Commit Graph

8317 Commits

Author SHA1 Message Date
Mitchell Hashimoto 8c713e6104
connect/proxy: don't require proxy ID 2018-06-14 09:42:20 -07:00
Mitchell Hashimoto cd39f09693
agent: leaf endpoint accepts name, not service ID
This change is important so that requests can made representing a
service that may not be registered with the same local agent.
2018-06-14 09:42:20 -07:00
Mitchell Hashimoto a69e3087b2
command/intention: address comment feedback 2018-06-14 09:42:20 -07:00
Mitchell Hashimoto 1906fe1c0d
agent: address feedback 2018-06-14 09:42:20 -07:00
Mitchell Hashimoto be82b94f81
command/intention/create: -replace does an atomic change 2018-06-14 09:42:20 -07:00
Mitchell Hashimoto 3a6a750972
api: IntentionUpdate API 2018-06-14 09:42:20 -07:00
Mitchell Hashimoto 6a82e78cb4
command/intention/match 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto 8ffca97596
command/intention/delete: tests 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto 88639b802c
command/intention/check: check tests 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto 971b3c06a1
command/intention/get: tests 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto 66deffafbb
command/intention/match 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto a083870872
command/intentions/check 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto dba937847f
command/intention/create: -replace flag, jank, we should change to PUT 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto 888dc78180
command/intentions/delete 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto f27711a319
api: IntentionDelete + tests 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto 272211e171
command/intention/get: the get command without tests 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto 988d7d984a
command/intention/finder: package for finding based on src/dst 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto 961e9c1eaf
command/intention/create 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto a5ecdc5798
api: IntentionCheck 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto 0accfc1628
agent: rename test to check 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto d1c21a8629
agent: implement HTTP endpoint 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto 2a29679e9d
agent/consul: forward request if necessary 2018-06-14 09:42:17 -07:00
Mitchell Hashimoto 54ac5adb08
agent: comments to point to differing logic 2018-06-14 09:42:17 -07:00
Mitchell Hashimoto d68462fca6
agent/consul: implement Intention.Test endpoint 2018-06-14 09:42:17 -07:00
Paul Banks a80559e439
Make invalid clusterID be fatal 2018-06-14 09:42:17 -07:00
Paul Banks f6673ce164
Make Service logger log to right place again 2018-06-14 09:42:17 -07:00
Paul Banks 0bfffc92f2
Make connect client resolver resolve trust domain properly 2018-06-14 09:42:17 -07:00
Paul Banks 140f3f5a44
Fix logical conflicts with CA refactor 2018-06-14 09:42:17 -07:00
Paul Banks c58d47ba59
Fix broken api test for service Meta (logical conflict rom OSS). Add test that would make this much easier to catch in future. 2018-06-14 09:42:17 -07:00
Paul Banks f4b8e8c96d
Add default CA config back - I didn't add it and causes nil panics 2018-06-14 09:42:17 -07:00
Paul Banks 1228a5839a
Ooops remove the CA stuff from actual server defaults and make it test server only 2018-06-14 09:42:16 -07:00
Paul Banks 7c7c858a9a
More test cleanup 2018-06-14 09:42:16 -07:00
Paul Banks 4aeab3897c
Fixed many tests after rebase. Some still failing and seem unrelated to any connect changes. 2018-06-14 09:42:16 -07:00
Paul Banks bc07ff4983
Comment cleanup 2018-06-14 09:42:16 -07:00
Paul Banks 1722734313
Verify trust domain on /authorize calls 2018-06-14 09:42:16 -07:00
Paul Banks b4803eca59
Generate CSR using real trust-domain 2018-06-14 09:42:16 -07:00
Paul Banks 622a475eb1
Add CSR signing verification of service ACL, trust domain and datacenter. 2018-06-14 09:42:16 -07:00
Paul Banks c1f2025d96
Return TrustDomain from CARoots RPC 2018-06-14 09:42:15 -07:00
Kyle Havlovitz e00088e8ee
Rename some of the CA structs/files 2018-06-14 09:42:15 -07:00
Kyle Havlovitz 6e9f1f8acb
Add more metadata to structs.CARoot 2018-06-14 09:42:15 -07:00
Kyle Havlovitz 627aa80d5a
Use provider state table for a global serial index 2018-06-14 09:42:15 -07:00
Kyle Havlovitz 988510f53c
Add test for ca config http endpoint 2018-06-14 09:42:15 -07:00
Kyle Havlovitz de72834b8c
Move connect CA provider to separate package 2018-06-14 09:42:15 -07:00
Mitchell Hashimoto 4f3b5647e5
agent/cache: change uint8 to uint 2018-06-14 09:42:15 -07:00
Mitchell Hashimoto fc5508f8a3
agent/cache: string through attempt rather than storing on the entry 2018-06-14 09:42:15 -07:00
Mitchell Hashimoto cfcd733609
agent/cache: implement refresh backoff 2018-06-14 09:42:14 -07:00
Mitchell Hashimoto bc605a1576
agent/consul: change provider wait from goto to a loop 2018-06-14 09:42:14 -07:00
Mitchell Hashimoto c8b65217c3
agent/consul: check nil on getCAProvider result 2018-06-14 09:42:14 -07:00
Mitchell Hashimoto 9b3495dddb
agent/consul: retry reading provider a few times 2018-06-14 09:42:14 -07:00
Mitchell Hashimoto e54e69d11f
agent: verify local proxy tokens for CA leaf + tests 2018-06-14 09:42:14 -07:00