When scrubbing box urls of access token parameters, only return
the processed URL if the access token was removed. If it was not
removed, return the original URL string. This prevents issues with
local file URLs being parsed and replaced with invalid paths.
Fixes: #12340#12350#12320
Replace the `VAGRANT_ALLOW_PARAM_AUTH_TOKEN` environment variable
with `VAGRANT_SERVER_ACCESS_TOKEN_BY_URL` and update the behavior
when the environment variable is set to add the access token as
a query parameter and disable the addition of the authentication
header.
Fixes#12080
When uploading box file, check if the size is greater than
5GB. If the size is larger and the direct to storage option
is enabled, disable the option due to current 5GB restriction
on direct uploads.
Some client setup locations where not using the custom helper
method for the vagrant server URL value so they have been
updated. The api path is also appended if it is not set for
custom server URLs
This sets the `authenticate_box_url` hook as deprecated and also
disables the cloud auth middleware from adding an access token
as a URL parameter by default. An environment variable has been
added which can be used for re-enabling the access token URL
parameter behavior if required for some legacy system which does
not support the authorization header.
This PR is dependent on the 2.1.0 release of the vagrant_cloud
library. It updates the `cloud` command to use the new interface
for interacting with the Vagrant Cloud API. It also adds support
for direct to backend storage uploads, and defaults to this
method.
Also included is a bit of cleanup refactoring, addition of method
documentation, and fixing up some small issues around custom username
usage within the internal client for authentication.
This includes updates for resolving all warnings provided by Ruby
for deprecations and/or removed methods. It also enables support
for Ruby 2.7 in the specification constraint as all 2.7 related
warnings are resolved with this changeset.
Prior to this commit, if a user had recently checked for updates, there
was no way to force Vagrant to re-check without manually deleting a
state file in the local `.vagrant` data dir. This commit fixes that by
giving users the ability to force check for updates for a given box with
a flag to the `vagrant box outdated` command.
This commit changes the behavior of `vagrant box outdated --global` so
it gets the latest version for the current machine's provider, rather
than the latest version for any provider.
Prior to this commit, if a user didn't supply a box file on disk or a
box url, Vagrant would crash and display a stacktrace with an invalid
file. This commit fixes that by adding some extra handling around the
arguments supplied to the publish command.
This commit fixes the original #11027 fix, which assumed that the
hyper-v provider just wasn't properly getting a VM id when it listed
snapshots. In reality, it was just that if you invoke the
`with_target_vm` method with no arguments, it runs on the entire environment.
This meant that the capability snapshot_list attempted to be invoked on
machines that didn't exist yet, which is the original cause for why the
list_snapshot method did not recieve a vm ID. This commit fixes that by
simply skipping the machine if it does not yet exist.
Prior to this commit, if you tried to save a snapshot without giving it
a name, the hyper-v driver would not properly obtain a vm id to save a
snapshot on, resulting in an error. This commit updates the command
snapshot save to hold onto the machines ID in argv rather than `pop` it
off, so that the hyperv driver can obtain the guests id when saving a
snapshot.
Prior to this commit, if a user ran a `vagrant box update` on their
entire environment and one of the boxes did not have a metadata file,
the rest of the boxes in the update would be skipped. This commit fixes
that by ignoring those boxes and showng a warning, so that the rest of
the boxes could check for updates.
Prior to this commit, Vagrant would list all machine snapshots in a flat
list, without showing which snapshots were associated with which guests.
This commit fixes that by placing some separation to make it clear which
snapshots belong to which guests.
Prior to this commit, the AddAuthentication hooks still existed in a
deprecated class LoginCommand. This commit fixes that by moving it over
to the vagrant cloud cli namespace instead.
This fixes issues with box add/update when self hosting with client
certs. The --cert option was not being added to the curl subprocess
in these cases.
This PR adds support for running command passed via the --command
flag as elevated tasks. The option is only valid for commands and
not when setting up a remote session. Logic has also been adjusted
for when communicator restrictions are applied and test coverage
has been added.
