Commit Graph

10341 Commits

Author SHA1 Message Date
tradel 7f36a5b676 construct a common name for each CSR 2019-08-27 14:12:56 -07:00
tradel 672e181399 add serviceID to leaf cert request 2019-08-27 14:12:22 -07:00
tradel a4312d2e6e add domain and nodeName to agent cert request 2019-08-27 14:11:40 -07:00
tradel 82ae7caf3e Added DC and domain args to Configure method 2019-08-27 14:09:01 -07:00
R.B. Boyer b962fe38cd
test: send testagent logs through testing.Logf (#6411) 2019-08-27 12:21:30 -05:00
R.B. Boyer 91da908d2f
test: fix TestAgent.Start() to not segfault if the DNSServer cannot ListenAndServe (#6409)
The embedded `Server` field on a `DNSServer` is only set inside of the
`ListenAndServe` method. If that method fails for reasons like the
address being in use and is not bindable, then the `Server` field will
not be set and the overall `Agent.Start()` will fail.

This will trigger the inner loop of `TestAgent.Start()` to invoke
`ShutdownEndpoints` which will attempt to pretty print the DNS servers
using fields on that inner `Server` field. Because it was never set,
this causes a nil pointer dereference and crashes the test.
2019-08-27 10:45:05 -05:00
Alvin Huang 0be1531d80
add nil pointer check for pointer to ACLToken struct (#6407) 2019-08-27 11:23:28 -04:00
Hans Hasselberg fce9fc2207
Update CHANGELOG.md 2019-08-27 17:12:47 +02:00
Nick Fagerlund ce8a27aedc website: Update middleman-hashicorp container and Gemfile.lock (#6374)
* website: Update middleman-hashicorp container and Gemfile.lock

Time marches on, and so do security vulnerabilities in Nokogiri. So it's time
for a new container.

As with last time, here's a reminder for the next person who needs to update
this:

- You shouldn't just update the dependency in Gemfile.lock, because your build
  times will go to heck as you compile Nokogiri from source on every run. So you
  need an updated container with all the dependencies.
- To update the container, you need to push a new tag to the middleman-hashicorp
  repo. Teamcity does the rest, and will ship a new container to Docker Hub
  (unless its credentials are out of date, in which case go ask team-eng-serv.)
- Once that's pushed:
    - Update Makefile
    - Update the Gemfile
    - Delete Gemfile.lock
    - `make website` until it comes up, then ctrl-C
    - Commit the changes

* website: Specify a different json version in Gemfile.lock

The Consul website uses different containers for preview and deploy, and this
oddball JSON version was causing issues. This commit sacrifices a little bit
of preview startup speed for (hopefully) working deploys.
2019-08-27 11:05:18 -04:00
Hans Hasselberg 3f333bada1
changelog: add known issues section for 1.6.
Update CHANGELOG.md
2019-08-27 14:40:26 +02:00
Hans Hasselberg d051342902
make sure auto_encrypt has private key type and bits (#6392) 2019-08-27 14:37:56 +02:00
Hans Hasselberg faa54ab989
auto_encrypt: verify_incoming_rpc is good enough for auto_encrypt.allow_tls (#6376)
Previously `verify_incoming` was required when turning on `auto_encrypt.allow_tls`, but that doesn't work together with HTTPS UI in some scenarios. Adding `verify_incoming_rpc` to the allowed configurations.
2019-08-27 14:36:36 +02:00
Mike Morris e7a5d80169
bump eventmachine to 1.2.7 in Gemfile.lock (#6389) 2019-08-27 02:00:43 -04:00
R.B. Boyer 9df6e77afb
test: actually run envoy 1.11.1 integration tests on PRs (#6397) 2019-08-26 16:30:17 -05:00
R.B. Boyer 7bc941575c
test: don't leak agent goroutines in TestAgent_sidecarServiceFromNodeService (#6396)
A goroutine dump using runtime.Stack() before/after shows a drop from 121 => 4.
2019-08-26 15:19:59 -05:00
Aaron Bennett 430dab8c37 update dependencies for enterprise change (#6395) 2019-08-26 15:22:28 -04:00
Freddy 4caf1d111a
Rephrase bind docs (#6394) 2019-08-26 11:31:55 -06:00
R.B. Boyer 000ca15db7 Putting source back into Dev Mode 2019-08-26 12:22:20 -05:00
Hans Hasselberg 103e0df670
Update CHANGELOG.md
Co-Authored-By: Alvin Huang <17609145+alvin-huang@users.noreply.github.com>
2019-08-26 16:51:36 +02:00
Hans Hasselberg a2cf7c7a5a
Update CHANGELOG.md
Co-Authored-By: Freddy <freddygv@users.noreply.github.com>
2019-08-26 16:38:32 +02:00
Hans Hasselberg 2125a0a493
Update CHANGELOG.md 2019-08-26 16:29:57 +02:00
Hans Hasselberg f3def8c0d0 make sure auto_encrypt has private key type and bits 2019-08-26 13:09:50 +02:00
hashicorp-ci 944cc71026
Release v1.6.0 2019-08-23 22:10:51 +00:00
hashicorp-ci 3757cb6a96
update bindata_assetfs.go 2019-08-23 22:10:50 +00:00
R.B. Boyer bec24ed199 mod: bump main module to api v1.2.0 and sdk v0.2.0 2019-08-23 16:45:30 -05:00
R.B. Boyer ea6231ce35 api: bump to sdk v0.2.0 2019-08-23 16:41:19 -05:00
R.B. Boyer e9b2163b1e
flatten 1.6 series changelog (#6390) 2019-08-23 16:36:31 -05:00
Matt Keeler 917a73e124
Update CHANGELOG.md 2019-08-23 16:04:10 -04:00
Hans Hasselberg c16c583b98
Update CHANGELOG.md 2019-08-23 21:56:27 +02:00
R.B. Boyer cc9a6f7993
Merge pull request #6388 from hashicorp/release/1-6
merging release/1-6 into master
2019-08-23 13:44:46 -05:00
Matt Keeler cbd1857186
Secondary CA `establishLeadership` fix (#6383)
This prevents ACL issues (or other issues) during intermediate CA cert signing from failing leader establishment.
2019-08-23 11:32:37 -04:00
Anudeep Reddy f9c2a95e0e Update observability.html.md (#6379) 2019-08-23 17:07:48 +02:00
danielehc 2e64b19fc2
Update agent.html.markdown.erb (#6380)
Adding a note on how to make Consul trust S3-compatible storage that expose a self-signed certificate.
2019-08-23 16:09:41 +02:00
Hans Hasselberg 3e46352ccb
auto_encrypt: use server-port (#6287)
AutoEncrypt needs the server-port because it wants to talk via RPC. Information from gossip might not be available at that point and thats why the server-port is being used.
2019-08-23 10:18:46 +02:00
R.B. Boyer 90d122055b update changelog 2019-08-22 15:13:06 -05:00
R.B. Boyer dfcdc41ef8
connect: allow 'envoy_cluster_json' escape hatch to continue to function (#6378) 2019-08-22 15:11:56 -05:00
Alvin Huang fbb3b8d5ab Merge Consul OSS branch 'master' at commit 59150281c5 2019-08-21 18:22:19 -04:00
Alvin Huang 59150281c5
print a proper error message for master merge CI job failures (#6371) 2019-08-21 18:19:47 -04:00
Jack Pearkes b428e81483 website: fix typo on mesh page (#6368)
Fixes #6345.
2019-08-21 16:35:11 -05:00
R.B. Boyer 0a4e683708
docs: remove beta references; leave version notation (#6372) 2019-08-21 16:23:08 -05:00
R.B. Boyer 7a6faccf2f
docs: document how envoy escape hatches work with the discovery chain (#6350)
- Bootstrap escape hatches are OK.
- Public listener/cluster escape hatches are OK.
- Upstream listener/cluster escape hatches are not supported.

If an unsupported escape hatch is configured and the discovery chain is
activated log a warning and act like it was not configured.

Fixes #6160
2019-08-21 15:10:12 -05:00
Alvin Huang 52041cc278 Merge Consul OSS branch 'master' at commit ce9cfc773d 2019-08-21 16:07:04 -04:00
Alvin Huang ce9cfc773d
remove ci merge branches if nightly merge fails (#6369) 2019-08-21 15:56:27 -04:00
R.B. Boyer 65fc93ea33 docs: fixing L7 config entries documentation (#6358)
- add service-router example involving gRPC
- fix indentation on service-router page by splitting it up
- remove reference to removed setting
2019-08-21 12:29:53 -05:00
R.B. Boyer 33c09f80c8 docs: add documentation for discovery chains
Fixes #6273
2019-08-21 12:29:53 -05:00
Ján Dzurek 5515e094f4 docs: ports docs missing paren fix (#6367) 2019-08-21 10:23:03 +02:00
hashicorp-ci 22789fedf8 Merge Consul OSS branch 'master' at commit a7ded1bd8e 2019-08-21 02:00:53 +00:00
Matt Keeler c62183196c
Update CHANGELOG.md 2019-08-20 12:03:26 -04:00
Matt Keeler 0c3cf47266
Ensure that config entry writes are forwarded to the primary DC (#6339) 2019-08-20 12:01:13 -04:00
Matt Keeler 9a5b258edf
Turned on Envoy 1.11.1 integration tests (#6347)
I also ran this against 1.5.2 so the docs update claiming compatibility should still be accurate.
2019-08-20 10:20:13 -04:00