Commit Graph

14588 Commits (31a9e36dd99836d98d83d8a64b92495bd3f56e58)

Author SHA1 Message Date
Mike Morris 31a9e36dd9 Merge remote-tracking branch 'origin/stable-website' into release/1.10.1 2021-07-15 17:24:19 -04:00
hc-github-team-consul-core c800094210 Putting source back into Dev Mode 2021-07-15 19:33:15 +00:00
hc-github-team-consul-core db839f18ba
Release v1.10.1 2021-07-15 18:49:34 +00:00
hc-github-team-consul-core 40ac83c9d3
update bindata_assetfs.go 2021-07-15 18:49:33 +00:00
Dhia Ayachi fc38e8fba9 add changelogs for 1.10.1 2021-07-15 13:30:29 -04:00
Freddy e3e31375c8
Merge pull request #10622 from hashicorp/vuln/validate-sans-1.10 2021-07-15 10:05:06 -06:00
freddygv 803df59268 Fixup prepared query ns defaulting 2021-07-15 09:37:37 -06:00
freddygv 066e950b7d Add changelog entry 2021-07-15 09:31:43 -06:00
Daniel Nephin d808d7897a Merge pull request #10617 from hashicorp/dnephin/config-add-missing-docs
docs: add config options that were missing
2021-07-15 15:24:28 +00:00
Daniel Nephin 0b6330928a Merge pull request #10617 from hashicorp/dnephin/config-add-missing-docs
docs: add config options that were missing
2021-07-15 15:24:24 +00:00
R.B. Boyer 104ee65e17 xds: ensure single L7 deny intention with default deny policy does not result in allow action (CVE-2021-36213) (#10619) 2021-07-15 15:09:48 +00:00
John Cowen e92b9e8e82 ui: [BUGFIX] Ensure we use the ns query param name when requesting permissions (#10608)
Previously when namespaces were enabled, we weren't requesting permission for the actively selected namespace, and instead always checking the permissions for the default namespace.

This commit ensures we request permissions for the actively selected namespace.
2021-07-15 11:19:55 +00:00
John Cowen 15f6b10e4a ui: [BUGFIX] Ensure in-folder KVs are created in the correct folder (#10569)
When clicking to create a KV within folder name, would would be viewing a form that was a form for creating a KV in the root, which when the user clicked to save, saved the KV in the root.

For the moment at least I've removed the code that strips double slashes, and whilst this isn't ideal, it looks like we've picked up one of those bugs that turns into a 'feature', and completely reworking KV to not rely on the double slashes is not really an option right now.
2021-07-15 09:38:23 +00:00
freddygv 0bf181ae55 Update golden files 2021-07-14 22:41:51 -06:00
freddygv 8e4ca495d5 Validate SANs for passthrough clusters and failovers 2021-07-14 22:41:51 -06:00
freddygv faac20cd40 Update golden files to account for SAN validation 2021-07-14 22:41:02 -06:00
freddygv bdacb71d22 Validate Subject Alternative Name for upstreams
These changes ensure that the identity of services dialed is
cryptographically verified.

For all upstreams we validate against SPIFFE IDs in the format used by
Consul's service mesh:

spiffe://<trust-domain>/ns/<namespace>/dc/<datacenter>/svc/<service>
2021-07-14 22:41:02 -06:00
John Cowen 70f29c2312 ui: [BUGFIX] Fix KV Code Editor syntax loading (#10605)
This commit adds a bit of string wrangling to avoid the keys in our javascript source file also being transformed. Additionally, whilst looking at this we decided that Maps are a better dictionary than javascript objects, so we moved to use those here also (but this doesn't affect the issue)
2021-07-14 17:56:18 +00:00
John Cowen 6a0d4358e6 ui: Show the correct 'ACLs Disabled' page when ACLs are disabled (#10604)
Adds 'can access ACLs' which means one of two things

1. When ACLs are disabled I can access the 'please enable ACLs' page
2. When ACLs are enabled, its the same as canRead
2021-07-14 17:52:50 +00:00
Melissa Kam 7d0a1effd6 Merge pull request #10614 from hashicorp/nia/docs-0.2.1
nia/docs 0.2.1
2021-07-14 17:04:06 +00:00
Melissa Kam 29a677ee89 Merge pull request #10614 from hashicorp/nia/docs-0.2.1
nia/docs 0.2.1
2021-07-14 17:04:03 +00:00
David Yu 0324727dce docs: Add link to learn guide on migrating ACL tokens (#10609)
* docs: Add link to learn guide on migrating ACL tokens
2021-07-13 21:03:39 +00:00
David Yu 140fc5d449 docs: Add link to learn guide on migrating ACL tokens (#10609)
* docs: Add link to learn guide on migrating ACL tokens
2021-07-13 21:03:33 +00:00
Iryna Shustava ae767d9cfc cli/sdk: Allow applying redirect-traffic rules in a provided Linux namespace (#10564) 2021-07-13 16:06:25 +00:00
Daniel Nephin ca788e089e Merge pull request #10579 from hashicorp/dnephin/improve-config-docs-tls
docs: Improve TLS user documentation
2021-07-12 23:09:57 +00:00
Daniel Nephin caeddc6aab Merge pull request #10579 from hashicorp/dnephin/improve-config-docs-tls
docs: Improve TLS user documentation
2021-07-12 23:09:53 +00:00
Noel Quiles 9a35e47dda Bump hashi-stack-menu (#10599) 2021-07-12 22:28:38 +00:00
Noel Quiles 83276ded13 Bump hashi-stack-menu (#10599) 2021-07-12 22:28:35 +00:00
Curt Marker 1c86eae663 Fixed a typo that broke the example static-server deployment (#10582)
The service account was typo'd and needs to be fixed
2021-07-12 20:33:59 +00:00
Curt Marker f2481fbfc1 Fixed a typo that broke the example static-server deployment (#10582)
The service account was typo'd and needs to be fixed
2021-07-12 20:33:56 +00:00
mrspanishviking 9bae67dff5 Merge pull request #10586 from hashicorp/docs-consult-license
docs: changing license faq title to align with Nomad and Vault faq pages
2021-07-09 23:33:45 +00:00
mrspanishviking 7a812c85fd Merge pull request #10586 from hashicorp/docs-consult-license
docs: changing license faq title to align with Nomad and Vault faq pages
2021-07-09 23:33:41 +00:00
Evan Culver 940419aef0 Add support for returning ACL secret IDs for accessors with acl:write (#10546) 2021-07-08 22:13:45 +00:00
Daniel Nephin fe76dc7068 Merge pull request #10552 from hashicorp/dnephin/ca-remove-rotation-period
ca: remove unused RotationPeriod field
2021-07-08 20:56:43 +00:00
Daniel Nephin c2b6aad251 Merge pull request #10552 from hashicorp/dnephin/ca-remove-rotation-period
ca: remove unused RotationPeriod field
2021-07-08 20:56:40 +00:00
David Yu 3fb24c9cd4 docs: Update docs to reflect limitation in TProxy when using single Consul DC deployment with multiple k8s clusters (#10549)
* docs: Update to reflect single Consul DC deployment with multiple k8s clusters
2021-07-08 17:48:25 +00:00
David Yu 263bfe904c docs: Update docs to reflect limitation in TProxy when using single Consul DC deployment with multiple k8s clusters (#10549)
* docs: Update to reflect single Consul DC deployment with multiple k8s clusters
2021-07-08 17:48:21 +00:00
John Cowen 75c7491224 ui: Don't default to the default namespace, use the token default namespace instead (#10503)
The default namespace, and the tokens default namespace (or its origin namespace) is slightly more complicated than other things we deal with in the UI, there's plenty of info/docs on this that I've added in this PR.

Previously:

When a namespace was not specified in the URL, we used to default to the default namespace. When you logged in using a token we automatically forward you the namespace URL that your token originates from, so you are then using the namespace for your token by default. You can of course then edit the URL to remove the namespace portion, or perhaps revisit the UI at the root path with you token already set. In these latter cases we would show you information from the default namespace. So if you had no namespace segment/portion in the URL, we would assume default, perform actions against the default namespace and highlight the default namespace in the namespace selector menu. If you wanted to perform actions in your tokens origin namespace you would have to manually select it from the namespace selector menu.

This PR:

Now, when you have no namespace segment/portion in the URL, we use the token's origin namespace instead (and if you don't have a token, we then use the default namespace like it was previously)

Notes/thoughts:

I originally thought we were showing an incorrectly selected namespace in the namespace selector, but it also matched up with what we were doing with the API, so it was in fact correct. The issue was more that we weren't selecting the origin namespace of the token for the user when a namespace segment was omitted from the URL. Seeing as we automatically forward you to the tokens origin namespace when you log in, and we were correctly showing the namespace we were acting on when you had no namespace segment in the URL (in the previous case default), I'm not entirely sure how much of an issue this actually was.

This characteristic of namespace+token+namespace is a little weird and its easy to miss a subtlety or two so I tried to add some documentation in here for future me/someone else (including some in depth code comment around one of the API endpoints where this is very subtle and very hard to miss). I'm not the greatest at words, so would be great to get some edits there if it doesn't seem clear to folks.

The fact that we used to save your previous datacenter and namespace into local storage for reasons also meant the interaction here was slightly more complicated than it needed to be, so whilst we were here we rejigged things slightly to satisfy said reasons still but not use local storage (we try and grab the info from higher up). A lot of the related code here is from before we had our Routlets which I think could probably make all of this a lot less complicated, but I didn't want to do a wholesale replacement in this PR, we can save that for a separate PR on its own at some point.
2021-07-07 10:47:24 +00:00
John Cowen 7550bb2c65
ui: Add intl debug helpers (#10513) (#10561)
This commit adds a couple of debug utilities to help us to continue slowly adding i18n support:

- We've added a CONSUL_INTL_DEBUG env/cookie variable to turn off variable interpolation within the t helper so you can see which variables are being interpolated.
- We've added a CONSUL_INTL_LOCALE env/cookie which currently supports two 'pseudo-locales' - la-fk (fake latin) and - (just dashes) either of which will make it easier to see what has not been localized until we can add prettier rules to prevent adding any copy into templates at all. I would guess if we ever translated the app we would use this for looking at things whilst developing also - but as yet I've not adding anything for that here seeing as we don't translate anything.
Both variables are dev-time only and all code for this is removed from the production build.
2021-07-07 10:26:12 +01:00
Luke Kysow 4b71eaa312 Add headings to Helm docs (#10562) 2021-07-06 18:23:49 +00:00
Luke Kysow 0d9c9c17dd Add headings to Helm docs (#10562) 2021-07-06 18:23:46 +00:00
John Cowen bd0dfc31b3 ui: CopyButton amends (#10511)
* ui: Add with-copyable modifier

* Use with-copyable modifier for our own CopyButton

* Move copy-button styling and remove most of `copy-btn`
2021-07-06 16:43:31 +00:00
John Cowen 1d5e17d3cc ui: Allow disabling of sourcemaps via env var (#10491) 2021-07-06 15:58:30 +00:00
John Cowen db4ba43398 ui: Fixup definition-table + copy-button margin (#10512) 2021-07-06 15:58:04 +00:00
Daniel Nephin c8bba8bd60
Merge pull request #10539 from hashicorp/dnephin/backport-to-1.10.x
[1.10.x] Backport main branch rename, and fix 32bit panic
2021-07-05 12:35:56 -04:00
hc-github-team-consul-core 7addc6f353 Putting source back into Dev Mode 2021-07-01 19:39:43 +00:00
hc-github-team-consul-core 2aae8d13b2
Release v1.10.1-beta1 2021-07-01 18:46:30 +00:00
hc-github-team-consul-core bd6a6bf8b8
update bindata_assetfs.go 2021-07-01 18:46:29 +00:00
Mike Morris 5573a3d491 changelog: add unreleased entries for 1.10.1-beta1 2021-07-01 14:41:04 -04:00
David Yu 395100ae83 docs: Formatting for Ingress Controllers example repos (#10542)
* docs: Formatting for Ingress Controllers example repos
* Update ingress-controllers.mdx
2021-07-01 17:49:22 +00:00