c526659b7f
NET-10610 - stop logging no data as errors in DNS lookups ( #21578 )
2024-08-01 11:23:19 -06:00
588730c49f
ci: use workflow-scoped GH PAT for backports ( #21570 )
...
This is necessary to allow backporting changes to GHA workflows, and
mirrors the token use in the CE->Ent merge workflow.
2024-07-30 16:34:40 -04:00
01ae0d3d38
ci: Update backport-assistant to 0.4.4 ( #21572 )
...
Update backport-assistant to 0.4.4
2024-07-30 16:20:41 -04:00
bbc5229362
docs: Clarify cluster peering vs WAN federation comparison ( #21568 )
...
cluster peering: remove shared KV store bulletpoint
2024-07-30 16:24:25 +03:00
e601d7e0e9
[NET-7787] Update JWT docs for APIGateway ( #20800 )
...
* Update k8s docs
* Update jwt docs with examples
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update docs to follow style guide, use CodeBlockConfig, remove section
to apply the configuration for k8s docs
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-vms.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-vms.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
---------
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-07-24 17:56:44 +00:00
5a74bb6d5a
docs/WAF: failure zones refresh ( #21545 )
...
* failure zones initial commit
* Apply suggestions from code review
Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>
Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>
* Update improving-consul-resilience.mdx
Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>
* typo
* adding diagrams
* fixing inline bulletpoint image
* adding light and dark diagrams
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* fix links in article
* fix inline alert render
---------
Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>
Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-07-22 16:43:36 +03:00
654528ca60
DOCS: CE-556 Add partition parameter to API endpoint docs ( #21374 )
...
* CD-556 rename partition partial that's only used in CLI
Update CLI pages for partial rename
API: Add partial for partition as body option
API: Add partial for partition as query parameter
Update API peering and members pages
* acl/auth-methods.mdx
Update partition partials to be generic
* binding-rules.mdx, policies.mdx
* roles.mdx, templated-policies.mdx
* tokens.mdx, catalog.mdx, config.mdx, intentions.mdx
* service.mdx, exported-services.mdx, kv.mdx, namespaces.mdx
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Add partial to acl/auth-methods.mdx
Fix headings indent in a few files.
* Update website/content/api-docs/acl/auth-methods.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
---------
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-07-18 12:02:45 -05:00
a9d92d020d
Add changelog entries for 1.15.13, 1.17.6, 1.18.3 and 1.19.1 ( #21539 )
2024-07-11 10:15:22 -05:00
c0faddbe1f
[NET-10246] use correct enterprise meta for service name for LinkedService ( #21382 )
...
* use correct enterprise meta for service name for LinkedService
* add changelog
2024-07-10 10:55:53 -04:00
bc6e889eef
Use vault.centos.org instead of mirror.centos.org ( #21530 )
...
The latter is no longer resolvable since CentOS 7 is EOL
2024-07-09 14:58:22 -04:00
ab3d5c74ab
Use debian:12 instead of centos:7 for artifact verification ( #21527 )
...
CentOS 7 has entered End of Life as of June 30, 2024. Debian 12 is available from Docker and offers linux/386 architecture support
2024-07-09 16:21:51 +00:00
8d2370da76
[NET-10290] Update ENVOY_VERSIONS ( #21524 )
...
* [NET-10290] Update ENVOY_VERSIONS
* Add changelog entry
* Link to CVE for more info in changelog entry
Co-authored-by: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>
---------
Co-authored-by: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>
2024-07-08 18:59:51 -04:00
dce6241869
[ui] File-specified deps for consul-ui ( #21378 )
...
* Namespaced and file-specified deps
* Pinning to a specific version of tailwind and setting config for js packages to come from npmjs
* Pin glob instead of reverting tailwind or any other (grand)parent dependency
* ember-cli-build fixed path resolution for now-namespaced submodules
* Dropping the namespace prefix and relying on relative pathing
2024-07-08 16:36:29 -04:00
a251f8ad80
fix(dns): spam ttl logs for prepared queries ( #21381 )
2024-07-08 10:34:00 -04:00
40ca4ad6d0
[NET-5622] build: consolidate Envoy version management ( #21245 )
...
* build: consolidate Envoy version management
Simplify Envoy version management by consolidating all runtime, build,
and CI sources of Envoy versions into a single plaintext file.
The goal of this change is to avoid common mistakes missing an update of
some Envoy versions (both in general and due to release branch
inconsistency), and enable automated Envoy version updates in the
future.
* ci: add missing ref argument for get-go-version
Supports nightly tests.
2024-07-05 14:19:23 -05:00
763cd0bffb
fix(txn): validate verbs ( #21519 )
...
* fix(txn): validate verbs
* changelog
2024-07-05 14:51:20 -04:00
b3f15b91d3
docs: Remove duplicate 'to' word ( #21222 )
...
Signed-off-by: Maciej Lisowski <macieejl00@gmail.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-07-03 14:43:29 -07:00
f3649e16a7
NET-10288-Bump-go-to-resolve-CVE-2024-24791 ( #21507 )
...
* bump go version
* changelog
* Update .changelog/21507.txt
* Update go.mod
Co-authored-by: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>
* go mod tidy
---------
Co-authored-by: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>
2024-07-03 12:47:20 -05:00
88bade6cc0
security: fix AliasCheck panic (update) ( #21510 )
...
Updated `checkServiceExistsOnRemoteServer` to ensure there are services
returned from the specified node before proceeding with the service
matcher.
2024-07-03 10:48:08 -04:00
6f31bfebbe
Update retryable-http-client to resolve CVE-2024-6104 ( #21384 )
...
* update retryable-http-client
* changelog
2024-07-02 10:12:13 -05:00
cec66f0743
build: cross compile darwin builds ( #21326 )
2024-06-26 16:13:57 +00:00
a4a3aec567
fix(dns): bug with standard lookup tags not working; SRV questions returning duplicate hostnames ( #21361 )
2024-06-25 13:42:25 -04:00
a04cc5aeae
docs: Add argo rollouts to 1.19.x release notes ( #21363 )
...
* Update v1_19_x.mdx
* Update website/content/docs/release-notes/consul/v1_19_x.mdx
* Update v1_5_x.mdx
---------
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-06-25 16:12:33 +00:00
596a4cd4c5
Create documentation for Argo Rollouts Plugin. ( #20680 )
...
* Create documentation for Argo Rollouts Plugin.
* Create documentation for Argo Rollouts Plugin.
* Apply suggestions from code review
Co-authored-by: David Yu <dyu@hashicorp.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update docs based on feedback
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Update website/content/docs/k8s/deployment-configurations/argo-rollouts-configuration.mdx
* Update website/content/docs/k8s/deployment-configurations/argo-rollouts-configuration.mdx
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com>
2024-06-24 16:32:52 -07:00
830d1bf77f
ci: fix file parsing in conditional-skip script ( #21343 )
...
Ensure files are split rather than compared as a single list for
accuracy and easier debugging.
Also adopt minor changes and file name from introduction of similar
check `consul-dataplane` and `consul-k8s` for clarity.
2024-06-18 15:38:35 -04:00
a16bfc6a3c
ci: skip 1.18 nightly int tests on CE ( #21349 )
...
This version is no longer active in CE.
2024-06-18 15:08:42 -04:00
c18c911ac8
[Security] Close cross scripting vulnerability ( #21342 )
...
* close vulnerability
* add changelog
2024-06-17 13:54:37 -04:00
7a19d2e7a4
security: fix AliasCheck panic ( #21339 )
...
* security: fix AliasCheck panic
* add changelog
2024-06-14 11:03:10 -04:00
6302ef31fc
docs: known issue with v2dns SRV requests ( #21331 )
...
* docs: known issue with v2dns SRV requests
* Update website/content/docs/release-notes/consul/v1_19_x.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
---------
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-06-14 10:47:43 -04:00
78715ef718
docs: simplify Envoy version support docs ( #21295 )
...
Consistently use `.x` to denote implicit support for Envoy minor
versions under a supported major version unless otherwise noted.
This will clarify for operators that we support new Envoy minor versions
without requiring a docs update on each new release, and will reduce the
maintenance burden for these docs going forward.
2024-06-13 16:10:59 -04:00
45cb834185
docs: k8s updates for the 1.5.0 release ( #21329 )
2024-06-13 15:45:55 -04:00
895e7f86f3
docs: v1.19 corrections ( #21324 )
...
* release notes
* Usage pages fixes
2024-06-13 10:14:57 -07:00
e9c983f361
docs: consul-k8s v1.5.0 release notes ( #21320 )
...
* consul-k8s 1.5.0 release notes
* Nav Entry
* Envoy version bumps
* Version updates/corrections
* external crd description update
2024-06-12 14:44:35 -07:00
28c5eaf997
chore: update versions.hcl for 1.19.0 release ( #21319 )
2024-06-12 17:29:50 +00:00
e0ef346613
docs: update changelog.md for 1.19.0 ( #21317 )
2024-06-12 16:51:38 +00:00
ed962e8b5e
docs: External CRD fast follow ( #21313 )
...
* ESM
* TGW note
2024-06-12 08:50:29 -07:00
bba8dcba80
docs: Consul v1.19 Release Notes ( #21279 )
...
* Initial release notes
* Draft of release notes
* spacing fix
* Apply suggestions from code review
Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>
* Update website/content/docs/release-notes/consul/v1_19_x.mdx
---------
Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>
2024-06-11 20:25:18 +00:00
14e409ef54
Configure linter to forbid use of html/template ( #21307 )
...
* Configure linter to forbid use of html/template
We should never use html/template due to the performance penalty and the fact that we are highly unlikely to ever be generating HTML templates.
* Link to PR explaining the format of forbidigo.forbid
2024-06-11 16:17:12 -04:00
963cee200b
docs: External Services CRD ( #21264 )
...
* Initial reference page structure
* Most specifications
* Reference page details complete
* Enterprise alerts
* Overview page
* Overview page
* TGW note
* fixes
* Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
* Update website/content/docs/k8s/deployment-configurations/external-service.mdx
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
* Update website/content/docs/connect/config-entries/registration.mdx
* Update website/content/docs/connect/config-entries/registration.mdx
---------
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2024-06-11 12:58:12 -07:00
970353419c
docs: File System Certificates ( #21259 )
...
* Reference page updates
* Inline certificate config entry updates
* API Gateway configuration page
* K8s page updates
* Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>
* Daniele's suggestions
* Encrypt VMs suggestions
* Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
---------
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>
2024-06-11 12:58:01 -07:00
04d95d2eda
Use text/template instead of html/template for ACL template policy generation ( #21303 )
2024-06-11 16:35:41 +00:00
7ac9b1f985
ci: fix a few missed Envoy version changes in latest bump ( #21300 )
2024-06-11 14:44:52 +00:00
3ee6816d8d
ci: fix nightly cron schedules to run once ( #21296 )
...
Several of our nightly cron jobs are actually running repeatedly
back-to-back during the designated hour. Change the cron to run them
once as intended.
2024-06-10 18:28:54 -04:00
fe2f8f1c72
docs: remove multiport docs, add v1dns flag ( #21278 )
...
* docs: remove multiport docs, add v1dns flag
* v2 catalog notice + redirects
* redirect fixes
* Update website/content/docs/k8s/helm.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
---------
Co-authored-by: boruszak <jeffrey.boruszak@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-06-10 16:21:58 -04:00
3c25956f61
Fix broken link in wal-logstore/index.mdx ( #21286 )
...
Content was moved in #21099 .
2024-06-10 11:41:48 -07:00
2cdc387bd3
Bump Envoy Versions ( #21277 )
...
* update envoy versions
* add changelog
* update nightly integrations
2024-06-10 15:29:26 +00:00
ffa7aff207
[NET-8971] docs: update LTS Envoy versions to include 1.29.4 ( #21271 )
...
docs: update LTS Envoy versions to include 1.29.4
2024-06-06 16:20:05 +00:00
2631ec843a
update go version to 1.22.4 ( #21265 )
...
* update go version to 1.22.4
* add changelog
2024-06-06 10:46:05 -04:00
9e23fa7840
[NET-9445] chore: update submodule versions ( #21263 )
...
chore: update submodule versions
- Update submodule versions that were released
- Add missing replace directive to troubleshoot submodule
2024-06-05 13:31:43 -04:00
68a7648d14
security: resolve incorrect type conversions ( #21251 )
...
* security: resolve incorrect type conversions
* add changelog
* fix more incorrect type conversions
2024-06-04 21:55:53 +00:00
John Murret
Michael Zalimeni
Krastin Krastev
John Maguire
Aimee Ukasick
Nathan Coleman
Phil Renaud
Dan Stough
Maciej Lisowski
sarahalsmiller
Kiran Naidoo
David Yu
Ashwin Venkatesh
Deniz Onur Duzgun
Jeff Boruszak
Will Jordan
Dhia Ayachi