Kit Patella
9d9c4a646b
upgrade go-metrics to latest
2020-11-04 14:02:13 -08:00
R.B. Boyer
6ba776b4f3
agent: protect the ui metrics proxy endpoint behind ACLs ( #9099 )
...
This ensures the metrics proxy endpoint is ACL protected behind a
wildcard `service:read` and `node:read` set of rules. For Consul
Enterprise these will need to span all namespaces:
```
service_prefix "" { policy = "read" }
node_prefix "" { policy = "read" }
namespace_prefix "" {
service_prefix "" { policy = "read" }
node_prefix "" { policy = "read" }
}
```
This PR contains just the backend changes. The frontend changes to
actually pass the consul token header to the proxy through the JS plugin
will come in another PR.
2020-11-04 12:50:03 -06:00
hashicorp-ci
a2315bc839
auto-updated agent/uiserver/bindata_assetfs.go from commit 0f6c0a5c1
2020-11-04 09:37:51 +00:00
John Cowen
0f6c0a5c13
ui: Metrics - Provide a fetch-like http client that automatically adds the current ACL token ( #9094 )
...
* Remove local httpGet and shim one in from options
* Add custom httpGet to pass through to provider
* Make a fetch wrapper that adds your token
* Pass the fetch like fetchWithToken wrapper through to the provider
* Fix up httpGet to encode query params again and use fetch-like
2020-11-04 09:33:37 +00:00
hashicorp-ci
1a5d4cfe43
auto-updated agent/uiserver/bindata_assetfs.go from commit d5d4155e1
2020-11-03 14:14:58 +00:00
John Cowen
d5d4155e1a
ui: Storybook Install ( #9049 )
...
* ui: Install storybook into the main project
* Add a basic story for a notice
* Remove empty dependencies
2020-11-03 14:09:39 +00:00
Kit Patella
1c4885c44a
add definitions for key metrics. This will not build until we have the definitions patch to go-metrics
2020-11-02 15:01:00 -08:00
R.B. Boyer
44bd8bd2ae
use the docker proxy for more envoy integration test containers ( #9085 )
2020-11-02 14:52:33 -06:00
R.B. Boyer
957293d884
wait_for_namespace should take two args ( #9086 )
2020-11-02 14:31:19 -06:00
hashicorp-ci
738ff1801f
auto-updated agent/uiserver/bindata_assetfs.go from commit 56c2ff56e
2020-11-02 18:43:31 +00:00
Kenia
56c2ff56e4
ui: Update to not return metrics for ingress gateways ( #9081 )
2020-11-02 13:38:43 -05:00
Alvin Huang
ae6185a554
use hashicorp docker mirror in envoy helper ( #9080 )
2020-11-02 11:37:03 -06:00
R.B. Boyer
d7b37e3c6e
fix envoy integ test wait_for_namespace to actually work on CI ( #9082 )
2020-11-02 11:14:48 -06:00
hashicorp-ci
c28f489a9a
auto-updated agent/uiserver/bindata_assetfs.go from commit bf32a1799
2020-11-02 16:11:45 +00:00
John Cowen
bf32a17994
ui: Remove string casting when passing index/checked for dropmenus ( #9077 )
...
* ui: Remove string casting when passing index/checked
* Check for e.target
2020-11-02 16:07:08 +00:00
hashicorp-ci
907c4ad789
auto-updated agent/uiserver/bindata_assetfs.go from commit 314eeda95
2020-11-02 14:40:27 +00:00
John Cowen
314eeda957
ui: Use eslint vs ember-cli-lint, sass vs dart-sass ( #9078 )
...
These two dependency changes means that @hashicorp/pds-ember can be
installed and used without any build/dependency issues
2020-11-02 14:35:10 +00:00
Alvin Huang
ea88956c9c
use hashicorp docker mirror to prevent rate limit ( #9070 )
2020-10-30 17:59:13 -04:00
R.B. Boyer
a66c4591d7
agent: introduce path allow list for requests going through the metrics proxy ( #9059 )
...
Added a new option `ui_config.metrics_proxy.path_allowlist`. This defaults to `["/api/v1/query", "/api/v1/query_range"]` when the metrics provider is set to `prometheus`.
Requests that do not use one of the allow-listed paths (via exact match) get a 403 Forbidden response instead.
2020-10-30 16:49:54 -05:00
Daniel Nephin
b532e092dc
structs: add a namespace test for CheckServiceNode.CanRead
2020-10-30 15:07:04 -04:00
Daniel Nephin
9b2fae9bac
cache-type: use namespace in tests
...
to verify that the namespace is passed through correctly to the server.
2020-10-30 15:07:04 -04:00
Daniel Nephin
b95b14e168
state: test EventPayloadCheckServiceNode.FilterByKey
...
Also fix a bug in that function when only one of key or namespace were the empty string.
2020-10-30 14:35:57 -04:00
Daniel Nephin
56d6079da3
stream: Add tests for filterByKey with namespace
...
And fix a bug where a request with a Namespace but no Key would not be properly filtered
2020-10-30 14:35:42 -04:00
Daniel Nephin
2c00045161
stream: Move FilterByKey events to a table
...
In preparation for adding new tests.
2020-10-30 14:35:28 -04:00
Daniel Nephin
44ed7910a3
proto: convert enterprise meta
2020-10-30 14:34:36 -04:00
Daniel Nephin
43c5803a25
state: use enterprise meta for creating events
2020-10-30 14:34:04 -04:00
Daniel Nephin
0ad2406d7c
stream: include the namespace in the snap cache key
...
Otherwise the wrong snapshot could be returned when the same key is used in different namespaces
2020-10-30 14:34:04 -04:00
Daniel Nephin
c42fe5ae43
subscribe: set the request namespace
2020-10-30 14:34:04 -04:00
hashicorp-ci
b3bf1229ac
auto-updated agent/uiserver/bindata_assetfs.go from commit cf2cfbaf2
2020-10-30 15:27:01 +00:00
R.B. Boyer
cf2cfbaf2e
ui: make metrics work again ( #9072 )
...
Fixes regression from #9040
2020-10-30 10:21:57 -05:00
R.B. Boyer
fa4b0854fb
state: ensure we unblock intentions queries upon the upgrade to config entries ( #9062 )
...
1. do a state store query to list intentions as the agent would do over in `agent/proxycfg` backing `agent/xds`
2. upgrade the database and do a fresh `service-intentions` config entry write
3. the blocking query inside of the agent cache in (1) doesn't notice (2)
2020-10-29 15:28:31 -05:00
Daniel Nephin
e14a9a725e
Merge pull request #9068 from hashicorp/restore-test-signature
...
restore prior signature of test helper so enterprise compiles
2020-10-29 15:22:30 -04:00
R.B. Boyer
b24b4169e1
restore prior signature of test helper so enterprise compiles
2020-10-29 13:52:15 -05:00
hashicorp-ci
01dbf43fb1
auto-updated agent/uiserver/bindata_assetfs.go from commit 1d6961248
2020-10-29 18:33:41 +00:00
Mike Morris
1d6961248c
ui: Update node_modules deps path in GNUMakefile ( #9066 )
...
Updates `node_modules` path/makefile target to fix top-level `make ui` command.
2020-10-29 13:28:55 -05:00
Daniel Nephin
afad68c033
Merge pull request #9025 from hashicorp/dnephin/streaming-options
...
streaming: Use a no-op event publisher if streaming is disabled
2020-10-29 13:36:51 -04:00
s-christoff
79ce24e9fc
cli: Add JSON and Pretty Print formatting for `consul snapshot inspect` ( #9006 )
2020-10-29 11:31:14 -05:00
Kim Ngo
a670f7a098
docs: Add links in CTS docs for the community to get involved ( #9060 )
2020-10-29 10:07:20 -05:00
Daniel Nephin
a5dd2001cf
stream: remove Event.Key
...
Makes Payload a type with FilterByKey so that Payloads can implement
filtering by key. With this approach we don't need to expose a Namespace
field on Event, and we don't need to invest micro formats or require a
bunch of code to be aware of exactly how the key field is encoded.
2020-10-28 16:48:04 -04:00
Daniel Nephin
1c094da40d
state: use go-cmp for comparison
...
The output of the previous assertions made it impossible to debug the tests without code changes.
With go-cmp comparing the entire slice we can see the full diffs making it easier to debug failures.
2020-10-28 16:33:00 -04:00
Daniel Nephin
68342a0cb5
proto: remove Event.Key field
...
The field is never used, and the value is available from the payload.
2020-10-28 16:33:00 -04:00
Daniel Nephin
9a1e845be8
proto: remove Event.Namespace field
...
All events are part of a single Topic, so we don't need this field.
2020-10-28 16:33:00 -04:00
Daniel Nephin
74b7325839
proto: Add SubscribeRequest.Namespace
...
For subscribing to service events in a namespace
2020-10-28 16:32:59 -04:00
Daniel Nephin
3dfb7c224b
stream: Use a no-op event publisher if streaming is disabled
2020-10-28 13:54:19 -04:00
Daniel Nephin
bc07901527
Merge pull request #9058 from hashicorp/dnephin/fix-broken-github-workflow
...
Remove the workflow file
2020-10-28 13:11:36 -04:00
Daniel Nephin
06888839d6
Remove the workflow file
...
The comment out file causes github to send us error emails on every commit
2020-10-28 13:09:29 -04:00
Daniel Nephin
23eee604c9
store: use a ReadDB for snapshots
...
to remove the cyclic dependency between the snapshot handlers and the state.Store
2020-10-28 13:07:42 -04:00
R.B. Boyer
b724e096c2
add namespace waiting function to envoy integration tests ( #9051 )
2020-10-28 11:58:40 -05:00
Daniel Nephin
7b9ee25956
Merge pull request #9026 from hashicorp/dnephin/streaming-without-cache-query-param
...
streaming: rename config and remove requirement for cache=1
2020-10-28 12:33:25 -04:00
Daniel Nephin
477d665309
Merge pull request #8618 from hashicorp/dnephin/remove-txn-readtxn
...
state: Use ReadTxn everywhere
2020-10-28 12:32:47 -04:00