status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-10 13:55:55 +00:00
Code Issues Projects Releases Wiki Activity
13,423 Commits 445 Branches 179 Tags 489 MiB
Commit Graph

13423 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Freddy
fd5928fa4e
Require operator:write to get Connect CA config (#9240) 
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that operators with `operator:read` ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the `/v1/connect/ca/configuration` endpoint, including the private key. This allows the user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services. This would potentially allow them to masquerade (receive/send traffic) as any service in the mesh.

--

This PR increases the permissions required to read the Connect CA's private key when it was configured via the `/connect/ca/configuration` endpoint. They are now `operator:write`.
 2020-11-19 10:14:48 -07:00
hashicorp-ci
effe235562 auto-updated agent/uiserver/bindata_assetfs.go from commit 687ce1f9c 2020-11-19 16:13:04 +00:00
John Cowen
687ce1f9c5
ui: Alter background color of filter bars (#9238) 2020-11-19 16:07:58 +00:00
John Cowen
b025319756
ui: Surface 'detail' of API errors in the error page (#9237) 
* ui: Surface 'detail' of API errors in the error page

* Make UI generated 404s look less bare
 2020-11-19 16:07:23 +00:00
John Cowen
86f5919fc0
ui: ACL Tokens > Roles and Policy search and sort (#9236) 
* ui: Ensure search is enabled for child items in the ACLs area

* Refactor comparators to reuse some utility functions

* Add search and sorting to the ACLs child selector

* Add tests for searching within child selectors

* Allow sorting by CreateIndex
 2020-11-19 16:06:39 +00:00
John Cowen
35f1274a1f
ui: Sort lists with health by unhealthy/healthy by default (#9234) 
* ui: Update lists with Health to sort by unhealthy/healthy by default

* Fix up tests for new sorting

* Make specific services page-navigation test
 2020-11-19 16:05:46 +00:00
John Cowen
f8e80fc688
ui: All metrics cards should default to the default nspace if not set (#9223) 
* ui: All metrics cards should default to the default nspace if not set

* Use the up/downstream as the data/nspace for up/downstreams not the service
 2020-11-19 16:03:26 +00:00
John Cowen
160b448c24
ui: Remove ghost healthcheck from the service instance healthcheck list (#9220) 
* ui: Fixup service instance healthcheck list not to show ghost check

If the proxy is undefined, then an undefined vaule is appended to the
list of checks

* There are only 6 checks in the mocks so only expect 6
 2020-11-19 15:59:27 +00:00
Kit Patella
0cc8d8e0a1
Merge pull request #9091 from scellef/correct-upgrade-guide 
Correcting text on when default was changed in Consul
 2020-11-18 16:54:48 -08:00
Nitya Dhanushkodi
d24be614e5
Add docs for envoyExtraArgs (#9206) 2020-11-18 15:40:39 -08:00
Daniel Nephin
671b8cf494
Merge pull request #9224 from hashicorp/dnephin/fix-multiple-http-listeners 
agent: fix bug with multiple listeners
 2020-11-18 16:52:29 -05:00
Daniel Nephin
79963be559 Use freeport 
To prevent other tests which already use freeport from flaking when port 0 steals their reserved port.
 2020-11-18 16:07:34 -05:00
hashicorp-ci
b8659f77c4 auto-updated agent/uiserver/bindata_assetfs.go from commit 591a96d5b 2020-11-18 19:07:25 +00:00
Kenia
591a96d5b8
ui: Fix empty state conditional for Series Graph (#9221) 2020-11-18 14:02:13 -05:00
Kenia
53a5b54b99
ui: Fix mutated nspace argument (#9222) 2020-11-18 14:01:35 -05:00
hashicorp-ci
cd003a14a5 auto-updated agent/uiserver/bindata_assetfs.go from commit 1edef424a 2020-11-18 19:00:19 +00:00
John Cowen
1edef424ad
ui: Refactor tomography graph component to glimmer and remove deprecation (#9219) 
* ui: Refactor tomograph graph component to glimmer and remove deprecation

* Avoid ember-data deprecation error
 2020-11-18 18:55:59 +00:00
John Cowen
4e1c62361e
ui: Remove ember-computed-style to avoid deprecation error (#9218) 2020-11-18 18:55:30 +00:00
Daniel Nephin
738bf9efdc agent: fix bug with multiple listeners 
Previously the listener was being passed to a closure in a loop without
capturing the loop variable. The result is only the last listener is
used, so the http/https servers only listen on one address.

This problem is fixed by capturing the variable by passing it into a
function.
 2020-11-18 13:03:29 -05:00
hashicorp-ci
b2605d90d2 auto-updated agent/uiserver/bindata_assetfs.go from commit 664f1d9aa 2020-11-18 11:17:06 +00:00
John Cowen
664f1d9aa5
ui: Change title helper to page-title (#9211) 2020-11-18 11:11:30 +00:00
John Cowen
7edee36621
ui: Add triple curlies and reformat style attribute (#9210) 2020-11-18 11:11:02 +00:00
Kyle Havlovitz
9be7c6401c connect: update some function comments in CA manager 2020-11-17 16:00:19 -08:00
Daniel Nephin
839429eb40
Merge pull request #9160 from hashicorp/dnephin/go-test-race-in-to-out-list 
ci: change go-test-race package list to exclude list
 2020-11-17 13:13:38 -05:00
Daniel Nephin
a10283a313 acl: remove t.Parallel 
These tests run faster without it, and it was causing races in
enterprise tests.
 2020-11-17 12:37:02 -05:00
Matt Keeler
66fd23d67f
Refactor to call non-voting servers read replicas (#9191) 
Co-authored-by: Kit Patella <kit@jepsen.io>
 2020-11-17 10:53:57 -05:00
Kenia
1cacbccb64
ui: Changelog changes (#9209) 2020-11-17 10:35:56 -05:00
Matt Keeler
946cc0b82a
[docs] Change links to the DNS information to the right place (#8675) 
The redirects were working in many situations but some (INTERNALS.md) was not. This just flips everything over to using the real link.
 2020-11-17 10:03:00 -05:00
Kit Patella
d15b6fddd3
Merge pull request #9198 from hashicorp/mkcp/telemetry/add-all-metric-definitions 
Add metric definitions for all metrics known at Consul start
 2020-11-16 15:54:50 -08:00
Kit Patella
52c53b2c20 changelog component should mention agent not just server 2020-11-16 15:54:24 -08:00
Kit Patella
bd0c7c2cd6 add note about deleting TelemetryConfig.MergeDefaults in the future 2020-11-16 15:53:52 -08:00
hashicorp-ci
56dbabf67b auto-updated agent/uiserver/bindata_assetfs.go from commit fe728855e 2020-11-16 23:41:31 +00:00
Freddy
fe728855ed
Add DC and NS support for Envoy metrics (#9207) 
This PR updates the tags that we generate for Envoy stats.

Several of these come with breaking changes, since we can't keep two stats prefixes for a filter.
 2020-11-16 16:37:19 -07:00
Kit Patella
eda553ef1d add changelog entry 2020-11-16 15:32:18 -08:00
Kit Patella
8e554ee74b Merge branch 'mkcp/telemetry/add-all-metric-definitions' of ssh://github.com/hashicorp/consul into mkcp/telemetry/add-all-metric-definitions 2020-11-16 15:26:12 -08:00
Kit Patella
ad4cebc1d8 fix some tests that were broken from the TelemetryConfig change 2020-11-16 15:22:36 -08:00
Kit Patella
fc30f07cc7
linting: sort and group import 2020-11-16 14:17:24 -08:00
Kit Patella
2fe021f03c update runtime_test to handle PrometheusOpts expiry field change 2020-11-16 14:16:12 -08:00
Matt Keeler
748d56b8ab
Prevent panic if autopilot health is requested prior to leader establishment finishing. (#9204) 2020-11-16 17:08:17 -05:00
Kit Patella
49f017bd42 prometheussink has the same number of params again 2020-11-16 14:01:40 -08:00
Kit Patella
b81edac7bb use the MetricsPrefix to set the service name and provide as slice literal to avoid bugs from append modifying its first arg 2020-11-16 14:01:12 -08:00
Matt Keeler
a7d504478c
Add changelog entry for namespace licensing fix (#9203) 2020-11-16 15:45:55 -05:00
Kit Patella
5e0e4098c9 push prometheus sink definiitons into prometheus.PrometheusOpts 2020-11-16 12:44:47 -08:00
Daniel Nephin
b7367467f6
Merge pull request #9114 from hashicorp/dnephin/filtering-in-stream 
stream: improve naming of Payload methods
 2020-11-16 14:20:07 -05:00
Kit Patella
15af5ead0b trim help strings to save a few bytes 2020-11-16 11:02:11 -08:00
Kit Patella
3966ecb02f merge master 2020-11-16 10:46:53 -08:00
hashicorp-ci
a54d1069b3 auto-updated agent/uiserver/bindata_assetfs.go from commit 959974e96 2020-11-16 15:27:40 +00:00
John Cowen
959974e960
ui: Replace NaN and undefined metrics values with - (#9200) 
* ui: Add functionality to metrics mocks:

1. More randomness during blocking queries
2. NaN and undefined values that come from prometheus
3. General trivial amends to bring things closer to the style of the
project

* Provider should always provide data as a string or undefined

* Use a placeholder `-` if the metrics endpoint responds with undefined data
 2020-11-16 15:22:24 +00:00
Kit Patella
5da2f1efa8 finish adding static server metrics 2020-11-13 16:26:08 -08:00
Luke Kysow
11db2b37c3
Docs for upgrading to CRDs (#9176) 
* Add Upgrading to CRDs docs
 2020-11-13 15:19:21 -08:00