From 216eb29d6b6c6a206efbcc1218ecfa8ed210b1c7 Mon Sep 17 00:00:00 2001 From: gaoxinge Date: Tue, 11 Feb 2020 17:13:31 +0800 Subject: [PATCH 1/9] tests: convert windows style path to posix style path to avoid hcl parsing error (#6351) --- agent/testagent.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/agent/testagent.go b/agent/testagent.go index c02fb6991c..65ba6008fc 100644 --- a/agent/testagent.go +++ b/agent/testagent.go @@ -149,6 +149,10 @@ func (a *TestAgent) Start() (err error) { if err != nil { return fmt.Errorf("Error creating data dir %s: %s", filepath.Join(TempDir, name), err) } + // Convert windows style path to posix style path + // to avoid illegal char escape error when hcl + // parsing. + d = filepath.ToSlash(d) hclDataDir = `data_dir = "` + d + `"` } From be35f68ec5c80e2e528d6b8038fc60a1d4731439 Mon Sep 17 00:00:00 2001 From: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com> Date: Tue, 11 Feb 2020 03:28:48 -0600 Subject: [PATCH 2/9] docs: adding note to ACL rules page for intentions. (#6569) --- website/source/docs/acl/acl-rules.html.md.erb | 1 + 1 file changed, 1 insertion(+) diff --git a/website/source/docs/acl/acl-rules.html.md.erb b/website/source/docs/acl/acl-rules.html.md.erb index bf73392703..b941ab1765 100644 --- a/website/source/docs/acl/acl-rules.html.md.erb +++ b/website/source/docs/acl/acl-rules.html.md.erb @@ -539,6 +539,7 @@ In addition to ACLs, in Consul 0.9.0 and later, the agent must be configured wit [`enable_local_script_checks`](/docs/agent/options.html#_enable_local_script_checks) set to `true` in order to enable script checks. +-> Note: [Intention privileges](/docs/connect/intentions.html#intention-management-permissions) are managed with service rules. #### Session Rules From 895a8a43b2054e786098441acdf169c5e294d490 Mon Sep 17 00:00:00 2001 From: Blake Covarrubias Date: Tue, 11 Feb 2020 01:47:21 -0800 Subject: [PATCH 3/9] docs: document format for TTL values in Consul config (#6693) --- website/source/docs/agent/options.html.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/website/source/docs/agent/options.html.md b/website/source/docs/agent/options.html.md index 74c90b94e0..61859bebec 100644 --- a/website/source/docs/agent/options.html.md +++ b/website/source/docs/agent/options.html.md @@ -565,6 +565,12 @@ default will automatically work with some tooling. #### Configuration Key Reference +-> **Note:** All the TTL values described below are parsed by Go's `time` package, and have the following +[formatting specification](https://golang.org/pkg/time/#ParseDuration): "A +duration string is a possibly signed sequence of decimal numbers, each with +optional fraction and a unit suffix, such as '300ms', '-1.5h' or '2h45m'. +Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'." + * `acl` - This object allows a number of sub-keys to be set which controls the ACL system. Configuring the ACL system within the ACL stanza was added in Consul 1.4.0 From 68e0f6bf84a411cce49e9392e3dbb020a9c146b6 Mon Sep 17 00:00:00 2001 From: ShimmerGlass Date: Tue, 11 Feb 2020 10:50:18 +0100 Subject: [PATCH 4/9] agent: add server raft.{last,applied}_index gauges (#6694) These metrics are useful for : * Tracking the rate of update to the db * Allow to have a rough idea of when an index originated --- agent/consul/server.go | 2 +- agent/consul/session_ttl.go | 10 ++++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/agent/consul/server.go b/agent/consul/server.go index 4b592ac944..579eedab45 100644 --- a/agent/consul/server.go +++ b/agent/consul/server.go @@ -543,7 +543,7 @@ func NewServerLogger(config *Config, logger hclog.InterceptLogger, tokens *token } // Start the metrics handlers. - go s.sessionStats() + go s.updateMetrics() return s, nil } diff --git a/agent/consul/session_ttl.go b/agent/consul/session_ttl.go index 94c6409ce9..4afdc0e382 100644 --- a/agent/consul/session_ttl.go +++ b/agent/consul/session_ttl.go @@ -130,14 +130,16 @@ func (s *Server) clearAllSessionTimers() { s.sessionTimers.StopAll() } -// sessionStats is a long running routine used to capture -// the number of active sessions being tracked -func (s *Server) sessionStats() { +// updateMetrics is a long running routine used to uddate a +// number of server periodic metrics +func (s *Server) updateMetrics() { for { select { - case <-time.After(5 * time.Second): + case <-time.After(time.Second): metrics.SetGauge([]string{"session_ttl", "active"}, float32(s.sessionTimers.Len())) + metrics.SetGauge([]string{"raft", "applied_index"}, float32(s.raft.AppliedIndex())) + metrics.SetGauge([]string{"raft", "last_index"}, float32(s.raft.LastIndex())) case <-s.shutdownCh: return } From dda4e9c902608c573547068e7ee0cdbc3a7c0ac2 Mon Sep 17 00:00:00 2001 From: Hans Hasselberg Date: Tue, 11 Feb 2020 10:53:57 +0100 Subject: [PATCH 5/9] Small readme changes. --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4d0ba82747..e01187b16c 100644 --- a/README.md +++ b/README.md @@ -41,13 +41,13 @@ contacting us at security@hashicorp.com. A few quick start guides are available on the Consul website: -* **Standalone binary install:** https://www.consul.io/intro/getting-started/install +* **Standalone binary install:** https://learn.hashicorp.com/consul/getting-started/install.html * **Kubernetes install:** https://learn.hashicorp.com/consul/kubernetes/kubernetes-deployment-guide * **Minikube install:** https://learn.hashicorp.com/consul/kubernetes/minikube ## Documentation -Full, comprehensive documentation is viewable on the Consul website: +Full, comprehensive documentation is available on the Consul website: https://www.consul.io/docs From 26d706eecdebb9f577ca028ff70edf87bbf8cc8e Mon Sep 17 00:00:00 2001 From: Lars Lehtonen Date: Tue, 11 Feb 2020 01:57:50 -0800 Subject: [PATCH 6/9] monitor: fix dropped error (#7206) --- command/monitor/monitor.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/command/monitor/monitor.go b/command/monitor/monitor.go index 655a7d3ddf..a9aa06e09f 100644 --- a/command/monitor/monitor.go +++ b/command/monitor/monitor.go @@ -64,6 +64,10 @@ func (c *cmd) Run(args []string) int { eventDoneCh := make(chan struct{}) if c.logJSON { logCh, err = client.Agent().MonitorJSON(c.logLevel, eventDoneCh, nil) + if err != nil { + c.UI.Error(fmt.Sprintf("Error starting JSON monitor: %s", err)) + return 1 + } } logCh, err = client.Agent().Monitor(c.logLevel, eventDoneCh, nil) if err != nil { From 1cd85ab2435e2ccd6b4548d504c409c9a3b0790b Mon Sep 17 00:00:00 2001 From: Nicole Forrester Date: Tue, 11 Feb 2020 04:59:14 -0500 Subject: [PATCH 7/9] website: bump middleman version (#7254) --- website/Gemfile | 2 +- website/Gemfile.lock | 38 +++++++++++++++++++------------------- website/Makefile | 2 +- 3 files changed, 21 insertions(+), 21 deletions(-) diff --git a/website/Gemfile b/website/Gemfile index 928dcea377..f4cbda7f21 100644 --- a/website/Gemfile +++ b/website/Gemfile @@ -1,3 +1,3 @@ source "https://rubygems.org" -gem "middleman-hashicorp", "0.3.41" +gem "middleman-hashicorp", "0.3.43" diff --git a/website/Gemfile.lock b/website/Gemfile.lock index c45dc4ea6a..f64934d194 100644 --- a/website/Gemfile.lock +++ b/website/Gemfile.lock @@ -6,12 +6,12 @@ GEM minitest (~> 5.1) thread_safe (~> 0.3, >= 0.3.4) tzinfo (~> 1.1) - autoprefixer-rails (9.6.1) + autoprefixer-rails (9.7.4) execjs bootstrap-sass (3.4.1) autoprefixer-rails (>= 5.2.1) sassc (>= 2.0.0) - builder (3.2.3) + builder (3.2.4) capybara (2.4.4) mime-types (>= 1.16) nokogiri (>= 1.3.3) @@ -41,7 +41,7 @@ GEM erubis (2.7.0) eventmachine (1.2.7) execjs (2.7.0) - ffi (1.11.1) + ffi (1.12.2) haml (5.1.2) temple (>= 0.8.0) tilt @@ -50,7 +50,7 @@ GEM uber (~> 0.0.14) http_parser.rb (0.6.0) i18n (0.7.0) - json (2.1.0) + json (2.3.0) kramdown (1.17.0) listen (3.0.8) rb-fsevent (~> 0.9, >= 0.9.4) @@ -78,7 +78,7 @@ GEM rack (>= 1.4.5, < 2.0) thor (>= 0.15.2, < 2.0) tilt (~> 1.4.1, < 2.0) - middleman-hashicorp (0.3.41) + middleman-hashicorp (0.3.43) bootstrap-sass (~> 3.3) builder (~> 3.2) middleman (~> 3.4) @@ -98,13 +98,13 @@ GEM middleman-syntax (3.2.0) middleman-core (>= 3.2) rouge (~> 3.2) - mime-types (3.2.2) + mime-types (3.3.1) mime-types-data (~> 3.2015) - mime-types-data (3.2019.0331) + mime-types-data (3.2019.1009) mini_portile2 (2.4.0) - minitest (5.11.3) - multi_json (1.13.1) - nokogiri (1.10.4) + minitest (5.14.0) + multi_json (1.14.1) + nokogiri (1.10.7) mini_portile2 (~> 2.4.0) padrino-helpers (0.12.9) i18n (~> 0.6, >= 0.6.7) @@ -112,18 +112,18 @@ GEM tilt (>= 1.4.1, < 3) padrino-support (0.12.9) activesupport (>= 3.1) - rack (1.6.11) + rack (1.6.12) rack-livereload (0.3.17) rack rack-test (1.1.0) rack (>= 1.0, < 3) rb-fsevent (0.10.3) - rb-inotify (0.10.0) + rb-inotify (0.10.1) ffi (~> 1.0) redcarpet (3.5.0) - rouge (3.9.0) + rouge (3.15.0) sass (3.4.25) - sassc (2.1.0-x86_64-linux) + sassc (2.2.1) ffi (~> 1.9) sprockets (2.12.5) hike (~> 1.2) @@ -135,14 +135,14 @@ GEM sprockets-sass (1.3.1) sprockets (~> 2.0) tilt (~> 1.1) - temple (0.8.1) - thor (0.20.3) + temple (0.8.2) + thor (1.0.1) thread_safe (0.3.6) tilt (1.4.1) - turbolinks (5.2.0) + turbolinks (5.2.1) turbolinks-source (~> 5.2) turbolinks-source (5.2.0) - tzinfo (1.2.5) + tzinfo (1.2.6) thread_safe (~> 0.1) uber (0.0.15) uglifier (2.7.2) @@ -155,7 +155,7 @@ PLATFORMS ruby DEPENDENCIES - middleman-hashicorp (= 0.3.41) + middleman-hashicorp (= 0.3.43) BUNDLED WITH 1.17.3 diff --git a/website/Makefile b/website/Makefile index 9eb38205d5..f9f6310cd8 100644 --- a/website/Makefile +++ b/website/Makefile @@ -1,4 +1,4 @@ -VERSION?="0.3.41" +VERSION?="0.3.43" # The volume mounting steps are a way to exclude all the consul docs from being built # in the Consul site build process while still including the index.html page that points From de62daf38698e93dff25df16dcf8610ace5eb04a Mon Sep 17 00:00:00 2001 From: Nuno Adrego <55922671+nunoadrego@users.noreply.github.com> Date: Tue, 11 Feb 2020 10:03:28 +0000 Subject: [PATCH 8/9] docs: changed the return value from null to empty JSON list, when a session does not exist (#7232) --- website/source/api/session.html.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/source/api/session.html.md b/website/source/api/session.html.md index a8ae034eaf..47ca8f95e6 100644 --- a/website/source/api/session.html.md +++ b/website/source/api/session.html.md @@ -209,7 +209,7 @@ $ curl \ ] ``` -If the session does not exist, `null` is returned instead of a JSON list. +If the session does not exist, an empty JSON list `[]` is returned. ## List Sessions for Node From 7538599730be9a1758db6fbf48f30d282414c999 Mon Sep 17 00:00:00 2001 From: Alvin Huang <17609145+alvin-huang@users.noreply.github.com> Date: Tue, 11 Feb 2020 10:04:52 -0500 Subject: [PATCH 9/9] [skip ci] add windows signing to changelog (#7260) --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f08f84a86e..637b9be27b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ NOTES: +* cli: Our Windows 32-bit and 64-bit executables for this version and up will be signed with a HashiCorp certificate. Windows users will no longer see a warning about an "unknown publisher" when running our software. + * cli: Our darwin releases for this version and up will be signed and notarized according to Apple's requirements. Prior to this release, MacOS 10.15+ users attempting to run our software may see the error: "'consul' cannot be opened because the developer cannot be verified." This error affected all MacOS 10.15+ users who downloaded our software directly via web browsers, and was caused by changes to [Apple's third-party software requirements](https://developer.apple.com/news/?id=09032019a).