status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-10 05:45:46 +00:00
Code Issues Projects Releases Wiki Activity
13,088 Commits 445 Branches 179 Tags 489 MiB
Commit Graph

376 Commits

Author SHA1 Message Date
Daniel Nephin
39b2a30c56 Merge pull request #9259 from hashicorp/dnephin/doc-streaming-experimental 
docs: mark streaming as experimental
 2020-11-23 21:14:08 +00:00
Sabeen Syed
97b26f19c7 Update NIA architecture image (#9180) 2020-11-23 07:49:17 +00:00
Kit Patella
6e607d7cd3 Merge pull request #9245 from hashicorp/telemetry/fix-missing-and-stale-docs 
Telemetry/fix missing and stale docs
 2020-11-20 20:55:45 +00:00
Freddy
4e44341d36 Require operator:write to get Connect CA config (#9240) 
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that operators with `operator:read` ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the `/v1/connect/ca/configuration` endpoint, including the private key. This allows the user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services. This would potentially allow them to masquerade (receive/send traffic) as any service in the mesh.

--

This PR increases the permissions required to read the Connect CA's private key when it was configured via the `/connect/ca/configuration` endpoint. They are now `operator:write`.
 2020-11-19 16:50:17 -07:00
Kit Patella
f3380b1c43 Merge pull request #9091 from scellef/correct-upgrade-guide 
Correcting text on when default was changed in Consul
 2020-11-19 00:55:51 +00:00
Mike Morris
c2c8528073 website: update download callout for v1.9.0-rc1 2020-11-18 18:38:06 -05:00
Mike Morris
54fcfec78c Merge branch 'stable-website' into website/1.9.0-rc1 2020-11-18 18:35:01 -05:00
Matt Keeler
1f0007d3f3 [docs] Change links to the DNS information to the right place (#8675) 
The redirects were working in many situations but some (INTERNALS.md) was not. This just flips everything over to using the real link.
 2020-11-17 15:03:27 +00:00
Luke Kysow
35191ac381 Docs for upgrading to CRDs (#9176) 
* Add Upgrading to CRDs docs
 2020-11-13 23:20:11 +00:00
Luke Kysow
9050263072 Docs for upgrading to CRDs (#9176) 
* Add Upgrading to CRDs docs
 2020-11-13 23:20:07 +00:00
Kyle Schochenmaier
4142a8b86a Docs: for consul-k8s health checks (#8819) 
* docs for consul-k8s health checks

Co-authored-by: Derek Strickland <1111455+DerekStrickland@users.noreply.github.com>
Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
 2020-11-12 22:57:09 +00:00
Kyle Schochenmaier
ba82eab3fb Docs: for consul-k8s health checks (#8819) 
* docs for consul-k8s health checks

Co-authored-by: Derek Strickland <1111455+DerekStrickland@users.noreply.github.com>
Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
 2020-11-12 22:57:05 +00:00
Nitya Dhanushkodi
246bb7123e Merge pull request #9179 from hashicorp/ndhanushkodi-patch-1 
Update Helm compatibility matrix
 2020-11-12 22:55:06 +00:00
Nitya Dhanushkodi
b6459fe725 Merge pull request #9179 from hashicorp/ndhanushkodi-patch-1 
Update Helm compatibility matrix
 2020-11-12 22:55:02 +00:00
R.B. Boyer
f815014432 agent: return the default ACL policy to callers as a header (#9101) 
Header is: X-Consul-Default-ACL-Policy=<allow|deny>

This is of particular utility when fetching matching intentions, as the
fallthrough for a request that doesn't match any intentions is to
enforce using the default acl policy.
 2020-11-12 16:39:16 +00:00
Paul Banks
b4cb9155d8
Update ui-visualization.mdx 2020-11-12 15:53:51 +00:00
Matt Keeler
1f4da2ae9d Add a CLI command for retrieving the autopilot configuration. (#9142) 2020-11-11 18:19:32 +00:00
Mike Morris
9c989fef4d
Merge pull request #9155 from hashicorp/release/1.9.0-beta3 
merge: 1.9.0-beta3
 2020-11-11 12:55:23 -05:00
Joel Watson
85595ab3ea docs: add warning in 0.9.0 upgrade notes 2020-11-11 14:24:45 +00:00
Mike Morris
e34b7d0b1b website: update callout to 1.9.0-beta3 2020-11-09 16:16:34 -05:00
Matt Keeler
f2dee21aca Add some autopilot docs and update the changelog (#9139) 2020-11-09 19:15:12 +00:00
Matt Keeler
8539565046 Merge pull request #9103 from hashicorp/feature/autopilot-mod 
Switch to using the external autopilot module
 2020-11-09 16:30:48 +00:00
Mike Morris
4f1d2a1c56 chore: upgrade to gopsutil/v3 (#9118) 
* deps: update golang.org/x/sys

* deps: update imports to gopsutil/v3

* chore: make update-vendor
 2020-11-07 01:49:01 +00:00
Paul Banks
ec31918507 UI Metrics documentation (#9048) 
* UI Metrics documentation

* Update website/pages/docs/connect/observability/ui-visualization.mdx

* Fix some review comments

* Fix review comments

* Apply suggestions from code review

Co-authored-by: R.B. Boyer <rb@hashicorp.com>

Co-authored-by: R.B. Boyer <rb@hashicorp.com>
 2020-11-06 20:33:08 +00:00
Kim Ngo
7489cacb52 Fix NIA doc links (#9110) 
fix config link and anchor
 2020-11-05 19:37:18 +00:00
Kim Ngo
a9af74d339 docs: Add links in CTS docs for the community to get involved (#9060) 2020-10-29 15:09:41 +00:00
Daniel Nephin
7b9ee25956
Merge pull request #9026 from hashicorp/dnephin/streaming-without-cache-query-param 
streaming: rename config and remove requirement for cache=1
 2020-10-28 12:33:25 -04:00
Daniel Nephin
62c9124011 docs: Add the new metrics to telemetry.mdx 2020-10-27 16:49:50 -04:00
Kevin Pruett
5637683f5d
Merge pull request #9021 from hashicorp/pruett.alertbanner-exp 
Expose `expirationDate` prop in <AlertBanner/>
 2020-10-26 16:08:23 -04:00
Kim Ngo
47009930a2
NIA: add Terraform version compatibility (#9023) 2020-10-26 09:46:34 -05:00
Daniel Nephin
853667e7d8 health: change the name of UseStreamingBackend config 
Remove it from the cache section, and update the docs.
 2020-10-23 17:47:01 -04:00
Kevin Pruett
6a946ec6e4
Expose expirationDate prop in <AlertBanner/> 2020-10-23 11:19:41 -04:00
James Light
5b10046418
Update managed-deprecated.mdx (#9016) 
fix typo / spell checker replacing w/ wrong word
 2020-10-23 10:54:16 -04:00
R.B. Boyer
a2c50d3303
connect: add support for envoy 1.16.0, drop support for 1.12.x, and bump point releases as well (#8944) 
Supported versions will be: "1.16.0", "1.15.2", "1.14.5", "1.13.6"
 2020-10-22 13:46:19 -05:00
Kim Ngo
8ffebeb793
NIA: document daemon exiting on task errors (#8985) 2020-10-22 13:22:55 -05:00
Blake Covarrubias
0c6d1ff3c9
Add extraEnvironmentVars and client.affinity to Helm values (#8997) 
Document client.extraEnvironmentVars, server.extraEnvironmentVars, and
client.affinity Helm chart values.

Remove deprecated connectInject.imageEnvoy and meshGateway.imageEnvoy
values.
 2020-10-21 23:28:39 -07:00
Blake Covarrubias
bdd5e1e2a8 docs: Remove sentence about pluggable CAs 
Consul's Connect CA documentation mentions future releases will
support a pluggable CA system. This sentence has existed in the docs
for over two years, however there are currently no plans to develop
this feature on the near-term roadmap.

This commit removes this sentence to avoid giving the impression that
this feature will be available in an upcoming release.
 2020-10-20 11:51:22 -07:00
Sabeen Syed
37cfa479d8
Update links (#8949) 2020-10-19 14:38:10 -05:00
Sabeen Syed
a3f8aa20dd
Add A10 and Checkpoint TF modules (#8950) 2020-10-15 16:11:09 -05:00
Luke Kysow
812fe06d6c
Update to CRD docs (#8956) 
* Update to CRD docs

* Update website/pages/docs/k8s/crds.mdx

* Modify proxy default and service default protocols

Carry over from previous PR that I forgot to submit a review/suggestion to, TCP and HTTP are not valid protocols for Proxy Defaults and Service Defaults

kubectl apply -f sdefault.yml
Error from server: error when creating "sdefault.yml": admission webhook "mutate-servicedefaults.consul.hashicorp.com" denied the request: servicedefaults.consul.hashicorp.com "your-service-name" is invalid: spec.expose.paths[0].protocol: Invalid value: "tcp": must be one of "http", "http2"


kubectl apply -f sdefault.yml
Error from server: error when creating "sdefault.yml": admission webhook "mutate-servicedefaults.consul.hashicorp.com" denied the request: servicedefaults.consul.hashicorp.com "your-service-name" is invalid: spec.expose.paths[0].protocol: Invalid value: "tcp": must be one of "http", "http2"

Co-authored-by: David Yu <dyu@hashicorp.com>
 2020-10-15 10:35:26 -07:00
Kit Patella
dc8beffb48 truncate jepsen.mdx log for length 2020-10-14 13:13:38 -07:00
R.B. Boyer
f0d47ded95
docs: all intention documentation updates (#8869) 2020-10-14 10:23:05 -05:00
Preetha
891c4026c1
Merge pull request #8920 from hashicorp/crd-docs 
CRD Docs
 2020-10-14 09:42:45 -05:00
Luke Kysow
3ba38fb4be
CRD docs 2020-10-13 17:00:24 -07:00
Luke Kysow
bfcd9a5ee3
Recommend using vault token auto-renew in 1.8.5 (#8945) 2020-10-13 16:18:19 -07:00
Peter M
05665e0b84
Add files via upload 
updating logo grid image
 2020-10-13 15:16:34 -07:00
Kyle Havlovitz
659c4fa941
Merge pull request #8943 from hashicorp/vault-renew-docs 
docs: Add a note about auto-renewing the Vault token
 2020-10-13 14:36:44 -07:00
Mike Morris
1b2518a358
website: add v1.9.0-beta1 download callout (#8939) 2020-10-13 17:33:49 -04:00
Kyle Havlovitz
2b0713b34d docs: Add a note about auto-renewing the Vault token 2020-10-13 14:25:42 -07:00
Paul Banks
f1fd722b81
Add ui metrics config docs (#8921) 
* Add ui metrics docs

* Update website/pages/docs/agent/options.mdx

Co-authored-by: R.B. Boyer <rb@hashicorp.com>

Co-authored-by: R.B. Boyer <rb@hashicorp.com>
 2020-10-13 22:11:12 +01:00