Commit Graph

13346 Commits

Author SHA1 Message Date
hashicorp-ci 79bb27a363
update bindata_assetfs.go 2020-11-24 19:05:48 +00:00
David Yu 8d374fa9fa docs: adding Consul 1.9.x to compat matrix and link to Envoy compat matrix (#9263)
* Adding Consul 1.9.x to compat matrix and link to Envoy compat matrix

Adding 1.9.x and link to Envoy compat matrix
2020-11-24 18:51:06 +00:00
David Yu 687d504214 docs: adding Consul 1.9.x to compat matrix and link to Envoy compat matrix (#9263)
* Adding Consul 1.9.x to compat matrix and link to Envoy compat matrix

Adding 1.9.x and link to Envoy compat matrix
2020-11-24 18:51:01 +00:00
R.B. Boyer 7467ffbff3 server: fix panic when deleting a non existent intention (#9254)
* server: fix panic when deleting a non existent intention

* add changelog

* Always return an error when deleting non-existent ixn

Co-authored-by: freddygv <gh@freddygv.xyz>
2020-11-24 18:44:58 +00:00
R.B. Boyer 3c7cf0216d server: fix panic when deleting a non existent intention (#9254)
* server: fix panic when deleting a non existent intention

* add changelog

* Always return an error when deleting non-existent ixn

Co-authored-by: freddygv <gh@freddygv.xyz>
2020-11-24 13:44:45 -05:00
John Cowen 3668431e4e ui: Ensure the per item logout button logs you out (#9269) 2020-11-24 17:48:47 +00:00
John Cowen a09f94f6c0 ui: Ensure the per item logout button logs you out (#9269) 2020-11-24 17:48:17 +00:00
Mike Morris 373d736251 deps: update consul/api and consul/sdk pins 2020-11-24 12:41:01 -05:00
Mike Morris e03ba00946 api: update to consul/sdk v0.7.0 2020-11-24 12:35:53 -05:00
Mike Morris 52e5a2fb32
changelog: 1.9.0 (#9265)
* changelog: add post-rc1 entries

* changelog: regenerate entries from LAST_RELEASE_GIT_TAG=v1.8.4, remove beta releases

* changelog: tweak categories for a few entries and add Go 1.15 note

* changelog: apply category changes to CHANGELOG.md

manually remove Go 1.14 upgrade note and two intermediate UI bug fix
entries for the new topology feature
2020-11-24 12:21:43 -05:00
John Cowen 5a754ae4da ui: Include nspace in up/downstream link when nspaces are enabled (#9257) 2020-11-24 14:34:58 +00:00
John Cowen e88367fd06 ui: Include nspace in up/downstream link when nspaces are enabled (#9257) 2020-11-24 14:34:40 +00:00
Kit Patella 727780140e Merge pull request #9261 from hashicorp/telemetry/fix-missing-and-stale-docs-2
Telemetry/fix missing and stale docs
2020-11-23 21:34:59 +00:00
Kit Patella 146466a708 Merge pull request #9261 from hashicorp/telemetry/fix-missing-and-stale-docs-2
Telemetry/fix missing and stale docs
2020-11-23 21:34:55 +00:00
Daniel Nephin aa07128f46 Merge pull request #9259 from hashicorp/dnephin/doc-streaming-experimental
docs: mark streaming as experimental
2020-11-23 21:14:12 +00:00
Daniel Nephin 39b2a30c56 Merge pull request #9259 from hashicorp/dnephin/doc-streaming-experimental
docs: mark streaming as experimental
2020-11-23 21:14:08 +00:00
Daniel Nephin 035b6a1cdb Merge pull request #9012 from hashicorp/dnephin/log-fix-rotation
logging: prune logs on startup
2020-11-23 19:57:47 +00:00
Freddy ff5215d882 Require operator:write to get Connect CA config (#9240)
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that operators with `operator:read` ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the `/v1/connect/ca/configuration` endpoint, including the private key. This allows the user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services. This would potentially allow them to masquerade (receive/send traffic) as any service in the mesh.

--

This PR increases the permissions required to read the Connect CA's private key when it was configured via the `/connect/ca/configuration` endpoint. They are now `operator:write`.
2020-11-23 06:27:20 -07:00
Sabeen Syed b82317d506 Update NIA architecture image (#9180) 2020-11-23 07:49:22 +00:00
Sabeen Syed 97b26f19c7 Update NIA architecture image (#9180) 2020-11-23 07:49:17 +00:00
Kit Patella fe6ef7e414 Merge pull request #9245 from hashicorp/telemetry/fix-missing-and-stale-docs
Telemetry/fix missing and stale docs
2020-11-20 20:55:51 +00:00
Kit Patella 6e607d7cd3 Merge pull request #9245 from hashicorp/telemetry/fix-missing-and-stale-docs
Telemetry/fix missing and stale docs
2020-11-20 20:55:45 +00:00
Kenia 0de23419d6
ui: Card component nspace refactor (#9228) (#9248)
* Refactoring conditional for showing nspaces

* Styling empty state for Stats component
2020-11-20 11:41:57 -05:00
Freddy 3ffd1fdc8b Merge pull request #9246 from hashicorp/changelog-186 2020-11-20 00:41:05 +00:00
Freddy 25c17d7afe Merge pull request #9246 from hashicorp/changelog-186 2020-11-20 00:41:01 +00:00
Freddy 4e44341d36 Require operator:write to get Connect CA config (#9240)
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that operators with `operator:read` ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the `/v1/connect/ca/configuration` endpoint, including the private key. This allows the user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services. This would potentially allow them to masquerade (receive/send traffic) as any service in the mesh.

--

This PR increases the permissions required to read the Connect CA's private key when it was configured via the `/connect/ca/configuration` endpoint. They are now `operator:write`.
2020-11-19 16:50:17 -07:00
R.B. Boyer 140c220131
[1.9.0] command: when generating envoy bootstrap configs use the datacenter returned from the agent services endpoint (#9230)
Manual backport of #9229 into 1.9.0 branch

Fixes #9215
2020-11-19 15:33:41 -06:00
R.B. Boyer 32f6d17e5d command: when generating envoy bootstrap configs use the datacenter returned from the agent services endpoint (#9229)
Fixes #9215
2020-11-19 21:28:09 +00:00
Kenia 36307f1b0c ui: Card component nspace refactor (#9228)
* Refactoring conditional for showing nspaces

* Styling empty state for Stats component
2020-11-19 18:42:19 +00:00
Freddy 5137e4501d Require operator:write to get Connect CA config (#9240)
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that operators with `operator:read` ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the `/v1/connect/ca/configuration` endpoint, including the private key. This allows the user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services. This would potentially allow them to masquerade (receive/send traffic) as any service in the mesh.

--

This PR increases the permissions required to read the Connect CA's private key when it was configured via the `/connect/ca/configuration` endpoint. They are now `operator:write`.
2020-11-19 17:15:17 +00:00
John Cowen 1557ee9b1b ui: Alter background color of filter bars (#9238) 2020-11-19 16:08:29 +00:00
John Cowen 727a1053be ui: Alter background color of filter bars (#9238) 2020-11-19 16:08:12 +00:00
John Cowen 1ea9592707 ui: Surface 'detail' of API errors in the error page (#9237)
* ui: Surface 'detail' of API errors in the error page

* Make UI generated 404s look less bare
2020-11-19 16:08:03 +00:00
John Cowen 84fd590930 ui: Surface 'detail' of API errors in the error page (#9237)
* ui: Surface 'detail' of API errors in the error page

* Make UI generated 404s look less bare
2020-11-19 16:07:41 +00:00
John Cowen 023618e018 ui: ACL Tokens > Roles and Policy search and sort (#9236)
* ui: Ensure search is enabled for child items in the ACLs area

* Refactor comparators to reuse some utility functions

* Add search and sorting to the ACLs child selector

* Add tests for searching within child selectors

* Allow sorting by CreateIndex
2020-11-19 16:07:13 +00:00
John Cowen 6b3d403c7b ui: ACL Tokens > Roles and Policy search and sort (#9236)
* ui: Ensure search is enabled for child items in the ACLs area

* Refactor comparators to reuse some utility functions

* Add search and sorting to the ACLs child selector

* Add tests for searching within child selectors

* Allow sorting by CreateIndex
2020-11-19 16:06:54 +00:00
John Cowen f362f166b0 ui: Sort lists with health by unhealthy/healthy by default (#9234)
* ui: Update lists with Health to sort by unhealthy/healthy by default

* Fix up tests for new sorting

* Make specific services page-navigation test
2020-11-19 16:06:20 +00:00
John Cowen d830f76bfe ui: Sort lists with health by unhealthy/healthy by default (#9234)
* ui: Update lists with Health to sort by unhealthy/healthy by default

* Fix up tests for new sorting

* Make specific services page-navigation test
2020-11-19 16:06:14 +00:00
John Cowen ae049b7b96 ui: All metrics cards should default to the default nspace if not set (#9223)
* ui: All metrics cards should default to the default nspace if not set

* Use the up/downstream as the data/nspace for up/downstreams not the service
2020-11-19 16:05:15 +00:00
John Cowen 24782b4444 ui: All metrics cards should default to the default nspace if not set (#9223)
* ui: All metrics cards should default to the default nspace if not set

* Use the up/downstream as the data/nspace for up/downstreams not the service
2020-11-19 16:04:31 +00:00
John Cowen efe29ed5e7 ui: Remove ghost healthcheck from the service instance healthcheck list (#9220)
* ui: Fixup service instance healthcheck list not to show ghost check

If the proxy is undefined, then an undefined vaule is appended to the
list of checks

* There are only 6 checks in the mocks so only expect 6
2020-11-19 16:03:04 +00:00
John Cowen 8a5670d7d5 ui: Remove ghost healthcheck from the service instance healthcheck list (#9220)
* ui: Fixup service instance healthcheck list not to show ghost check

If the proxy is undefined, then an undefined vaule is appended to the
list of checks

* There are only 6 checks in the mocks so only expect 6
2020-11-19 16:02:18 +00:00
Kit Patella b2a6b9d5c7 Merge pull request #9091 from scellef/correct-upgrade-guide
Correcting text on when default was changed in Consul
2020-11-19 00:55:56 +00:00
Kit Patella f3380b1c43 Merge pull request #9091 from scellef/correct-upgrade-guide
Correcting text on when default was changed in Consul
2020-11-19 00:55:51 +00:00
Mike Morris c2c8528073 website: update download callout for v1.9.0-rc1 2020-11-18 18:38:06 -05:00
Mike Morris 54fcfec78c Merge branch 'stable-website' into website/1.9.0-rc1 2020-11-18 18:35:01 -05:00
Daniel Nephin 6e5f062593 Merge pull request #9224 from hashicorp/dnephin/fix-multiple-http-listeners
agent: fix bug with multiple listeners
2020-11-18 21:53:27 +00:00
Daniel Nephin 02314a5047
Merge pull request #9225 from hashicorp/dnephin/1.9.0-fix-multiple-http-listeners
[1.9.0] agent: fix bug with multiple listeners
2020-11-18 16:52:12 -05:00
Daniel Nephin b2c5e2d059 Use freeport
To prevent other tests which already use freeport from flaking when port 0 steals their reserved port.
2020-11-18 16:07:00 -05:00
Daniel Nephin c6381b7e2b agent: fix bug with multiple listeners
Previously the listener was being passed to a closure in a loop without
capturing the loop variable. The result is only the last listener is
used, so the http/https servers only listen on one address.

This problem is fixed by capturing the variable by passing it into a
function.
2020-11-18 14:39:26 -05:00