Commit Graph

16946 Commits

Author SHA1 Message Date
Mark Anderson 5590da2732 Fixup dropped SecretID usage
Looks like something got munged at some point. Not sure how it slipped in, but my best guess is that because TestTxn_Apply_ACLDeny is marked flaky we didn't block merge because it failed.

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-03-22 21:20:03 -07:00
Jared Kirschner 4f1bfeaf33
Merge pull request #12523 from Petenerd/patch-1
Update install.mdx
2022-03-22 16:43:06 -04:00
Dhia Ayachi 72a997242b
split `pbcommon` to `pbcommon` and `pbcommongogo` (#12587)
* mogify needed pbcommon structs

* mogify needed pbconnect structs

* fix compilation errors and make config_translate_test pass

* add missing file

* remove redundant oss func declaration

* fix EnterpriseMeta to copy the right data for enterprise

* rename pbcommon package to pbcommongogo

* regenerate proto and mog files

* add missing mog files

* add pbcommon package

* pbcommon no mog

* fix enterprise meta code generation

* fix enterprise meta code generation (pbcommongogo)

* fix mog generation for gogo

* use `protoc-go-inject-tag` to inject tags

* rename proto package

* pbcommon no mog

* use `protoc-go-inject-tag` to inject tags

* add non gogo proto to make file

* fix proto get
2022-03-22 16:30:00 -04:00
Dan Upton f8e2e3c710
streaming: emit events when Connect CA Roots change (#12590)
OSS sync of enterprise changes at 614f786d
2022-03-22 19:13:59 +00:00
FFMMM a7e5ee005a
factor out recording func, add unit tests (#12585)
Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
2022-03-22 09:31:54 -07:00
Dan Upton 7298967070
Restructure gRPC server setup (#12586)
OSS sync of enterprise changes at 0b44395e
2022-03-22 12:40:24 +00:00
FFMMM e5ebc47a94
pre register new rpc metric, rename metric (#12582) 2022-03-21 17:26:32 -07:00
Michael Wilkerson 69c10dfcba
Merge pull request #12584 from hashicorp/fix-cts-http-addr-var
updated docs
2022-03-21 15:06:58 -07:00
Michael Wilkerson 8178c38d9b updated docs 2022-03-21 13:01:39 -07:00
Jared Kirschner 93df22f768
Merge pull request #12580 from hashicorp/docs/results-filtered-by-acl-awareness
docs: mention filtered by ACLs in affected APIs
2022-03-21 12:59:59 -04:00
Jared Kirschner ca2afce5d6 docs: mention filtered by ACLs in affected APIs 2022-03-21 09:06:45 -07:00
Jared Kirschner bea07bd6e7
Merge pull request #12489 from hashicorp/docs/results-filtered-by-acl-awareness-coordinate
docs: mention filtered by ACLs in coordinate API
2022-03-19 16:17:08 -04:00
Jared Kirschner 1f9ca248e1 docs: add filtered by ACLs header curl example 2022-03-18 15:47:08 -07:00
Jared Kirschner 109ffcda26 docs: mention filtered by ACLs in coordinate API 2022-03-18 15:47:08 -07:00
David Yu 15a2204fe4
docs: Correction on rotating gossip key order per DC (#12579)
* docs: Correction on rotating gossip key order per DC
2022-03-18 14:51:11 -07:00
David Yu a1110845df
docs: consul-k8s Change "Consul Connect Service Mesh" to "Consul Service Mesh" (#12577) 2022-03-18 12:31:29 -07:00
David Yu 55e864d125
docs: Consul K8s Overview update (#12575)
* docs: Consul K8s Overview update

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-03-18 12:01:41 -07:00
Mark Anderson fa63aed1fa
Add source of authority annotations to the PermissionDeniedError output. (#12567)
This extends the acl.AllowAuthorizer with source of authority information.

The next step is to unify the AllowAuthorizer and ACLResolveResult structures; that will be done in a separate PR.

Part of #12481

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-03-18 10:32:25 -07:00
David Yu 858e05e7d7
docs: Consul Service Mesh overview - rename of title and K8s getting started (#12574)
* Consul Service Mesh overview - rename of title and K8s getting started

* reformat lines
2022-03-18 08:55:57 -07:00
Dan Upton b36d4e16b6
Support per-listener TLS configuration ⚙️ (#12504)
Introduces the capability to configure TLS differently for Consul's
listeners/ports (i.e. HTTPS, gRPC, and the internal multiplexed RPC
port) which is useful in scenarios where you may want the HTTPS or
gRPC interfaces to present a certificate signed by a well-known/public
CA, rather than the certificate used for internal communication which
must have a SAN in the form `server.<dc>.consul`.
2022-03-18 10:46:58 +00:00
Evan Culver e3e481022e
lib: add validation package + DNS label validation (#12535)
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
2022-03-17 18:31:28 -07:00
FFMMM db27ea3484
[sync oss] add net/rpc interceptor implementation (#12573)
* sync ent changes from 866dcb0667

Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>

* update oss go.mod

Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
2022-03-17 16:02:26 -07:00
Paul Glass 93c8750dbb
Merge pull request #12572 from hashicorp/pglass/fix-ecs-link
Fix broken link in ECS docs
2022-03-17 16:29:20 -05:00
Paul Glass 9140d3d1e9
Fix broken link in ECS docs 2022-03-17 14:42:49 -05:00
Jared Kirschner 6c84083307
Merge pull request #11821 from hashicorp/error-if-get-request-has-body
http: error if GET request has non-empty body
2022-03-16 18:34:27 -04:00
Jared Kirschner c73267f318 http: WARN if GET request has non-empty body
Give the user a hint that they might be doing something wrong if their GET
request has a non-empty body, which can easily happen using curl's
--data-urlencode if specifying request type via "--request GET" rather than
"--get". See https://github.com/hashicorp/consul/issues/11471.
2022-03-16 14:19:50 -07:00
Eric Haberkorn 56e85c3925
Merge pull request #12569 from hashicorp/remove-gogo-stdduration
Remove the stdduration gogo extension
2022-03-16 15:02:41 -04:00
Eric eea8300187 Remove the stdduration gogo extension 2022-03-16 12:12:29 -04:00
mrspanishviking 031e612bd8
Merge pull request #12566 from jbohanon/jbohanon-documentation
Update ui-visualization.mdx
2022-03-16 07:17:30 -07:00
Jacob ee78b5a380
Update ui-visualization.mdx 2022-03-16 10:08:22 -04:00
mrspanishviking 821fc7533f
Merge pull request #12561 from hashicorp/revert-12005-docs/agent-config
Revert "[Docs] Agent configuration hierarchy "
2022-03-15 16:16:13 -07:00
mrspanishviking 7180c99960
Revert "[Docs] Agent configuration hierarchy " 2022-03-15 16:13:58 -07:00
trujillo-adam e12a0d0835
Merge pull request #12005 from hashicorp/docs/agent-config
[Docs] Agent configuration hierarchy - This PR reorganizes the Consul agent configuration documentation. CLI configuration options and configuration file options are now on separate pages. Additionally, options have been grouped into related categories. The goal is to make the content more consumable and navigable from the TOC menu.
2022-03-15 15:34:07 -07:00
trujillo-adam 4151dc097a fixing merge conflicts part 3 2022-03-15 15:25:03 -07:00
trujillo-adam 9cc9122be8 fixed merge conflicts pt2 2022-03-15 14:01:24 -07:00
Eric Haberkorn e92dd9dc9a
Merge pull request #12556 from hashicorp/wire-up-serverless-patcher
Create and wire up the serverless patcher
2022-03-15 14:05:40 -04:00
Eric Haberkorn fc3c0f312c
Merge pull request #12557 from hashicorp/remove-healthcheck-gogo-stdduration
Remove Gogo Stdduration From the Healthcheck Protobufs
2022-03-15 13:20:49 -04:00
Eric 4e6b34725d Remove gogo stdduration from the healthcheck protobufs 2022-03-15 10:51:40 -04:00
Eric cf3e517d0e Create and wire up the serverless patcher 2022-03-15 10:12:57 -04:00
John Cowen 4b8cabce0d
ui: Overview UI Routing (#12493)
This PR adds routes and an initial landing page for the Cluster Overview page
2022-03-15 12:58:14 +00:00
John Cowen 65ea41a839
ui: DisclosureCard component (#12541) 2022-03-15 12:54:56 +00:00
John Cowen 5ab7e48862
ui: Native CSS Icon Composition (#12461)
This commit/PR beings to move away from using CSS preprocessing for our icons and towards using native CSS via native CSS property composition
2022-03-15 12:54:14 +00:00
trujillo-adam 76d55ac2b4 merging new hierarchy for agent configuration 2022-03-14 15:44:41 -07:00
John Cowen ee0e8bf500
ui: App-ify Lock Sessions (#12482)
This commit moves our in-app LockSessions code into an external 'app', which can theoretically be side-loaded but for now it just makes for good isolation/code hygiene.

Functionally, there is kind of one change here, and that is we only show the 'Lock Session' tab if you have permissions to see them. Currently as our UI authorization endpoint needs to be changed slightly to suit our usecase, you will always have permissions to see Lock Sessions as we hardcode the session:read to true (obvs this is a frontend thing, not a backend thing), so it doesn't really change anything from a user perspective.

Also added very bare docs while I was here.

Small note here, ideally we need to add the each individual tab depending on whether an 'app' is enabled or not instead of just permissions, ideally it would be done totally from The Outside rather than a can based conditional on the inside, just something else to be thinking about for the future.
2022-03-14 16:54:49 +00:00
Mark Anderson 676ea58bc4
Refactor config checks oss (#12550)
Currently the config_entry.go subsystem delegates authorization decisions via the ConfigEntry interface CanRead and CanWrite code. Unfortunately this returns a true/false value and loses the details of the source.

This is not helpful, especially since it the config subsystem can be more complex to understand, since it covers so many domains.

This refactors CanRead/CanWrite to return a structured error message (PermissionDenied or the like) with more details about the reason for denial.

Part of #12241

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-03-11 13:45:51 -08:00
Ashlee M Boyer b9a5e10aea
Merge pull request #12484 from hashicorp/docs-amb-fix-prometheus-link
docs: Fixing Prometheus link in docs/agent/telemetry
2022-03-11 16:37:17 -05:00
Ashlee M Boyer 70ab6215f5 Fixing Prometheus link in docs/agent/telemetry 2022-03-11 12:13:42 -08:00
Eric Haberkorn 862548baa7
Merge pull request #12547 from hashicorp/remove-gogo-getters
Remove the gogo Getters
2022-03-11 13:33:50 -05:00
Eric 0d34390656 Remove the gogo getters 2022-03-11 12:00:16 -05:00
Eric Haberkorn d59364fa7f
Merge pull request #12536 from hashicorp/add-serverless-config
Add the `connect.enable_serverless_plugin` configuration option
2022-03-11 09:39:36 -05:00