status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-10 05:45:46 +00:00
Code Issues Projects Releases Wiki Activity
15,307 Commits 445 Branches 179 Tags 489 MiB
Commit Graph

15307 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
trujillo-adam
e35236a053 adding k8s-cli alpha docs 2021-09-14 12:25:24 -07:00
Freddy
ce04ce13dd
Merge pull request #11024 from hashicorp/partitions/rbac 2021-09-14 11:18:19 -06:00
Freddy
e18f3c1f6d
Update error texts (#11022) 
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
 2021-09-14 11:08:06 -06:00
freddygv
d90e30f009 Update spiffe ID patterns used for RBAC 2021-09-14 11:00:03 -06:00
freddygv
5e54f253d7 Expand testing of simplifyNotSourceSlice for partitions 2021-09-14 10:55:15 -06:00
freddygv
19da23be28 Expand testing of removeSameSourceIntentions for partitions 2021-09-14 10:55:09 -06:00
freddygv
beab0cd962 Account for partition when matching src intentions 2021-09-14 10:55:02 -06:00
Daniel Nephin
1f9479603c
Add failures_before_warning to checks (#10969) 
Signed-off-by: Jakub Sokołowski <jakub@status.im>

* agent: add failures_before_warning setting

The new setting allows users to specify the number of check failures
that have to happen before a service status us updated to be `warning`.
This allows for more visibility for detected issues without creating
alerts and pinging administrators. Unlike the previous behavior, which
caused the service status to not update until it reached the configured
`failures_before_critical` setting, now Consul updates the Web UI view
with the `warning` state and the output of the service check when
`failures_before_warning` is breached.

The default value of `FailuresBeforeWarning` is the same as the value of
`FailuresBeforeCritical`, which allows for retaining the previous default
behavior of not triggering a warning.

When `FailuresBeforeWarning` is set to a value higher than that of
`FailuresBeforeCritical it has no effect as `FailuresBeforeCritical`
takes precedence.

Resolves: https://github.com/hashicorp/consul/issues/10680

Signed-off-by: Jakub Sokołowski <jakub@status.im>

Co-authored-by: Jakub Sokołowski <jakub@status.im>
 2021-09-14 12:47:52 -04:00
Chris S. Kim
5b658d2f39
Sync partition fields from enterprise (#11021) 2021-09-13 17:53:52 -04:00
Dhia Ayachi
ad914e16c2
acl-tokens table partitioning (#11020) 
* convert `Policies` index to use `indexerMulti`

* remove non used indexer

* fix oss policy Get

* add oss tests

* remove reference to partition in oss test

* convert `Roles` index to use `indexerMulti`

* add role test in oss

* fix oss to use the right index func

* convert `Roles` index to use `indexerSingle`

* split authmethod write indexer to oss and ent

* add auth method unit tests

* add index locality

* move intFromBool to be available for oss

* add expiry indexes

* add api tests

* fix rebase

* use Bool func

* preallocate slice

* rename variable
 2021-09-13 16:53:09 -04:00
Dhia Ayachi
b4d5860197
convert expiration indexed in ACLToken table to use indexerSingle (#11018) 
* move intFromBool to be available for oss

* add expiry indexes

* remove dead code: `TokenExpirationIndex`

* fix remove indexer `TokenExpirationIndex`

* fix rebase issue
 2021-09-13 14:37:16 -04:00
Dhia Ayachi
11f44dfcf8
add locality indexer partitioning (#11016) 
* convert `Roles` index to use `indexerSingle`

* split authmethod write indexer to oss and ent

* add index locality

* add locality unit tests

* move intFromBool to be available for oss

* use Bool func

* refactor `aclTokenList` to merge func
 2021-09-13 11:53:00 -04:00
Jared Kirschner
63b2cebcb3
Merge pull request #10837 from jkirschner-hashicorp/improve-docs-dns-with-acl 
Improve documentation around using DNS with ACLs Enabled
 2021-09-13 11:09:09 -04:00
Kyle MacDonald
4b966094ff
website: fixup incorrect markdown syntax (#11015) 2021-09-13 10:36:34 -04:00
Jared Kirschner
fcd89c2674 docs: add ACL component relationships visual 2021-09-10 15:33:23 -07:00
Jared Kirschner
b89832221c docs: discuss use of ACLs on DNS page 2021-09-10 15:33:23 -07:00
Dhia Ayachi
ba4ee6e67c
convert indexAuthMethod index to use indexerSingle (#11014) 
* convert `Roles` index to use `indexerSingle`

* fix oss build

* split authmethod write indexer to oss and ent

* add auth method unit tests
 2021-09-10 16:56:56 -04:00
Paul Banks
b6b4080dfb
Merge pull request #10613 from hashicorp/feature/mesh-header-manip 
Feature: allow manipulation of HTTP headers in ingress and mesh routing
 2021-09-10 21:40:26 +01:00
Paul Banks
fd259db9fb
Document how to make namespace wildcard intentions. (#10724) 
* Update intentions.mdx

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
 2021-09-10 21:25:09 +01:00
Paul Banks
b38e84df63 Include namespace and partition in error messages when validating ingress header manip 2021-09-10 21:11:00 +01:00
Paul Banks
1079089f20 Refactor HTTPHeaderModifiers.MergeDefaults based on feedback 2021-09-10 21:11:00 +01:00
Paul Banks
9e4e204e96 Fix enterprise test failures caused by differences in normalizing EnterpriseMeta 2021-09-10 21:11:00 +01:00
Paul Banks
3004eadd08 Fix enterprise discovery chain tests; Fix multi-level split merging 2021-09-10 21:11:00 +01:00
Paul Banks
81eb706906 Add Envoy integration test to show Header manip can interpolate Envoy variables 2021-09-10 21:09:24 +01:00
Paul Banks
a9bf4c9b82 Add Changelog entry and api package support for HTTP Header manip 2021-09-10 21:09:24 +01:00
Paul Banks
b5ae00d753 Remove unnecessary check 2021-09-10 21:09:24 +01:00
Paul Banks
bcf22e00dc Remove stray file 2021-09-10 21:09:24 +01:00
Paul Banks
f1c0876b4c Fix discovery chain test fixtures 2021-09-10 21:09:24 +01:00
Paul Banks
1b9632531a Integration tests for all new header manip features 2021-09-10 21:09:24 +01:00
Paul Banks
e22cc9c53a Header manip for split legs plumbing 2021-09-10 21:09:24 +01:00
Paul Banks
83fc8723a3 Header manip for service-router plumbed through 2021-09-10 21:09:24 +01:00
Paul Banks
f439dfc04f Ingress gateway header manip plumbing 2021-09-10 21:09:24 +01:00
Paul Banks
d776a2d236 Add HTTP header manip for router and splitter entries 2021-09-10 21:09:24 +01:00
Paul Banks
46e4041283 Header manip and validation added for ingress-gateway entries 2021-09-10 21:09:24 +01:00
Dhia Ayachi
6cac30aa22
convert Roles index to use indexerMulti (#11013) 
* convert `Roles` index to use `indexerMulti`

* add role test in oss

* fix oss to use the right index func

* preallocate slice
 2021-09-10 16:04:33 -04:00
Dhia Ayachi
f3f0654038
convert indexPolicies in ACLTokens table to the new index (#11011) 2021-09-10 14:57:37 -04:00
Dhia Ayachi
584faec6e3
convert indexSecret to the new index (#11007) 2021-09-10 09:10:11 -04:00
Dhia Ayachi
6e6cf1c043
convert indexAccessor to the new index (#11002) 2021-09-09 16:28:04 -04:00
Hans Hasselberg
13238dbab6
tls: consider presented intermediates during server connection tls handshake. (#10964) 
* use intermediates when verifying

* extract connection state

* remove useless import

* add changelog entry

* golint

* better error

* wording

* collect errors

* use SAN.DNSName instead of CommonName

* Add test for unknown intermediate

* improve changelog entry
 2021-09-09 21:48:54 +02:00
Jared Kirschner
8a4d3b3009
Merge pull request #10834 from jkirschner-hashicorp/improve-docs-configure-ui-https 
docs: give tutorials links for securing UI access
 2021-09-09 11:08:11 -04:00
Peter M
d10dd5fbb1
Merge pull request #10995 from hashicorp/pcmccarron-patch-1 
adding NIA to sidebar nav
 2021-09-08 10:56:26 -06:00
Peter M
9ea8786d6a
fixing link error 
path was pointing to the wrong page on new sidebar addition.
 2021-09-08 10:20:58 -06:00
Chris S. Kim
9bbfa048a2
Sync enterprise changes to oss (#10994) 
This commit updates OSS with files for enterprise-specific admin partitions feature work
 2021-09-08 11:59:30 -04:00
Sergey Matyukevich
06f3ccebce
Allow configuring graceful stop in testutil (#10566) 
* Allow configuring graceful stop in testutil

Signed-off-by: Sergey Matyukevich <s.matyukevich@gmail.com>

* add a changelog

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
 2021-09-08 11:12:54 -04:00
Jared Kirschner
0b02dbb410 docs: give tutorials links for securing UI access 2021-09-07 22:13:09 -07:00
Kyle Havlovitz
a14950025a
Merge pull request #10984 from hashicorp/mesh-resource 
acl: adding a new mesh resource
 2021-09-07 15:06:20 -07:00
Dhia Ayachi
bc0e4f2f46
partition dicovery chains (#10983) 
* partition dicovery chains

* fix default partition for OSS
 2021-09-07 16:29:32 -04:00
Peter M
e3695e7a2e
adding NIA to sidebar nav 2021-09-07 12:44:07 -06:00
trujillo-adam
74e3bf4e68
Merge pull request #10980 from hashicorp/docs-fix-policy-federation-vm-k8-secondary 
fixing the policy for configuring k8 clusters as secondary in federated arch
 2021-09-07 08:10:39 -07:00
trujillo-adam
0ee554ea54
Update website/content/docs/k8s/installation/multi-cluster/vms-and-kubernetes.mdx 
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
 2021-09-07 07:53:57 -07:00