R.B. Boyer
6ba776b4f3
agent: protect the ui metrics proxy endpoint behind ACLs ( #9099 )
...
This ensures the metrics proxy endpoint is ACL protected behind a
wildcard `service:read` and `node:read` set of rules. For Consul
Enterprise these will need to span all namespaces:
```
service_prefix "" { policy = "read" }
node_prefix "" { policy = "read" }
namespace_prefix "" {
service_prefix "" { policy = "read" }
node_prefix "" { policy = "read" }
}
```
This PR contains just the backend changes. The frontend changes to
actually pass the consul token header to the proxy through the JS plugin
will come in another PR.
2020-11-04 12:50:03 -06:00
hashicorp-ci
a2315bc839
auto-updated agent/uiserver/bindata_assetfs.go from commit 0f6c0a5c1
2020-11-04 09:37:51 +00:00
John Cowen
0f6c0a5c13
ui: Metrics - Provide a fetch-like http client that automatically adds the current ACL token ( #9094 )
...
* Remove local httpGet and shim one in from options
* Add custom httpGet to pass through to provider
* Make a fetch wrapper that adds your token
* Pass the fetch like fetchWithToken wrapper through to the provider
* Fix up httpGet to encode query params again and use fetch-like
2020-11-04 09:33:37 +00:00
hashicorp-ci
1a5d4cfe43
auto-updated agent/uiserver/bindata_assetfs.go from commit d5d4155e1
2020-11-03 14:14:58 +00:00
John Cowen
d5d4155e1a
ui: Storybook Install ( #9049 )
...
* ui: Install storybook into the main project
* Add a basic story for a notice
* Remove empty dependencies
2020-11-03 14:09:39 +00:00
R.B. Boyer
44bd8bd2ae
use the docker proxy for more envoy integration test containers ( #9085 )
2020-11-02 14:52:33 -06:00
R.B. Boyer
957293d884
wait_for_namespace should take two args ( #9086 )
2020-11-02 14:31:19 -06:00
hashicorp-ci
738ff1801f
auto-updated agent/uiserver/bindata_assetfs.go from commit 56c2ff56e
2020-11-02 18:43:31 +00:00
Kenia
56c2ff56e4
ui: Update to not return metrics for ingress gateways ( #9081 )
2020-11-02 13:38:43 -05:00
Alvin Huang
ae6185a554
use hashicorp docker mirror in envoy helper ( #9080 )
2020-11-02 11:37:03 -06:00
R.B. Boyer
d7b37e3c6e
fix envoy integ test wait_for_namespace to actually work on CI ( #9082 )
2020-11-02 11:14:48 -06:00
hashicorp-ci
c28f489a9a
auto-updated agent/uiserver/bindata_assetfs.go from commit bf32a1799
2020-11-02 16:11:45 +00:00
John Cowen
bf32a17994
ui: Remove string casting when passing index/checked for dropmenus ( #9077 )
...
* ui: Remove string casting when passing index/checked
* Check for e.target
2020-11-02 16:07:08 +00:00
hashicorp-ci
907c4ad789
auto-updated agent/uiserver/bindata_assetfs.go from commit 314eeda95
2020-11-02 14:40:27 +00:00
John Cowen
314eeda957
ui: Use eslint vs ember-cli-lint, sass vs dart-sass ( #9078 )
...
These two dependency changes means that @hashicorp/pds-ember can be
installed and used without any build/dependency issues
2020-11-02 14:35:10 +00:00
Alvin Huang
ea88956c9c
use hashicorp docker mirror to prevent rate limit ( #9070 )
2020-10-30 17:59:13 -04:00
R.B. Boyer
a66c4591d7
agent: introduce path allow list for requests going through the metrics proxy ( #9059 )
...
Added a new option `ui_config.metrics_proxy.path_allowlist`. This defaults to `["/api/v1/query", "/api/v1/query_range"]` when the metrics provider is set to `prometheus`.
Requests that do not use one of the allow-listed paths (via exact match) get a 403 Forbidden response instead.
2020-10-30 16:49:54 -05:00
hashicorp-ci
b3bf1229ac
auto-updated agent/uiserver/bindata_assetfs.go from commit cf2cfbaf2
2020-10-30 15:27:01 +00:00
R.B. Boyer
cf2cfbaf2e
ui: make metrics work again ( #9072 )
...
Fixes regression from #9040
2020-10-30 10:21:57 -05:00
R.B. Boyer
fa4b0854fb
state: ensure we unblock intentions queries upon the upgrade to config entries ( #9062 )
...
1. do a state store query to list intentions as the agent would do over in `agent/proxycfg` backing `agent/xds`
2. upgrade the database and do a fresh `service-intentions` config entry write
3. the blocking query inside of the agent cache in (1) doesn't notice (2)
2020-10-29 15:28:31 -05:00
Daniel Nephin
e14a9a725e
Merge pull request #9068 from hashicorp/restore-test-signature
...
restore prior signature of test helper so enterprise compiles
2020-10-29 15:22:30 -04:00
R.B. Boyer
b24b4169e1
restore prior signature of test helper so enterprise compiles
2020-10-29 13:52:15 -05:00
hashicorp-ci
01dbf43fb1
auto-updated agent/uiserver/bindata_assetfs.go from commit 1d6961248
2020-10-29 18:33:41 +00:00
Mike Morris
1d6961248c
ui: Update node_modules deps path in GNUMakefile ( #9066 )
...
Updates `node_modules` path/makefile target to fix top-level `make ui` command.
2020-10-29 13:28:55 -05:00
Daniel Nephin
afad68c033
Merge pull request #9025 from hashicorp/dnephin/streaming-options
...
streaming: Use a no-op event publisher if streaming is disabled
2020-10-29 13:36:51 -04:00
s-christoff
79ce24e9fc
cli: Add JSON and Pretty Print formatting for `consul snapshot inspect` ( #9006 )
2020-10-29 11:31:14 -05:00
Kim Ngo
a670f7a098
docs: Add links in CTS docs for the community to get involved ( #9060 )
2020-10-29 10:07:20 -05:00
Daniel Nephin
3dfb7c224b
stream: Use a no-op event publisher if streaming is disabled
2020-10-28 13:54:19 -04:00
Daniel Nephin
bc07901527
Merge pull request #9058 from hashicorp/dnephin/fix-broken-github-workflow
...
Remove the workflow file
2020-10-28 13:11:36 -04:00
Daniel Nephin
06888839d6
Remove the workflow file
...
The comment out file causes github to send us error emails on every commit
2020-10-28 13:09:29 -04:00
Daniel Nephin
23eee604c9
store: use a ReadDB for snapshots
...
to remove the cyclic dependency between the snapshot handlers and the state.Store
2020-10-28 13:07:42 -04:00
R.B. Boyer
b724e096c2
add namespace waiting function to envoy integration tests ( #9051 )
2020-10-28 11:58:40 -05:00
Daniel Nephin
7b9ee25956
Merge pull request #9026 from hashicorp/dnephin/streaming-without-cache-query-param
...
streaming: rename config and remove requirement for cache=1
2020-10-28 12:33:25 -04:00
Daniel Nephin
477d665309
Merge pull request #8618 from hashicorp/dnephin/remove-txn-readtxn
...
state: Use ReadTxn everywhere
2020-10-28 12:32:47 -04:00
R.B. Boyer
8e70c3fc25
missed adding the test delay to the l7-intentions envoy integration test ( #9052 )
2020-10-28 08:43:11 -05:00
Jono Sosulska
97eac7e4c8
Turn off issue labeler for now ( #9054 )
2020-10-27 17:34:16 -04:00
Kyle Havlovitz
9f893307de
Merge pull request #9053 from hashicorp/vault-token-lookupself
...
connect: Use the lookup-self endpoint for Vault token
2020-10-27 14:34:03 -07:00
Daniel Nephin
1a5af13fce
Merge pull request #8974 from hashicorp/dnephin/grpc-counter-metrics
...
agent/grpc: add counter metrics
2020-10-27 17:10:05 -04:00
Daniel Nephin
62c9124011
docs: Add the new metrics to telemetry.mdx
2020-10-27 16:49:50 -04:00
Daniel Nephin
f0ac093fef
agent/grpc: add connection count metrics
...
Gauge metrics are great for understanding the current state, but can somtimes hide problems
if there are many disconnect/reconnects.
This commit adds counter metrics for connections and streams to make it easier to see the
count of newly created connections and streams.
2020-10-27 16:49:49 -04:00
Daniel Nephin
5319ba02b0
agent/grpc: rename metrics
...
These new names should make it easier to add counter metics with similar prefixes
2020-10-27 16:49:49 -04:00
Daniel Nephin
c82d6aa4ff
Merge pull request #8961 from hashicorp/dnephin/grpc-resolve-node-id
...
agent/grpc: fix some test flakes and handle duplicate server IDs in the pool
2020-10-27 16:47:37 -04:00
Daniel Nephin
74ac34e358
Merge pull request #8998 from hashicorp/dnephin/lib-ttlcache
...
lib/ttlcache: extract a new package from agent/cache
2020-10-27 16:43:10 -04:00
Daniel Nephin
0f81915495
Merge pull request #8987 from hashicorp/dnephin/stream-filter
...
streaming: apply filter to a single item
2020-10-27 16:39:43 -04:00
Daniel Nephin
8bcd5040c7
agent/grpc: Add an integration test for ClientPool with TLS
...
Also deregister the resolver.Builder in tests.
2020-10-27 16:34:18 -04:00
Daniel Nephin
e9479175a4
tlsutil: remove unused UseTLS field
2020-10-27 16:34:17 -04:00
Daniel Nephin
8a785a351c
agent/grpc: pass metrics to constructor
...
Instead of referencing a package var. This does not fix the flaky test, but it seems more correct.
2020-10-27 16:34:17 -04:00
Daniel Nephin
d19657404f
agent/grpc: fix a flaky test by performing more retries
...
Instead of using retry.Run, which appears to have problems in some cases where it does not
emit an error message, use a for loop.
Increase the number of attempts and remove any sleep, since this operation is not that expensive to do
in a tight loop
2020-10-27 16:34:17 -04:00
Daniel Nephin
df405ac978
agent/grpc: remove misleading warnings from test output
...
Handle shutdown properly in tests so that the tests don't warn about using a closed connection.
2020-10-27 16:34:16 -04:00
Daniel Nephin
e101aa8a74
agent/grpc: fix a flake in TestHandler_EmitsStats
2020-10-27 16:34:16 -04:00