Commit Graph

13070 Commits

Author SHA1 Message Date
Kit Patella 9d9c4a646b upgrade go-metrics to latest 2020-11-04 14:02:13 -08:00
R.B. Boyer 6ba776b4f3
agent: protect the ui metrics proxy endpoint behind ACLs (#9099)
This ensures the metrics proxy endpoint is ACL protected behind a
wildcard `service:read` and `node:read` set of rules. For Consul
Enterprise these will need to span all namespaces:

```
service_prefix "" { policy = "read" }
node_prefix ""    { policy = "read" }

namespace_prefix "" {
  service_prefix "" { policy = "read" }
  node_prefix ""    { policy = "read" }
}
```

This PR contains just the backend changes. The frontend changes to
actually pass the consul token header to the proxy through the JS plugin
will come in another PR.
2020-11-04 12:50:03 -06:00
hashicorp-ci a2315bc839 auto-updated agent/uiserver/bindata_assetfs.go from commit 0f6c0a5c1 2020-11-04 09:37:51 +00:00
John Cowen 0f6c0a5c13
ui: Metrics - Provide a fetch-like http client that automatically adds the current ACL token (#9094)
* Remove local httpGet and shim one in from options

* Add custom httpGet to pass through to provider

* Make a fetch wrapper that adds your token

* Pass the fetch like fetchWithToken wrapper through to the provider

* Fix up httpGet to encode query params again and use fetch-like
2020-11-04 09:33:37 +00:00
hashicorp-ci 1a5d4cfe43 auto-updated agent/uiserver/bindata_assetfs.go from commit d5d4155e1 2020-11-03 14:14:58 +00:00
John Cowen d5d4155e1a
ui: Storybook Install (#9049)
* ui: Install storybook into the main project

* Add a basic story for a notice

* Remove empty dependencies
2020-11-03 14:09:39 +00:00
Kit Patella 1c4885c44a add definitions for key metrics. This will not build until we have the definitions patch to go-metrics 2020-11-02 15:01:00 -08:00
R.B. Boyer 44bd8bd2ae
use the docker proxy for more envoy integration test containers (#9085) 2020-11-02 14:52:33 -06:00
R.B. Boyer 957293d884
wait_for_namespace should take two args (#9086) 2020-11-02 14:31:19 -06:00
hashicorp-ci 738ff1801f auto-updated agent/uiserver/bindata_assetfs.go from commit 56c2ff56e 2020-11-02 18:43:31 +00:00
Kenia 56c2ff56e4
ui: Update to not return metrics for ingress gateways (#9081) 2020-11-02 13:38:43 -05:00
Alvin Huang ae6185a554
use hashicorp docker mirror in envoy helper (#9080) 2020-11-02 11:37:03 -06:00
R.B. Boyer d7b37e3c6e
fix envoy integ test wait_for_namespace to actually work on CI (#9082) 2020-11-02 11:14:48 -06:00
hashicorp-ci c28f489a9a auto-updated agent/uiserver/bindata_assetfs.go from commit bf32a1799 2020-11-02 16:11:45 +00:00
John Cowen bf32a17994
ui: Remove string casting when passing index/checked for dropmenus (#9077)
* ui: Remove string casting when passing index/checked

* Check for e.target
2020-11-02 16:07:08 +00:00
hashicorp-ci 907c4ad789 auto-updated agent/uiserver/bindata_assetfs.go from commit 314eeda95 2020-11-02 14:40:27 +00:00
John Cowen 314eeda957
ui: Use eslint vs ember-cli-lint, sass vs dart-sass (#9078)
These two dependency changes means that @hashicorp/pds-ember can be
installed and used without any build/dependency issues
2020-11-02 14:35:10 +00:00
Alvin Huang ea88956c9c
use hashicorp docker mirror to prevent rate limit (#9070) 2020-10-30 17:59:13 -04:00
R.B. Boyer a66c4591d7
agent: introduce path allow list for requests going through the metrics proxy (#9059)
Added a new option `ui_config.metrics_proxy.path_allowlist`. This defaults to `["/api/v1/query", "/api/v1/query_range"]` when the metrics provider is set to `prometheus`.

Requests that do not use one of the allow-listed paths (via exact match) get a 403 Forbidden response instead.
2020-10-30 16:49:54 -05:00
Daniel Nephin b532e092dc structs: add a namespace test for CheckServiceNode.CanRead 2020-10-30 15:07:04 -04:00
Daniel Nephin 9b2fae9bac cache-type: use namespace in tests
to verify that the namespace is passed through correctly to the server.
2020-10-30 15:07:04 -04:00
Daniel Nephin b95b14e168 state: test EventPayloadCheckServiceNode.FilterByKey
Also fix a bug in that function when only one of key or namespace were the empty string.
2020-10-30 14:35:57 -04:00
Daniel Nephin 56d6079da3 stream: Add tests for filterByKey with namespace
And fix a bug where a request with a Namespace but no Key would not be properly filtered
2020-10-30 14:35:42 -04:00
Daniel Nephin 2c00045161 stream: Move FilterByKey events to a table
In preparation for adding new tests.
2020-10-30 14:35:28 -04:00
Daniel Nephin 44ed7910a3 proto: convert enterprise meta 2020-10-30 14:34:36 -04:00
Daniel Nephin 43c5803a25 state: use enterprise meta for creating events 2020-10-30 14:34:04 -04:00
Daniel Nephin 0ad2406d7c stream: include the namespace in the snap cache key
Otherwise the wrong snapshot could be returned when the same key is used in different namespaces
2020-10-30 14:34:04 -04:00
Daniel Nephin c42fe5ae43 subscribe: set the request namespace 2020-10-30 14:34:04 -04:00
hashicorp-ci b3bf1229ac auto-updated agent/uiserver/bindata_assetfs.go from commit cf2cfbaf2 2020-10-30 15:27:01 +00:00
R.B. Boyer cf2cfbaf2e
ui: make metrics work again (#9072)
Fixes regression from #9040
2020-10-30 10:21:57 -05:00
R.B. Boyer fa4b0854fb
state: ensure we unblock intentions queries upon the upgrade to config entries (#9062)
1. do a state store query to list intentions as the agent would do over in `agent/proxycfg` backing `agent/xds`
2. upgrade the database and do a fresh `service-intentions` config entry write
3. the blocking query inside of the agent cache in (1) doesn't notice (2)
2020-10-29 15:28:31 -05:00
Daniel Nephin e14a9a725e
Merge pull request #9068 from hashicorp/restore-test-signature
restore prior signature of test helper so enterprise compiles
2020-10-29 15:22:30 -04:00
R.B. Boyer b24b4169e1 restore prior signature of test helper so enterprise compiles 2020-10-29 13:52:15 -05:00
hashicorp-ci 01dbf43fb1 auto-updated agent/uiserver/bindata_assetfs.go from commit 1d6961248 2020-10-29 18:33:41 +00:00
Mike Morris 1d6961248c
ui: Update node_modules deps path in GNUMakefile (#9066)
Updates `node_modules` path/makefile target to fix top-level `make ui` command.
2020-10-29 13:28:55 -05:00
Daniel Nephin afad68c033
Merge pull request #9025 from hashicorp/dnephin/streaming-options
streaming: Use a no-op event publisher if streaming is disabled
2020-10-29 13:36:51 -04:00
s-christoff 79ce24e9fc
cli: Add JSON and Pretty Print formatting for `consul snapshot inspect` (#9006) 2020-10-29 11:31:14 -05:00
Kim Ngo a670f7a098
docs: Add links in CTS docs for the community to get involved (#9060) 2020-10-29 10:07:20 -05:00
Daniel Nephin a5dd2001cf stream: remove Event.Key
Makes Payload a type with FilterByKey so that Payloads can implement
filtering by key. With this approach we don't need to expose a Namespace
field on Event, and we don't need to invest micro formats or require a
bunch of code to be aware of exactly how the key field is encoded.
2020-10-28 16:48:04 -04:00
Daniel Nephin 1c094da40d state: use go-cmp for comparison
The output of the previous assertions made it impossible to debug the tests without code changes.

With go-cmp comparing the entire slice we can see the full diffs making it easier to debug failures.
2020-10-28 16:33:00 -04:00
Daniel Nephin 68342a0cb5 proto: remove Event.Key field
The field is never used, and the value is available from the payload.
2020-10-28 16:33:00 -04:00
Daniel Nephin 9a1e845be8 proto: remove Event.Namespace field
All events are part of a single Topic, so we don't need this field.
2020-10-28 16:33:00 -04:00
Daniel Nephin 74b7325839 proto: Add SubscribeRequest.Namespace
For subscribing to service events in a namespace
2020-10-28 16:32:59 -04:00
Daniel Nephin 3dfb7c224b stream: Use a no-op event publisher if streaming is disabled 2020-10-28 13:54:19 -04:00
Daniel Nephin bc07901527
Merge pull request #9058 from hashicorp/dnephin/fix-broken-github-workflow
Remove the workflow file
2020-10-28 13:11:36 -04:00
Daniel Nephin 06888839d6 Remove the workflow file
The comment out file causes github to send us error emails on every commit
2020-10-28 13:09:29 -04:00
Daniel Nephin 23eee604c9 store: use a ReadDB for snapshots
to remove the cyclic dependency between the snapshot handlers and the state.Store
2020-10-28 13:07:42 -04:00
R.B. Boyer b724e096c2
add namespace waiting function to envoy integration tests (#9051) 2020-10-28 11:58:40 -05:00
Daniel Nephin 7b9ee25956
Merge pull request #9026 from hashicorp/dnephin/streaming-without-cache-query-param
streaming: rename config and remove requirement for cache=1
2020-10-28 12:33:25 -04:00
Daniel Nephin 477d665309
Merge pull request #8618 from hashicorp/dnephin/remove-txn-readtxn
state: Use ReadTxn everywhere
2020-10-28 12:32:47 -04:00