Commit Graph

10067 Commits

Author SHA1 Message Date
Matt Keeler dcc7f67b3e
Remove vendoring of github.com/hashicorp/consul (#5943) 2019-06-10 09:19:37 -04:00
Paul Banks ffcfdf29fc
Upgrade xDS (go-control-plane) API to support Envoy 1.10. (#5872)
* Upgrade xDS (go-control-plane) API to support Envoy 1.10.

This includes backwards compatibility shim to work around the ext_authz package rename in 1.10.

It also adds integration test support in CI for 1.10.0.

* Fix go vet complaints

* go mod vendor

* Update Envoy version info in docs

* Update website/source/docs/connect/proxies/envoy.md
2019-06-07 07:10:43 -05:00
Hans Hasselberg 4d9116d759
connect: provide -admin-access-log-path for envoy (#5858) 2019-06-07 11:26:43 +02:00
John Cowen cef378bc9b
ui: Upgrade js-yaml (#5926) 2019-06-06 22:21:25 +01:00
Chris Marchesi b7b1d77139 website: fix Sentinel time-of-day policy (#5930)
The policy in the time-of-day Sentinel example incorrectly references
the top-level time.hour constant. This is actually the same as the
time.Hour Go value, so in other words, 3600000000000 (the int64 value
representing the time in nanoseconds).

This is corrected by just using time.now.hour instead.
2019-06-06 14:31:54 -06:00
Nitish Alluri f3ae605bcb docs: update default grpc-addr value in connect envoy command (#5886)
* Update envoy.html.md.erb
2019-06-06 10:37:29 +02:00
John Cowen 685b89bdec
ui: Adds ability to search by policy, role or service ident names (#5811) 2019-06-05 09:25:32 +01:00
Jack Pearkes 2587a32688
website: add azure storage options for enterprise (#5920)
This documents the additional backup target for
the snapshot agent.

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>
2019-06-04 20:40:22 -05:00
John Cowen 174fcb557f
UI: Test readonly ServiceIdentity rules (#5865) 2019-06-04 17:55:10 +01:00
kaitlincarter-hc 8fe230fbac
[docs] Enterprise Landing Page (#5804)
* Updating enterprise landing page to be more clear about the licensing process.

* Update website/source/docs/enterprise/index.html.md

Co-Authored-By: Jack Pearkes <jackpearkes@gmail.com>

* Update website/source/docs/enterprise/index.html.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/enterprise/index.html.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/enterprise/index.html.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Updating based on Matt's feedback
2019-06-04 11:01:46 -05:00
John Cowen 9013e53ebc
ui: Ensures nested policy forms are reset properly (#5838)
1. All {{ivy-codemirror}} components need 'refreshing' when they become
visible via our own `didAppear` method on the `{{code-editor}}`
component

(also see:)
- https://github.com/hashicorp/consul/pull/4190#discussion_r193270223
- 73db111db8 (r225264296)

2. On initial investigation, it looks like the component we are using
for the code editor doesn't distinguish between setting its `value`
programatically and a `keyup` event, i.e. an interaction from the user.
We currently pretend that whenever its `value` changes, it is a `keyup`
event. This means that when we reset the `value` to `""`
programmatically for form resetting purposes, a 'pretend keyup' event
would also be fired, which would in turn kick off the validation, which
would fail and show an error message for empty values in other fields of
the form - something that is perfectly valid if you haven't typed
anything yet. We solved this by checking for `isPristine` on fields that
are allowed to be empty before you have typed anything.
2019-06-04 15:57:35 +01:00
John Cowen 8306b2f251
ui: Replaces destroyRecord with unloadRecord for KV 404's (#5837)
Just because Consul gives us a 404 this doesn't guarantee the KV doesn't
exist, it doesn't even mean we don't have access to it. Furthermore we
should never destroyRecord's without user interaction (therefore only via the
repo.delete method).

This switches destroyRecord to unloadRecord which performs the
additional legwork to keep ember-data in sync with the actual truth.

unloadRecord unloads the record from ember-data rather than sending an API
delete request, which would have been the intent here.
2019-06-04 15:56:20 +01:00
John Cowen 75e221d256
ui: ACL Policies. Catch all server errors (#5836)
Always show any server errors under Rules, not just invalid HCL
2019-06-04 15:53:10 +01:00
Matt Keeler 5f7494137a
Update CHANGELOG.md 2019-06-04 10:03:50 -04:00
Pierre Souchay 4a4c63bda0 Ensure Consul is IPv6 compliant (#5468) 2019-06-04 10:02:38 -04:00
Matt Keeler 2ba6c3ac00
Update links to envoy docs on xDS protocol (#5871) 2019-06-03 11:03:05 -05:00
Matt Keeler 57e1136b7e
Fix acl.enable_key_list to be acl.enable_key_list_policy in docs (#5907) 2019-06-03 09:31:02 -05:00
John Cowen 9ca416a7f5
ui: Upgrade fstream (#5912)
Bumps [fstream](https://github.com/npm/fstream) from 1.0.11 to 1.0.12.
- [Release notes](https://github.com/npm/fstream/releases)
- [Commits](npm/fstream@v1.0.11...v1.0.12)
2019-06-03 11:08:40 +01:00
R.B. Boyer 58c0c101af update changelog 2019-05-24 13:38:00 -05:00
R.B. Boyer 40336fd353
agent: fix several data races and bugs related to node-local alias checks (#5876)
The observed bug was that a full restart of a consul datacenter (servers
and clients) in conjunction with a restart of a connect-flavored
application with bring-your-own-service-registration logic would very
frequently cause the envoy sidecar service check to never reflect the
aliased service.

Over the course of investigation several bugs and unfortunate
interactions were corrected:

(1)

local.CheckState objects were only shallow copied, but the key piece of
data that gets read and updated is one of the things not copied (the
underlying Check with a Status field). When the stock code was run with
the race detector enabled this highly-relevant-to-the-test-scenario field
was found to be racy.

Changes:

 a) update the existing Clone method to include the Check field
 b) copy-on-write when those fields need to change rather than
    incrementally updating them in place.

This made the observed behavior occur slightly less often.

(2)

If anything about how the runLocal method for node-local alias check
logic was ever flawed, there was no fallback option. Those checks are
purely edge-triggered and failure to properly notice a single edge
transition would leave the alias check incorrect until the next flap of
the aliased check.

The change was to introduce a fallback timer to act as a control loop to
double check the alias check matches the aliased check every minute
(borrowing the duration from the non-local alias check logic body).

This made the observed behavior eventually go away when it did occur.

(3)

Originally I thought there were two main actions involved in the data race:

A. The act of adding the original check (from disk recovery) and its
   first health evaluation.

B. The act of the HTTP API requests coming in and resetting the local
   state when re-registering the same services and checks.

It took awhile for me to realize that there's a third action at work:

C. The goroutines associated with the original check and the later
   checks.

The actual sequence of actions that was causing the bad behavior was
that the API actions result in the original check to be removed and
re-added _without waiting for the original goroutine to terminate_. This
means for brief windows of time during check definition edits there are
two goroutines that can be sending updates for the alias check status.

In extremely unlikely scenarios the original goroutine sees the aliased
check start up in `critical` before being removed but does not get the
notification about the nearly immediate update of that check to
`passing`.

This is interlaced wit the new goroutine coming up, initializing its
base case to `passing` from the current state and then listening for new
notifications of edge triggers.

If the original goroutine "finishes" its update, it then commits one
more write into the local state of `critical` and exits leaving the
alias check no longer reflecting the underlying check.

The correction here is to enforce that the old goroutines must terminate
before spawning the new one for alias checks.
2019-05-24 13:36:56 -05:00
Freddy 6b31482333
Increase reliability of TestResetSessionTimerLocked_Renew 2019-05-24 13:54:51 -04:00
Hans Hasselberg 27f05b16a0
Update CHANGELOG.md 2019-05-24 16:51:44 +02:00
Pierre Souchay e892981418 agent: Improve startup message to avoid confusing users when no error occurs (#5896)
* Improve startup message to avoid confusing users when no error occurs

Several times, some users not very familiar with Consul get confused
by error message at startup:

  `[INFO] agent: (LAN) joined: 1 Err: <nil>`

Having `Err: <nil>` seems weird to many users, I propose to have the
following instead:

* Success: `[INFO] agent: (LAN) joined: 1`
* Error:   `[WARN] agent: (LAN) couldn't join: %d Err: ERROR`
2019-05-24 16:50:18 +02:00
Freddy 17e74985b0
Run TestServer_Expect on its own (#5890) 2019-05-23 19:52:33 -04:00
Freddy 6c19cacd42
Flaky test: ACLReplication_Tokens (#5891)
* Exclude non-go workflows while testing

* Wait for s2 global-management policy

* Revert "Exclude non-go workflows while testing"

This reverts commit 47a83cbe9f.
2019-05-23 19:52:02 -04:00
Freddy d4ea163b0b
Add retries to StatsFetcherTest (#5892) 2019-05-23 19:51:31 -04:00
Jack Pearkes 7e3cd36709 Putting source back into Dev Mode 2019-05-23 12:03:07 -07:00
Justin Weissig e36db4046a
docs: wording
Fixed wording: "will be resolve to the" -> "will be resolved to the".
2019-05-22 17:22:11 -07:00
Jack Pearkes 40cec98468
Release v1.5.1 2019-05-22 20:19:12 +00:00
Jack Pearkes ff899d689d Update CHANGELOG.md 2019-05-22 20:16:54 +00:00
Jack Pearkes 5a637318d8 Update CHANGELOG to include 1.4.5 release 2019-05-22 20:15:32 +00:00
Jack Pearkes 36ebca1fd0 Fix to prevent allowing recursive KV deletions when we shouldn’t 2019-05-22 20:13:30 +00:00
Kyle Havlovitz 5457bca10c
Update CHANGELOG.md 2019-05-22 09:54:10 -07:00
freddygv 5d7c257698 Revert "Exclude non-go workflows while testing"
This reverts commit 47a83cbe9f.
2019-05-21 19:17:39 -06:00
freddygv 40b809bce3 Wait for s2 global-management policy 2019-05-21 17:58:37 -06:00
freddygv 47a83cbe9f Exclude non-go workflows while testing 2019-05-21 17:13:13 -06:00
Freddy e9259ca97a
Change log line used for verification 2019-05-21 17:07:06 -06:00
Freddy d1c315fad9
Stop running TestLeader_ChangeServerID in parallel 2019-05-21 15:28:08 -06:00
Alvin Huang bb602bf719
exclude agent/proxyprocess tests since it will be removed in 1.6 (#5878) 2019-05-21 17:19:37 -04:00
Sarah Christoff d60f3c15f8
Merge pull request #5867 from hashicorp/bug/test-flaky-TestCoordinate_Node
Update type assertion logic
2019-05-21 14:56:05 -05:00
Sarah Christoff 32b5992d0f Add retries around `obj` 2019-05-21 13:36:52 -05:00
Sarah Christoff 73d73e0e20 Add retries to all `obj` 2019-05-21 13:31:37 -05:00
Paul Banks 2d47b28722
Envoy integration test improvements (#5797)
* Grab consul logs on integration test failures too and don't remove .gitignore

* Don't wipe logs so we have some artifacts to upload at the end
2019-05-21 14:17:41 +01:00
Sarah Christoff 2a018e5e0a
Update agent/coordinate_endpoint_test.go
Co-Authored-By: Freddy <freddygv@users.noreply.github.com>
2019-05-17 14:32:50 -05:00
Sarah Christoff b96d9b01bd Update type assertion logic
Logic updated to evaluate with a boolean after the type assertion.
This allows us to check if the type assertion succeeded and be
more clear with errors.
2019-05-17 13:32:36 -05:00
Alvin Huang f452de1c50
bump middleman-hashicorp to 0.3.40 and exclude guide rendering (#5847)
* bump middleman-hashicorp to 0.3.40 and exclude guide rendering

* add notes to Makefile for volume mounts hack PR#5847

* make note of the PR number in the comment
2019-05-17 14:07:25 -04:00
Alvin Huang c8dc8049c4
enable go tests (#5863) 2019-05-17 11:42:56 -04:00
John Cowen ee393e34fb
ui: Adds tick whilst editing the link template in the Settings area (#5820)
1. Amends our `base` animation placeholder to always reset
transition-duration. This has no effect on other components that are
already using this animation.
2. Adds a confirming class whenever a key is pressed, to show the green
tick. Uses CSS via `transition-delay` for debouncing.
2019-05-17 12:33:12 +01:00
Justin Weissig 8473fc1476 docs: Fixed typo: authorative/authoritative. 2019-05-16 15:52:32 -06:00
Jack Pearkes 45cdc80767 website: clarify removal for managed proxies (#5849)
We didn't end up removing these completely in 1.5.0. See also #5848.
2019-05-16 12:48:32 +01:00