Commit Graph

11800 Commits

Author SHA1 Message Date
John Cowen 4bde23b9e9
Merge pull request #8080 from hashicorp/ui-staging
ui: UI Release Merge (1.8-beta-3: ui-staging merge)
2020-06-10 17:40:22 +01:00
John Cowen 2838f7a2e9
ui: Reduce discovery-chain log errors (#8065)
* ui: Reduce discovery-chain log spam

Currently the only way that the UI can know whether connect is enabled
or not is whether we get 500 errors from certain endpoints.

One of these endpoints we already use, so aswell as recovering from a
500 error, we also remember that connect is disabled for the rest of the
page 'session' (so until the page is refreshed), and make no further
http requests to the endpoint for that specific datacenter.

This means that log spam is reduced to only 1 log per page refresh/dc
instead of 1 log per service navigation.

Longer term we'll need some way to dynamically discover whether connect
is enabled per datacenter without relying on something that will add
error logs to consul.
2020-06-10 16:07:06 +01:00
Mike Wickett 8fab683389
Merge pull request #8076 from hashicorp/nq.basic-hero-tertiary-link-support
[Website] Support tertiary-styled third links
2020-06-10 10:47:40 -04:00
John Cowen db1ed14acf
ui: remove sort-control component (#8077)
This was never actually used
2020-06-10 14:27:21 +01:00
Noel Quiles 1dfbd384da Support tertiary-styled third links
Get the tertiary links to wrap below buttons

Adjust color/spacing of tertiary via override

Remove overrides, implement custom link

Extract arrow icon to file

Increase top margin for third link

Apply Brandon's fixes

Co-authored-by: Brandon Romano <BrandonRRomano@gmail.com>
2020-06-09 22:43:05 -07:00
Kyle Havlovitz 8342542f7a
Merge pull request #8075 from hashicorp/expose-cli-testfix
Fix a CLI test failure with namespaces in enterprise
2020-06-09 15:25:45 -07:00
Kyle Havlovitz 6fd3b25313 Fix a CLI test failure with namespaces in enterprise 2020-06-09 15:13:23 -07:00
Daniel Nephin 9132944e9a
Merge pull request #8071 from hashicorp/dnephin/update-vendor-2
Update google.golang.org/api and stretchr/testify
2020-06-09 17:56:03 -04:00
Chris Piraino 496e683360
Merge pull request #8064 from hashicorp/ingress/health-query-param
Add API query parameter ?ingress to allow users to find ingress gateways associated to a service
2020-06-09 16:08:28 -05:00
Daniel Nephin 98d271bee9 Update google.golang.org/api and stretchr/testify
To match the versions used in enterprise, should slightly reduce the
chances of getting a merge conflict when using `go.mod`.
2020-06-09 16:03:05 -04:00
Chris Piraino c1d329c5dd Remove TODO note about ingress API, it is done! 2020-06-09 14:58:30 -05:00
Chris Piraino 5e0cd7ede5 Remove unnecessary defer from api.health_test.go
We do not need to deregister services because every test gets its own
instance of the client agent and the tmp directories are all deleted at
the end.
2020-06-09 14:45:57 -05:00
Chris Piraino ca41f80493 Set connect or ingress boolean after checking for query param 2020-06-09 14:45:21 -05:00
Daniel Nephin 08f1ed16b4
Merge pull request #7900 from hashicorp/dnephin/add-linter-staticcheck-2
intentions: fix a bug in Intention.SetHash
2020-06-09 15:40:20 -04:00
Daniel Nephin 62a1125c7b
Merge pull request #8037 from hashicorp/dnephin/add-linter-staticcheck-5
ci: Enabled SA2002 staticcheck check
2020-06-09 15:31:24 -04:00
Daniel Nephin 27ba56f3cd
Merge pull request #8067 from hashicorp/dnephin/update-vendor-1
Update protobuf and golang.org/x/... vendor
2020-06-09 15:25:13 -04:00
Hans Hasselberg 242994a016
acl: do not resolve local tokens from remote dcs (#8068) 2020-06-09 21:13:09 +02:00
Kyle Havlovitz 0c8966220f
Merge pull request #8040 from hashicorp/ingress/expose-cli
Ingress expose CLI command
2020-06-09 12:11:23 -07:00
Daniel Nephin db74f09b6b Update protobuf and golang.org/x/... vendor
Partially extracted from #7547

Updates protobuf to the most recent in the 1.3.x series, and updates
golang.org/x/sys to a7d97aace0b0 because of https://github.com/shirou/gopsutil/issues/853
prevents updating to a more recent version.

This breaking change in x/sys also prevents us from getting a newer
version of x/net. In the future, if gopsutil is not patched,  we may want to run a fork version of
gopsutil so that we can update both x/net and x/sys.
2020-06-09 14:46:41 -04:00
Kyle Havlovitz e3a725c4e0 Always allow updating the exposed service and differentiate by namespace 2020-06-09 11:09:53 -07:00
Chris Piraino 4837069fe0 api: update api module with health.Ingress() method 2020-06-09 12:11:47 -05:00
Chris Piraino 3c037d9b96 Add ?ingress query parameter on /v1/health/connect
Refactor boolean query parameter logic from ?passing value to re-use
with ingress
2020-06-09 11:44:31 -05:00
Kenia 328874ad4f
ui: Reorder items in the Proxy Info tab (#8061) 2020-06-09 11:36:04 -04:00
Preetha 25fe12053a
Merge pull request #8056 from hashicorp/docs-helm-survey
Update banner.js to call out helm chart survey
2020-06-09 10:33:09 -05:00
Kenia 0ea5250cf6
ui: Reorder the tabs for Ingress/Terminating Gateway Service Detail page (#8060) 2020-06-09 11:02:13 -04:00
John Cowen aafbfa167c
ui: ConsulKind explanatory tooltip panels (#8048)
* ui: Add tooltip panels to ConsulKind
2020-06-09 11:10:14 +01:00
Preetha 62b894a2d6
fix link 2020-06-08 19:47:33 -05:00
Kyle Havlovitz edab5588d8 Add -host flag to expose command 2020-06-08 16:59:47 -07:00
Daniel Nephin c66c533d73
Merge pull request #7964 from hashicorp/dnephin/remove-patch-slice-of-maps-forward-compat
config: Use HookWeakDecodeFromSlice in place of PatchSliceOfMaps
2020-06-08 19:53:04 -04:00
Kyle Havlovitz 5958328552 Allow multiple listeners per service via expose command 2020-06-08 16:44:20 -07:00
Preetha 7983ab0fce
Update banner.js to call out helm chart survey 2020-06-08 17:34:38 -05:00
Daniel Nephin 75cbbe2702 config: add HookWeakDecodeFromSlice
Currently opaque config blocks (config entries, and CA provider config) are
modified by PatchSliceOfMaps, making it impossible for these opaque
config sections to contain slices of maps.

In order to fix this problem, any lazy-decoding of these blocks needs to support
weak decoding of []map[string]interface{} to a struct type before
PatchSliceOfMaps is replaces. This is necessary because these config
blobs are persisted, and during an upgrade an older version of Consul
could read one of the new configuration values, which would cause an error.

To support the upgrade path, this commit first introduces the new hooks
for weak decoding of []map[string]interface{} and uses them only in the
lazy-decode paths. That way, in a future release, new style
configuration will be supported by the older version of Consul.

This decode hook has a number of advantages:

1. It no longer panics. It allows mapstructure to report the error
2. It no longer requires the user to declare which fields are slices of
   structs. It can deduce that information from the 'to' value.
3. It will make it possible to preserve opaque configuration, allowing
   for structured opaque config.
2020-06-08 17:05:09 -04:00
Hans Hasselberg 98eea08d3b
Tokens converted from legacy ACLs get their Hash computed (#8047)
* Fixes #5606: Tokens converted from legacy ACLs get their Hash computed

This allows new style token replication to work for legacy tokens as well when they change.

* tests: fix timestamp comparison

Co-authored-by: Matt Keeler <mjkeeler7@gmail.com>
2020-06-08 21:44:06 +02:00
Chris Piraino 1a853fc954
Always require Host header values for http services (#7990)
Previously, we did not require the 'service-name.*' host header value
when on a single http service was exposed. However, this allows a user
to get into a situation where, if they add another service to the
listener, suddenly the previous service's traffic might not be routed
correctly. Thus, we always require the Host header, even if there is
only 1 service.

Also, we add the make the default domain matching more restrictive by
matching "service-name.ingress.*" by default. This lines up better with
the namespace case and more accurately matches the Consul DNS value we
expect people to use in this case.
2020-06-08 13:16:24 -05:00
Blake Covarrubias dd1e4ffd0d docs: Fix rendering of markdown on performance page
Fix issue with markdown not being rendered on /docs/install/performance.mdx.

Resolves #8049
2020-06-08 10:29:47 -07:00
Hans Hasselberg c7e6c9ebec
http: use default minsize for gzip handler. (#7354)
Fixes #6306
2020-06-08 10:10:08 +02:00
Hans Hasselberg 72f92ae7ca
agent: add option to disable agent cache for HTTP endpoints (#8023)
This allows the operator to disable agent caching for the http endpoint.
It is on by default for backwards compatibility and if disabled will
ignore the url parameter `cached`.
2020-06-08 10:08:12 +02:00
Krastin 9262d7a79a website: fix a link in docs/agent/options
fixing the link to gopsutil in the -disable-host-node-id option text body
2020-06-07 03:36:55 -07:00
Jeff Escalante 9977c1df80 a few more naming adjustments 2020-06-06 15:45:29 -04:00
Jeff Escalante f9051298c8 change page path, add redirect 2020-06-06 15:45:29 -04:00
Peter M 45f43476e8 Update Homepage Use Case Name and Link
resubmitting this PR to include a link change.
2020-06-06 15:45:29 -04:00
Peter M 8df640401b Updating NMA use case to reflect new name
Recently changed Network Middleware Automation use case to Network Infrastructure Automation, adding changes to the site to reflect this.
2020-06-06 15:00:03 -04:00
Kyle Havlovitz acae044df4 Document the namespace format for expose CLI command 2020-06-05 15:47:03 -07:00
Kyle Havlovitz ada9e2b3ab Add docs for expose command 2020-06-05 14:54:45 -07:00
Kyle Havlovitz b874c8ef0c Add connect expose CLI command 2020-06-05 14:54:29 -07:00
Daniel Nephin caa692deea ci: Enabled SA2002 staticcheck check
And handle errors in the main test goroutine
2020-06-05 17:50:11 -04:00
Hans Hasselberg 5281cb74db
Setup intermediate_pki_path on secondary when using vault (#8001)
Make sure to mount vault backend for intermediate_pki_path on secondary
dc.
2020-06-05 21:36:22 +02:00
Daniel Nephin ce6cc094a1 intentions: fix a bug in Intention.SetHash
Found using staticcheck.

binary.Write does not accept int types without a size. The error from binary.Write was ignored, so we never saw this error. Casting the data to uint64 produces a correct hash.

Also deprecate the Default{Addr,Port} fields, and prevent them from being encoded. These fields will always be empty and are not used.
Removing these would break backwards compatibility, so they are left in place for now.

Co-authored-by: Hans Hasselberg <me@hans.io>
2020-06-05 14:51:43 -04:00
R.B. Boyer fed7489a37
Use linkmode=external for the arm builds (#8029)
This gets around some issues regarding too large plt offsets when compiling with CGO

Co-authored-by: Matt Keeler <mjkeeler7@gmail.com>
2020-06-05 13:21:57 -05:00
John Cowen 439ae6b4bf
ui: Blocking with filtering intentions amends (#8027)
* ui: Now intentions use blocking queries invalidation isn't needed

* ui: Ensure reconciliation doesn't happen when filtering for intentions
2020-06-05 14:44:57 +01:00