status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-10 13:55:55 +00:00
Code Issues Projects Releases Wiki Activity
13,797 Commits 445 Branches 179 Tags 489 MiB
Commit Graph

2955 Commits

Author SHA1 Message Date
Kit Patella
c6b29a8bba
Merge pull request #9245 from hashicorp/telemetry/fix-missing-and-stale-docs 
Telemetry/fix missing and stale docs
 2020-11-20 12:54:29 -08:00
Pierre Souchay
45151090c1 [Streaming] Predictable order for results of /health/service/:serviceName to mimic memdb 
This ensures the result is consitent with/witout streaming

Will partially fix #9239
 2020-11-20 16:23:35 +01:00
Michael Montgomery
585c84e9ff Merge branch 'master' into 6074-allow-config-MaxHeaderBytes 2020-11-20 07:43:53 -06:00
Kyle Havlovitz
0bfda4481f Add CA server delegate interface for testing 2020-11-19 20:08:06 -08:00
Kit Patella
5c09dc322e add telemetry and definition help entries for missing catalog and acl metrics 2020-11-19 13:29:44 -08:00
R.B. Boyer
7c7a3e5165
command: when generating envoy bootstrap configs use the datacenter returned from the agent services endpoint (#9229) 
Fixes #9215
 2020-11-19 15:27:31 -06:00
Kit Patella
9e54e897d7 remove stale entries and rename/define acl.resolveToken 2020-11-19 13:06:28 -08:00
hashicorp-ci
8368f65006 auto-updated agent/uiserver/bindata_assetfs.go from commit d913af2bb 2020-11-19 18:45:01 +00:00
Freddy
fd5928fa4e
Require operator:write to get Connect CA config (#9240) 
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that operators with `operator:read` ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the `/v1/connect/ca/configuration` endpoint, including the private key. This allows the user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services. This would potentially allow them to masquerade (receive/send traffic) as any service in the mesh.

--

This PR increases the permissions required to read the Connect CA's private key when it was configured via the `/connect/ca/configuration` endpoint. They are now `operator:write`.
 2020-11-19 10:14:48 -07:00
hashicorp-ci
effe235562 auto-updated agent/uiserver/bindata_assetfs.go from commit 687ce1f9c 2020-11-19 16:13:04 +00:00
Daniel Nephin
671b8cf494
Merge pull request #9224 from hashicorp/dnephin/fix-multiple-http-listeners 
agent: fix bug with multiple listeners
 2020-11-18 16:52:29 -05:00
Daniel Nephin
79963be559 Use freeport 
To prevent other tests which already use freeport from flaking when port 0 steals their reserved port.
 2020-11-18 16:07:34 -05:00
hashicorp-ci
b8659f77c4 auto-updated agent/uiserver/bindata_assetfs.go from commit 591a96d5b 2020-11-18 19:07:25 +00:00
hashicorp-ci
cd003a14a5 auto-updated agent/uiserver/bindata_assetfs.go from commit 1edef424a 2020-11-18 19:00:19 +00:00
Daniel Nephin
738bf9efdc agent: fix bug with multiple listeners 
Previously the listener was being passed to a closure in a loop without
capturing the loop variable. The result is only the last listener is
used, so the http/https servers only listen on one address.

This problem is fixed by capturing the variable by passing it into a
function.
 2020-11-18 13:03:29 -05:00
hashicorp-ci
b2605d90d2 auto-updated agent/uiserver/bindata_assetfs.go from commit 664f1d9aa 2020-11-18 11:17:06 +00:00
Kyle Havlovitz
9be7c6401c connect: update some function comments in CA manager 2020-11-17 16:00:19 -08:00
Daniel Nephin
3885835e8c acl: remove a test-only method 2020-11-17 18:16:34 -05:00
Daniel Nephin
0ee86935f0 Remove two unused delegate methods 2020-11-17 18:16:26 -05:00
Daniel Nephin
839429eb40
Merge pull request #9160 from hashicorp/dnephin/go-test-race-in-to-out-list 
ci: change go-test-race package list to exclude list
 2020-11-17 13:13:38 -05:00
Matt Keeler
66fd23d67f
Refactor to call non-voting servers read replicas (#9191) 
Co-authored-by: Kit Patella <kit@jepsen.io>
 2020-11-17 10:53:57 -05:00
Kit Patella
d15b6fddd3
Merge pull request #9198 from hashicorp/mkcp/telemetry/add-all-metric-definitions 
Add metric definitions for all metrics known at Consul start
 2020-11-16 15:54:50 -08:00
hashicorp-ci
56dbabf67b auto-updated agent/uiserver/bindata_assetfs.go from commit fe728855e 2020-11-16 23:41:31 +00:00
Freddy
fe728855ed
Add DC and NS support for Envoy metrics (#9207) 
This PR updates the tags that we generate for Envoy stats.

Several of these come with breaking changes, since we can't keep two stats prefixes for a filter.
 2020-11-16 16:37:19 -07:00
Kit Patella
8e554ee74b Merge branch 'mkcp/telemetry/add-all-metric-definitions' of ssh://github.com/hashicorp/consul into mkcp/telemetry/add-all-metric-definitions 2020-11-16 15:26:12 -08:00
Kit Patella
ad4cebc1d8 fix some tests that were broken from the TelemetryConfig change 2020-11-16 15:22:36 -08:00
Kit Patella
fc30f07cc7
linting: sort and group import 2020-11-16 14:17:24 -08:00
Kit Patella
2fe021f03c update runtime_test to handle PrometheusOpts expiry field change 2020-11-16 14:16:12 -08:00
Matt Keeler
748d56b8ab
Prevent panic if autopilot health is requested prior to leader establishment finishing. (#9204) 2020-11-16 17:08:17 -05:00
Kit Patella
b81edac7bb use the MetricsPrefix to set the service name and provide as slice literal to avoid bugs from append modifying its first arg 2020-11-16 14:01:12 -08:00
Kit Patella
5e0e4098c9 push prometheus sink definiitons into prometheus.PrometheusOpts 2020-11-16 12:44:47 -08:00
Daniel Nephin
b7367467f6
Merge pull request #9114 from hashicorp/dnephin/filtering-in-stream 
stream: improve naming of Payload methods
 2020-11-16 14:20:07 -05:00
Kit Patella
15af5ead0b trim help strings to save a few bytes 2020-11-16 11:02:11 -08:00
Kit Patella
3966ecb02f merge master 2020-11-16 10:46:53 -08:00
hashicorp-ci
a54d1069b3 auto-updated agent/uiserver/bindata_assetfs.go from commit 959974e96 2020-11-16 15:27:40 +00:00
Kit Patella
5da2f1efa8 finish adding static server metrics 2020-11-13 16:26:08 -08:00
Kyle Havlovitz
16e95f1d7b Reorganize some CA manager code for correctness/readability 2020-11-13 14:46:01 -08:00
Kyle Havlovitz
6fba82a4fa connect: Add CAManager for synchronizing CA operations 2020-11-13 14:33:44 -08:00
Kyle Havlovitz
af34b26221 connect: Add logic for updating secondary DC intermediate on config set 2020-11-13 14:33:44 -08:00
R.B. Boyer
9eb262252a
server: intentions CRUD requires connect to be enabled (#9194) 
Fixes #9123
 2020-11-13 16:19:12 -06:00
Kit Patella
06d59c03b9 add the service name in the agent rather than in the definitions themselves 2020-11-13 13:18:04 -08:00
R.B. Boyer
c7233ba871
server: remove config entry CAS in legacy intention API bridge code (#9151) 
Change so line-item intention edits via the API are handled via the state store instead of via CAS operations.

Fixes #9143
 2020-11-13 14:42:21 -06:00
R.B. Boyer
c52bc632df
server: skip deleted and deleting namespaces when migrating intentions to config entries (#9186) 2020-11-13 13:56:41 -06:00
Mike Morris
7af643ac37
ci: update to Go 1.15.4 and alpine:3.12 (#9036) 
* ci: stop building darwin/386 binaries

Go 1.15 drops support for 32-bit binaries on Darwin https://golang.org/doc/go1.15#darwin

* tls: ConnectionState::NegotiatedProtocolIsMutual is deprecated in Go 1.15, this value is always true

* correct error messages that changed slightly

* Completely regenerate some TLS test data

Co-authored-by: R.B. Boyer <rb@hashicorp.com>
 2020-11-13 13:02:59 -05:00
hashicorp-ci
fe6b888269 auto-updated agent/uiserver/bindata_assetfs.go from commit 1059a51a3 2020-11-13 16:00:39 +00:00
hashicorp-ci
40cef22c17 auto-updated agent/uiserver/bindata_assetfs.go from commit 78b704be8 2020-11-13 15:44:14 +00:00
R.B. Boyer
c003871c54
server: break up Intention.Apply monolithic method (#9007) 
The Intention.Apply RPC is quite large, so this PR attempts to break it down into smaller functions and dissolves the pre-config-entry approach to the breakdown as it only confused things.
 2020-11-13 09:15:39 -06:00
Kit Patella
24a2471029 first pass on agent-configured prometheusDefs and adding defs for every consul metric 2020-11-12 18:12:12 -08:00
Daniel Nephin
a397ec85eb
Merge pull request #9162 from hashicorp/dnephin/fix-grpc-metrics 
grpc: fix metrics
 2020-11-12 17:03:01 -05:00
hashicorp-ci
1cedf812e1 auto-updated agent/uiserver/bindata_assetfs.go from commit 6b2970402 2020-11-12 18:49:48 +00:00