status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-09 13:26:07 +00:00
Code Issues Projects Releases Wiki Activity
14,399 Commits 445 Branches 179 Tags 489 MiB
Commit Graph

3226 Commits

Author SHA1 Message Date
freddygv
a54d6a9010 Update proxycfg for transparent proxy 2021-03-17 13:40:39 -06:00
freddygv
37f684664d Do not include consul as upstream or downstream 2021-03-17 13:40:04 -06:00
Daniel Nephin
69ce10602f state: add tests for config-entry indexers 2021-03-17 14:41:46 -04:00
Daniel Nephin
a414649543 state: convert config-entries kind index to new pattern 2021-03-17 14:40:57 -04:00
Daniel Nephin
aadf187094 state: remove config-entries namespace index 
Use a prefix of the ID index instead.
 2021-03-17 14:40:57 -04:00
Daniel Nephin
d70bbf671a state: remove unnecessary method receiver 2021-03-17 14:40:57 -04:00
Daniel Nephin
650ac62098 state: convert config-entries table to new indexer pattern 
Using functional indexes to isolate enterprise differentiation and
remove reflection.
 2021-03-17 14:40:57 -04:00
Daniel Nephin
9f03e23e44
Merge pull request #9881 from hashicorp/dnephin/state-index-service-check-nodes 
state: convert services.node and checks.node indexes
 2021-03-17 14:12:02 -04:00
Daniel Nephin
bd6332ae25
Merge pull request #9863 from hashicorp/dnephin/config-entry-kind-name 
state: move ConfigEntryKindName
 2021-03-17 14:09:39 -04:00
hashicorp-ci
583743424f auto-updated agent/uiserver/bindata_assetfs.go from commit 9e715842d 2021-03-17 16:03:18 +00:00
hashicorp-ci
bac1afbb89 auto-updated agent/uiserver/bindata_assetfs.go from commit f9e8b26af 2021-03-17 14:45:58 +00:00
hashicorp-ci
6872c33881 auto-updated agent/uiserver/bindata_assetfs.go from commit aca797658 2021-03-17 11:27:44 +00:00
hashicorp-ci
f4a96768d1 auto-updated agent/uiserver/bindata_assetfs.go from commit 41471719e 2021-03-17 10:50:59 +00:00
freddygv
3f2489c31d Refactor makePublicListener 
By accepting a name the function can be used for other inbound listeners,
like the one for TransparentProxy.
 2021-03-16 19:22:26 -06:00
Christopher Broglie
f0307c73e5 Add support for configuring TLS ServerName for health checks 
Some TLS servers require SNI, but the Golang HTTP client doesn't
include it in the ClientHello when connecting to an IP address. This
change adds a new TLSServerName field to health check definitions to
optionally set it. This fixes #9473.
 2021-03-16 18:16:44 -04:00
freddygv
7892964a0c Add cache-type for Internal.IntentionUpstreams 2021-03-16 11:06:47 -06:00
Daniel Nephin
34eb6c01ff state: convert services.node and checks.node indexes 
Using NodeIdentity to share the indexes with both.
 2021-03-16 13:00:31 -04:00
freddygv
942334b208 Prefix match type vars to match use 2021-03-16 09:49:24 -06:00
freddygv
4cb9fdc27f Pass txn into service list queries 2021-03-16 09:33:08 -06:00
freddygv
86ff9065c1 Pass txn into intention match queries 2021-03-16 08:03:52 -06:00
freddygv
31e757de2a Replace CertURI.Authorize() calls. 
AuthorizeIntentionTarget is a generalized version of the old function,
and can be evaluated against sources or destinations.
 2021-03-15 18:06:04 -06:00
freddygv
f5ed751c91 Fixup typo, comments, and regression 2021-03-15 17:50:47 -06:00
freddygv
4bdbcff9c0 Fixup upstream test 2021-03-15 17:20:30 -06:00
freddygv
3492f9e0d6 Finish cleanup from ServiceConfigRequest changes 2021-03-15 16:38:01 -06:00
freddygv
770c5552d6 Update service manager to pass MeshGateway with config req 2021-03-15 16:08:03 -06:00
freddygv
6090cfcf68 PR comments 2021-03-15 16:02:03 -06:00
Daniel Nephin
4d456922a9 state: use runCase pattern for large test 
The TestServiceHealthEventsFromChanges function was over 1400 lines.
Attempting to debug test failures in test functions this large is
difficult. It requires scrolling to the line which defines the testcase
because the failure message only includes the line number of the
assertion, not the line number of the test case.

This is an excellent example of where test tables stop working well, and
start being a problem. To mitigate this problem, the runCase pattern can
be used. When one of these tests fails, a failure message will print the
line number of both the test case and the assertion. This allows a
developer to quickly jump to both of the relevant lines, signficanting
reducing the time it takes to debug test failures.

For example, one such failure could look like this:

    catalog_events_test.go:1610: case: service reg, new node
    catalog_events_test.go:1605: assertion failed: values are not equal
 2021-03-15 17:53:16 -04:00
freddygv
7df846aa24 Pass MeshGateway config in service config request 
ResolveServiceConfig is called by service manager before the proxy
registration is in the catalog. Therefore we should pass proxy
registration flags in the request rather than trying to fetch
them from the state store (where they may not exist yet).
 2021-03-15 14:32:13 -06:00
freddygv
8b46d8dcbb Restore old Envoy prefix on escape hatches 
This is done because after removing ID and NodeName from
ServiceConfigRequest we will no longer know whether a request coming in
is for a Consul client earlier than v1.10.
 2021-03-15 14:12:57 -06:00
freddygv
93c3c1780d Only lowercase the protocol when normalizing 2021-03-15 14:12:15 -06:00
freddygv
41b2ba1e58 Add omitempty across the board for UpstreamConfig 2021-03-15 13:23:18 -06:00
freddygv
08759e46ed Add RPC endpoint for intention upstreams 2021-03-15 08:50:35 -06:00
freddygv
08737fa606 Add state store function for intention upstreams 2021-03-15 08:50:35 -06:00
freddygv
3722ce2fff Refactor IntentionDecision 
This enables it to be called for many upstreams or downstreams of a
service while only querying intentions once.

Additionally, decisions are now optionally denied due to L7 permissions
being present. This enables the function to be used to filter for
potential upstreams/downstreams of a service.
 2021-03-15 08:50:35 -06:00
Daniel Nephin
f40b76af2d proxycfg: use rpcclient/health.Client instead of passing around cache name 
This should allow us to swap out the implementation with something other
than `agent/cache` without making further code changes.
 2021-03-12 11:46:04 -05:00
Daniel Nephin
566741a143 catalog_events: set the right key for connect snapshots 2021-03-12 11:35:43 -05:00
Daniel Nephin
906834ce8e proxycfg: Use streaming in connect state 2021-03-12 11:35:42 -05:00
Daniel Nephin
1a764553c0 rpcclient: use streaming for connect health 2021-03-12 11:35:42 -05:00
freddygv
d80e4b27b1 Update content hash due to new field 2021-03-11 19:59:19 -07:00
freddygv
682f357185 Fixup more tests 2021-03-11 16:26:55 -07:00
freddygv
756ab4c546 Fixup protobufs and tests 2021-03-11 14:58:59 -07:00
Kyle Havlovitz
1e87c7183a
Merge pull request #9672 from hashicorp/ca-force-skip-xc 
connect/ca: Allow ForceWithoutCrossSigning for all providers
 2021-03-11 11:49:15 -08:00
freddygv
df1f3995f8 Update service manager to store centrally configured upstreams 2021-03-11 11:37:21 -07:00
freddygv
6fd30d0384 Add TransparentProxy opt to proxy definition 2021-03-11 11:37:21 -07:00
freddygv
306ef7d252 Restore old escape hatch alias 2021-03-11 11:36:35 -07:00
freddygv
e3dc2a49df Turn Limits and PassiveHealthChecks into pointers 2021-03-11 11:04:40 -07:00
hashicorp-ci
f3556f6bba auto-updated agent/uiserver/bindata_assetfs.go from commit fa6687b7f 2021-03-11 09:34:21 +00:00
freddygv
acec711a6a Update server-side config resolution and client-side merging 2021-03-10 21:05:11 -07:00
freddygv
1710ec87d2 finish moving UpstreamConfig and related fields to structs pkg 2021-03-10 21:04:13 -07:00
Daniel Nephin
9d924a81a9
Merge pull request #9797 from hashicorp/dnephin/state-index-node-id 
state: convert nodes.ID to the new pattern of functional indexers
 2021-03-10 17:34:23 -05:00