Commit Graph

10933 Commits

Author SHA1 Message Date
Matt Keeler 228da48f5d
Minor Non-Functional Updates (#7215)
* Cleanup the discovery chain compilation route handling

Nothing functionally should be different here. The real difference is that when creating new targets or handling route destinations we use the router config entries name and namespace instead of that of the top level request. Today they SHOULD always be the same but that may not always be the case. This hopefully also makes it easier to understand how the router entries are handled.

* Refactor a small bit of the service manager tests in oss

We used to use the stringHash function to compute part of the filename where things would get persisted to. This has been changed in the core code to calling the StringHash method on the ServiceID type. It just so happens that the new method will output the same value for anything in the default namespace (by design actually). However, logically this filename computation in the test should do the same thing as the core code itself so I updated it here.

Also of note is that newer enterprise-only tests for the service manager cannot use the old stringHash function at all because it will produce incorrect results for non-default namespaces.
2020-02-05 10:06:11 -05:00
John Cowen 279cd874cc
ui: Ensure KV flags are passed through to Consul on update (#7216)
* ui: always pass KV flags through on update

* ui: Integration test to prove the flags queryParams gets passed through

* ui: Add Flags to the KV updating acceptance tests
2020-02-05 09:37:45 +00:00
Freddy cb77fc6d01
Add managed service provider token (#7218)
Stubs for enterprise-only ACL token to be used by managed service providers.
2020-02-04 13:58:56 -07:00
Kenia 773b092a64
ui: Add ability to search nodes listing page with IP Address (#7204)
* Update search field placeholder to display `Search`

* Add an acceptance test to search node listings with node name and IP Address

* Update and add unit tests for filter/search node listing with IP Address
2020-02-04 10:45:25 -05:00
Hans Hasselberg f6ec8ed92b
agent: increase watchLimit to 8192. (#7200)
The previous value was too conservative and users with many instances
were having problems because of it. This change increases the limit to
8192 which reportedly fixed most of the issues with that.

Related: #4984, #4986, #5050.
2020-02-04 13:11:30 +01:00
Paul Banks df8db89f65
Update CHANGELOG.md 2020-02-03 17:24:44 +00:00
Paul Banks 5642805f1c
Update CHANGELOG.md 2020-02-03 17:21:27 +00:00
Hans Hasselberg fe49ea404d
build: update to golang 1.12.16 (#7153) 2020-02-03 18:20:03 +01:00
Paschalis Tsilias a335aa57c5
Expose Envoy's /stats for statsd agents (#7173)
* Expose Envoy /stats for statsd agents; Add testcases

* Remove merge conflict leftover

* Add support for prefix instead of path; Fix docstring to mirror these changes

* Add new config field to docs; Add testcases to check that /stats/prometheus is exposed as well

* Parametrize matchType (prefix or path) and value

* Update website/source/docs/connect/proxies/envoy.md

Co-Authored-By: Paul Banks <banks@banksco.de>

Co-authored-by: Paul Banks <banks@banksco.de>
2020-02-03 17:19:34 +00:00
R.B. Boyer 6404967034
add 'make go-mod-tidy' to serially run tidy on all submodules in the correct order (#7179)
- also make go-mod-tidy a dependency of update-vendor
2020-02-03 10:12:26 -06:00
Anudeep Reddy b5b4226d4f
[docs] Enabling connect requires server restarts (#6904) 2020-02-03 09:58:12 -06:00
Kenia c706089c9f
ui: Hides the Routing tab for a service proxy (#7195)
* Adds conditional in route to not make discovery-chain request if service kind is equal to `connect-proxy` or `mesh-gateway`

* Adds conditional in template to not show Routing tab if `chain` returns as null

* Creates a new acceptance test to test the Routing tab not being displayed for a service proxy

* Adds `tabs` to the services/show page object
2020-02-03 10:09:15 -05:00
Matt Keeler dfb0177dbc
Testing updates to support namespaced testing of the agent/xds… (#7185)
* Various testing updates to support namespaced testing of the agent/xds package

* agent/proxycfg package updates to support better namespace testing
2020-02-03 09:26:47 -05:00
Mohammad Gufran 47cc162ca3
docs: add Flightpath to the list of community tools (#7176) 2020-02-03 13:16:21 +01:00
Stuart Williams 3eb76691df
docs: rate limiting applies to Consul agents in server mode (#6932) 2020-02-03 13:10:47 +01:00
Chris Arcand d40b9f3501
docs: update available Sentinel imports (#6920) 2020-02-03 11:44:25 +01:00
Hans Hasselberg 649ffcb66f
memberlist: vendor v0.1.6 to pull in new state: stateLeft (#7184) 2020-02-03 11:02:13 +01:00
Michael Hofer 4ab3af0ede
docs: add missing Autopilot -min-quorum documentation (#7192) 2020-02-03 10:59:53 +01:00
Blake Covarrubias e158922615 Fix org name in Helm chart's imageEnvoy description
Update the description for the Helm chart's connectInject.imageEnvoy
parameter to reflect the correct organization name for images published by
EnvoyProxy.io.
2020-02-03 01:46:58 -08:00
Davor Kapsa 3cb4def563
auto_encrypt: check previously ignored error (#6604) 2020-02-03 10:35:11 +01:00
Alexandru Matei 5a6e602b86
docs: add detailed documentation about Health Checking specific service using the gRPC method (#6574) 2020-02-03 10:19:06 +01:00
Lars Lehtonen 699d1b2acb
cli: check previously ignored errors when updating a policy (#6565) 2020-02-03 10:14:30 +01:00
Fouad Zaryouh ef6399928d
api: add replace-existing-checks param to the api package (#7136) 2020-02-03 10:11:40 +01:00
Anthony Scalisi 1565351a5c
docs: fix typos, IDs are UUIDs, /acl/token endpoints manage ACL tokens (#5736) 2020-02-03 09:41:54 +01:00
hashicorp-ci 1f62d5c9ce Release v1.7.0-beta4 2020-01-31 21:38:38 +00:00
hashicorp-ci 1fcf4bfc10 update bindata_assetfs.go 2020-01-31 21:38:38 +00:00
Sarah Christoff 92f64892ab
Revert "Update question.md" (#7183) 2020-01-31 13:45:05 -06:00
Matt Keeler d1fcf1e950
Add replace directive to prevent contacting istio.io during the… (#7194)
They keep having TLS handshake timeouts. Its pointed at github instead.
2020-01-31 13:57:54 -05:00
Matt Keeler 004be6450c
Update CHANGELOG.md 2020-01-31 11:56:34 -05:00
Matt Keeler 884cf1628b
Update CHANGELOG.md 2020-01-31 11:51:00 -05:00
Matt Keeler c14866204c
Update CHANGELOG.md 2020-01-31 11:24:48 -05:00
Hans Hasselberg 5531678e9e
Security fixes (#7182)
* Mitigate HTTP/RPC Services Allow Unbounded Resource Usage

Fixes #7159.

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
Co-authored-by: Paul Banks <banks@banksco.de>
2020-01-31 11:19:37 -05:00
Matt Keeler d5f9268222
ACL enforcement for the agent/health/services endpoints (#7191)
ACL enforcement for the agent/health/services endpoints
2020-01-31 11:16:24 -05:00
R.B. Boyer 18a1626d79 update changelog 2020-01-31 10:13:40 -06:00
R.B. Boyer cf29bd4dcf
cli: improve the file safety of 'consul tls' subcommands (#7186)
- also fixing the signature of file.WriteAtomicWithPerms
2020-01-31 10:12:36 -06:00
Kenia b9e023dfe1
ui: Adds an acceptance test for hiding Blocking Queries (#7162)
* Adds an acceptance test for hiding Blocking Queries

* Creates a new scenario - If a user adds CONSUL_UI_DISABLE_REALTIME to localStorage, the Blocking Queries section is hidden.

* Updates page assertion to accept functions and booleans as properties

* ui: Fix "don't see" step to watch for the different pageObject error

ember-cli-page object seems to throw a an error with a different message
depending on how you call a function:

currentPage()[property]() // message = 'Element not found'

const prop = currentPage()[property];
prop() // message = 'Something about destructuring'

This changes the step/test/assertion to ensure we check for both types of errors

Co-authored-by: John Cowen <johncowen@users.noreply.github.com>
2020-01-31 10:12:22 -05:00
Matt Keeler d8c0be2c84
agent: add ACL enforcement to the v1/agent/health/service/* endpoints
This adds acl enforcement to the two endpoints that were missing it.

Note that in the case of getting a services health by its id, we still
must first lookup the service so we still "leak" information about a
service with that ID existing. There isn't really a way around it though
as ACLs are meant to check service names.
2020-01-31 09:57:38 -05:00
Matt Keeler 3a46e1d15f
Make PatchSliceOfMaps case insensitive
This fixes some case-sensitivity issues with using camel case in configuration files.
2020-01-31 09:56:02 -05:00
John Cowen 7f786d809e
ui: Actually remove CI parallelism (#7190) 2020-01-31 14:47:39 +00:00
John Cowen d5b6f3095e
ui: Move CI to use the Makefile for testing (+ tmporary removal of exam) (#7188)
* ui: Move CI to use the Makefile for testing (+ tmporary removal of exam)

* ui: make a specific test-ci target as we are using --path dist

--path dist looks for a previous build to test against, in CI this
exists as we run a build first, but locally potentially this dist folder
doesn't
2020-01-31 14:12:35 +00:00
John Cowen f45880bffe
ui: Fix sticky nspace menu (#7164)
* ui: Fix typo expanded > ariaExpanded

* ui: Add the things we need to test this

* ui: Add tests for testing the menu closes when clicked

* ui: Ensure the aria-menu closes on route change
2020-01-31 14:11:46 +00:00
Kenia 1b74a68780
Update CHANGELOG.md 2020-01-31 09:09:02 -05:00
Kenia bf492d2678
Merge pull request #7177 from hashicorp/ui-staging
ui: UI Release Merge (ui-staging merge)
2020-01-30 16:08:35 -05:00
Hans Hasselberg 83aeabd748
Add 1.6.3 2020-01-30 21:01:08 +01:00
John Cowen a8504802db
ui: Split splitter names in the discovery-chain (#7180)
Previous to 1.7 splitter names didn't include the namespace name

i.e. 'service-name'

as of 1.7 they now include the namespace

i.e. 'service-name.namespace'

This commit take account of that
2020-01-30 19:08:45 +00:00
Sarah Christoff fbb9120894
[docs] Clarify retry-join (#7078) 2020-01-30 12:52:58 -06:00
Matt Keeler 6855a778c2
Updates to the Txn API for namespaces (#7172)
* Updates to the Txn API for namespaces

* Update agent/consul/txn_endpoint.go

Co-Authored-By: R.B. Boyer <rb@hashicorp.com>

Co-authored-by: R.B. Boyer <public@richardboyer.net>
2020-01-30 13:12:26 -05:00
John Cowen 3eec5edadf
ui: Discovery-Chain: Cope with some edge case configs (#7174)
* ui: Discovery-Chain: Cope with redirects that have failovers

We found a few stranger configurations for discovery-chain, one of which
was redirects that can then failover.

We altered the parsing here to include 2 passes, one to organize the
nodes into resolvers and children/subsets based on the nodes themselves, which
includes adding the failovers to resolvers and subsets.

We then do a second pass which can more reliably figure out whether a
target is a redirect or a failover (target failovers don't have a
corresponding node), this then adds the redirect children to the already
exising resolver (from the first pass) and then checks if the redirect
also has failovers and adds those if so.

* ui: Check to see if we have a user configured default route or not

...if we don't add one so the visualization looks complete
2020-01-30 16:09:05 +00:00
Sarah Christoff 74c277f5e1
Update question.md (#6778) 2020-01-30 08:09:37 -06:00
Matt Keeler cf27dff62f
Add some better waits to prevent CA is nil test flakes (#7171) 2020-01-29 22:23:11 -05:00