Commit Graph

73 Commits (5493cf6af5e999db98a191a36d748510038a4788)

Author SHA1 Message Date
hc-github-team-consul-core eaf0c05217
backport of commit f42b1de80b (#17079)
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2023-04-20 22:02:55 +00:00
Anita Akaeze 689360c0c5
NET-3648: Add script to get consul and envoy version (#17060) (#17074) 2023-04-20 14:47:07 -04:00
hc-github-team-consul-core 816f8151ab
backport of commit 91be1c3e35 (#16990)
Co-authored-by: cskh <hui.kang@hashicorp.com>
2023-04-12 22:23:33 +00:00
Anita Akaeze 2b07d8010b
NET-2397: Add readme.md to upgrade test subdirectory (#16610) (#16696)
* NET-2397: Add readme.md to upgrade test subdirectory

* remove test code

* fix link and update  steps of adding new test cases (#16654)

* fix link and update  steps of adding new test cases

* Apply suggestions from code review



---------



---------

Co-authored-by: cskh <hui.kang@hashicorp.com>
Co-authored-by: Nick Irvine <115657443+nfi-hashicorp@users.noreply.github.com>
2023-03-21 08:50:23 -05:00
hc-github-team-consul-core 9e88415e4d
Backport of Snapshot restore tests into release/1.15.x (#16672)
* backport of commit a8525f8315

* backport of commit a2d560517c

* backport of commit 958c279dbc

* backport of commit 1c1b88bc6a

* backport of commit cd25976169

* backport of commit d95619f85f

* backport of commit 15a4645e7f

* backport of commit abb2203af5

---------

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
Co-authored-by: Paul Banks <pbanks@hashicorp.com>
Co-authored-by: John Murret <john.murret@hashicorp.com>
2023-03-19 23:33:52 +00:00
hc-github-team-consul-core eb63d46abb
Backport of [API Gateway] Fix invalid cluster causing gateway programming delay into release/1.15.x (#16668)
* backport of commit 9ea73b3b8d

* backport of commit d3cffdeb4d

* backport of commit 0848aac017

* backport of commit 90b5e39d2d

* Refactor and fix flaky tests

* Fix bad merge

* add file that was never backported

* Fix bad merge again

* fix duplicate method

* remove extra import

* backport a slew of testing library code

* backport changes coinciding with library update

* backport changes coinciding with library update

---------

Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
2023-03-17 15:02:28 -04:00
Semir Patel 99e1ccefc2 bump api and sdk modules 2023-03-07 13:42:33 -06:00
hc-github-team-consul-core 10b5250126
Backport of Gateway Test HTTPPathRewrite into release/1.15.x (#16466)
* no-op commit due to failed cherry-picking

* add http url path rewrite

* add Mike's test back in

* update kind to use api.APIGateway

---------

Co-authored-by: temp <temp@hashicorp.com>
Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
2023-02-28 16:36:54 -06:00
cskh 31e094b36e
upgrade test: consolidate resolver test cases (#16443) (#16457) 2023-02-28 16:31:52 +00:00
hc-github-team-consul-core 9902dab7bc
Backport of Basic gobased API gateway spinup test into release/1.15.x (#16423)
* backport of commit 60a62add31

* backport of commit 560cd55675

* backport of commit bd3ff14638

* backport of commit b8a4c8319d

* backport of commit 184b6bbcb0

* backport of commit cc213b67b4

* backport of commit e706bc7cac

* backport of commit 064a3c0104

* backport of commit b8aa15ef54

* updated GetPort interface

* fix getport

* fix syntax issues

* fix gofmt error

* removed deprecated random calls, removed unused port variable

* clean up duplicate comment

* Update test/integration/consul-container/test/gateways/gateway_endpoint_test.go

* parralelize this test

* delete extra line

* clean up unneeded comments

---------

Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
2023-02-27 20:06:38 +00:00
hc-github-team-consul-core 291690bbb3
backport of commit e17298b6b8 (#16441)
Co-authored-by: Anita Akaeze <anita.akaeze@hashicorp.com>
2023-02-27 19:28:51 +00:00
hc-github-team-consul-core b457e8bbf4
backport of commit 9fa59888fa (#16440)
Co-authored-by: cskh <hui.kang@hashicorp.com>
2023-02-27 19:17:32 +00:00
hc-github-team-consul-core 8ba11d7380
backport of commit 7e236479c0 (#16272)
Co-authored-by: cskh <hui.kang@hashicorp.com>
2023-02-22 20:58:17 +00:00
hc-github-team-consul-core deaef1d6b4
backport of commit 3253386a68 (#16370)
Co-authored-by: Anita Akaeze <anita.akaeze@hashicorp.com>
2023-02-22 18:09:58 +00:00
hc-github-team-consul-core 6b5d96744d
backport of commit 813264e160 (#16359)
Co-authored-by: cskh <hui.kang@hashicorp.com>
2023-02-22 16:16:22 +00:00
hc-github-team-consul-core aad218d4d0
backport of commit bb33b6060b (#16357)
Co-authored-by: Xinyi Wang <xinyi.wang@hashicorp.com>
2023-02-22 15:54:59 +00:00
hc-github-team-consul-core 0e89df2b7a
Backport of [OSS] security: update go to 1.20.1 into release/1.15.x (#16314)
* backport of commit 2a8cdf1747

* backport of commit 716d162048

* backport of commit 2c757fac4f

* backport of commit f81c5d4933

* backport of commit ff4f0596f3

* backport of commit 31bbca9fe4

* backport of commit 2f54191353

* backport of commit c263147180

---------

Co-authored-by: DanStough <dan.stough@hashicorp.com>
2023-02-17 21:00:25 +00:00
Nitya Dhanushkodi 94f4347ffe
Backport: troubleshoot: fixes and updated messages (#16294) (#16309) 2023-02-17 10:53:20 -08:00
hc-github-team-consul-core 1d994d707e
Backport of add integration tests for troubleshoot into release/1.15.x (#16261)
* backport of commit 74dcceeeb2

* cherry pick from PR 16223

---------

Co-authored-by: Maliz <maliheh.monshizadeh@hashicorp.com>
2023-02-15 08:11:57 -08:00
cskh ab5dac3414
upgrade test: peering with http router config entry (#16231)
* upgrade test: peering with http router config entry
2023-02-13 14:09:12 -05:00
Derek Menteer 4f2ce60654
Fix peering acceptors in secondary datacenters. (#16230)
Prior to this commit, secondary datacenters could not be initialized
as peering acceptors if ACLs were enabled. This is due to the fact that
internal server-to-server API calls would fail because the management
token was not generated. This PR makes it so that both primary and
secondary datacenters generate their own management token whenever
a leader is elected in their respective clusters.
2023-02-10 09:47:17 -06:00
Anita Akaeze d72ad5fb95
Merge pull request #4216 from hashicorp/NET-2252-add-assert-fortioname (#16212)
NET-2252: integration tests: add assert.FortioName
2023-02-09 09:45:31 -05:00
cskh b4151780d6
Upgrade test: verify the agent token is working after upgrade (#16164)
1. Upgraded agent can inherit the persisted token and join the cluster
2. Agent token prior to upgrade is still valid after upgrade
3. Enable ACL in the agent configuration
2023-02-07 14:13:19 -05:00
wangxinyi7 906ebb97f6
change log level (#16128) 2023-02-06 12:58:13 -08:00
Anita Akaeze f58d5bb221
NET-2087: Restart proxy sidecar during cluster upgrade (#16140) 2023-02-06 13:09:44 -05:00
Anita Akaeze fcf18222c5
add assertions (#16087) 2023-02-03 10:20:22 -05:00
Dan Upton e40b731a52
rate: add prometheus definitions, docs, and clearer names (#15945) 2023-02-03 12:01:57 +00:00
Anita Akaeze 08a19e532d
NO_JIRA: Add function to get container status before making api call (#16116) 2023-02-01 10:48:54 -05:00
cskh 9da61c1cec
Upgrade test: retain sidecar containers during upgrade. (#16100) 2023-01-30 09:49:52 -05:00
cskh ffb81782de
Upgrade test: peering control plane traffic through mesh gateway (#16091) 2023-01-27 11:25:48 -05:00
cskh 5fa9ab28dc
integ test: remove hardcoded upstream local bind port and max number of envoy sidecar (#16092) 2023-01-27 15:19:10 +00:00
cskh dbaab52786
Post upgrade test validation: envoy endpoint and register service (#16067) 2023-01-25 12:27:36 -05:00
Dan Stough bb71d045e1
test: run integration tests in parallel (#16035) 2023-01-24 14:51:50 -05:00
R.B. Boyer 96389eb266
test: container tests wait for available networks (#16045) 2023-01-23 14:14:24 -06:00
Dan Stough 91d6a81c14
test(integration): add access logging test (#16008) 2023-01-20 17:02:44 -05:00
John Murret 794277371f
Integration test for server rate limiting (#15960)
* rate limit test

* Have tests for the 3 modes

* added assertions for logs and metrics

* add comments to test sections

* add check for rate limit exceeded text in log assertion section.

* fix linting error

* updating test to use KV get and put.  move log assertion tolast.

* Adding logging for blocking messages in enforcing mode.  refactoring tests.

* modified test description

* formatting

* Apply suggestions from code review

Co-authored-by: Dan Upton <daniel@floppy.co>

* Update test/integration/consul-container/test/ratelimit/ratelimit_test.go

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>

* expand log checking so that it ensures both logs are they when they are supposed to be and not there when they are not expected to be.

* add retry on test

* Warn once when rate limit exceed regardless of enforcing vs permissive.

* Update test/integration/consul-container/test/ratelimit/ratelimit_test.go

Co-authored-by: Dan Upton <daniel@floppy.co>

Co-authored-by: Dan Upton <daniel@floppy.co>
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2023-01-19 08:43:33 -07:00
Anita Akaeze 4e154144a6
NET-2038: Add envoy assertion function of listener verification (#15969) 2023-01-18 16:13:55 -05:00
Dan Stough e8dde59bd0
chore(ci): fix compat ent compat tests for sidecars and gateways (#15997) 2023-01-17 17:16:55 -05:00
R.B. Boyer d59efd390c
test: general cleanup and fixes for the container integration test suite (#15959)
- remove dep on consul main module
- use 'consul tls' subcommands instead of tlsutil
- use direct json config construction instead of agent/config structs
- merge libcluster and libagent packages together
- more widely use BuildContext
- get the OSS/ENT runner stuff working properly
- reduce some flakiness
- fix some correctness related to http/https API
2023-01-11 15:34:27 -06:00
Dan Stough 6d2880e894
feat: add access logs to dataplane bootstrap rpc (#15951) 2023-01-11 13:40:09 -05:00
Matt Keeler 5afd4657ec
Protobuf Modernization (#15949)
* Protobuf Modernization

Remove direct usage of golang/protobuf in favor of google.golang.org/protobuf

Marshallers (protobuf and json) needed some changes to account for different APIs.

Moved to using the google.golang.org/protobuf/types/known/* for the well known types including replacing some custom Struct manipulation with whats available in the structpb well known type package.

This also updates our devtools script to install protoc-gen-go from the right location so that files it generates conform to the correct interfaces.

* Fix go-mod-tidy make target to work on all modules
2023-01-11 09:39:10 -05:00
cskh 1113314641
Refactoring the peering integ test to accommodate coming changes of o… (#15885)
* Refactoring the peering integ test to accommodate coming changes of other upgrade scenarios.

- Add a utils package under test that contains methods to set up various test scenarios.
- Deduplication: have a single CreatingPeeringClusterAndSetup replace
  CreatingAcceptingClusterAndSetup and CreateDialingClusterAndSetup.
- Separate peering cluster creation and server registration.

* Apply suggestions from code review

Co-authored-by: Dan Stough <dan.stough@hashicorp.com>
2023-01-04 15:28:15 -05:00
Dan Upton d4c435856b
grpc: `protoc` plugin for generating gRPC rate limit specifications (#15564)
Adds automation for generating the map of `gRPC Method Name → Rate Limit Type`
used by the middleware introduced in #15550, and will ensure we don't forget
to add new endpoints.

Engineers must annotate their RPCs in the proto file like so:

```
rpc Foo(FooRequest) returns (FooResponse) {
  option (consul.internal.ratelimit.spec) = {
    operation_type: READ,
  };
}
```

When they run `make proto` a protoc plugin `protoc-gen-consul-rate-limit` will
be installed that writes rate-limit specs as a JSON array to a file called
`.ratelimit.tmp` (one per protobuf package/directory).

After running Buf, `make proto` will execute a post-process script that will
ingest all of the `.ratelimit.tmp` files and generate a Go file containing the
mappings in the `agent/grpc-middleware` package. In the enterprise repository,
it will write an additional file with the enterprise-only endpoints.

If an engineer forgets to add the annotation to a new RPC, the plugin will
return an error like so:

```
RPC Foo is missing rate-limit specification, fix it with:

	import "proto-public/annotations/ratelimit/ratelimit.proto";

	service Bar {
	  rpc Foo(...) returns (...) {
	    option (hashicorp.consul.internal.ratelimit.spec) = {
	      operation_type: OPERATION_READ | OPERATION_WRITE | OPERATION_EXEMPT,
	    };
	  }
	}
```

In the future, this annotation can be extended to support rate-limit
category (e.g. KV vs Catalog) and to determine the retry policy.
2023-01-04 16:07:02 +00:00
cskh 692a6edd7d
Upgrade test: test peering upgrade from an old version of consul (#15768)
* upgrade test: test peering upgrade from an old version of consul

NET-1809
2022-12-15 16:31:12 -05:00
Semir Patel bafa5c7156
Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
Dan Stough 98ef5f28dd
[OSS] security: update x/net module (#15737)
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2022-12-08 16:45:44 -05:00
cskh 36f05bc8fb
integ-test: test consul upgrade from the snapshot of a running cluster (#15595)
* integ-test: test consul upgrade from the snapshot of a running cluster

* use Target version as default


Co-authored-by: Dan Stough <dan.stough@hashicorp.com>
2022-12-01 10:39:09 -05:00
Dan Stough 227fd14287
chore: updates from 1.14.2 release (#15633)
* chore: updates from 1.14.2 release
2022-11-30 22:15:58 -05:00
Derek Menteer 8079686bf0
Add 1.14.1 release updates. (#15514)
Add post-release changes for 1.14.1 updates.
2022-11-21 13:35:30 -06:00
Derek Menteer dc27e35f82
Consul 1.14 post-release updates (#15382)
* Update changelog with 1.14 notes.

* gomod version bumps for 1.14 release.
2022-11-15 14:22:43 -06:00