Commit Graph

6135 Commits

Author SHA1 Message Date
James Phillips 31a7701891 Updates memberlist to pick up Lifeguard research findings. (#3287)
See https://www.hashicorp.com/blog/making-gossip-more-robust-with-lifeguard/.
2017-07-17 12:54:17 -07:00
James Phillips e9c733eefb Update CHANGELOG.md 2017-07-17 12:50:53 -07:00
James Phillips e3aff86759 Update CHANGELOG.md 2017-07-17 12:50:33 -07:00
James Phillips fff0f9698f Prevents disabling gossip keyring file from disabling gossip encryption. (#3278) 2017-07-17 12:48:45 -07:00
James Phillips 164262ec40 Update CHANGELOG.md 2017-07-17 12:05:22 -07:00
James Phillips 1791d99a10 Adds new config to make script checks opt-in, updates documentation. (#3284) 2017-07-17 11:20:35 -07:00
James Phillips 74946ddde9 Fixes a broken link. 2017-07-17 00:07:34 -07:00
James Phillips 0a8c4df1e3 Update CHANGELOG.md 2017-07-17 00:02:27 -07:00
James Phillips a2604f7b5d Update CHANGELOG.md 2017-07-16 21:14:31 -07:00
James Phillips 780e68a753 Changes remote exec KV read to call GetTokenForAgent(). (#3283)
* Changes remote exec KV read to call GetTokenForAgent(), which can use
the acl_agent_token instead of the acl_token.

Fixes #3160.

* Fixes remote exec unit test with ACLs.

* Adds unhappy ACL path to unit tests for remote exec.
2017-07-16 21:12:16 -07:00
James Phillips 34dda65d71 Update CHANGELOG.md 2017-07-16 20:09:49 -07:00
James Phillips 1004d0ec0e Adds node read privileges to the acl_agent_master_token. (#3277)
Fixes #3113.
2017-07-16 20:08:26 -07:00
James Phillips e7789c6b84 Update CHANGELOG.md 2017-07-16 14:30:22 -07:00
Frank Schröder c001722848 azure: tag map can return nil (#3280)
Fixes #3193
2017-07-16 14:29:43 -07:00
James Phillips 75f6ad6518 Update CHANGELOG.md 2017-07-16 14:28:16 -07:00
Frank Schroeder 7b675f2710 vendor: drop unused dependencies 2017-07-15 14:35:20 -07:00
James Phillips ef4bfe598e Update CHANGELOG.md 2017-07-15 00:09:04 -07:00
James Phillips 218ac4cb1e Obfuscates ACL tokens appearing in /v1/acl/<verb>/<token> APIs. (#3276)
* Obfuscates ACL tokens appearing in /v1/acl APIs.

* Makes test positively identify the desired strings.

* Adds an example and explanation of the regular expression.
2017-07-15 00:07:08 -07:00
James Phillips 83d9f0f688 Update CHANGELOG.md 2017-07-14 20:45:07 -07:00
James Phillips 872cf9ff95 Changes ACL clone response to 403 if not authorized, or if token doesn't exist. (#3275)
Fixes #1113
2017-07-14 20:43:30 -07:00
Kyle Havlovitz dc3683b287 Update CHANGELOG.md 2017-07-14 17:53:44 -07:00
Kyle Havlovitz 0f02e4da52 Merge pull request #3274 from hashicorp/tls-area-docs
Add network area TLS setting to docs
2017-07-14 17:45:53 -07:00
Kyle Havlovitz 78c3a86405
Add TLS setting to router areas 2017-07-14 17:38:08 -07:00
James Phillips a61f71dc2e Update CHANGELOG.md 2017-07-14 17:32:09 -07:00
James Phillips 8d0a048408 Expands and rework context support in the API client. (#3273) 2017-07-14 17:30:08 -07:00
Kyle Havlovitz 090414db15
Add network area TLS setting to docs 2017-07-14 17:06:33 -07:00
James Phillips 86918be323
Sort tags so output is deterministic. 2017-07-14 17:00:08 -07:00
James Phillips 73452d48b2 Update CHANGELOG.md 2017-07-14 16:32:49 -07:00
James Bardin deb43fea6b accept recv-only channels for cancellations (#3271)
Cancellation channels are often derived from a Context, which
returns a directional `<-chan struct{}` from Done(). In order to use
this with parts of of the consul API, one is required to create a new
channel and dispatch a separate goroutine to watch for context
cancellation and close the new channel.

Changing the signature for the methods that take cancellation channels
will allow easier integration with existing uses of Context. Since the
cancellation pattern only reads from these channels, there should be no
backwards incompatibility with existing codebases, and most of the
methods already accept only the correct type.
2017-07-14 16:31:44 -07:00
Frank Schroeder 249b73c65b
vendor: github.com/Sirupsen -> github.com/sirupsen 2017-07-14 13:07:44 -07:00
Frank Schroeder c4b62ff37f
vendor: update github.com/fsouza/go-dockerclient
Update go-dockerclient and dependant dependencies
to add fix for go-dockerclient#622.

Fixes #3254
2017-07-14 13:07:44 -07:00
James Phillips 6ec04130f4 Update CHANGELOG.md 2017-07-14 12:51:35 -07:00
James Phillips f57382ff8d Update CHANGELOG.md 2017-07-14 12:51:19 -07:00
Seth Vargo afd83a9705 Add catalog CLI functions (#3204) 2017-07-14 12:45:08 -07:00
James Phillips a5461ce368 Update acl.html.md 2017-07-13 22:40:15 -07:00
James Phillips c3328f2e4c Update CHANGELOG.md 2017-07-13 22:39:03 -07:00
James Phillips 643bd65af5 Update CHANGELOG.md 2017-07-13 22:37:12 -07:00
James Phillips 0881e46111 Cleans up version 8 ACLs in the agent and the docs. (#3248)
* Moves magic check and service constants into shared structs package.

* Removes the "consul" service from local state.

Since this service is added by the leader, it doesn't really make sense to
also keep it in local state (which requires special ACLs to configure), and
requires a bunch of special cases in the local state logic. This requires
fewer special cases and makes ACL bootstrapping cleaner.

* Makes coordinate update ACL log message a warning, similar to other AE warnings.

* Adds much more detailed examples for bootstrapping ACLs.

This can hopefully replace https://gist.github.com/slackpad/d89ce0e1cc0802c3c4f2d84932fa3234.
2017-07-13 22:33:47 -07:00
wdevarshi 4f10cb6067 Update agent.html.md (#3266) 2017-07-13 22:30:10 -07:00
Frank Schroeder 9e83a034e3
build: run vet on make test 2017-07-11 16:16:57 -07:00
Frank Schroeder 4d4df3c69e
update .gitignore 2017-07-11 16:16:55 -07:00
James Phillips 3200aa03b0 Update CHANGELOG.md 2017-07-11 10:03:42 -07:00
Frank Schroeder 764dabfcf7
agent: fix go vet issue 2017-07-11 07:13:46 -07:00
preetapan 6f361f5ea0 Merge pull request #3258 from hashicorp/raft_library_update
Update raft library to pick up cleanup of temporary snapshot files
2017-07-11 08:25:15 -05:00
Preetha Appan c4e8dfe554 Update raft library to pick up cleanup of temporary snapshot files 2017-07-11 08:22:57 -05:00
James Phillips 947cc0d5e9 Adds a version note about block_endpoints config. 2017-07-10 13:56:02 -07:00
James Phillips f82703d016 Update CHANGELOG.md 2017-07-10 13:54:41 -07:00
James Phillips 66edec5dfd Adds the ability to blacklist specific HTTP endpoints. (#3252) 2017-07-10 13:51:25 -07:00
James Phillips 3d8ec60d2d Update CHANGELOG.md 2017-07-10 09:42:18 -07:00
James Phillips 7200b8cda8 UI cleanup follow up from #3245. (#3251)
* Removes unnecessary set for model component which will be null.

* Returns a 404 for a missing node, not a 200 with an empty response.

* Updates built-in web assets.
2017-07-10 09:40:00 -07:00