13963 Commits

Author SHA1 Message Date
Freddy
8207b832df
Add TransparentProxy option to proxy definitions 2021-03-17 17:01:45 -06:00
Freddy
c664938bae
Add per-upstream configuration to service-defaults 2021-03-17 16:59:51 -06:00
freddygv
7938dd82eb Add changelog and cleanup todo for beta 2021-03-17 16:45:13 -06:00
freddygv
9f0696528b Rename hasChains for clarity 2021-03-17 16:42:29 -06:00
freddygv
0da8702f34 PR comments 2021-03-17 16:18:56 -06:00
Daniel Nephin
386426ad0e
Merge pull request #9865 from hashicorp/dnephin/state-index-config-entries
state: convert config-entries table to the new pattern of functional indexers
2021-03-17 17:40:59 -04:00
freddygv
bf96d536d9 Upstreams loop is only for prepared queries and they are not CentrallyConfigured 2021-03-17 15:32:52 -06:00
freddygv
8a062e1546 Handle prepared queries in Upstreams loop and escape hatches in disco chain loop 2021-03-17 15:17:43 -06:00
freddygv
ce964f8ea5 Update xds for transparent proxy 2021-03-17 13:40:49 -06:00
freddygv
a54d6a9010 Update proxycfg for transparent proxy 2021-03-17 13:40:39 -06:00
freddygv
37f684664d Do not include consul as upstream or downstream 2021-03-17 13:40:04 -06:00
Daniel Nephin
69ce10602f state: add tests for config-entry indexers 2021-03-17 14:41:46 -04:00
Daniel Nephin
a414649543 state: convert config-entries kind index to new pattern 2021-03-17 14:40:57 -04:00
Daniel Nephin
aadf187094 state: remove config-entries namespace index
Use a prefix of the ID index instead.
2021-03-17 14:40:57 -04:00
Daniel Nephin
d70bbf671a state: remove unnecessary method receiver 2021-03-17 14:40:57 -04:00
Daniel Nephin
650ac62098 state: convert config-entries table to new indexer pattern
Using functional indexes to isolate enterprise differentiation and
remove reflection.
2021-03-17 14:40:57 -04:00
Daniel Nephin
9f03e23e44
Merge pull request #9881 from hashicorp/dnephin/state-index-service-check-nodes
state: convert services.node and checks.node indexes
2021-03-17 14:12:02 -04:00
Daniel Nephin
bd6332ae25
Merge pull request #9863 from hashicorp/dnephin/config-entry-kind-name
state: move ConfigEntryKindName
2021-03-17 14:09:39 -04:00
hashicorp-ci
583743424f auto-updated agent/uiserver/bindata_assetfs.go from commit 9e715842d 2021-03-17 16:03:18 +00:00
John Cowen
9e715842d9
ui: Improves UI engineering docs (#9875)
Also fixes some typos in with-overlay
2021-03-17 15:58:17 +00:00
hashicorp-ci
bac1afbb89 auto-updated agent/uiserver/bindata_assetfs.go from commit f9e8b26af 2021-03-17 14:45:58 +00:00
Kenia
f9e8b26af6
ui: Create auth-method show page with General Info Tab (#9845)
* Update list items to be linkable to auth-methods show

* Add general, namespace, and binding sub-routes

* Remove namespace and binding tabs to be done separately

* Update auth-method byId endpoint

* Style the show auth-method kubernetes type

* Finish Kubernetes auth-method type styling

* OIDC and JWT auth-method styling

* Create consul-auth-method-view component

* Add navigation test for auth-methods

* Create Certificate component
2021-03-17 10:40:56 -04:00
hashicorp-ci
6872c33881 auto-updated agent/uiserver/bindata_assetfs.go from commit aca797658 2021-03-17 11:27:44 +00:00
John Cowen
aca7976580
ui: Adds warning icon to side menu when ACLs are disabled (#9864)
* ui: Adds warning icon to side menu when ACLs are are disabled
2021-03-17 11:23:00 +00:00
hashicorp-ci
f4a96768d1 auto-updated agent/uiserver/bindata_assetfs.go from commit 41471719e 2021-03-17 10:50:59 +00:00
John Cowen
41471719e6
ui: CSP Improvements (#9847)
* Configure ember-auto-import so we can use a stricter CSP

* Create a fake filesystem using JSON to avoid inline scripts in index

We used to have inline scripts in index.html in order to support embers
filepath fingerprinting and our configurable rootURL.

Instead of using inline scripts we use application/json plus a JSON blob
to create a fake filesystem JSON blob/hash/map to hold all of the
rootURL'ed fingerprinted file paths which we can then retrive later in
non-inline scripts.

We move our inlined polyfills script into the init.js external script,
and we move the CodeMirror syntax highlighting configuration inline
script into the main app itself - into the already existing CodeMirror
initializer (this has been moved so we can lookup a service located
document using ember's DI container)

* Set a strict-ish CSP policy during development
2021-03-17 10:46:21 +00:00
freddygv
3f2489c31d Refactor makePublicListener
By accepting a name the function can be used for other inbound listeners,
like the one for TransparentProxy.
2021-03-16 19:22:26 -06:00
Daniel Nephin
0ea3b38477
Merge pull request #9886 from hashicorp/sdk/to_testing_TB
[SDK] change all cases of *testing.T to testing.TB
2021-03-16 20:28:35 -04:00
Daniel Nephin
cacd7ccca2
Merge pull request #9475 from cbroglie/tls-server-name
Add support for configuring TLS ServerName for health checks
2021-03-16 20:24:44 -04:00
Daniel Nephin
99eda98222 Add changelog for 9475 2021-03-16 18:22:25 -04:00
Christopher Broglie
f0307c73e5 Add support for configuring TLS ServerName for health checks
Some TLS servers require SNI, but the Golang HTTP client doesn't
include it in the ClientHello when connecting to an IP address. This
change adds a new TLSServerName field to health check definitions to
optionally set it. This fixes #9473.
2021-03-16 18:16:44 -04:00
John Eikenberry
1266bfd65b [SDK] change all cases of *testing.T to testing.TB
Using the interface opens up the use of all methods to benchmarks as
well as tests.
2021-03-16 15:05:39 -07:00
Daniel Nephin
931023fc70
Merge pull request #8698 from pierreca/fix-iserreof
Use errors.Is() in IsErrEOF()
2021-03-16 17:56:15 -04:00
freddygv
7892964a0c Add cache-type for Internal.IntentionUpstreams 2021-03-16 11:06:47 -06:00
Daniel Nephin
34eb6c01ff state: convert services.node and checks.node indexes
Using NodeIdentity to share the indexes with both.
2021-03-16 13:00:31 -04:00
freddygv
942334b208 Prefix match type vars to match use 2021-03-16 09:49:24 -06:00
freddygv
4cb9fdc27f Pass txn into service list queries 2021-03-16 09:33:08 -06:00
freddygv
86ff9065c1 Pass txn into intention match queries 2021-03-16 08:03:52 -06:00
freddygv
31e757de2a Replace CertURI.Authorize() calls.
AuthorizeIntentionTarget is a generalized version of the old function,
and can be evaluated against sources or destinations.
2021-03-15 18:06:04 -06:00
freddygv
f5ed751c91 Fixup typo, comments, and regression 2021-03-15 17:50:47 -06:00
freddygv
4bdbcff9c0 Fixup upstream test 2021-03-15 17:20:30 -06:00
freddygv
3492f9e0d6 Finish cleanup from ServiceConfigRequest changes 2021-03-15 16:38:01 -06:00
freddygv
770c5552d6 Update service manager to pass MeshGateway with config req 2021-03-15 16:08:03 -06:00
freddygv
6090cfcf68 PR comments 2021-03-15 16:02:03 -06:00
Luke Kysow
a1d5e1fb41
docs: rename SourceAddress to SourceIP (#9878)
SourceAddress was probably renamed to SourceIP but the docs weren't
updated.
2021-03-15 14:39:33 -07:00
freddygv
7df846aa24 Pass MeshGateway config in service config request
ResolveServiceConfig is called by service manager before the proxy
registration is in the catalog. Therefore we should pass proxy
registration flags in the request rather than trying to fetch
them from the state store (where they may not exist yet).
2021-03-15 14:32:13 -06:00
freddygv
8b46d8dcbb Restore old Envoy prefix on escape hatches
This is done because after removing ID and NodeName from
ServiceConfigRequest we will no longer know whether a request coming in
is for a Consul client earlier than v1.10.
2021-03-15 14:12:57 -06:00
freddygv
93c3c1780d Only lowercase the protocol when normalizing 2021-03-15 14:12:15 -06:00
freddygv
41b2ba1e58 Add omitempty across the board for UpstreamConfig 2021-03-15 13:23:18 -06:00
Freddy
e655a974d3
Merge pull request #9107 from hashicorp/docs-prepared-query-namespace
Add namespaces to prepared query API docs
2021-03-15 13:08:52 -06:00