consul/agent/config
Mike Morris f8a2ae2606
agent: convert listener config to TLS types (#12522)
* tlsutil: initial implementation of types/TLSVersion

tlsutil: add test for parsing deprecated agent TLS version strings

tlsutil: return TLSVersionInvalid with error

tlsutil: start moving tlsutil cipher suite lookups over to types/tls

tlsutil: rename tlsLookup to ParseTLSVersion, add cipherSuiteLookup

agent: attempt to use types in runtime config

agent: implement b.tlsVersion validation in config builder

agent: fix tlsVersion nil check in builder

tlsutil: update to renamed ParseTLSVersion and goTLSVersions

tlsutil: fixup TestConfigurator_CommonTLSConfigTLSMinVersion

tlsutil: disable invalid config parsing tests

tlsutil: update tests

auto_config: lookup old config strings from base.TLSMinVersion

auto_config: update endpoint tests to use TLS types

agent: update runtime_test to use TLS types

agent: update TestRuntimeCinfig_Sanitize.golden

agent: update config runtime tests to expect TLS types

* website: update Consul agent tls_min_version values

* agent: fixup TLS parsing and compilation errors

* test: fixup lint issues in agent/config_runtime_test and tlsutil/config_test

* tlsutil: add CHACHA20_POLY1305 cipher suites to goTLSCipherSuites

* test: revert autoconfig tls min version fixtures to old format

* types: add TLSVersions public function

* agent: add warning for deprecated TLS version strings

* agent: move agent config specific logic from tlsutil.ParseTLSVersion into agent config builder

* tlsutil(BREAKING): change default TLS min version to TLS 1.2

* agent: move ParseCiphers logic from tlsutil into agent config builder

* tlsutil: remove unused CipherString function

* agent: fixup import for types package

* Revert "tlsutil: remove unused CipherString function"

This reverts commit 6ca7f6f58d268e617501b7db9500113c13bae70c.

* agent: fixup config builder and runtime tests

* tlsutil: fixup one remaining ListenerConfig -> ProtocolConfig

* test: move TLS cipher suites parsing test from tlsutil into agent config builder tests

* agent: remove parseCiphers helper from auto_config_endpoint_test

* test: remove unused imports from tlsutil

* agent: remove resolved FIXME comment

* tlsutil: remove TODO and FIXME in cipher suite validation

* agent: prevent setting inherited cipher suite config when TLS 1.3 is specified

* changelog: add entry for converting agent config to TLS types

* agent: remove FIXME in runtime test, this is covered in builder tests with invalid tls9 value now

* tlsutil: remove config tests for values checked at agent config builder boundary

* tlsutil: remove tls version check from loadProtocolConfig

* tlsutil: remove tests and TODOs for logic checked in TestBuilder_tlsVersion and TestBuilder_tlsCipherSuites

* website: update search link for supported Consul agent cipher suites

* website: apply review suggestions for tls_min_version description

* website: attempt to clean up markdown list formatting for tls_min_version

* website: moar linebreaks to fix tls_min_version formatting

* Revert "website: moar linebreaks to fix tls_min_version formatting"

This reverts commit 38585927422f73ebf838a7663e566ac245f2a75c.

* autoconfig: translate old values for TLSMinVersion

* agent: rename var for translated value of deprecated TLS version value

* Update agent/config/deprecated.go

Co-authored-by: Dan Upton <daniel@floppy.co>

* agent: fix lint issue

* agent: fixup deprecated config test assertions for updated warning

Co-authored-by: Dan Upton <daniel@floppy.co>
2022-03-24 15:32:25 -04:00
..
testdata agent: convert listener config to TLS types (#12522) 2022-03-24 15:32:25 -04:00
agent_limits.go config: validate system limits against limits.http_max_conns_per_client (#7434) 2020-04-02 09:22:17 +02:00
builder.go agent: convert listener config to TLS types (#12522) 2022-03-24 15:32:25 -04:00
builder_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
builder_oss_test.go Rename `master` and `agent_master` ACL tokens in the config file format (#11665) 2021-12-01 21:08:14 +00:00
builder_test.go agent: convert listener config to TLS types (#12522) 2022-03-24 15:32:25 -04:00
config.go Support per-listener TLS configuration ⚙️ (#12504) 2022-03-18 10:46:58 +00:00
config_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
default.go agent: convert listener config to TLS types (#12522) 2022-03-24 15:32:25 -04:00
default_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
deprecated.go agent: convert listener config to TLS types (#12522) 2022-03-24 15:32:25 -04:00
deprecated_test.go agent: convert listener config to TLS types (#12522) 2022-03-24 15:32:25 -04:00
doc.go Metrics service prefix (#3498) 2017-09-26 17:49:55 -07:00
file_watcher.go file watcher to be used for configuration auto-reload feature (#12301) 2022-02-21 11:36:52 -05:00
file_watcher_test.go file watcher to be used for configuration auto-reload feature (#12301) 2022-02-21 11:36:52 -05:00
flags.go Revert "Merge pull request #10588 from hashicorp/dnephin/config-fix-ports-grpc" 2021-09-29 12:28:41 -04:00
flags_test.go Revert "Merge pull request #10588 from hashicorp/dnephin/config-fix-ports-grpc" 2021-09-29 12:28:41 -04:00
flagset.go New config parser, HCL support, multiple bind addrs (#3480) 2017-09-25 11:40:42 -07:00
golden_test.go config: Use golden for TestRuntimeConfig_Sanitize 2021-01-11 14:34:03 -05:00
limits.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
limits_windows.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
merge.go Agent Auto Configuration: Configuration Syntax Updates (#8003) 2020-06-16 15:03:22 -04:00
merge_test.go config: Introduce DeprecatedConfig 2021-09-22 13:22:16 -04:00
runtime.go Support per-listener TLS configuration ⚙️ (#12504) 2022-03-18 10:46:58 +00:00
runtime_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
runtime_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
runtime_test.go agent: convert listener config to TLS types (#12522) 2022-03-24 15:32:25 -04:00
segment_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
segment_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00