status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-02-05 10:24:46 +00:00
Code Issues Projects Releases Wiki Activity
13,817 Commits 445 Branches 179 Tags 489 MiB
Commit Graph

2974 Commits

Author SHA1 Message Date
freddygv
0da8702f34 PR comments 2021-03-17 16:18:56 -06:00
freddygv
bf96d536d9 Upstreams loop is only for prepared queries and they are not CentrallyConfigured 2021-03-17 15:32:52 -06:00
freddygv
8a062e1546 Handle prepared queries in Upstreams loop and escape hatches in disco chain loop 2021-03-17 15:17:43 -06:00
freddygv
ce964f8ea5 Update xds for transparent proxy 2021-03-17 13:40:49 -06:00
freddygv
a54d6a9010 Update proxycfg for transparent proxy 2021-03-17 13:40:39 -06:00
freddygv
37f684664d Do not include consul as upstream or downstream 2021-03-17 13:40:04 -06:00
freddygv
3f2489c31d Refactor makePublicListener 
By accepting a name the function can be used for other inbound listeners,
like the one for TransparentProxy.
 2021-03-16 19:22:26 -06:00
freddygv
7892964a0c Add cache-type for Internal.IntentionUpstreams 2021-03-16 11:06:47 -06:00
freddygv
942334b208 Prefix match type vars to match use 2021-03-16 09:49:24 -06:00
freddygv
4cb9fdc27f Pass txn into service list queries 2021-03-16 09:33:08 -06:00
freddygv
86ff9065c1 Pass txn into intention match queries 2021-03-16 08:03:52 -06:00
freddygv
31e757de2a Replace CertURI.Authorize() calls. 
AuthorizeIntentionTarget is a generalized version of the old function,
and can be evaluated against sources or destinations.
 2021-03-15 18:06:04 -06:00
freddygv
f5ed751c91 Fixup typo, comments, and regression 2021-03-15 17:50:47 -06:00
freddygv
08759e46ed Add RPC endpoint for intention upstreams 2021-03-15 08:50:35 -06:00
freddygv
08737fa606 Add state store function for intention upstreams 2021-03-15 08:50:35 -06:00
freddygv
3722ce2fff Refactor IntentionDecision 
This enables it to be called for many upstreams or downstreams of a
service while only querying intentions once.

Additionally, decisions are now optionally denied due to L7 permissions
being present. This enables the function to be used to filter for
potential upstreams/downstreams of a service.
 2021-03-15 08:50:35 -06:00
freddygv
d80e4b27b1 Update content hash due to new field 2021-03-11 19:59:19 -07:00
freddygv
682f357185 Fixup more tests 2021-03-11 16:26:55 -07:00
freddygv
756ab4c546 Fixup protobufs and tests 2021-03-11 14:58:59 -07:00
freddygv
df1f3995f8 Update service manager to store centrally configured upstreams 2021-03-11 11:37:21 -07:00
freddygv
6fd30d0384 Add TransparentProxy opt to proxy definition 2021-03-11 11:37:21 -07:00
freddygv
306ef7d252 Restore old escape hatch alias 2021-03-11 11:36:35 -07:00
freddygv
e3dc2a49df Turn Limits and PassiveHealthChecks into pointers 2021-03-11 11:04:40 -07:00
freddygv
acec711a6a Update server-side config resolution and client-side merging 2021-03-10 21:05:11 -07:00
freddygv
1710ec87d2 finish moving UpstreamConfig and related fields to structs pkg 2021-03-10 21:04:13 -07:00
freddygv
87cde19b4c Create new types for service-defaults upstream cfg 2021-03-08 22:10:27 -07:00
hashicorp-ci
35daee45bc auto-updated agent/uiserver/bindata_assetfs.go from commit 308e5a480 2021-03-08 12:28:15 +00:00
R.B. Boyer
398b766532
xds: default to speaking xDS v3, but allow for v2 to be spoken upon request (#9658) 
- Also add support for envoy 1.17.0
 2021-02-26 16:23:15 -06:00
Daniel Nephin
6b95e8dfe2
Merge pull request #9188 from hashicorp/dnephin/more-streaming-tests 
Add more streaming tests
 2021-02-26 12:36:55 -05:00
Daniel Nephin
566efad2e7
Merge pull request #9759 from hashicorp/dnephin/streaming-default-rpc-enabled 
streaming: default rpc.enable_streaming to true
 2021-02-26 12:08:00 -05:00
Daniel Nephin
5c8a6311b6
Merge pull request #9703 from pierresouchay/streaming_tags_and_case_insensitive 
Streaming filter tags + case insensitive lookups for Service Names
 2021-02-26 12:06:26 -05:00
Daniel Nephin
55add28725 catalog_events: set the right key for connect snapshots 
Add a test for catalog_event snapshot on connect topic
 2021-02-25 14:30:39 -05:00
Daniel Nephin
432dd2d204 consul: Add integration tests of streaming. 
Restored from streaming-rpc-final branch.

Co-authored-by: Paul Banks <banks@banksco.de>
 2021-02-25 14:30:39 -05:00
Daniel Nephin
b7f8e3bad2 state: Add a test for ServiceHealthSnapshot 2021-02-25 14:08:10 -05:00
Daniel Nephin
1d2d15b1e1 agent: add a test for streaming in the service health endpoint 
Co-authored-by: Paul Banks <banks@banksco.de>
 2021-02-25 14:08:10 -05:00
Daniel Nephin
3aec942b17 streaming: default rpc.enable_streaming to true 
So that all servers will start the grpc server used by streaming
 2021-02-25 14:06:04 -05:00
hashicorp-ci
b76dfa1441 auto-updated agent/uiserver/bindata_assetfs.go from commit 779f7f7b6 2021-02-25 09:41:02 +00:00
John Cowen
5892e75452
ui: Remove any trailing fullstop/period DNS characters from Gateways UI API (#9752) 
Previous to this commit, the API response would include Gateway
Addresses in the form `domain.name.:8080`, which due to the addition of
the port is probably not the expected response.

This commit rightTrims any `.` characters from the end of the domain
before formatting the address to include the port resulting in
`domain.name:8080`
 2021-02-25 09:34:47 +00:00
R.B. Boyer
be89557fb4
test: omit envoy golden test files that differ from the latest version (#9807) 
Since we currently do no version switching this removes 75% of the PR
noise.

To generate all *.golden files were removed and then I ran:

    go test ./agent/xds -update
 2021-02-24 14:04:31 -06:00
hashicorp-ci
f0872a4ac1 auto-updated agent/uiserver/bindata_assetfs.go from commit f9b0e50ca 2021-02-24 09:08:42 +00:00
hashicorp-ci
1413e9ddca auto-updated agent/uiserver/bindata_assetfs.go from commit 8b12d0d09 2021-02-23 09:02:41 +00:00
R.B. Boyer
3b6ffc447b
xds: remove deprecated usages of xDS (#9602) 
Note that this does NOT upgrade to xDS v3. That will come in a future PR.

Additionally:

- Ignored staticcheck warnings about how github.com/golang/protobuf is deprecated.
- Shuffled some agent/xds imports in advance of a later xDS v3 upgrade.
- Remove support for envoy 1.13.x but don't add in 1.17.x yet. We have to wait until the xDS v3 support is added in a follow-up PR.

Fixes #8425
 2021-02-22 15:00:15 -06:00
R.B. Boyer
a0d26430cc
connect: if the token given to the vault provider returns no data avoid a panic (#9806) 
Improves #9800
 2021-02-22 14:08:49 -06:00
hashicorp-ci
02fe20ec25 auto-updated agent/uiserver/bindata_assetfs.go from commit 2c2e9d1ce 2021-02-22 14:58:06 +00:00
Daniel Nephin
b1d3c8002b
Merge pull request #9683 from hashicorp/dnephin/fix-zombie-service-dereg 
local: use agent token to deregister services
 2021-02-19 18:56:40 -05:00
Daniel Nephin
8a5163b184 local: default to the agent token instead of the user token 
When de-registering in anti-entropy sync, when there is no service or
check token.

The agent token will fall back to the default (aka user) token if no agent
token is set, so the existing behaviour still works, but it will prefer
the agent token over the user token if both are set.

ref: https://www.consul.io/docs/agent/options#acl_tokens

The agent token seems more approrpiate in this case, since this is an
"internal operation", not something initiated by the user.
 2021-02-19 18:35:08 -05:00
Daniel Nephin
1f9247677b
Merge pull request #9763 from hashicorp/dnephin/cache-warn-on-error-in-notify 
cache: log a warning when Cache.Notify handles an error
 2021-02-19 18:30:36 -05:00
R.B. Boyer
39effd620c
xds: only try to create an ipv6 expose checks listener if ipv6 is supported by the kernel (#9765) 
Fixes #9311

This only fails if the kernel has ipv6 hard-disabled. It is not sufficient to merely not provide an ipv6 address for a network interface.
 2021-02-19 14:38:43 -06:00
hashicorp-ci
21713f1b73 auto-updated agent/uiserver/bindata_assetfs.go from commit 8263879e6 2021-02-19 16:48:03 +00:00
hashicorp-ci
087247967c auto-updated agent/uiserver/bindata_assetfs.go from commit 7be21a902 2021-02-18 18:37:38 +00:00