- 880585b request auth token feature #PR112
- d8c795d go modules implementation #PR107
- 56f4c0f Bumped alpine to v3.12 in #PR105
- 2cad76b Fixed Github API Token
- 7654a3c Fix support for the ttl parameter
- e0b061f Add support for the ttl parameter for the PKI backend
- 7d13cc9 Fix lease expiration checks #PR96
- 8b7d3de Support custom login path for approle auth backend #PR68
- 0ae421a #93 from james-bjss/vault-sidekick
- 7742ca5 #84 from nested-tech/kv2
- 4439487 #85 from gmaliar/database-backend
- 784383a #86 from gmaliar/lease-duration-fix
- 41e729c #83 from luke-richardson/aws-credentials
- 35db490 #80 from kamsz/master
- cf44a88 #78 from cpick/gcp
- 678d5ee #77 from madjam002/ssh-resource-type
- 1b9cd5a #76 from dvulpe/master
- f21a8f5 #75 from roboll/roboll/token-file
- 72ffdbf #70 from avoidik/patch-1
- Added support for kubernetes authentication #PR68
- Added support for GCP/GCE Authentication #PR64
- Added support to pass arguments to the --command argument #PR65
- Added the ability to renew the vault token #PR61
- Add ability to set vault auth method via env var (
VAULT_AUTH_METHOD
). - Add aws-ec2 auth method to authenticate with the aws backend using ec2 authorization.
- Adding a jitter option to the resources
- Loading vault url from kubernetes vault auth file, exit if vault url is not set
- Added kubernetes-vault support
- Added onetime only mode via the one-shot option
- Added the 'retries' parameter to resources to allow optional maxRetries
- Added a mode option to the resource specification enabling secrets to set the file permissions
- Fixed a bug in the renewal time, when a resource does not have a custom update and the lease time is 0s
- Cleaned up some of the vetting issues
- Change the travis build to use golang v1.8.1
- Added a version flag -version and passing the gitsha in the version
- Updated the kubernete deployment files
BUGS
- Fixed the bundle format to produce four file, a bundle with cert+ca, and the FILENAME-ca.pem, FILENAME-key.pem, and the FILENAME.pem certificate
- Adding the ability to perform environment variable substituted of the resource path i.e. -resource=secret:/secrets/%ENV%/myset : %ENV% will substituted
- Adding the ability to create random secrets via the create option
- Adding an exec option to the control set, the command is called whenever a change is made on the resource with a condfigurable timeout (default to 60s) -cn=secret:platform/secrets/se2:fmt=yaml,exec=tests/runme.sh,update=1s
- Adding the ability to the perform raw queries to vault, the formatting stays the same - a single data key 'content' is returned, example: -cn=raw:platform/pki/ca/pem:fmt=txt,file=ca
- Fixed up a number of niggling issues
- Added the bundle format to pki paths can write a bundle private and certificate file and a separate ca file
- Added the env format which will create a environment variables file
- Adding comma separated list as resource arguments comes in the form | i.e. -cn=pki:platform/pki/issue/example-dot-com:common_name=blah.example.com,alt_names='me.example.com|ted.example.com'
- Note, because all params excluding the control options are passed as arguments to vault the arguments must be the same as those for vault, i.e. for pki cn -> common_name
- Fixed the formatting of values in various formats, i.e. %!s(bool=true)