Commit Graph

137 Commits

Author SHA1 Message Date
Alvin Huang 2a040342ba
remove GIT_DESCRIBE variable since we have a revision line (#8310) 2020-07-14 15:17:45 -04:00
Matt Keeler 9b01f9423c
Implement the insecure version of the Cluster.AutoConfig RPC endpoint
Right now this is only hooked into the insecure RPC server and requires JWT authorization. If no JWT authorizer is setup in the configuration then we inject a disabled “authorizer” to always report that JWT authorization is disabled.
2020-06-17 11:25:29 -04:00
Jono Sosulska c554ba9e10
Replace whitelist/blacklist terminology with allowlist/denylist (#7971)
* Replace whitelist/blacklist terminology with allowlist/denylist
2020-05-29 14:19:16 -04:00
John Cowen 662c28307c ui: Upgrade to node 12 LTS (#7248)
Upgrading our build tooling to use the latest node LTS and the lastest/current
Alpine version in our container
2020-05-12 17:13:53 +00:00
Daniel Nephin c5b7c072fd ci: Upgrade Go to 1.14.1 2020-03-24 15:55:47 -04:00
Matt Keeler 646c9f5896
Don’t pass `-u` to get get inside Go build image dockerfile (#7455) 2020-03-16 15:26:07 -04:00
R.B. Boyer fdb6b80672
Switch to go 1.13.7 (#7262)
- You can no longer cross submodule boundaries with ./... in go
  subcommands like `go list` or `go test`. The makefile and CI scripts
  were updated accordingly.

- Also of note: `go mod vendor` now omits things build ignored.
2020-02-12 10:15:24 -06:00
Hans Hasselberg fe49ea404d
build: update to golang 1.12.16 (#7153) 2020-02-03 18:20:03 +01:00
Matt Keeler add988b665
Pass the git commits year through as an env var to the ui build (#7126) 2020-01-24 10:40:14 -05:00
John Cowen e61dfe2307 ui: Upgrade tooling to node 10 now we are on a more recent ember (#6610)
* ui: Upgrade tooling to node 10 now we are on a more recent ember

* build: Also update the conatiner for building the UI

We bump alpine here as 3.8 doesn't have node 10 by default whereas 3.9
does. Yarn is bumped to latest current version while we are here.
2019-12-18 12:26:40 +00:00
Alvin Huang 894bad6162
upgrade go to 1.12.13 (#6759) 2019-11-08 13:59:32 -05:00
Matt Keeler a31e7a5d58
Remove `gox` usage (#6596) 2019-10-08 13:42:29 -04:00
Matt Keeler 28221f66f2
Use encoding/json instead of jsonpb even for protobuf types (#6572)
This only works so long as we use simplistic protobuf types. Constructs such as oneof or Any types that require type annotations for decoding properly will fail hard but that is by design. If/when we want to use any of that we will probably need to consider a v2 API.
2019-10-02 15:32:15 -04:00
Alvin Huang b52cd5c8cd
check for go binary in ci builds (#6570) 2019-10-02 14:32:44 -04:00
Matt Keeler abed91d069
Generate JSON and Binary Marshalers for Protobuf Types (#6564)
* Add JSON and Binary Marshaler Generators for Protobuf Types

* Generate files with the correct version of gogo/protobuf

I have pinned the version in the makefile so when you run make tools you get the right version. This pulls the version out of go.mod so it should remain up to date.

The version at the time of this commit we are using is v1.2.1

* Fixup some shell output

* Update how we determine the version of gogo
This just greps the go.mod file instead of expecting the go mod cache to already be present

* Fixup vendoring and remove no longer needed json encoder functions
2019-09-30 15:39:20 -04:00
Matt Keeler 51dcd126b7
Add support for implementing new requests with protobufs instea… (#6502)
* Add build system support for protobuf generation

This is done generically so that we don’t have to keep updating the makefile to add another proto generation.

Note: anything not in the vendor directory and with a .proto extension will be run through protoc if the corresponding namespace.pb.go file is not up to date.

If you want to rebuild just a single proto file you can do so with: make proto-rebuild PROTOFILES=<list of proto files to rebuild>

Providing the PROTOFILES var will override the default behavior of finding all the .proto files.

* Start adding types to the agent/proto package

These will be needed for some other work and are by no means comprehensive.

* Add ability to resolve/fixup the agentpb.ACLLinks structure in the state store.

* Use protobuf marshalling of raft requests instead of msgpack for protoc generated types.

This does not change any encoding of existing types.

* Removed structs package automatically encoding with protobuf marshalling

Instead the caller of raftApply that wants to opt-in to protobuf encoding will have to call `raftApplyProtobuf`

* Run update-vendor to fixup modules.txt

Nothing changed as far as dependencies go but the ordering of modules in that file depends on the time they are first seen and its not alphabetical.

* Rename some things and implement the structs.RPCInfo interface bits

agentpb.QueryOptions and agentpb.WriteRequest implement 3 of the 4 RPCInfo funcs and the new TargetDatacenter message type implements the fourth.

* Use the right encoding function.

* Renamed agent/proto package to agent/agentpb to prevent package name conflicts

* Update modules.txt to fix ordering

* Change blockingQuery to take in interfaces for the query options and meta

* Add %T to error output.

* Add/Update some comments
2019-09-20 14:37:22 -04:00
Matt Keeler 6d995246a8
Update toolchain to Go 1.12.8 (#6319) 2019-08-14 09:40:57 -04:00
Sarah Christoff d3d92d76f3
ui: modify content path (#5950)
* Add ui-content-path flag

* tests complete, regex validator on string, index.html updated

* cleaning up debugging stuff

* ui: Enable ember environment configuration to be set via the go binary at runtime (#5934)

* ui: Only inject {{.ContentPath}} if we are makeing a prod build...

...otherwise we just use the current rootURL

This gets injected into a <base /> node which solves the assets path
problem but not the ember problem

* ui: Pull out the <base href=""> value and inject it into ember env

See previous commit:

The <base href=""> value is 'sometimes' injected from go at index
serve time. We pass this value down to ember by overwriting the ember
config that is injected via a <meta> tag. This has to be done before
ember bootup.

Sometimes (during testing and development, basically not production)
this is injected with the already existing value, in which case this
essentially changes nothing.

The code here is slightly abstracted away from our specific usage to
make it easier for anyone else to use, and also make sure we can cope
with using this same method to pass variables down from the CLI through
to ember in the future.

* ui: We can't use <base /> move everything to javascript (#5941)

Unfortuantely we can't seem to be able to use <base> and rootURL
together as URL paths will get doubled up (`ui/ui/`).

This moves all the things that we need to interpolate with .ContentPath
to the `startup` javascript so we can conditionally print out
`{{.ContentPath}}` in lots of places (now we can't use base)

* fixed when we serve index.html

* ui: For writing a ContentPath, we also need to cope with testing... (#5945)

...and potentially more environments

Testing has more additional things in a separate index.html in `tests/`

This make the entire thing a little saner and uses just javascriopt
template literals instead of a pseudo handbrake synatx for our
templating of these files.

Intead of just templating the entire file this way, we still only
template `{{content-for 'head'}}` and `{{content-for 'body'}}`
in this way to ensure we support other plugins/addons

* build: Loosen up the regex for retrieving the CONSUL_VERSION (#5946)

* build: Loosen up the regex for retrieving the CONSUL_VERSION

1. Previously the `sed` replacement was searching for the CONSUL_VERSION
comment at the start of a line, it no longer does this to allow for
indentation.
2. Both `grep` and `sed` where looking for the omment at the end of the
line. We've removed this restriction here. We don't need to remove it
right now, but if we ever put the comment followed by something here the
searching would break.
3. Added `xargs` for trimming the resulting version string. We aren't
using this already in the rest of the scripts, but we are pretty sure
this is available on most systems.

* ui: Fix erroneous variable, and also force an ember cache clean on build

1. We referenced a variable incorrectly here, this fixes that.
2. We also made sure that every `make` target clears ember's `tmp` cache
to ensure that its not using any caches that have since been edited
everytime we call a `make` target.

* added docs, fixed encoding

* fixed go fmt

* Update agent/config/config.go

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Completed Suggestions

* run gofmt on http.go

* fix testsanitize

* fix fullconfig/hcl by setting correct 'want'

* ran gofmt on agent/config/runtime_test.go

* Update website/source/docs/agent/options.html.md

Co-Authored-By: Hans Hasselberg <me@hans.io>

* Update website/source/docs/agent/options.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* remove contentpath from redirectFS struct
2019-06-26 11:43:30 -05:00
R.B. Boyer 63508c6015
ui: fix 'make ui' again (#5751)
When the v1 ui was removed the ui build incorrectly copied everything
into a /dist/ subdirectory instead of directly into the top level.
2019-04-30 12:23:24 -05:00
Matt Keeler e81f6aeed0
Update Consul-Dev.dockerfile (#5678)
This was putting the new binary on the wrong path so this wasn't updating the docker image in any effectual way.
2019-04-17 12:21:24 -04:00
Matt Keeler c6be3b525b
Build System Fixes for Go Modules (#5655)
* Docker based builds can now use the module cache

* Simplify building the consul-dev docker image.

* Make sure to pull the latest consul image.

* Allow selecting base image version for the dev image
2019-04-12 15:17:13 -04:00
Freddy b2c12550d7
Remove old UI, option to use it, and its build processes 2019-04-12 09:02:27 -06:00
Paul Banks 11362e77be
build: use only version tags in version output now api is tagged too (#5622)
* build: use only version tags in version output now api is tagged too

Fixes #5621

Since we now have api package tags, our build tooling was picking up api tag when working out version to bake into builds.

This fixes it by restricting to only tags that start with `v`.

Before:

```
$ make version
Version:                    1.4.4
Version + release:          1.4.4-dev
Version + git:              api/v1.0.1-90-g3ce60db0c
Version + release + git:    api/v1.0.1-90-g3ce60db0c-dev (3ce60db0c)
```

After:

```
$ make version
Version:                    1.4.4
Version + release:          1.4.4-dev
Version + git:              v1.4.4-126-g3ce60db0c
Version + release + git:    v1.4.4-126-g3ce60db0c-dev (3ce60db0c)
```

* Update GNUmakefile
2019-04-10 12:54:03 +01:00
R.B. Boyer d8c19a9701
allow 'make dev-docker' to cache resolved modules (#5588) 2019-04-01 11:41:33 -05:00
R.B. Boyer 27446a19e2
remove remaining references to govendor and vendorfmt (#5587) 2019-04-01 09:55:48 -05:00
Hans Hasselberg ac45b17482
fix remaining CI failures after Go 1.12.1 Upgrade (#5576) 2019-03-29 16:29:27 +01:00
Jeff Mitchell 47c390025b
Convert to Go Modules (#5517)
* First conversion

* Use serf 0.8.2 tag and associated updated deps

* * Move freeport and testutil into internal/

* Make internal/ its own module

* Update imports

* Add replace statements so API and normal Consul code are
self-referencing for ease of development

* Adapt to newer goe/values

* Bump to new cleanhttp

* Fix ban nonprintable chars test

* Update lock bad args test

The error message when the duration cannot be parsed changed in Go 1.12
(ae0c435877d3aacb9af5e706c40f9dddde5d3e67). This updates that test.

* Update another test as well

* Bump travis

* Bump circleci

* Bump go-discover and godo to get rid of launchpad dep

* Bump dockerfile go version

* fix tar command

* Bump go-cleanhttp
2019-03-26 17:04:58 -04:00
Alvin Huang 5675026e23 add optional parallel flag to gox 2019-03-20 15:19:27 -04:00
R.B. Boyer 8e0ebc0f62
build: fix 'make ui' scripts so that it can handle versions like "v1.4.0-rc1-55-g2c8675565-rc1 (2c8675565)" (#4920) 2019-01-29 14:24:26 -06:00
Matt Keeler ae1fdaa4c2
Build/auto bump website version (#5280)
Also of note is that for enterprise builds we can set CONSUL_NO_WEBSITE_UPDATE to prevent updating the version twice.

Lastly we also do not update the website version for pre-releases like rc1.

This just streamlines a release build a bit.
2019-01-28 14:51:49 -05:00
R.B. Boyer 607f0df628
ui: pin to using bundler v1 for now (#5274) 2019-01-25 14:07:50 -06:00
Matt Keeler ec712b7ecf
Update to Go 1.11.4 and UI build container (#5257)
* Update to Go 1.11.4

* Update to Go 1.11.4 for travis

* Update UI build to fix ember issues.
2019-01-23 12:56:39 -05:00
Matt Keeler c056d6f0cf
Dont expect the freebsd/arm build 2018-10-19 14:50:51 -04:00
Jack Pearkes 0358c7a063 vendor: upgrade to latest version of gopsutil 2018-10-19 11:33:23 -07:00
Jack Pearkes a20804df28 build: exclude freebsd/arm 2018-10-19 11:32:35 -07:00
Matt Keeler 18b29c45c4
New ACLs (#4791)
This PR is almost a complete rewrite of the ACL system within Consul. It brings the features more in line with other HashiCorp products. Obviously there is quite a bit left to do here but most of it is related docs, testing and finishing the last few commands in the CLI. I will update the PR description and check off the todos as I finish them over the next few days/week.
Description

At a high level this PR is mainly to split ACL tokens from Policies and to split the concepts of Authorization from Identities. A lot of this PR is mostly just to support CRUD operations on ACLTokens and ACLPolicies. These in and of themselves are not particularly interesting. The bigger conceptual changes are in how tokens get resolved, how backwards compatibility is handled and the separation of policy from identity which could lead the way to allowing for alternative identity providers.

On the surface and with a new cluster the ACL system will look very similar to that of Nomads. Both have tokens and policies. Both have local tokens. The ACL management APIs for both are very similar. I even ripped off Nomad's ACL bootstrap resetting procedure. There are a few key differences though.

    Nomad requires token and policy replication where Consul only requires policy replication with token replication being opt-in. In Consul local tokens only work with token replication being enabled though.
    All policies in Nomad are globally applicable. In Consul all policies are stored and replicated globally but can be scoped to a subset of the datacenters. This allows for more granular access management.
    Unlike Nomad, Consul has legacy baggage in the form of the original ACL system. The ramifications of this are:
        A server running the new system must still support other clients using the legacy system.
        A client running the new system must be able to use the legacy RPCs when the servers in its datacenter are running the legacy system.
        The primary ACL DC's servers running in legacy mode needs to be a gate that keeps everything else in the entire multi-DC cluster running in legacy mode.

So not only does this PR implement the new ACL system but has a legacy mode built in for when the cluster isn't ready for new ACLs. Also detecting that new ACLs can be used is automatic and requires no configuration on the part of administrators. This process is detailed more in the "Transitioning from Legacy to New ACL Mode" section below.
2018-10-19 12:04:07 -04:00
Paul Banks f0c06a912e
Bump Go version for CI and build to 1.11.1 (#4782) 2018-10-11 12:21:53 +01:00
Mitchell Hashimoto e7dfb8a0d2
Detect correct GOOS/ARCH for copying binary with build_consul_local
If GOOS/ARCH is set to something custom, we need to unset it before
testing the value so we can compare to the _original value_.
2018-09-10 10:25:15 -07:00
Freddy b2032b05be
Add script and makefile goal to help debug flaky tests 2018-09-10 16:44:07 +01:00
Siva Prasad f8cc241b28
Fixed a make build issue with Windows Binaries. (#4538)
* Fixed an issue where Windows binary had trouble being copied correctly

* Enclosed binname inside angular brackets
2018-08-17 09:31:57 -04:00
John Cowen 80a307cb9f
UI: Add conditional enterprise logo (#4432)
Adds additional 'enterprise' text underneath the 'startup' logo if the
ui is built with a CONSUL_BINARY_TYPE environment variable that doesn't
equal `oss`.
2018-07-30 17:59:43 +01:00
Matt Keeler 21ff0d5087 Fix cross compiling with make
make XC_OS=linux XC_ARCH=amd64 when running on macos puts its binaries in ${GOPATH}/bin/linux_amd64/consul and not ${GOPATH}/bin/consul

This makes the build pull the binary from the right location.
2018-07-25 15:21:11 -04:00
John Cowen e918221275 Tiny ui build additions
1. Use `ls -A` to list dotfiles also, ready for tarring
2. Don't copy ember's `./tmp` if you have one
2018-07-06 15:08:11 +01:00
Matt Keeler 2cc7cd32af Fix default make target to build everything 2018-06-27 14:25:49 -04:00
Matt Keeler 8c50e62268 Make sure to disable cgo for dev builds without gox 2018-06-26 14:54:31 -04:00
Matt Keeler 8f2a19a747 Update verify.sh script 2018-06-26 12:08:33 -04:00
Matt Keeler 5ff7a65e7f Added capability to make dev-tree without pushing
No push is the default
2018-06-26 11:46:37 -04:00
Matt Keeler c8f706a141 Added release verification script
Also implemented shasum verification and gpg signature verification
2018-06-26 11:45:02 -04:00
Matt Keeler f926786292 Create a new ui_version function to pull it out of an index.html file
Also verify the ui version after it was built that it matches the env var we set in the build container.
2018-06-26 11:22:13 -04:00
Matt Keeler d6bc5bc2db Merge remote-tracking branch 'origin/feature/ui-build-version-messages' into bugfix/ui-release-version 2018-06-26 10:17:21 -04:00
Matt Keeler f32308b574 Make sure the release builds for the UI version to be consistent with the binary version. 2018-06-26 09:39:34 -04:00
John Cowen 1f978d860d Adds version messages both before and after the ui-v2 build
1. Prints the $version that you are passing through to the docker
container
2. Prints the CONSUL_VERSION that is used in the UI v2 footer
3. Additionally added a `mkdir -p` so so `make ui-docker` runs with a
clean exit if run in isolation
2018-06-26 10:33:22 +01:00
Matt Keeler f99f3f7b1a
Add a npm configuration
This is only necessary when dockerd is running on ubuntu and I dont know why it matters.
2018-06-25 11:27:10 -04:00
Matt Keeler b43a763c74 sed extended regex on linux sometimes requires -r 2018-06-25 10:19:02 -04:00
Matt Keeler 0a195fe88c Try a different way of doing x-platform in place sed 2018-06-25 10:01:43 -04:00
Matt Keeler 9862175481 Fix sed on linux 2018-06-22 17:21:42 -04:00
Matt Keeler 4e048162e0 Add override capability to blacklist a remote 2018-06-20 16:35:54 -04:00
Matt Keeler f35692daa6 Allow showing git diff interactively to inspect release commits. 2018-06-20 16:20:43 -04:00
Matt Keeler 3e8b7f3f38 Added more validation during publishing
We verify the git remote/url with whoever is running (in addition to other automated checks)
We also now run consul agent -dev, check is first 25 lines of output, consul info output and that consul leave works.
2018-06-20 15:39:09 -04:00
Matt Keeler aff1b93268 Update ui-v2 makefile to handle updating node_modules when needed
Also dont include the dist and node_modules folders in the build context.
2018-06-19 13:51:49 -04:00
Matt Keeler 21fcb45f36 PR Updates 2018-06-19 12:47:58 -04:00
Matt Keeler 90e74da6b7 Fix a couple find warnings on linux
Additionally add the ability to use go install for dev builds rather than gox (travis doesn’t have gox)
2018-06-19 10:49:07 -04:00
Matt Keeler 12d14f6c54 Allow for building pre-releases/rcs/betas 2018-06-18 17:06:38 -04:00
Matt Keeler 9457468423 Quote $@ when passing around 2018-06-18 14:53:50 -04:00
Matt Keeler 04ea404414 Fix gpg_key usage, also make the location of the binary to check the version of overridable 2018-06-18 13:42:46 -04:00
Matt Keeler fcd1811402 Don’t automatically populate release with dev when not generating a version based off git vars 2018-06-18 13:20:12 -04:00
Matt Keeler 46cfa577b0 Set the binary type 2018-06-18 13:09:41 -04:00
Matt Keeler 5381e78520 Pass the right var to git_push_ref 2018-06-18 12:34:30 -04:00
Matt Keeler 31b918d554 Return early when git changes are denied 2018-06-18 12:33:59 -04:00
Matt Keeler b739bbfefe Fixup version release detection 2018-06-18 11:57:35 -04:00
Matt Keeler ca1a0619bd Refactor a little to accomodate overriding packaging using directories 2018-06-18 11:33:16 -04:00
Matt Keeler 82857b2121 Use CONSUL_PKG_NAME in package_release 2018-06-18 10:26:04 -04:00
Matt Keeler f74386d425 Fix a bug in parse_version that prevented using auxillary version files 2018-06-18 10:07:29 -04:00
Matt Keeler 4daf669136 Only remove builds with the same suffix 2018-06-18 09:57:12 -04:00
Matt Keeler ebe6ca167f Add notion of a consul pkg name to coexist with enterprise 2018-06-18 09:32:00 -04:00
Matt Keeler 2dc2e94f31 Make sure to commit all version*.go files 2018-06-18 09:22:31 -04:00
Matt Keeler 4c9db8c5d0 Update the name of a function source 2018-06-18 09:21:38 -04:00
Matt Keeler 4bbd20ddfa Dont override set but null vars 2018-06-18 09:16:08 -04:00
Matt Keeler 414829f68b Make some room for overrides of build system functions 2018-06-18 09:06:57 -04:00
Matt Keeler 3f290cc676 Generalize git pushing in a bash function 2018-06-15 20:42:07 -04:00
Matt Keeler 30ff8b195b Add rsync so the ui can build again
Also add back the init target to the ui-v2 makefile
2018-06-15 14:44:14 -04:00
Matt Keeler 147e4a1eae Add capability to put tree back into dev mode via make dev-tree 2018-06-15 08:00:12 -04:00
Matt Keeler 48910f7583 Update the scripting
Automated putting the source tree into release mode.
2018-06-14 21:42:47 -04:00
Matt Keeler 6282be9a93 Move some things around and add in consul version confirmation to publishing checks 2018-06-14 11:20:27 -04:00
Matt Keeler 56a7d15fbc Add more functionality related to verifying a build and publishing 2018-06-13 17:03:18 -04:00
Matt Keeler c90d7f5160 Redo the build system
Improvements:
   - More modular
   - Building within docker doesn’t use volumes so can be run on a remote docker host
   - Build containers include only minimal context so they only rarely need to be rebuilt and most of the time can be used from the cache.
   - 3 build containers instead of 1. One based off of the upstream golang containers for building go stuff with all our required GOTOOLS installed. One like the old container based off ubuntu bionic for building the old UI (didn’t bother creating a much better container as this shouldn’t be needed once we completely remove the legacy UI). One for building the new UI. Its alpine based with all the node, ember, yarn stuff installed.
   - Top level makefile has the ability to do a container based build without running make dist
   - Can build for arbitrary platforms at the top level using: make consul-docker XC_OS=… XC_ARCH=…
   - overridable functionality to allow for customizations to the enterprise build (like to generate multiple binaries)
   - unified how we compile our go. always use gox even for dev-builds or rather always use the tooling around our scripts which will make sure things get copied to the correct places throughout the filesystem.
2018-06-12 16:55:52 -04:00
Matt Keeler f5a22f8490 Initial progress on build system updates 2018-06-08 10:20:54 -04:00