Freddy
fc02bb7969
Add support for transparent proxy in xDS generation
2021-03-17 22:29:05 -06:00
freddygv
9713e3ba38
Add methods to check intention has wildcard src or dst
2021-03-17 22:15:48 -06:00
freddygv
1a8586a26b
Add changelog entry
2021-03-17 22:09:02 -06:00
freddygv
eb1e0a1751
Cancel watch on all errors
2021-03-17 21:44:14 -06:00
freddygv
52bf00de8b
Split up normalizing from defaulting values for upstream cfg
2021-03-17 21:37:55 -06:00
freddygv
ad6c726453
Uncomment listener tests
2021-03-17 21:37:12 -06:00
freddygv
f4f45af6d0
Merge master and fix upstream config protocol defaulting
2021-03-17 21:13:40 -06:00
Freddy
eca45f107a
Add internal RPC endpoint to compute upstreams from intentions
2021-03-17 17:39:35 -06:00
freddygv
9bff39ba07
Temporarily silence spurious wakeup. Addressing false positive in beta.
2021-03-17 17:25:29 -06:00
freddygv
0defd17106
Merge remote-tracking branch 'origin/master' into intention-topology-endpoint
2021-03-17 17:14:38 -06:00
Freddy
8207b832df
Add TransparentProxy option to proxy definitions
2021-03-17 17:01:45 -06:00
Freddy
c664938bae
Add per-upstream configuration to service-defaults
2021-03-17 16:59:51 -06:00
freddygv
7938dd82eb
Add changelog and cleanup todo for beta
2021-03-17 16:45:13 -06:00
freddygv
9f0696528b
Rename hasChains for clarity
2021-03-17 16:42:29 -06:00
freddygv
0da8702f34
PR comments
2021-03-17 16:18:56 -06:00
Daniel Nephin
386426ad0e
Merge pull request #9865 from hashicorp/dnephin/state-index-config-entries
...
state: convert config-entries table to the new pattern of functional indexers
2021-03-17 17:40:59 -04:00
freddygv
bf96d536d9
Upstreams loop is only for prepared queries and they are not CentrallyConfigured
2021-03-17 15:32:52 -06:00
freddygv
8a062e1546
Handle prepared queries in Upstreams loop and escape hatches in disco chain loop
2021-03-17 15:17:43 -06:00
freddygv
ce964f8ea5
Update xds for transparent proxy
2021-03-17 13:40:49 -06:00
freddygv
a54d6a9010
Update proxycfg for transparent proxy
2021-03-17 13:40:39 -06:00
freddygv
37f684664d
Do not include consul as upstream or downstream
2021-03-17 13:40:04 -06:00
Daniel Nephin
69ce10602f
state: add tests for config-entry indexers
2021-03-17 14:41:46 -04:00
Daniel Nephin
a414649543
state: convert config-entries kind index to new pattern
2021-03-17 14:40:57 -04:00
Daniel Nephin
aadf187094
state: remove config-entries namespace index
...
Use a prefix of the ID index instead.
2021-03-17 14:40:57 -04:00
Daniel Nephin
d70bbf671a
state: remove unnecessary method receiver
2021-03-17 14:40:57 -04:00
Daniel Nephin
650ac62098
state: convert config-entries table to new indexer pattern
...
Using functional indexes to isolate enterprise differentiation and
remove reflection.
2021-03-17 14:40:57 -04:00
Daniel Nephin
9f03e23e44
Merge pull request #9881 from hashicorp/dnephin/state-index-service-check-nodes
...
state: convert services.node and checks.node indexes
2021-03-17 14:12:02 -04:00
Daniel Nephin
bd6332ae25
Merge pull request #9863 from hashicorp/dnephin/config-entry-kind-name
...
state: move ConfigEntryKindName
2021-03-17 14:09:39 -04:00
hashicorp-ci
583743424f
auto-updated agent/uiserver/bindata_assetfs.go from commit 9e715842d
2021-03-17 16:03:18 +00:00
John Cowen
9e715842d9
ui: Improves UI engineering docs ( #9875 )
...
Also fixes some typos in with-overlay
2021-03-17 15:58:17 +00:00
hashicorp-ci
bac1afbb89
auto-updated agent/uiserver/bindata_assetfs.go from commit f9e8b26af
2021-03-17 14:45:58 +00:00
Kenia
f9e8b26af6
ui: Create auth-method show page with General Info Tab ( #9845 )
...
* Update list items to be linkable to auth-methods show
* Add general, namespace, and binding sub-routes
* Remove namespace and binding tabs to be done separately
* Update auth-method byId endpoint
* Style the show auth-method kubernetes type
* Finish Kubernetes auth-method type styling
* OIDC and JWT auth-method styling
* Create consul-auth-method-view component
* Add navigation test for auth-methods
* Create Certificate component
2021-03-17 10:40:56 -04:00
hashicorp-ci
6872c33881
auto-updated agent/uiserver/bindata_assetfs.go from commit aca797658
2021-03-17 11:27:44 +00:00
John Cowen
aca7976580
ui: Adds warning icon to side menu when ACLs are disabled ( #9864 )
...
* ui: Adds warning icon to side menu when ACLs are are disabled
2021-03-17 11:23:00 +00:00
hashicorp-ci
f4a96768d1
auto-updated agent/uiserver/bindata_assetfs.go from commit 41471719e
2021-03-17 10:50:59 +00:00
John Cowen
41471719e6
ui: CSP Improvements ( #9847 )
...
* Configure ember-auto-import so we can use a stricter CSP
* Create a fake filesystem using JSON to avoid inline scripts in index
We used to have inline scripts in index.html in order to support embers
filepath fingerprinting and our configurable rootURL.
Instead of using inline scripts we use application/json plus a JSON blob
to create a fake filesystem JSON blob/hash/map to hold all of the
rootURL'ed fingerprinted file paths which we can then retrive later in
non-inline scripts.
We move our inlined polyfills script into the init.js external script,
and we move the CodeMirror syntax highlighting configuration inline
script into the main app itself - into the already existing CodeMirror
initializer (this has been moved so we can lookup a service located
document using ember's DI container)
* Set a strict-ish CSP policy during development
2021-03-17 10:46:21 +00:00
freddygv
3f2489c31d
Refactor makePublicListener
...
By accepting a name the function can be used for other inbound listeners,
like the one for TransparentProxy.
2021-03-16 19:22:26 -06:00
Daniel Nephin
0ea3b38477
Merge pull request #9886 from hashicorp/sdk/to_testing_TB
...
[SDK] change all cases of *testing.T to testing.TB
2021-03-16 20:28:35 -04:00
Daniel Nephin
cacd7ccca2
Merge pull request #9475 from cbroglie/tls-server-name
...
Add support for configuring TLS ServerName for health checks
2021-03-16 20:24:44 -04:00
Daniel Nephin
99eda98222
Add changelog for 9475
2021-03-16 18:22:25 -04:00
Christopher Broglie
f0307c73e5
Add support for configuring TLS ServerName for health checks
...
Some TLS servers require SNI, but the Golang HTTP client doesn't
include it in the ClientHello when connecting to an IP address. This
change adds a new TLSServerName field to health check definitions to
optionally set it. This fixes #9473 .
2021-03-16 18:16:44 -04:00
John Eikenberry
1266bfd65b
[SDK] change all cases of *testing.T to testing.TB
...
Using the interface opens up the use of all methods to benchmarks as
well as tests.
2021-03-16 15:05:39 -07:00
Daniel Nephin
931023fc70
Merge pull request #8698 from pierreca/fix-iserreof
...
Use errors.Is() in IsErrEOF()
2021-03-16 17:56:15 -04:00
freddygv
7892964a0c
Add cache-type for Internal.IntentionUpstreams
2021-03-16 11:06:47 -06:00
Daniel Nephin
34eb6c01ff
state: convert services.node and checks.node indexes
...
Using NodeIdentity to share the indexes with both.
2021-03-16 13:00:31 -04:00
freddygv
942334b208
Prefix match type vars to match use
2021-03-16 09:49:24 -06:00
freddygv
4cb9fdc27f
Pass txn into service list queries
2021-03-16 09:33:08 -06:00
freddygv
86ff9065c1
Pass txn into intention match queries
2021-03-16 08:03:52 -06:00
freddygv
31e757de2a
Replace CertURI.Authorize() calls.
...
AuthorizeIntentionTarget is a generalized version of the old function,
and can be evaluated against sources or destinations.
2021-03-15 18:06:04 -06:00
freddygv
f5ed751c91
Fixup typo, comments, and regression
2021-03-15 17:50:47 -06:00