Commit Graph

20335 Commits

Author SHA1 Message Date
Ronald 1512ea307e
Dynamically create jwks clusters for jwt-providers (#17944) 2023-06-29 20:37:40 +00:00
David Yu 85b78fe186
Fix streaming backend link (#17958)
* Fix streaming backend link
* Update health.mdx
2023-06-29 12:19:03 -07:00
John Maguire a60b36394d
fixing typo in link to jwt-validations-with-intentions doc (#17955) 2023-06-29 16:35:13 +00:00
Ranjandas 1b1f33f224
Fixes Secondary ConnectCA update (#17846)
This fixes a bug that was identified which resulted in subsequent
ConnectCA configuration update not to persist in the cluster.
2023-06-29 14:24:24 +00:00
John Murret bdf4fad7c5
Revert "Add workflow to verify linux release packages (#17904)" (#17942)
This reverts commit 3368f14fab.
2023-06-28 14:18:53 -06:00
David Yu 6f660e5e25
docs: Deprecations for connect-native SDK and specific connect native APIs (#17937)
* Update v1_16_x.mdx
* Update connect native golang page

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-06-28 19:45:46 +00:00
Samantha f019457815
tlsutil: Fix check TLS configuration (#17481)
* tlsutil: Fix check TLS configuration
* Rewording docs.
* Update website/content/docs/services/configuration/checks-configuration-reference.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Fix typos and add changelog entry.
---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-06-28 09:24:51 -07:00
John Maguire 67a239a821
Ensure RSA keys are at least 2048 bits in length (#17911)
* Ensure RSA keys are at least 2048 bits in length

* Add changelog

* update key length check for FIPS compliance

* Fix no new variables error and failing to return when error exists from
validating

* clean up code for better readability

* actually return value
2023-06-28 15:34:09 +00:00
Dan Bond 7dbba6c94d
deps: coredns v1.10.1 (#17912) 2023-06-28 07:53:43 -07:00
David Yu b168132176
Update create-sameness-groups.mdx (#17927) 2023-06-27 20:23:03 -07:00
David Yu 6f5da97d66
Update sameness-group.mdx (#17915) 2023-06-28 01:45:23 +00:00
natemollica-dev 310bc68e65
Update Consul K8s Upgrade Doc Updates (#17921)
Updating upgrade procedures to encompass expected errors during upgrade process from v1.13.x to v1.14.x.
2023-06-27 23:41:53 +00:00
Nathan Coleman f7870881e0
Reference hashicorp/consul instead of consul for Docker image (#17914)
* Reference hashicorp/consul instead of consul for Docker image

* Update Make targets that pull consul directly
2023-06-27 23:17:20 +00:00
John Murret 3368f14fab
Add workflow to verify linux release packages (#17904)
* adding docker files to verify linux packages.

* add verifr-release-linux.yml

* updating name

* pass inputs directly into jobs

* add other linux package platforms

* remove on push

* fix TARGETARCH on debian and ubuntu so it can check arm64 and amd64

* fixing amazon to use the continue line

* add ubuntu i386

* fix comment lines

* working

* remove commented out workflow jobs

* Apply suggestions from code review

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>

* update fedora and ubuntu to use latest tag

---------

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
2023-06-27 22:19:39 +00:00
Tu Nguyen b76c4d7bd5
Propose new changes to APIgw upgrade instructions (#17693)
* Propose new changes to APIgw upgrade instructions

* fix build error

* update callouts to render correctly

* Add hideClipboard to log messages

* Added clarification around consul k8s and crds
2023-06-27 19:35:58 +00:00
Tu Nguyen 1c819e6147
Create and update release notes for 1.16 and 1.2 (#17895)
* update release notes for 1.16 and 1.2

* update latest consul core release
2023-06-27 17:33:04 +00:00
Luke Kysow abeeea1621
Fix command from kg to kubectl get (#17903) 2023-06-27 17:26:05 +00:00
Joshua Timmons 55056be093
Add emit_tags_as_labels to envoy bootstrap config when using Consul Telemetry Collector (#17888) 2023-06-27 12:34:38 -04:00
mr-miles c8cfa605f8
Update docs (#17476)
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-06-27 09:16:40 -07:00
Ronald 767ef2dd4c
Allow service identity tokens the ability to read jwt-providers (#17893)
* Allow service identity tokens the ability to read jwt-providers

* more tests

* service_prefix tests
2023-06-27 16:03:43 +00:00
Chris S. Kim 601490b9ab
Update wording on WAN fed and intermediate_pki_path (#17850) 2023-06-27 15:22:10 +00:00
Gerard Nguyen 6bc222244f
docs: update config enable_debug (#17866)
* update doc for config enable_debug

* Update website/content/docs/agent/config/config-files.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-06-27 02:19:07 +00:00
John Murret a96a9e794a
Changelog - add 1.13.9, 1.14.8, and 1.15.4 (#17889) 2023-06-26 18:40:18 -06:00
Nathan Coleman 08c5048160
api-gateway: add step to upgrade instructions for creating intentions (#17875) 2023-06-26 13:29:17 -04:00
sarahalsmiller e552e3d27b
api-gateway: add operation cannot be fulfilled error to common errors (#17874)
* add error message

* Update website/content/docs/api-gateway/usage/errors.mdx

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>

* fix formating issues

---------

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
2023-06-26 13:16:48 -04:00
Dan Bond 8e02a0e1ae
deps: aws-sdk-go v1.44.289 (#17876)
Signed-off-by: Dan Bond <danbond@protonmail.com>
2023-06-26 10:07:26 -07:00
Alex Simenduev 33a2d90852
Fix a bug that wrongly trims domains when there is an overlap with DC name (#17160)
* Fix a bug that wrongly trims domains when there is an overlap with DC name

Before this change, when DC name and domain/alt-domain overlap, the domain name incorrectly trimmed from the query.

Example:

Given: datacenter = dc-test, alt-domain = test.consul.
Querying for "test-node.node.dc-test.consul" will faile, because the
code was trimming "test.consul" instead of just ".consul"

This change, fixes the issue by adding dot (.) before trimming

* trimDomain: ensure domain trimmed without modyfing original domains

* update changelog

---------

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2023-06-26 10:57:11 -04:00
Dan Upton ce24646d36
tooling: generate protoset file (#17364)
Extends the `proto` make target to generate a protoset file for use with
grpcurl etc.
2023-06-26 12:53:55 +00:00
Dan Upton b117eb0126
resource: enforce consistent naming of resource types (#17611)
For consistency, resource type names must follow these rules:

- `Group` must be snake case, and in most cases a single word.
- `GroupVersion` must be lowercase, start with a "v" and end with a number.
- `Kind` must be pascal case.

These were chosen because they map to our protobuf type naming
conventions.
2023-06-26 13:25:14 +01:00
Dan Upton 48445dfa55
resource: add `AuthorizerContext` helper method (#17393) 2023-06-26 13:23:05 +01:00
Iryna Shustava d5d3a3ddb9
docs: update upgrade to consul-dataplane docs on k8s (#17852) 2023-06-23 16:26:57 -06:00
Nathan Coleman 5244ede957
docs: add note about path prefix matching behavior for HTTPRoute config (#17860)
* Add note about path prefix matching behavior for HTTPRoute config

* Update website/content/docs/connect/gateways/api-gateway/configuration/http-route.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-06-23 18:07:53 -04:00
Derek Menteer 94eb36b775
Add docs for sameness groups with resolvers. (#17851) 2023-06-23 13:57:21 -05:00
V. K 2e2cbc16e1
Update service-mesh.mdx (#17845)
Deleted two commas which looks quite like some leftovers.
2023-06-23 11:33:21 -07:00
Nathan Coleman 1f636715d0
Trigger OSS => ENT merge for all release branches (#17853)
Previously, this only triggered for release/*.*.x branches; however, our release process involves cutting a release/1.16.0 branch, for example, at time of code freeze these days. Any PRs to that branch after code freeze today do not make their way to consul-enterprise. This will make behavior for a .0 branch consistent with current behavior for a .x branch.
2023-06-23 14:14:55 -04:00
cskh f16c5d87ab
watch: support -filter for consul watch: checks, services, nodes, service (#17780)
* watch: support -filter for watch checks

* Add filter for watch nodes, services, and service
- unit test added
- Add changelog
- update doc
2023-06-23 12:00:46 -04:00
wangxinyi7 b782f2e39a
counter part of ent pr (#17618) 2023-06-22 10:50:46 -07:00
Matt Keeler 1864874726
CI Updates (#17834)
* Ensure that git access to private repos uses the ELEVATED_GITHUB_TOKEN

* Bump the runner size for the protobuf generation check

This has failed previously when the runner process that communicates with GitHub gets starved causing the job to fail.
2023-06-22 10:56:45 -04:00
Chris Thain 366bd6f89f
ext-authz Envoy extension: support `localhost` as a valid target URI. (#17821) 2023-06-21 13:42:42 -07:00
Chris S. Kim a4653de8da
CA provider doc updates and Vault provider minor update (#17831)
Update CA provider docs

Clarify that providers can differ between
primary and secondary datacenters

Provide a comparison chart for consul vs
vault CA providers

Loosen Vault CA provider validation for RootPKIPath

Update Vault CA provider documentation
2023-06-21 19:34:42 +00:00
George Bolo 82441a27fa
fixes #17732 - AccessorID in request body should be optional when updating ACL token (#17739)
* AccessorID in request body should be optional when updating ACL token

* add a test case

* fix test case

* add changelog entry for PR #17739
2023-06-21 13:31:40 -05:00
Michael Zalimeni d0797c4a0d
Fixup consul-container/test/debugging.md (#17815)
Add missing `-t` flag and fix minor typo.
2023-06-21 17:52:00 +00:00
Eric Haberkorn a3ba559149
Make locality aware routing xDS changes (#17826) 2023-06-21 12:39:53 -04:00
Michael Zalimeni 500dcb1f21
Set GOPRIVATE for all hashicorp repos in CI (#17817)
Consistently set GOPRIVATE to include all hashicorp repos, s.t. private
modules are successfully pulled in enterprise CI.
2023-06-21 11:26:27 -04:00
trujillo-adam f17b7f32fc
Change URLs for redirects from RC to default latest (#17822) 2023-06-20 13:17:46 -07:00
Ronald ee95bc7266
Add jwt-authn metrics to jwt-provider docs (#17816)
* [NET-3095] add jwt-authn metrics docs
2023-06-20 19:46:16 +00:00
Steven Zamborsky 2a94ffa571
Fix formatting for webhook-certs Consul tutorial (#17810)
* Fix formatting for webhook-certs Consul tutorial
* Make a small grammar change to also pick up whitespace changes necessary for formatting

---------

Co-authored-by: David Yu <dyu@hashicorp.com>
2023-06-20 11:33:10 -07:00
Michael Zalimeni e4c9793ee2
Clarify limitations of Prop Override extension (#17801)
Explicitly document the limitations of the extension, particularly what
kind of fields it is capable of modifying.
2023-06-20 11:26:28 -04:00
John Murret 6d39328771
Add documentation for remote debugging of integration tests. (#17800)
* Add documentation for remote debugging of integration tests.

* add link from main docs page.

* changes related to PR feedback
2023-06-20 15:14:15 +00:00
Paul Glass d2363eb711
Test permissive mTLS filter chain not configured with tproxy disabled (#17747) 2023-06-20 09:49:50 -05:00