diff --git a/acl/acl.go b/acl/acl.go index 72a2e78f2f..1b3a3ba10f 100644 --- a/acl/acl.go +++ b/acl/acl.go @@ -603,7 +603,7 @@ func (p *PolicyACL) NodeWrite(name string, scope sentinel.ScopeFn) bool { pr := rule.(PolicyRule) switch pr.aclPolicy { case PolicyWrite: - return p.executeCodePolicy(&pr.sentinelPolicy, scope) + return true default: return false } @@ -686,7 +686,7 @@ func (p *PolicyACL) ServiceWrite(name string, scope sentinel.ScopeFn) bool { pr := rule.(PolicyRule) switch pr.aclPolicy { case PolicyWrite: - return p.executeCodePolicy(&pr.sentinelPolicy, scope) + return true default: return false } diff --git a/acl/policy.go b/acl/policy.go index c8b5a93bda..b8fc498b67 100644 --- a/acl/policy.go +++ b/acl/policy.go @@ -127,8 +127,6 @@ func isPolicyValid(policy string) bool { // isSentinelValid makes sure the given sentinel block is valid, and will skip // out if the evaluator is nil. func isSentinelValid(sentinel sentinel.Evaluator, basicPolicy string, sp Sentinel) error { - // TODO (slackpad) - Need a unit test for this. - // Sentinel not enabled at all, or for this policy. if sentinel == nil { return nil diff --git a/agent/consul/fsm_test.go b/agent/consul/fsm_test.go index 0fea8fc2bc..1e38557903 100644 --- a/agent/consul/fsm_test.go +++ b/agent/consul/fsm_test.go @@ -631,7 +631,6 @@ func TestFSM_SnapshotRestore(t *testing.T) { default: t.Fatalf("bad") } - } func TestFSM_BadRestore(t *testing.T) { diff --git a/agent/consul/helper_test.go b/agent/consul/helper_test.go index e0a3623d08..d19f2cfaeb 100644 --- a/agent/consul/helper_test.go +++ b/agent/consul/helper_test.go @@ -30,7 +30,7 @@ func waitForLeader(servers ...*Server) error { } // wantPeers determines whether the server has the given -// number of raft peers. +// number of voting raft peers. func wantPeers(s *Server, peers int) error { n, err := s.numPeers() if err != nil { diff --git a/api/operator_area.go b/api/operator_area.go index 7b0e461e96..a630b694cd 100644 --- a/api/operator_area.go +++ b/api/operator_area.go @@ -25,6 +25,10 @@ type Area struct { // RetryJoin specifies the address of Consul servers to join to, such as // an IPs or hostnames with an optional port number. This is optional. RetryJoin []string + + // UseTLS specifies whether gossip over this area should be encrypted with TLS + // if possible. + UseTLS bool } // AreaJoinResponse is returned when a join occurs and gives the result for each @@ -100,6 +104,27 @@ func (op *Operator) AreaCreate(area *Area, q *WriteOptions) (string, *WriteMeta, return out.ID, wm, nil } +// AreaUpdate will update the configuration of the network area with the given ID. +func (op *Operator) AreaUpdate(areaID string, area *Area, q *WriteOptions) (string, *WriteMeta, error) { + r := op.c.newRequest("PUT", "/v1/operator/area/"+areaID) + r.setWriteOptions(q) + r.obj = area + rtt, resp, err := requireOK(op.c.doRequest(r)) + if err != nil { + return "", nil, err + } + defer resp.Body.Close() + + wm := &WriteMeta{} + wm.RequestTime = rtt + + var out struct{ ID string } + if err := decodeBody(resp, &out); err != nil { + return "", nil, err + } + return out.ID, wm, nil +} + // AreaGet returns a single network area. func (op *Operator) AreaGet(areaID string, q *QueryOptions) ([]*Area, *QueryMeta, error) { var out []*Area diff --git a/command/snapshot_command.go b/command/snapshot_command.go index 01e57987e9..ac57f6787e 100644 --- a/command/snapshot_command.go +++ b/command/snapshot_command.go @@ -40,9 +40,12 @@ Usage: consul snapshot [options] [args] $ consul snapshot inspect backup.snap + Run a daemon process that locally saves a snapshot every hour (available only in + Consul Enterprise) : + + $ consul snapshot agent For more examples, ask for subcommand help or view the documentation. - ` return strings.TrimSpace(helpText) }