consul/agent
Jeremy Jacobson 6424ef6a56
[CC-5719] Add support for builtin global-read-only policy (#18319)
* [CC-5719] Add support for builtin global-read-only policy

* Add changelog

* Add read-only to docs

* Fix some minor issues.

* Change from ReplaceAll to Sprintf

* Change IsValidPolicy name to return an error instead of bool

* Fix PolicyList test

* Fix other tests

* Apply suggestions from code review

Co-authored-by: Paul Glass <pglass@hashicorp.com>

* Fix state store test for policy list.

* Fix naming issues

* Update acl/validation.go

Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>

* Update agent/consul/acl_endpoint.go

---------

Co-authored-by: Paul Glass <pglass@hashicorp.com>
Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
2023-08-01 17:12:14 +00:00
..
ae copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
auto-config agent: remove agent cache dependency from service mesh leaf certificate management (#17075) 2023-06-13 10:54:45 -05:00
blockingquery [OSS] gRPC Blocking Queries (#17426) 2023-05-23 17:29:10 -04:00
cache Revert "cache: refactor agent cache fetching to prevent unnecessary f… (#16818) (#17046) 2023-04-19 13:17:21 -05:00
cache-types agent: remove agent cache dependency from service mesh leaf certificate management (#17075) 2023-06-13 10:54:45 -05:00
checks ci: remove test-integrations CircleCI workflow (#16928) 2023-04-19 16:19:29 +00:00
config Add verify server hostname to tls default (#17155) 2023-07-10 10:34:41 -05:00
configentry Fix incorrect protocol for transparent proxy upstreams. (#17894) 2023-07-05 09:32:10 -05:00
connect docs: Fix some comments (#17118) 2023-07-31 10:56:09 -07:00
consul [CC-5719] Add support for builtin global-read-only policy (#18319) 2023-08-01 17:12:14 +00:00
debug copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
dns copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
envoyextensions Remove POC code (#17974) 2023-06-30 14:05:13 +00:00
exec copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
grpc-external resource: Pass resource to Write ACL hook instead of just resource Id [NET-4908] (#18192) 2023-07-20 12:06:29 -05:00
grpc-internal Various bits of cleanup detected when using Go Workspaces (#17462) 2023-06-05 16:08:39 -04:00
grpc-middleware Various bits of cleanup detected when using Go Workspaces (#17462) 2023-06-05 16:08:39 -04:00
hcp [CC-5718] Remove HCP token requirement during bootstrap (#18140) 2023-07-21 10:33:22 -07:00
leafcert agent: remove agent cache dependency from service mesh leaf certificate management (#17075) 2023-06-13 10:54:45 -05:00
local Displays Consul version of each nodes in UI nodes section (#17754) 2023-07-12 13:34:39 -06:00
log-drop copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
metadata add necessary plumbing to implement per server ip based rate limiting (#17436) 2023-05-23 15:37:01 -04:00
metrics copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
mock copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
pool Raft storage backend (#16619) 2023-04-04 17:30:06 +01:00
proxycfg docs: Fix some comments (#17118) 2023-07-31 10:56:09 -07:00
proxycfg-glue Fix issue with streaming service health watches. (#17775) 2023-06-15 12:46:58 -05:00
proxycfg-sources copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
router copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
routine-leak-checker copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
rpc re org resource type registry (#18133) 2023-07-14 18:00:17 -07:00
rpcclient [COMPLIANCE] Add Copyright and License Headers (#16854) 2023-04-20 12:40:22 +00:00
structs [CC-5719] Add support for builtin global-read-only policy (#18319) 2023-08-01 17:12:14 +00:00
submatview * added Sameness Group to proto files (#16998) 2023-04-14 09:24:46 -07:00
systemd copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
token copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
uiserver copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
xds [NET-4703] Prevent partial application of Envoy extensions (#18068) 2023-07-31 15:24:33 -04:00
acl.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_endpoint.go fixes #17732 - AccessorID in request body should be optional when updating ACL token (#17739) 2023-06-21 13:31:40 -05:00
acl_endpoint_test.go [CC-5719] Add support for builtin global-read-only policy (#18319) 2023-08-01 17:12:14 +00:00
acl_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
acl_test.go NET-4657/add resource service client (#18053) 2023-07-14 14:09:02 -04:00
agent.go NET-4657/add resource service client (#18053) 2023-07-14 14:09:02 -04:00
agent_endpoint.go member cli: add -filter expression to flags (#18223) 2023-07-25 13:54:52 -04:00
agent_endpoint_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
agent_endpoint_oss_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
agent_endpoint_test.go Displays Consul version of each nodes in UI nodes section (#17754) 2023-07-12 13:34:39 -06:00
agent_oss.go Add writeAuditRPCEvent to agent_oss (#17607) 2023-06-07 22:35:48 +00:00
agent_oss_test.go feat: add reporting config with reload (#16890) 2023-04-11 15:04:02 -04:00
agent_test.go feature - [NET - 4005] - [Supportability] Reloadable Configuration - enable_debug (#17565) 2023-06-30 08:30:29 +05:30
apiserver.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
apiserver_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
catalog_endpoint.go Add /v1/internal/service-virtual-ip for manually setting service VIPs (#17294) 2023-05-12 00:38:52 +00:00
catalog_endpoint_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
catalog_endpoint_test.go Add /v1/internal/service-virtual-ip for manually setting service VIPs (#17294) 2023-05-12 00:38:52 +00:00
check.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
config_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
config_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
connect_auth.go Add sameness groups to service intentions. (#17064) 2023-04-20 12:16:04 -04:00
connect_ca_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
connect_ca_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
coordinate_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
coordinate_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
delegate_mock_test.go fix: update delegateMock used in ENT (#18149) 2023-07-17 09:44:49 -04:00
denylist.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
denylist_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
discovery_chain_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
discovery_chain_endpoint_test.go Attach service virtual IP info to compiled discovery chain (#17295) 2023-05-12 02:28:16 +00:00
dns.go Fix a bug that wrongly trims domains when there is an overlap with DC name (#17160) 2023-06-26 10:57:11 -04:00
dns_oss.go * added Sameness Group to proto files (#16998) 2023-04-14 09:24:46 -07:00
dns_oss_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
dns_test.go Fix a bug that wrongly trims domains when there is an overlap with DC name (#17160) 2023-06-26 10:57:11 -04:00
enterprise_delegate_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
event_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
event_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
federation_state_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
health_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
health_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
http.go feature - [NET - 4005] - [Supportability] Reloadable Configuration - enable_debug (#17565) 2023-06-30 08:30:29 +05:30
http_decode_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
http_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
http_oss_test.go feature - [NET - 4005] - [Supportability] Reloadable Configuration - enable_debug (#17565) 2023-06-30 08:30:29 +05:30
http_register.go Add version endpoint (#17506) 2023-05-30 17:25:48 -05:00
http_test.go feature - [NET - 4005] - [Supportability] Reloadable Configuration - enable_debug (#17565) 2023-06-30 08:30:29 +05:30
intentions_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
intentions_endpoint_oss_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
intentions_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
keyring.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
keyring_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
kvs_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
kvs_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
metrics.go log warning about certificate expiring sooner and with more details 2023-04-07 20:38:07 +00:00
metrics_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
nodeid.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
nodeid_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
notify.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
notify_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
operator_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
operator_endpoint_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
operator_endpoint_oss_test.go feat: include nodes count in operator usage endpoint and cli command (#17939) 2023-07-05 11:23:29 -04:00
operator_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
peering_endpoint.go [OSS] gRPC Blocking Queries (#17426) 2023-05-23 17:29:10 -04:00
peering_endpoint_oss_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
peering_endpoint_test.go [OSS] gRPC Blocking Queries (#17426) 2023-05-23 17:29:10 -04:00
prepared_query_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
prepared_query_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
proxycfg_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
reload.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
remote_exec.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
remote_exec_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
retry_join.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
retry_join_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
service_checks_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
service_manager.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
service_manager_test.go Remove deprecated service-defaults upstream behavior. (#16957) 2023-04-11 10:20:33 -05:00
session_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
session_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
setup.go re org resource type registry (#18133) 2023-07-14 18:00:17 -07:00
setup_oss.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
sidecar_service.go sidecar-proxy refactor (#17328) 2023-05-12 16:49:42 -04:00
sidecar_service_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
signal_unix.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
signal_windows.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
snapshot_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
snapshot_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
status_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
status_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
streaming_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
testagent.go Revert "cache: refactor agent cache fetching to prevent unnecessary f… (#16818) (#17046) 2023-04-19 13:17:21 -05:00
testagent_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
translate_addr.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
txn_endpoint.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
txn_endpoint_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
ui_endpoint.go Fix topology view when displaying mixed connect-native/normal services. (#13023) 2023-07-31 08:10:55 -04:00
ui_endpoint_oss_test.go feature - [NET - 4005] - [Supportability] Reloadable Configuration - enable_debug (#17565) 2023-06-30 08:30:29 +05:30
ui_endpoint_test.go Fix topology view when displaying mixed connect-native/normal services. (#13023) 2023-07-31 08:10:55 -04:00
user_event.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
user_event_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
util.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
util_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
watch_handler.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00
watch_handler_test.go copyright headers for agent folder (#16704) 2023-03-28 14:39:22 -04:00