previous default, update your Client() call to Client(url='http://localhost:8200'). Those changes were released on hvac v0.8.2 and tracked as part of #421 -> #423.

(As an aside, please feel free to file a new GitHub issue for new bugs / issues introduced in this module. Comments on commits, such as in this case, run the risk of not receiving the visibility they deserve.)

This comment has been minimized.

Copy link

replied Apr 9, 2019

Thank you for a quick response. The fixed version is right for us.

We use this in puppet agent scripts to replicate KV stores and policies. Manual startup (with predefined root's environment) and regular scheduled execution had surprisingly different results ;)

andytumelty and others added some commits Apr 3, 2019

Fix precedence of `VAULT_ADDR` environment variable vs client `url` p…
…arameter

Fixes hvac#421.

The vault CLI priorities the `-address` flag over the `VAULT_ADDR`
environment variable. This commit aligns hvac to that behaviour.
Merge pull request hvac#423 from andytumelty/develop
Fix priority of client url and VAULT_ADDR environment variable

@jsporna jsporna merged commit 3dd9f3e into jsporna:develop Apr 4, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.