consul

Tree: 1dfc265abe

Author	SHA1	Message	Date
wangxinyi7	b1bd6ab91a	revert grpc to http (#20716 ) * Revert "refactor the resource client (#20343)" This reverts commit `3c5cb04b0f`. * Revert "clean up http client (#20342)" This reverts commit `2b89025eab`. * remove deprecated peer * fix the typo * remove forwarding test as it tests grpc, should add it back	9 months ago
wangxinyi7	fb2b696c0e	missing prefix / (#20447 ) * missing prefix / and fix typos	10 months ago
wangxinyi7	3c5cb04b0f	refactor the resource client (#20343 ) * renaming files	10 months ago
wangxinyi7	2b89025eab	clean up http client (#20342 ) clean up http client	10 months ago
Matt Keeler	34a32d4ce5	Remove V2 PeerName field from pbresource.Tenancy (#19865 ) The peer name will eventually show up elsewhere in the resource. For now though this rips it out of where we don’t want it to be.	10 months ago
wangxinyi7	013bcefe5c	grpc client in tls mode (#19680 ) * client in tls mode	11 months ago
wangxinyi7	9dc24448ae	grpc client default in plaintext mode (#19412 ) * grpc client default in plaintext mode * renaming and fix linter * update the description and remove the context * trim tests	1 year ago
Poonam Jadhav	6c92dd1359	NET-5600/container-test-acl-enabled (#18887 ) * feat: add container tests for resource http api with acl enabled * refactor: clean up	1 year ago
Poonam Jadhav	4e77482e95	feat: remove resource api client from api module (#18984 ) * feat: remove resource api client from api module * fix: go mod clean up	1 year ago
John Murret	319a2239d3	NET-4897 - update comment to include the current issue url from the go team. (#18263 )	1 year ago
John Murret	5af73901a2	[NET-4897] net/http host header is now verified and request.host that contains socked now error (#18129 ) ### Description This is related to https://github.com/hashicorp/consul/pull/18124 where we pinned the go versions in CI to 1.20.5 and 1.19.10. go 1.20.6 and 1.19.11 now validate request host headers for validity, including the hostname cannot be prefixed with slashes. For local communications (npipe://, unix://), the hostname is not used, but we need valid and meaningful hostname. Prior versions go Go would clean the host header, and strip slashes in the process, but go1.20.6 and go1.19.11 no longer do, and reject the host header. Around the community we are seeing that others are intercepting the req.host and if it starts with a slash or ends with .sock, they changing the host to localhost or another dummy value. [client: define a "dummy" hostname to use for local connections by thaJeztah · Pull Request #45942 · moby/moby](https://github.com/moby/moby/pull/45942) ### Testing & Reproduction steps Check CI tests. ### Links * [ ] updated test coverage * [ ] external facing docs updated * [ ] appropriate backport labels added * [ ] not a security concern	1 year ago
Jared Kirschner	b9c9d79778	Accept ap, datacenter, and namespace query params (#17525 ) This commit only contains the OSS PR (datacenter query param support). A separate enterprise PR adds support for ap and namespace query params. Resources in Consul can exists within scopes such as datacenters, cluster peers, admin partitions, and namespaces. You can refer to those resources from interfaces such as the CLI, HTTP API, DNS, and configuration files. Some scope levels have consistent naming: cluster peers are always referred to as "peer". Other scope levels use a short-hand in DNS lookups... - "ns" for namespace - "ap" for admin partition - "dc" for datacenter ...But use long-hand in CLI commands: - "namespace" for namespace - "partition" for admin partition - and "datacenter" However, HTTP API query parameters do not follow a consistent pattern, supporting short-hand for some scopes but long-hand for others: - "ns" for namespace - "partition" for admin partition - and "dc" for datacenter. This inconsistency is confusing, especially for users who have been exposed to providing scope names through another interface such as CLI or DNS queries. This commit improves UX by consistently supporting both short-hand and long-hand forms of the namespace, partition, and datacenter scopes in HTTP API query parameters.	2 years ago
Ronald	4b2137c2fa	Add copyright headers for acl, api and bench folders (#16706 ) * copyright headers for agent folder * Ignore test data files * fix proto files and remove headers in agent/uiserver folder * ignore deep-copy files * copyright headers for agent folder * fix merge conflicts * copyright headers for agent folder * Ignore test data files * fix proto files * ignore agent/uiserver folder for now * copyright headers for agent folder * Add copyright headers for acl, api and bench folders	2 years ago
Kyle Havlovitz	898e59b13c	Add the `operator usage instances` command and api endpoint (#16205 ) This endpoint shows total services, connect service instances and billable service instances in the local datacenter or globally. Billable instances = total service instances - connect services - consul server instances.	2 years ago
Dao Thanh Tung	b890c40ce4	Fixing CLI ACL token processing unexpected precedence (#15274 ) * Fixing CLI ACL token processing unexpected precedence * Minor flow format and add Changelog * Fixed failed tests and improve error logging message * Add unit test cases and minor changes from code review * Unset env var once the test case finishes running * remove label FINISH	2 years ago
Derek Menteer	6fa8fa4fca	Fix issue with connect Envoy choosing incorrect TLS settings. (#15466 ) This commit fixes a situation where the API TLS configuration incorrectly influences the GRPC port TLS configuration for XDS.	2 years ago
Chris S. Kim	0e176dd6aa	Allow consul debug on non-ACL consul servers (#15155 )	2 years ago
boruszak	38b1a515f1	Mergimg	2 years ago
cskh	995671ff6f	fix(api): missing peer name in query option (#14835 )	2 years ago
Riddhi Shah	d8d8c8603e	Add support for merge-central-config query param (#13001 ) Adds a new query param merge-central-config for use with the below endpoints: /catalog/service/:service /catalog/connect/:service /health/service/:service /health/connect/:service If set on the request, the response will include a fully resolved service definition which is merged with the proxy-defaults/global and service-defaults/:service config entries (on-demand style). This is useful to view the full service definition for a mesh service (connect-proxy kind or gateway kind) which might not be merged before being written into the catalog (example: in case of services in the agentless model).	3 years ago
funkiestj	6167400b28	api: add the ability to specify a path prefix (#12914 ) Specifically meant for when consul is behind a reverse proxy / API gateway Co-authored-by: Evan Culver <eculver@hashicorp.com>	3 years ago
Dhia Ayachi	09f2dd4d59	add queryBackend to the api query meta. (#12791 ) * add queryBackend to the api query meta. * add a changelog * use string type instead of int * Apply suggestions from code review Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com> Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>	3 years ago
Dan Upton	1e47e3c82b	Groundwork for exposing when queries are filtered by ACLs (#11569 )	3 years ago
sidzi	29f192a130	Refactor requireHttpCodes for segregated error handling (#11287 )	3 years ago
FFMMM	377c3a9b0b	add StatusError to api package (#11054 ) * add require http codes in api and use in operator_autopilot health check * add StatusError type in api package Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>	3 years ago
freddygv	e0a7900f52	Fixup api config and Envoy test	3 years ago
freddygv	886f873fa4	Trim newlines before parenthesis end	3 years ago
R.B. Boyer	fc9b1a277d	sync changes to oss files made in enterprise (#10670 )	3 years ago
Kyle Nusbaum	e72a703041	api: change io.Discard to ioutil.Discard	3 years ago
Daniel Nephin	6ac9149c3f	api: properly close the response body reads resp.Body until EOF, so that the http client is able to re-use the TCP connection.	3 years ago
Rémi Lapeyre	213524a657	Always set the Content-Type header when a body is present (#10204 ) * Always set the Content-Type header when a body is present Closes https://github.com/hashicorp/consul/issues/10011 * Add Changelog entry * Add more Content-Type exceptions * Fix tests	4 years ago
Conor Mongey	7a368bd2b6	Move header methods from config to client	4 years ago
Conor Mongey	eb65e59741	Only override headers if they're set	4 years ago
Conor Mongey	f647569b84	Prefer http.Header over map[string]string to allow for multi-valued headers	4 years ago
Conor Mongey	cdc8cd7b0e	Allow setting arbitrary headers in API client	4 years ago
Freddy	fe728855ed	Add DC and NS support for Envoy metrics (#9207 ) This PR updates the tags that we generate for Envoy stats. Several of these come with breaking changes, since we can't keep two stats prefixes for a filter.	4 years ago
R.B. Boyer	61eac21f1a	agent: return the default ACL policy to callers as a header (#9101 ) Header is: X-Consul-Default-ACL-Policy=<allow\|deny> This is of particular utility when fetching matching intentions, as the fallthrough for a request that doesn't match any intentions is to enforce using the default acl policy.	4 years ago
R.B. Boyer	8baf158ea8	Revert "Add namespace support for metrics (OSS) (#9117 )" (#9124 ) This reverts commit `06b3b017d3`.	4 years ago
Freddy	06b3b017d3	Add namespace support for metrics (OSS) (#9117 )	4 years ago
Seth Hoenig	9fab3fe990	api: create fresh http client for unix sockets (#8602 ) Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>	4 years ago
Daniel Nephin	0888c6575b	Step 3: fix a bug in api.NewClient and fix the tests The api client should never rever to HTTP if the user explicitly requested TLS. This change broke some tests because the tests always use an non-TLS http server, but some tests explicitly enable TLS.	5 years ago
Chris Piraino	401221de58	Allow users to configure either unstructured or JSON logging (#7130 ) * hclog Allow users to choose between unstructured and JSON logging	5 years ago
Michel Vocks	6681be918a	api: add option to set TLS options in-memory for API client (#7093 ) This PR adds the option to set in-memory certificates to the API client instead of requiring the certificate to be stored on disk in a file. This allows us to define API client TLS options per Consul secret backend in Vault. Related issue hashicorp/vault#4800	5 years ago
Matt Keeler	34e6e23d43	Change how namespaces are specified for the CLI (#6960 )	5 years ago
Matt Keeler	b069d6777b	OSS KV Modifications to Support Namespaces	5 years ago
Sarah Christoff	5e26971864	Prune Unhealthy Agents (#6571 ) * Add -prune flag to ForceLeave	5 years ago
Freddy	2274f64cab	Add Namespace as an api query/write option (#6551 )	5 years ago
Sarah Adams	8ff1f481fe	add flag to allow /operator/keyring requests to only hit local servers (#6279 ) Add parameter local-only to operator keyring list requests to force queries to only hit local servers (no WAN traffic). HTTP API: GET /operator/keyring?local-only=true CLI: consul keyring -list --local-only Sending the local-only flag with any non-GET/list request will result in an error.	5 years ago
Pavel Drankov	b3a0b273ed	api: update link to agent caching in comments (#5935 )	6 years ago
R.B. Boyer	e47d7eeddb	acl: adding support for kubernetes auth provider login (#5600 ) * auth providers * binding rules * auth provider for kubernetes * login/logout	6 years ago

9 Commits (1dfc265abe20b202bd90cf3946020a1587717667)