Commit Graph

13130 Commits

Author SHA1 Message Date
R.B. Boyer b6266d83b5 update comment to correctly reflect type of data in the oidc auth method config (#9364) 2020-12-15 22:26:37 +00:00
Daniel Nephin 7ec50a7043 Merge pull request #9262 from hashicorp/dnephin/docs-deprecate-old-filters
docs: deprecate some old filter parameters
2020-12-15 22:12:09 +00:00
kaitlincarter-hc 0ae3fde1ce Rotate Learn tutorials (#9404)
* update Learn tutorials on landing page

* add Vault image
2020-12-15 20:25:40 +00:00
Tenpo abb3b443c9 update example for tag_name (#9226)
* update example for tag_name

In the example for azure the "tag_name" field is wrong cause say "tag_key" and not "tag_name"

* change tag_key by tag_name in the description of azure
2020-12-15 20:09:48 +00:00
Derek Strickland 1f7ad3bcf5 Fixed mesh gateway config instructions (#9396)
Added missing words to mesh gateway config instructions, and corrected punctuation a paragraph above. Please review for technical accuracy.
2020-12-15 19:08:53 +00:00
R.B. Boyer 4acc2714bc docs: call out intentions upgrade issue for 1.9.0+ (#9386) 2020-12-14 15:57:40 +00:00
Maksym 8dbfc2b39a fix 'agent/check/pass/my-check-id' curl example in documentation (#9372) 2020-12-11 12:24:16 +00:00
kaitlincarter-hc 4dae9b7224 Filter API Docs (#9202)
* reorganize for clarity and update for value syntax

* fix quotes around value

* Apply suggestions from code review

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Apply suggestions from code review

Co-authored-by: Freddy <freddygv@users.noreply.github.com>

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2020-12-09 23:04:46 +00:00
Noel Quiles 9351400c2d [Website] Update alert banner (#9361)
* Update alert banner

* Update expiration date for banner
2020-12-09 21:19:25 +00:00
Sabeen Syed 22885a3144 Update the NIA integration program diagram (#9349) 2020-12-09 00:04:45 +00:00
Blake Covarrubias 1121dae118 docs: Fix broken URLs in Helm docs
- Fix anchors for client.extraEnvironmentVars and
server.extraEnvironmentVars.
- Change extraEnvironmentVars data type to `map`.
- Fix external link to kubernetes.io under
connectInject.namespaceSelector.
2020-12-08 19:15:37 +00:00
Max G 0db4c69602 docs: reword lack of additional required files 2020-12-06 00:48:24 +00:00
Nitya Dhanushkodi f3052972f4 Add docs for envoyExtraArgs (#9206) 2020-12-05 15:26:40 -08:00
Rob Taylor 15bc280564 Fix typo in explanation of connect command (#9295)
Change `Connect Connect` to `Consul Connect, which is consistent with the command output as shown on this page.
2020-11-30 15:56:06 +00:00
Hans Hasselberg dfe2be40ea fix serf_wan documentation (#9289)
WAN config is different than LAN config, source of truth is
f72d2042a8/config.go (L315-L326)
and now the docs are correct.
2020-11-27 19:51:00 +00:00
David Yu cd0a294084 Bump supported chart to 0.27.0 for Consul 1.9 (#9279)
* Bump supported chart to 0.27.0 for Consul 1.9
2020-11-26 00:33:51 +00:00
David Yu a15f99d74b Consul 1.9 GA Banner (#9272) 2020-11-24 21:40:54 +00:00
Mike Morris a05909b3c3 website: remove prerelease banner 2020-11-24 14:46:16 -05:00
Mike Morris dbb1249f13 Merge branch 'stable-website' into release/1.9.0 2020-11-24 14:44:53 -05:00
hashicorp-ci c1703a64a6 Putting source back into Dev Mode 2020-11-24 19:40:16 +00:00
hashicorp-ci a417fe5104
Release v1.9.0 2020-11-24 19:05:48 +00:00
hashicorp-ci 79bb27a363
update bindata_assetfs.go 2020-11-24 19:05:48 +00:00
David Yu 687d504214 docs: adding Consul 1.9.x to compat matrix and link to Envoy compat matrix (#9263)
* Adding Consul 1.9.x to compat matrix and link to Envoy compat matrix

Adding 1.9.x and link to Envoy compat matrix
2020-11-24 18:51:01 +00:00
R.B. Boyer 3c7cf0216d server: fix panic when deleting a non existent intention (#9254)
* server: fix panic when deleting a non existent intention

* add changelog

* Always return an error when deleting non-existent ixn

Co-authored-by: freddygv <gh@freddygv.xyz>
2020-11-24 13:44:45 -05:00
John Cowen a09f94f6c0 ui: Ensure the per item logout button logs you out (#9269) 2020-11-24 17:48:17 +00:00
Mike Morris 373d736251 deps: update consul/api and consul/sdk pins 2020-11-24 12:41:01 -05:00
Mike Morris e03ba00946 api: update to consul/sdk v0.7.0 2020-11-24 12:35:53 -05:00
Mike Morris 52e5a2fb32
changelog: 1.9.0 (#9265)
* changelog: add post-rc1 entries

* changelog: regenerate entries from LAST_RELEASE_GIT_TAG=v1.8.4, remove beta releases

* changelog: tweak categories for a few entries and add Go 1.15 note

* changelog: apply category changes to CHANGELOG.md

manually remove Go 1.14 upgrade note and two intermediate UI bug fix
entries for the new topology feature
2020-11-24 12:21:43 -05:00
John Cowen e88367fd06 ui: Include nspace in up/downstream link when nspaces are enabled (#9257) 2020-11-24 14:34:40 +00:00
Kit Patella 146466a708 Merge pull request #9261 from hashicorp/telemetry/fix-missing-and-stale-docs-2
Telemetry/fix missing and stale docs
2020-11-23 21:34:55 +00:00
Daniel Nephin 39b2a30c56 Merge pull request #9259 from hashicorp/dnephin/doc-streaming-experimental
docs: mark streaming as experimental
2020-11-23 21:14:08 +00:00
Freddy ff5215d882 Require operator:write to get Connect CA config (#9240)
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that operators with `operator:read` ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the `/v1/connect/ca/configuration` endpoint, including the private key. This allows the user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services. This would potentially allow them to masquerade (receive/send traffic) as any service in the mesh.

--

This PR increases the permissions required to read the Connect CA's private key when it was configured via the `/connect/ca/configuration` endpoint. They are now `operator:write`.
2020-11-23 06:27:20 -07:00
Sabeen Syed 97b26f19c7 Update NIA architecture image (#9180) 2020-11-23 07:49:17 +00:00
Kit Patella 6e607d7cd3 Merge pull request #9245 from hashicorp/telemetry/fix-missing-and-stale-docs
Telemetry/fix missing and stale docs
2020-11-20 20:55:45 +00:00
Kenia 0de23419d6
ui: Card component nspace refactor (#9228) (#9248)
* Refactoring conditional for showing nspaces

* Styling empty state for Stats component
2020-11-20 11:41:57 -05:00
Freddy 25c17d7afe Merge pull request #9246 from hashicorp/changelog-186 2020-11-20 00:41:01 +00:00
Freddy 4e44341d36 Require operator:write to get Connect CA config (#9240)
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that operators with `operator:read` ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the `/v1/connect/ca/configuration` endpoint, including the private key. This allows the user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services. This would potentially allow them to masquerade (receive/send traffic) as any service in the mesh.

--

This PR increases the permissions required to read the Connect CA's private key when it was configured via the `/connect/ca/configuration` endpoint. They are now `operator:write`.
2020-11-19 16:50:17 -07:00
R.B. Boyer 140c220131
[1.9.0] command: when generating envoy bootstrap configs use the datacenter returned from the agent services endpoint (#9230)
Manual backport of #9229 into 1.9.0 branch

Fixes #9215
2020-11-19 15:33:41 -06:00
John Cowen 727a1053be ui: Alter background color of filter bars (#9238) 2020-11-19 16:08:12 +00:00
John Cowen 84fd590930 ui: Surface 'detail' of API errors in the error page (#9237)
* ui: Surface 'detail' of API errors in the error page

* Make UI generated 404s look less bare
2020-11-19 16:07:41 +00:00
John Cowen 6b3d403c7b ui: ACL Tokens > Roles and Policy search and sort (#9236)
* ui: Ensure search is enabled for child items in the ACLs area

* Refactor comparators to reuse some utility functions

* Add search and sorting to the ACLs child selector

* Add tests for searching within child selectors

* Allow sorting by CreateIndex
2020-11-19 16:06:54 +00:00
John Cowen d830f76bfe ui: Sort lists with health by unhealthy/healthy by default (#9234)
* ui: Update lists with Health to sort by unhealthy/healthy by default

* Fix up tests for new sorting

* Make specific services page-navigation test
2020-11-19 16:06:14 +00:00
John Cowen ae049b7b96 ui: All metrics cards should default to the default nspace if not set (#9223)
* ui: All metrics cards should default to the default nspace if not set

* Use the up/downstream as the data/nspace for up/downstreams not the service
2020-11-19 16:05:15 +00:00
John Cowen efe29ed5e7 ui: Remove ghost healthcheck from the service instance healthcheck list (#9220)
* ui: Fixup service instance healthcheck list not to show ghost check

If the proxy is undefined, then an undefined vaule is appended to the
list of checks

* There are only 6 checks in the mocks so only expect 6
2020-11-19 16:03:04 +00:00
Kit Patella f3380b1c43 Merge pull request #9091 from scellef/correct-upgrade-guide
Correcting text on when default was changed in Consul
2020-11-19 00:55:51 +00:00
Mike Morris c2c8528073 website: update download callout for v1.9.0-rc1 2020-11-18 18:38:06 -05:00
Mike Morris 54fcfec78c Merge branch 'stable-website' into website/1.9.0-rc1 2020-11-18 18:35:01 -05:00
Daniel Nephin 02314a5047
Merge pull request #9225 from hashicorp/dnephin/1.9.0-fix-multiple-http-listeners
[1.9.0] agent: fix bug with multiple listeners
2020-11-18 16:52:12 -05:00
Daniel Nephin b2c5e2d059 Use freeport
To prevent other tests which already use freeport from flaking when port 0 steals their reserved port.
2020-11-18 16:07:00 -05:00
Daniel Nephin c6381b7e2b agent: fix bug with multiple listeners
Previously the listener was being passed to a closure in a loop without
capturing the loop variable. The result is only the last listener is
used, so the http/https servers only listen on one address.

This problem is fixed by capturing the variable by passing it into a
function.
2020-11-18 14:39:26 -05:00