Daniel Nephin
8d1378cc1d
Merge pull request #10988 from hashicorp/dnephin/acl-legacy-remove-config
...
acl: isolate deprecated config and warn when they are used
2021-09-29 11:40:14 -04:00
Daniel Nephin
6b33e3bfd7
Merge pull request #9456 from hashicorp/dnephin/config-deprecation
...
config: Use DeprecatedConfig struct for deprecated config fields
2021-09-29 11:37:40 -04:00
Chris S. Kim
5c37819d09
Cleanup unnecessary normalizing method ( #11169 )
2021-09-28 15:31:12 -04:00
Daniel Nephin
bf2a3f6e79
Merge pull request #11084 from krastin/krastin-autopilot-loggingtypo
...
Fix a tiny typo in logging in autopilot.go
2021-09-28 15:11:11 -04:00
Chris S. Kim
e3248c20c9
agent: Clean up unused built-in proxy config ( #11165 )
2021-09-28 11:29:10 -04:00
Dhia Ayachi
e664dbc352
Refactor table index acl phase 2 ( #11133 )
...
* extract common methods from oss and ent
* remove unreachable code
* add missing normalize for binding rules
* fix oss to use Query
2021-09-23 15:26:09 -04:00
Daniel Nephin
e8ac5fd90b
config: Move ACLEnableKeyListPolicy to DeprecatedConfig
2021-09-23 15:15:00 -04:00
Daniel Nephin
5c40b717ed
config: move acl_ttl to DeprecatedConfig
2021-09-23 15:14:59 -04:00
Daniel Nephin
977f6d8888
config: move acl_{default,down}_policy to DeprecatedConfig
2021-09-23 15:14:59 -04:00
Daniel Nephin
5eafcea4d4
config: Deprecate EnableACLReplication
...
replaced by ACL.TokenReplication
2021-09-23 15:14:59 -04:00
Daniel Nephin
5dc16180ad
config: move ACL master token and replication to DeprecatedConfig
2021-09-23 15:14:59 -04:00
Paul Banks
1ecec84fd7
Merge pull request #10903 from hashicorp/feature/ingress-sds
...
Add Support to for providing TLS certificates for Ingress listeners from an SDS source
2021-09-23 16:19:05 +01:00
Dhia Ayachi
5904e4ac79
Refactor table index ( #11131 )
...
* convert tableIndex to use the new pattern
* make `indexFromString` available for oss as well
* refactor `indexUpdateMaxTxn`
2021-09-23 11:06:23 -04:00
Paul Banks
7b4cbe3143
Final readability tweaks from review
2021-09-23 10:17:12 +01:00
Paul Banks
70bc89b7f4
Fix subtle loop bug and add test
2021-09-23 10:13:41 +01:00
Paul Banks
07f81991df
Refactor SDS validation to make it more contained and readable
2021-09-23 10:13:19 +01:00
Paul Banks
5cfd030d03
Refactor Ingress-specific lister code to separate file
2021-09-23 10:13:19 +01:00
Paul Banks
136928a90f
Minor PR typo and cleanup fixes
2021-09-23 10:13:19 +01:00
Paul Banks
20d0bf81f7
Revert abandonned changes to proxycfg for Ent test consistency
2021-09-23 10:13:19 +01:00
Paul Banks
a9119e36a5
Fix merge conflict in xds tests
2021-09-23 10:12:37 +01:00
Paul Banks
2281d883b9
Fix some more Enterprise Normalization issues affecting tests
2021-09-23 10:12:37 +01:00
Paul Banks
9fa60c7472
Remove unused argument to fix lint error
2021-09-23 10:09:11 +01:00
Paul Banks
659321d008
Handle namespaces in route names correctly; add tests for enterprise
2021-09-23 10:09:11 +01:00
Paul Banks
2a3d3d3c23
Update xDS routes to support ingress services with different TLS config
2021-09-23 10:08:02 +01:00
Paul Banks
16b3b1c737
Update xDS Listeners with SDS support
2021-09-23 10:08:02 +01:00
Paul Banks
ccbda0c285
Update proxycfg to hold more ingress config state
2021-09-23 10:08:02 +01:00
Paul Banks
4e39f03d5b
Add ingress-gateway config for SDS
2021-09-23 10:08:02 +01:00
Mark Anderson
d88d9e71c2
partitions/authmethod-index work from enterprise ( #11056 )
...
* partitions/authmethod-index work from enterprise
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-09-22 13:19:20 -07:00
Chris S. Kim
f972048ebc
connect: Allow upstream listener escape hatch for prepared queries ( #11109 )
2021-09-22 15:27:10 -04:00
R.B. Boyer
706fc8bcd0
grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters ( #11099 )
...
Fixes #11086
2021-09-22 13:14:26 -05:00
Daniel Nephin
54256fb751
config: Move two more fields to DeprecatedConfig
...
And add a test for deprecated config fields.
2021-09-22 13:23:03 -04:00
Daniel Nephin
8ed14296ea
config: Introduce DeprecatedConfig
...
This struct allows us to move all the deprecated config options off of
the main config struct, and keeps all the deprecation logic in a single
place, instead of spread across 3+ places.
2021-09-22 13:22:16 -04:00
Connor
1e3ba26223
Merge pull request #11090 from hashicorp/clly/kv-usage-metrics
...
Add KVUsage to consul state usage metrics
2021-09-22 11:26:56 -05:00
Connor Kelly
ba706501e1
Strip out go 1.17 bits
2021-09-22 11:04:48 -05:00
Matt Keeler
a6a359cc80
Add a mock Agent delegate to ease/improve some types of testing
2021-09-22 10:23:01 -04:00
hc-github-team-consul-core
47b99d0b78
auto-updated agent/uiserver/bindata_assetfs.go from commit 9c0233cf5
2021-09-22 13:05:38 +00:00
hc-github-team-consul-core
7efb015ca9
auto-updated agent/uiserver/bindata_assetfs.go from commit cfbd1bb84
2021-09-22 09:26:14 +00:00
Daniel Nephin
aee8a9511d
Merge pull request #10985 from hashicorp/dnephin/acl-legacy-remove-replication
...
acl: remove legacy ACL replication
2021-09-21 17:56:54 -04:00
Connor
1ddee0680c
Apply suggestions from code review
...
Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
2021-09-21 10:52:46 -05:00
R.B. Boyer
b2d17ac448
xds: fix representation of incremental xDS subscriptions ( #10987 )
...
Fixes #10563
The `resourceVersion` map was doing two jobs prior to this PR. The first job was
to track what version of every resource we know envoy currently has. The
second was to track subscriptions to those resources (by way of the empty
string for a version). This mostly works out fine, but occasionally leads to
consul removing a resource and accidentally (effectively) unsubscribing at the
same time.
The fix separates these two jobs. When all of the resources for a subscription
are removed we continue to track the subscription until envoy explicitly
unsubscribes
2021-09-21 09:58:56 -05:00
Connor Kelly
ae3457b96a
Fix test
2021-09-20 13:44:43 -05:00
Connor Kelly
052f224ee5
Add KVUsage to consul state usage metrics
...
This change will add the number of entries in the consul KV store to the
already existing usage metrics.
2021-09-20 12:41:54 -05:00
R.B. Boyer
5fe613dd05
xds: ensure the active streams counters are 64 bit aligned on 32 bit systems ( #11085 )
2021-09-20 11:07:11 -05:00
Krastin Krastev
f7b0938633
Update autopilot.go
...
Fixing a minuscule typo in logging
2021-09-20 14:40:58 +02:00
Freddy
8591620b5d
Merge pull request #11071 from hashicorp/partitions/ixn-decisions
2021-09-16 15:18:23 -06:00
freddygv
49248a0802
Fixup proxycfg tproxy case
2021-09-16 15:05:28 -06:00
freddygv
fc8fc060a7
Remove ent checks from oss test
2021-09-16 14:53:28 -06:00
R.B. Boyer
faa6fd0919
acl: ensure the global management policy grants all necessary partition privileges ( #11072 )
2021-09-16 15:53:10 -05:00
freddygv
bf7a1358d6
Ensure partition is defaulted in authz
2021-09-16 14:39:01 -06:00
freddygv
47109e0c0c
Default the partition in ixn check
2021-09-16 14:39:01 -06:00