mirror of https://github.com/hashicorp/consul
Tree:
6302ef31fc
1.14.0-beta1
1.6.2
18831-backport1.14.10
18831-backport1.15.6
18831-backport1.16.2
404-checker-update
Amier3-patch-1
CC-5545/upgrade-hds-packages
CC-6363/downgrade-node-for-ci
CC-6363/downgrade-node-for-v-1-point-15
CC-7146/Sidebar-item-for-linking-status
CC-7146/convert-consul-hcp-to-a-simpler-component-for-some-upcoming-changes
CC-7146/hcp-link-item-in-the-nav-bar
CSLC-103-egress-gtwy-cert-tgtwy
CSLC-91-egress-connect-proxy
CSLC-91-egress-connect-proxy-2
CTIA-8-verify-builds-v2
FFMMM-patch-1
GH-migration-add-oss-ent-builder-logic
HCPCP-1619-unix-socket-host
NET-10248-consul-cross-namespace-requests-to-a-terminating-gateway-fail-with-no-healthy-upstream
NET-10288-Bump-go-to-resolve-CVE-2024-24791
NET-10290-Bump-envoy-to-resolve-CVE-2024-39305
NET-10719-fix-apigw-jwt-cluster-generation
NET-1530-set-envoy-ext-rate-limit-plugin
NET-1594-backport
NET-1594-backport-1.14.x
NET-1594-backport-1.15.x
NET-1643-66794-consul-version-in-prometheus-format-metrics-is-0
NET-1723/append-rules
NET-1728/remove-docs-with-token-param
NET-1805-cleanup-test-container-lib-basic-topology-single-dc
NET-1805-upgrade-test-grpc
NET-2029-Normalize-status-for-new-config-entry-types
NET-2063-Implementation-API-GW-Use-XDS-primitives-instead-of-Ingress-GW-primitives
NET-2088-upgrade-test-ingress-gateway
NET-3059/acl-agent-api
NET-3914-gha-change-upgrade-test-small-runner
NET-3914-gha-change-upgrade-test-small-runner-no-splitting
NET-3914-gha-resolve-the-issue-of-running-multiple-docker-container
NET-3914-gha-run-compat-tests-single-runner
NET-3914-gha-upgrade-test-single-runner
NET-4277
NET-4277-tests
NET-438/add-ent-version-suffix
NET-4558-Address-comments-for-PR-https-github.com-hashicorp-consul-pull-15235
NET-4924_update_readme
NET-5017-status-condition-fixes
NET-5084/TrafficPermission-WorkloadIdentity-protos
NET-5090/implicit-destinations
NET-5147-plumbing
NET-5327-consistency-docs
NET-581-Configure-Vault-namespaces-for-Connect-CA-via-Helm-Stanza
NET-5889-absl
NET-6313/resource-list-poc
NET-6354
NET-6416-meshgateway-acls
NET-6453/skip-traffic-permission-test-on-M1
NET-6469/add-custom-watch
NET-6608
NET-6820-Mesh-GW-Customize-mesh-gateway-proxy-limits
NET-6821-Host-Header-Rewrite
NET-685-rate-limiting-to-registering-imported-services
NET-7014-consul-Look-up-mesh-gateway-controlling-workload-instead-of-assuming-its-identity
NET-7376-consul-consul-k8s-Set-status-on-APIGateway-with-required-info-from-kubesig
NET-800-add-internal-endpoint-to-return-all-exported-services-to-a-given-peer
NET-801-add-internal-endpoint-to-return-peer-stream-health-from-peerstream-tracker
NET-818-server-cert
NET-8983/raft-version-bump
RELENG-305
RELTOOL-20
SECVULN-6892-word-wrap
SECVULN-8533-lodash-template
SECVULN-8621_consul_api_validate_request_content_type
SuyashHashiCorp-patch-1
SuyashHashiCorp-patch-1-1
SuyashHashiCorp-patch-2
a10-thunder-adc
aahel
acl/wait-for-token-replication-to-use-token
acpana/clean-peer-2
acpana/no-19-metrics
acpana/nonuser-peering-reg-3
acpana/peering-imported-counter
add-bind-type-policy
add-docs-for-anno
add-downstream-service-meta
add-linter-net-rpc-2-test
add-linter-net-rpc-r2
add-missing-consul-env-file
add-new-golden-file-tests
add-partitions-to-e2e-gateway-tests
add-patches
add-peering-changes
add-peering-commontopo-tests-ci-fiddling
add-ui-checker
add_build_ui
adds-helm-docs-update-from-1-4-2-consul-k8s
agent/tls-types
anita-upgrade-fix
ap/exports-docs
ap/main-docs
api-gateway-all-controllers
api-gateway-sds-fixes
api-gateway-ui
api-gw-docs-broken-link
apivalidateclusters
architecture-log
ariadne/hack/backend
art
artifact-manifest/main/smoothly-fresh-quagga
ashwin-michael/crd-auto-generation
b-ui/manual-backport-d3-color
b/scada-retry-disconnect
backend-changes-doesnt-run-frontend-task-on-ci-test
backport-1.16-fix-snapshot-test
backport-squashing-fix-for-namespaces
backport/1.11.x/11107
backport/1.13.x/api-gw-docs
backport/16955-transfer-leader/safely-positive-bobcat
backport/CC-7146/convert-consul-hcp-to-a-simpler-component-for-some-upcoming-changes/barely-trusting-yeti
backport/CE-564-external-services-crd/carefully-generous-kodiak
backport/CE-572-file-system-certificate/slowly-pure-herring
backport/CE-577-release-notes/namely-fleet-lionfish
backport/CI-upload-upgrade-test-to-datadog/incredibly-helping-pig
backport/CTIA-5-gh-12578-endpoint-returns-500-instead-of-404/merely-optimum-wahoo
backport/CTIA-5-gh-12578-endpoint-returns-500-instead-of-404/partly-liberal-bluegill
backport/CTIA-5-gh-12578-endpoint-returns-500-instead-of-404/reliably-dear-hen
backport/NET-10288-Bump-go-to-resolve-CVE-2024-24791/wrongly-optimal-lamprey
backport/NET-1521/conversely-romantic-dodo
backport/NET-2292-upgrade-port-http/initially-innocent-dodo
backport/NET-3474/start-reporting-agent/slowly-inviting-whippet
backport/NET-3476/add-reporting-config/quickly-talented-wildcat
backport/NET-3860/moderately-awake-grouse
backport/NET-3860/namely-curious-iguana
backport/NET-3860/uniformly-funny-pug
backport/NET-3893/container-logs/intensely-nice-boar
backport/NET-3893/container-logs/obviously-primary-sawfly
backport/NET-3914-fix-container-test-slow-image-build/sharply-game-mastiff
backport/NET-4135/fairly-stable-lamb
backport/NET-4135/marginally-ultimate-sculpin
backport/NET-4519/annually-huge-filly
backport/NET-4519/deadly-precise-jawfish
backport/NET-4519/heavily-equal-spaniel
backport/NET-5611_fix_trigger_ci/simply-relevant-foal
backport/NET-5688-gwui-fixes/mentally-superb-prawn
backport/NET-5688-gwui-fixes/noticeably-easy-magpie
backport/NET-8717-Vulnerabilities-in-consul-enterprise-d3-color/accurately-normal-snipe
backport/RELPLAT-897-copywrite-bot-workarounds/likely-content-goshawk
backport/RELPLAT-980-license-file-updates/vertically-modern-dogfish
backport/SECVULN-8633-TOB-CONSUL24-17-Consul-configuration-allows-repeated-keys/publicly-deciding-hookworm
backport/Suppress-CVE-2024-8096/gradually-brave-ewe
backport/Suppress-CVE-2024-8096/quietly-brief-koala
backport/add-ent-and-ce-frontend-test-runs-to-pr/morally-sure-fowl
backport/add-ent-and-ce-frontend-test-runs-to-pr/painfully-outgoing-drum
backport/add-ent-and-ce-frontend-test-runs-to-pr/similarly-new-sloth
backport/add-query-for-namespace-lookup-when-creating-services
backport/add-release-config-key/gradually-wanted-trout
backport/add-release-config-key/lightly-sterling-mongrel
backport/add-release-config-key/mentally-equal-wallaby
backport/add-tests-for-gw-proxy-controller/loosely-primary-crane
backport/am-ak-patch-1/really-stirring-flounder
backport/api-gateway-install-redirrects/wholly-one-sunbird
backport/asheshvidyut/NET-3865/gratefully-apt-haddock
backport/ashwin/cluster-peering-helm-docs/curiously-legible-drum
backport/ashwin/envoy-readiness/cleanly-supreme-poodle
backport/ashwin/envoy-readiness/visually-warm-sunfish
backport/ashwin/generate-proto-deep-copy-json-marshal/naturally-exotic-anemone
backport/ashwin/peer-count-metric/greatly-many-chimp
backport/ashwin/recreate-token-docs/virtually-new-koi
backport/ashwin/use-prxoy-health-docs/uniformly-new-cattle
backport/backport/remove-CONSUL_HCP_LINK_ENABLED-flag/scarcely-precise-silkworm-manual
backport/brk.chore/remove-link-format-check/promptly-aware-garfish
backport/brk.fix/update-links-for-developer/reasonably-choice-vulture
backport/broken_links/evidently-improved-starfish
backport/broken_links/lately-faithful-falcon
backport/broken_links/regularly-living-monitor
backport/catalog-deregistration-fix/grossly-lenient-treefrog
backport/catalog-deregistration-fix/optionally-blessed-cockatoo
backport/cc-4361/hcp-metrics-bootstrap-config/manually-composed-snail
backport/cc-4519-collect-node-id/brightly-sharp-akita
backport/cc-4519-collect-node-id/suitably-funky-warthog
backport/cc-4716-link-existing-clusters/hopelessly-full-koi
backport/cc-4716-link-existing-clusters/slightly-on-wren
backport/cc-4929-cap-socket-path/horribly-sunny-airedale
backport/cc-4960/hcp-telemetry-periodic-refresh/namely-joint-tarpon
backport/cc-4960/hcp-telemetry-periodic-refresh/quietly-splendid-leech
backport/cc-4960/move-first-fetch-into-provider/informally-exciting-blowfish
backport/cc-4960/move-first-fetch-into-provider/rapidly-climbing-airedale
backport/cc-4960/move-first-fetch-into-provider/separately-nearby-seagull
backport/cc-7147-link-to-hcp-modal/kindly-verified-snipe
backport/chore-fix-module-name/fully-giving-hagfish
backport/ci-remove-duplicate-test/actually-sensible-swine
backport/compliance/license-changes/vigorously-holy-escargot
backport/consul-collector-reduce-flush-intervals/externally-natural-pangolin
backport/consul-collector-reduce-flush-intervals/likely-loved-hog
backport/consul-er-add-service-discovery-seo-doc/notably-social-koala
backport/consul-k8s-docs-typo/firstly-present-hawk
backport/consul-k8s-docs-typo/largely-liked-badger
backport/correct-redhat-tags/humbly-central-cricket
backport/correct-redhat-tags/promptly-intense-dodo
backport/correct-redhat-tags/sadly-deep-tiger
backport/cp_NET-3684/mentally-fit-squirrel
backport/cthain/net-5807/vault-ca-namespace-config/heavily-rested-donkey
backport/cthain/net-5807/vault-ca-namespace-config/miserably-factual-blowfish
backport/danielehc-fix-filter-links/cleanly-humble-mole
backport/danielehc-fix-filter-links/vaguely-welcome-jawfish
backport/dans/NET-1757/access-logs-docs/only-definite-polecat
backport/dans/NET-3917/default-0s-initial_fetch_timeout/fairly-fluent-drake
backport/dans/NET-6796/dns-v2-catalog-v2-ns-soa/mostly-real-ibex
backport/dans/fix-snapshot-save-test/partly-sweeping-mollusk
backport/dans/fix-snapshot-save-test/vaguely-solid-sheepdog
backport/dans/fix-snapshot-save-test/willingly-golden-leopard
backport/david-yu-admin-partitions/deeply-fair-quagga
backport/david-yu-admin-partitions/eminently-awaited-porpoise
backport/david-yu-admin-partitions/gradually-open-octopus
backport/david-yu-admin-partitions/jointly-ready-mole
backport/david-yu-admin-partitions/officially-charming-orca
backport/david-yu-admin-partitions/typically-fast-shark
backport/david-yu-agent-latency-requirements/severely-ready-raccoon
backport/david-yu-build-dockerfile/mutually-assuring-albacore
backport/david-yu-cleanup-1-18/distinctly-stirring-catfish
backport/david-yu-docs-cluster-peering/poorly-flying-leopard
backport/david-yu-enterprise-image/noticeably-brave-man
backport/david-yu-enterprise-image/wholly-welcome-platypus
backport/david-yu-gke-autopilot/internally-sharp-thrush
backport/david-yu-gke-autopilot/recently-driving-dingo
backport/david-yu-k8s-install-helm/normally-cool-fish
backport/david-yu-k8s-install-helm/notably-thorough-crow
backport/david-yu-k8s-install-helm/trivially-intimate-aardvark
backport/david-yu-log-level-error/lightly-polite-porpoise
backport/david-yu-log-level-error/quickly-helping-ghoul
backport/david-yu-patch-2/correctly-eternal-hamster
backport/david-yu-patch-2/nominally-viable-squirrel
backport/david-yu-patch-3/informally-factual-colt
backport/david-yu-ubi/curiously-cunning-meerkat
backport/david-yu-ubi/publicly-loving-bluejay
backport/david-yu-ubi/secretly-balanced-rodent
backport/derekm/NET-3007/fix-peer-stream-cleanup/friendly-caring-krill
backport/derekm/NET-3881/health-call-loop-entfix/possibly-safe-swan
backport/derekm/NET-3881/health-call-loop/trivially-dashing-ox
backport/derekm/NET-4958/missing-endpoints/unlikely-positive-wildcat
backport/derekm/NET-7652/broadly-regular-firefly
backport/derekm/NET-7652/freely-peaceful-kit
backport/derekm/fix-cicd-docker-pull/steadily-evolved-kitten
backport/derekm/grpc-server-keepalive/gladly-popular-cod
backport/dev-image-publishing/willingly-literate-stag
backport/dev-portal/largely-exact-worm
backport/dev-portal/thoroughly-enabling-kid
backport/dhiaayachi/fix_panic_policy_delete/logically-amazed-crow
backport/dhiaayachi/fix_panic_policy_delete/publicly-pumped-tadpole
backport/dhiaayachi/raft-wal-0.4.1/sadly-super-monarch
backport/disable_envoy_check/closely-liberal-monkfish
backport/disable_envoy_check/mistakenly-mighty-glider
backport/dns-parititon-docs/certainly-real-vulture
backport/doc-v2-traffic-permission/jointly-top-ant
backport/docs-nomad-ent/cheaply-guiding-sloth
backport/docs-nomad-ent/only-touched-mutt
backport/docs-nomad-ent/scarcely-thorough-anteater
backport/docs/1-10-upgrade-compatibility-clarification/distinctly-relaxing-snail
backport/docs/1-10-upgrade-compatibility-clarification/gradually-united-polecat
backport/docs/1-17-release-notes/friendly-smiling-sailfish
backport/docs/1-19-release-notes-fix/factually-evolving-koala
backport/docs/CE-749-remove-references-from-consul/humbly-leading-emu
backport/docs/add-rate-limit-ops-diagram/widely-alive-mallard
backport/docs/add-redirects-1.8-conf-entries/factually-relieved-flounder
backport/docs/add-redirects-1.8-conf-entries/freely-grateful-camel
backport/docs/add-redirects-1.8-conf-entries/illegally-driving-fawn
backport/docs/add-redirects-1.8-conf-entries/pleasantly-cunning-pig
backport/docs/added-1.17-features-to-enterprise-overview
backport/docs/added-redirects-for-conf-entries
backport/docs/added-redirects-for-conf-entries-1.13.x
backport/docs/added-redirects-for-conf-entries-1.14.x
backport/docs/address-multicluster-singledc-docs/hopefully-set-mallard
backport/docs/admin-partitions-114-update/correctly-enough-shad
backport/docs/admin-partitions-link-k8s/trivially-excited-jaybird
backport/docs/admin-partitions-node-scope/forcibly-bursting-kid
backport/docs/amb.migrate-link-formats/adversely-helping-troll
backport/docs/amb.migrate-link-formats/jointly-renewed-dolphin
backport/docs/amb.migrate-link-formats/thoroughly-obliging-trout
backport/docs/amb.migrate-link-formats/truly-supreme-hagfish
backport/docs/amb.migrate-link-formats/usually-sweeping-panda
backport/docs/api-gw-k8s-add-upgrade-step-1.16/fully-suited-cattle
backport/docs/apigee-backports/deeply-active-jackal
backport/docs/auto-cert-1-13-2/constantly-above-turtle
backport/docs/blake/fix-spelling-errors-aug23/partially-equal-haddock
backport/docs/capigw-0.3/carefully-sharp-rattler
backport/docs/capigw-0.3/correctly-peaceful-muskrat
backport/docs/capigw-tech-spec-update/explicitly-renewing-badger
backport/docs/capigw-tech-spec-update/formerly-awaited-elf
backport/docs/capigw-typos-usage/socially-needed-dodo
backport/docs/ce-514-envoy-constraints/publicly-modern-sturgeon
backport/docs/change-backendRefs-api-group/largely-working-woodcock
backport/docs/clarify-connect-language-2/humbly-native-spaniel
backport/docs/clarify-license-behavior-on-restart/morally-ready-monkey
backport/docs/clarify-snapshot-restore-version-restriction/blindly-sure-buffalo
backport/docs/clarify-snapshot-restore-version-restriction/firstly-endless-eagle
backport/docs/clarify-vault-ca-provider-permissions-needed/optionally-hardy-emu
backport/docs/cluster-peering-parameter-fixes/yearly-flowing-arachnid
backport/docs/common-errors/amazingly-golden-pony
backport/docs/config-enable-debug/broadly-loving-tomcat
backport/docs/config-enable-debug/conversely-positive-goblin
backport/docs/config-enable-debug/endlessly-probable-manatee
backport/docs/config-enable-debug/willingly-master-sloth
backport/docs/consistency-mode-improvements/annually-united-iguana
backport/docs/consistency-mode-improvements/implicitly-smart-jaguar
backport/docs/consistency-mode-improvements/mildly-wanted-slug
backport/docs/consistency-mode-improvements/nationally-key-swan
backport/docs/consistency-mode-improvements/slowly-mint-bull
backport/docs/consistency-mode-improvements/willingly-sterling-bluegill
backport/docs/correct-1.10.x-upgrade-path/hardly-ultimate-leopard
backport/docs/crossref-maint-mode-from-health-checks/explicitly-renewed-owl
backport/docs/deemphasize-token-query-param/reasonably-amusing-impala
backport/docs/dyu-compat-matrix/positively-funky-dory
backport/docs/enterprise-feature-table/recently-upright-lemur
backport/docs/external-crd-fix/accurately-talented-cobra
backport/docs/fips-cluster-peering/repeatedly-evolved-stallion
backport/docs/fix-api-landing-page-typos/curiously-eminent-quail
backport/docs/fix-bad-links-service-defaults-ref/evenly-causal-buzzard
backport/docs/fix-bad-links-service-defaults-ref/hardly-related-llama
backport/docs/fix-bad-links-service-defaults-ref/supposedly-selected-arachnid
backport/docs/fix-broken-links-8-18/cleanly-wired-honeybee
backport/docs/fix-broken-links-8-18/conversely-gentle-swan
backport/docs/fix-consul-ecs-tf-path/cleanly-happy-newt
backport/docs/fix-k8s-crd-example-configs/naturally-capital-bobcat
backport/docs/fix-k8s-crd-example-configs/seriously-real-cricket
backport/docs/fix-node-lookup-by-removing-tag/moderately-brave-barnacle
backport/docs/flag-ent-features-1.17/marginally-stirred-crappie
backport/docs/fox-peering-metrics-labels-table/conversely-capital-yak
backport/docs/fox-peering-metrics-labels-table/quietly-ready-louse
backport/docs/initial-multiport-fixes/constantly-thorough-pheasant
backport/docs/invoke-services-from-lambda/severely-useful-katydid
backport/docs/invoke-services-from-lambda/vigorously-generous-treefrog
backport/docs/jwt-auth-fixes/poorly-suited-pelican
backport/docs/k8s-1-14-releasenotes/widely-organic-wahoo
backport/docs/k8s-acl-fix/repeatedly-solid-cricket
backport/docs/k8s-federation-requirements/constantly-vocal-cougar
backport/docs/k8s-federation-requirements/finally-lenient-cub
backport/docs/k8s-federation-requirements/friendly-prompt-jay
backport/docs/k8s-federation-requirements/rapidly-resolved-doberman
backport/docs/k8s-federation-requirements/surely-eminent-tomcat
backport/docs/k8s-tgw-tutorial-role-id-fix/duly-known-shad
backport/docs/k8s-tgw-tutorial-role-id-fix/seemingly-social-chow
backport/docs/k8s-tgw-tutorial-role-id-fix/severely-innocent-mosquito
backport/docs/lkysow/prepare-dataplane-upgrade/deeply-joint-herring
backport/docs/lkysow/verify-outgoing/luckily-viable-anchovy
backport/docs/lkysow/verify-outgoing/sincerely-expert-buck
backport/docs/lkysow/verify-outgoing/strictly-well-sheepdog
backport/docs/manage-traffic-link-fix/hardly-together-salmon
backport/docs/mgw-primary-upgrade/poorly-sincere-rattler
backport/docs/multi-port-v1-17-ga/hopelessly-premium-ostrich
backport/docs/multiport-hcp-update/seemingly-valid-jaybird
backport/docs/new-vault-connect-ca-permissions-needed/happily-knowing-sponge
backport/docs/new-vault-connect-ca-permissions-needed/miserably-fun-drum
backport/docs/note-about-connect-service-upstream-env-var/certainly-helped-horse
backport/docs/note-about-connect-service-upstream-env-var/lively-exciting-reptile
backport/docs/nrichu-hcp-doc-patch/jolly-poetic-rat
backport/docs/page-descs-for-CLI/early-ample-basilisk
backport/docs/page-descs-for-CLI/implicitly-precious-calf
backport/docs/patch-release/constantly-teaching-giraffe
backport/docs/peering-api-update/amazingly-chief-mosquito
backport/docs/redirect-acl-system-page/rapidly-awaited-bluegill
backport/docs/redirect-acl-system-page/similarly-smiling-kodiak
backport/docs/remove-comparisons-from-ref-docs/definitely-direct-hyena
backport/docs/remove-empty-codeblockconfig-elements/daily-viable-oryx
backport/docs/remove-empty-codeblockconfig-elements/severely-merry-newt
backport/docs/restore-missing-config-content/curiously-evolving-snail
backport/docs/restore-missing-config-content/eminently-definite-tick
backport/docs/scale-typo/early-set-drum
backport/docs/scale-typo/mostly-verified-werewolf
backport/docs/search-metadata-headers/supposedly-eternal-ox
backport/docs/single-dc-multi-k8s/weekly-humorous-cricket
backport/docs/tutorial-refresh-support/mostly-settled-alien
backport/docs/tutorial-refresh-support/yearly-integral-clam
backport/docs/update-acl-docs/locally-happy-wasp
backport/docs/update-acl-docs/publicly-up-pony
backport/docs/update-consul-k8s-nginx-ingress-controller-example/sadly-inviting-pika
backport/docs/uri-decode-resource-names-for-http-api/early-neat-pipefish
backport/docs/uri-decode-resource-names-for-http-api/fairly-busy-mouse
backport/docs/use_values_yaml_everywhere/broadly-pro-possum
backport/docs/use_values_yaml_everywhere/clearly-frank-bonefish
backport/docs/wal-fix/certainly-romantic-parrot
backport/docs/what-is-consul-devdot-update/mutually-pleasing-insect
backport/docs_discovery_typo/jointly-happy-crane
backport/docs_update_helm_docs_vault_synccatalog/fairly-saved-filly
backport/dstough/GH-12628-multiple-https-ingress-services/distinctly-charming-stork
backport/dstough/GH-12628-multiple-https-ingress-services/yearly-accepted-pipefish
backport/dstough/add-noop-jobs-for-branch-protect/formerly-moving-monkey
backport/dstough/add-noop-jobs-for-branch-protect/uniformly-ideal-stallion
backport/dstough/add-noop-jobs-for-branch-protect/wildly-tight-ladybird
backport/dstough/fix-metrics-false-positive/ghastly-up-mole
backport/dstough/fix-metrics-false-positive/implicitly-integral-leech
backport/dyu/dns-port/manually-light-ant
backport/dyu/dns-port/typically-creative-hermit
backport/dyu/gh-pr-workflow/definitely-relaxed-mollusk
backport/dyu/jobs-pr-feedback/mildly-immune-hyena
backport/dyu/jobs-pr-feedback/presumably-composed-wildcat
backport/dyu/multi-port/greatly-musical-lab
backport/dyu/network-segments/loudly-tops-tadpole
backport/dyu/network-segments/specially-prepared-mammoth
backport/dyu/readme/globally-concise-oarfish
backport/dyu/ubi/carefully-funky-bonefish
backport/dyu/ubi/completely-neat-cobra
backport/dyu/ubi/finally-growing-grub
backport/dyu/ubi/optionally-content-bug
backport/dyu/ubi/ultimately-singular-leech
backport/eculver/fix-pkg-name/firmly-holy-sole
backport/eculver/fix-pkg-name/mainly-modern-elk
backport/eculver/update-nomad-integ-tests/needlessly-saved-collie
backport/eculver/update-nomad-integ-tests/nicely-fresh-bullfrog
backport/ent-port-upgrade-tests-flatten/early-precious-treefrog
backport/envoy-bootstrap-log-fix/infinitely-communal-midge
backport/envoy-bootstrap-logging/enormously-outgoing-martin
backport/exported_services_cli_and_docs/rc1
backport/f/metrics-collector-rename/achooo
backport/f/metrics-collector-rename/highly-clean-elf
backport/feature/hcp-telemetry/personally-central-caribou
backport/file-system-certificate/formally-top-minnow
backport/fix-changelog-check/blindly-pumped-shrimp
backport/fix-changelog/nearly-grown-kangaroo
backport/fix-doc/physically-growing-doberman
backport/fix-ent-merge/enormously-close-sculpin
backport/fix-error-msg-fmt/normally-allowed-redbird
backport/fix-flaky-integ-test-ingress/commonly-strong-cow
backport/fix-flaky-integ-test-ingress/noticeably-unified-dane
backport/fix-flaky-integ-test-ingress/preferably-feasible-rattler
backport/fix-gRPC-limit-peering/especially-premium-asp
backport/fix-home-link/wholly-regular-bengal
backport/fix-integ-flakiness/accurately-cunning-cardinal
backport/fix-integ-flakiness/precisely-simple-quagga
backport/fix-issuer-growing-list-maybe-from-vault/barely-still-aardvark
backport/fix-issuer-growing-list-maybe-from-vault/blindly-adequate-bluebird
backport/fix-issuer-growing-list-maybe-from-vault/uniquely-master-falcon
backport/fix-merge-config-entry/badly-eternal-bonefish
backport/fix-merge-config-entry/carefully-open-stingray
backport/fix-role-linked-token-list/blindly-trusted-glowworm
backport/fix-submat-view-bug/physically-stirring-zebra
backport/fix-unremoved-service-mesh-gateway/primarily-growing-wren
backport/fix_altdomain_dcname_overlap/loudly-definite-dingo
backport/fix_altdomain_dcname_overlap/mistakenly-ready-hog
backport/fix_altdomain_dcname_overlap/thoroughly-daring-mule
backport/fix_docs_conflict_leftovers/highly-sweet-whale
backport/gateway-upstream-disambiguation-ce/strictly-pleasant-mule
backport/gh-13169-show-leader-metrics/fairly-worthy-redbird
backport/gh-13169-show-leader-metrics/formally-pleasing-pigeon
backport/gh-13169-show-leader-metrics/inherently-wealthy-lab
backport/gh-13169-show-leader-metrics/legally-winning-joey
backport/gh-14341-txn-struct/randomly-noted-piglet
backport/gh-17320-update-metrics-doc/probably-promoted-lynx
backport/gh-18152-members-filter-dc/firstly-ideal-maggot
backport/gha-concurrency/finally-exciting-filly
backport/gha-concurrency/honestly-live-sailfish
backport/gha-concurrency/largely-gentle-crab
backport/gha-concurrency/mildly-great-unicorn
backport/hans/add_new_field_to_bootstrap_config_and_push_state/primarily-sweeping-tapir
backport/hans/add_new_field_to_bootstrap_config_and_push_state/sadly-eminent-man
backport/import-filter
backport/import-filter-v2
backport/improve_ci_run_time/miserably-glowing-boa
backport/integ-test-upgrade-test/truly-becoming-mule
backport/integ-test-use-asserter/internally-cheerful-mullet
backport/ishustava/1.14-agentless-docs-updates/internally-star-beetle
backport/ishustava/NET-3995-computed-proxy-config/slightly-cheerful-kangaroo
backport/ishustava/NET-5377-sidecar-proxy-ctrl-improvements/oddly-talented-sole
backport/issue-17886-expose-certs/definitely-wise-sturgeon
backport/jer/cc6039-policy-desc/adversely-sought-ladybird
backport/jer/cc6039-policy-desc/multiply-native-bird
backport/jer/ccm-read-only/lightly-worthy-sawfish
backport/jer/ccm-read-only/unlikely-glad-snapper
backport/jer/cloud-docs/briefly-adequate-filly
backport/jer/cloud-docs/gratefully-stunning-frog
backport/jjti/fix-hcp-client-logs/commonly-desired-antelope
backport/jjti/fix-hcp-client-logs/evenly-clean-slug
backport/jjti/fix-hcp-client-logs/happily-charmed-jawfish
backport/jjti/fix-hcp-client-logs/infinitely-decent-ibex
backport/jjti/fix-hcp-client-logs/presently-free-roughy
backport/jjti/fix-hcp-client-logs/visually-secure-spaniel
backport/jjti/fix-hcp-export-logger/intensely-growing-horse
backport/jjtimmons/reduce-export-freq/hardly-generous-martin
backport/jjtimmons/reduce-export-freq/safely-frank-mudfish
backport/jkirschner-hashicorp-patch-1/reasonably-devoted-pheasant
backport/jkirschner-hashicorp-patch-3/seriously-living-squirrel
backport/jm/0.44.0/wholly-saving-flea
backport/jm/3372/freely-intimate-gannet
backport/jm/3372/freely-singular-dingo
backport/jm/NET-3692/strangely-solid-owl
backport/jm/NET-5397/violently-choice-perch
backport/jm/NET-6081/equally-complete-thrush
backport/jm/NET-6944/clearly-winning-fly
backport/jm/NET-6944/subtly-adequate-gopher
backport/jm/NET-7025/commonly-saved-glowworm
backport/jm/NET-7025/implicitly-optimal-drum
backport/jm/NET-7025/pleasantly-balanced-sole
backport/jm/ba/sadly-tolerant-wombat
backport/jm/ba/usually-promoted-tapir
backport/jm/deep-copy-lint-enums/gladly-fine-pegasus
backport/jm/endpoint-result/yearly-better-sunfish
backport/jm/go-tests-notify-3/allegedly-trusting-moose
backport/jm/go-tests-notify-3/genuinely-pumped-glowworm
backport/jm/go-tests-notify-3/luckily-tough-platypus
backport/jm/go-tests-notify-3/nicely-electric-calf
backport/jm/local-app-protocol-test/hardly-noble-aardvark
backport/jm/macos-arm64/actively-improved-dinosaur
backport/jm/no-parallel-dns-tests/sharply-true-tetra
backport/jm/no-parallel-dns-tests/tightly-liberal-emu
backport/jm/no-parallel-dns-tests/ultimately-accurate-sponge
backport/jm/no-parallel-dns-tests/willingly-adjusted-mallard
backport/jm/remove-compat-test-splitting/honestly-outgoing-calf
backport/jm/remove-compat-test-splitting/rationally-wondrous-krill
backport/jm/remove-tests-skipping/finally-romantic-anteater
backport/jm/remove-tests-skipping/physically-enough-molly
backport/jm/remove-tests-skipping/typically-credible-bug
backport/jm/rmv-test-integrations/probably-topical-shrimp
backport/jm/test-integrations/clearly-curious-liger
backport/jm/ui-main/openly-ace-mole
backport/jm/vault-docs-redesign/indirectly-logical-monitor
backport/jm96441n/normalize-status-conditions/implicitly-mighty-racer
backport/jwt-warning-docs/completely-poetic-herring
backport/jwt-warning-docs/uniquely-organic-muskox
backport/kisunji/NET-4766-vault-ca-bug-fix/inherently-harmless-louse
backport/kisunji/NET-4766-vault-ca-bug-fix/really-leading-tick
backport/kisunji/NET-4766-vault-ca-bug-fix/secondly-first-mullet
backport/kisunji/cleanup-resources/secondly-devoted-longhorn
backport/kisunji/cleanup-resources/solely-moved-dodo
backport/kisunji/controller-test-fix/internally-artistic-buzzard
backport/kisunji/ent-label-ratelimit/normally-casual-sparrow
backport/kisunji/fix-flakes/firstly-desired-dove
backport/kisunji/fix-flakes/formally-giving-goldfish
backport/kisunji/fix-flakes/honestly-bright-dove
backport/kisunji/fix-permissive-envoy-ext/lately-ideal-calf
backport/kisunji/fix-permissive-envoy-ext/unduly-set-ram
backport/kisunji/fix-test/admittedly-valid-ray
backport/kisunji/fix-test/blatantly-prime-loon
backport/kisunji/fix-test/entirely-major-chigger
backport/kisunji/nomad-docs/hugely-concise-crawdad
backport/kisunji/nomad-docs/weekly-hip-starling
backport/kisunji/peering-tproxy-docs/truly-dominant-sawfly
backport/kisunji/update-hcp-scada-provider/socially-wise-silkworm
backport/kisunji/vault-ca-clean-unused-issuers/curiously-neat-tarpon
backport/kisunji/vault-ca-clean-unused-issuers/hugely-eminent-monster
backport/kisunji/vault-ca-clean-unused-issuers/rapidly-smart-sunbird
backport/kisunji/vault-ca-fixes/awfully-smooth-katydid
backport/kisunji/vault-ca-fixes/fully-electric-phoenix
backport/krastin/docs/improve-license/mostly-polite-turtle
backport/krastin/vault-for-consul/clearly-main-molly
backport/krastin/vault-for-consul/factually-enough-buck
backport/krastin/vault-for-consul/indirectly-mint-bison
backport/krastin/vault-for-consul/noticeably-awaited-chamois
backport/krastin/vault-for-consul/thankfully-big-condor
backport/krastin/website/telemetry-labels/duly-firm-toucan
backport/licensing-exp-v2-docs/optionally-allowed-whippet
backport/link-to-hcp-modal-error-when-acls-disabled/severely-cool-sparrow
backport/lorna/cc-6925/hcp-tls/immensely-dear-grouper
backport/lorna/cc-6925/hcp-tls/monthly-correct-buck
backport/loshz-patch-1/friendly-touched-killdeer
backport/loshz/NET-3029-fix/constantly-romantic-fox
backport/loshz/NET-3029-fix/radically-relaxing-robin
backport/ma/vault-namespace-intermediate-provider-v2/positively-unified-aardvark
backport/ma/x-forwarded-client-cert-docs-fix/extremely-definite-shark
backport/ma/x-forwarded-client-cert-docs-fix/repeatedly-fluent-filly
backport/main/strangely-tops-wombat
backport/malizz-validate-name-on-dlt-proxy-defaults/seriously-eager-werewolf
backport/mixed-service-topology/accurately-nearby-falcon
backport/mixed-service-topology/physically-large-griffon
backport/more-xds-races-and-panics/visually-tidy-crow
backport/natemollica-nm-server-workload-telemetry-update/apparently-immune-oriole
backport/natemollica-nm-server-workload-telemetry-update/hopelessly-modest-lark
backport/natemollica-nm-server-workload-telemetry-update/secondly-massive-kiwi
backport/nathancoleman-patch-1/badly-pro-pug
backport/nathancoleman-patch-1/distinctly-growing-parakeet
backport/nathancoleman-patch-1/ghastly-endless-lioness
backport/nathancoleman-patch-1/instantly-premium-sturgeon
backport/nathancoleman-patch-1/lightly-intimate-labrador
backport/nd/net-4931-l7/endlessly-intimate-reindeer
backport/net-4786/mesh-strict-dns/conversely-climbing-aphid
backport/net-bind-service/evenly-sharp-hornet
backport/nfi-net5476-nightly-peering-integ/horribly-enough-piranha
backport/nia/beta-docs-0.6.0/actively-tidy-mantis
backport/nia/beta-docs-0.6.0/evenly-humble-ray
backport/nia/docs-0.7.0/rarely-dear-finch
backport/nicoleta-k8s-annotations/shortly-rested-duckling
backport/nightly-slack-notification/daily-rich-wren
backport/nightly-slack-notification/legally-smart-terrier
backport/operator-usage-docs/definitely-curious-gecko
backport/partition-cli-acl-info-and-api-crossref/hopefully-able-urchin
backport/patch-1/actually-sharing-chigger
backport/patch-1/arguably-special-marlin
backport/patch-1/briefly-merry-mantis
backport/patch-1/correctly-cheerful-anchovy
backport/patch-1/easily-cheerful-dingo
backport/patch-1/forcibly-shining-javelin
backport/patch-1/formally-happy-dane
backport/patch-1/humbly-helpful-poodle
backport/patch-1/legally-massive-flounder
backport/patch-1/likely-next-halibut
backport/patch-1/loudly-up-hippo
backport/patch-1/noticeably-desired-seal
backport/patch-1/primarily-infinite-asp
backport/patch-1/properly-polished-condor
backport/patch-1/severely-ruling-mouse
backport/patch-1/socially-better-stork
backport/patch-1/tightly-endless-javelin
backport/patch-1/verbally-glad-killdeer
backport/peering/re-establish-terminated/immensely-active-beetle
backport/peering/term-delete/thoroughly-tough-snipe
backport/proxy-register-port-race-2/deeply-warm-man
backport/proxy-register-port-race-2/hugely-whole-hippo
backport/raft-1.5.0-pipeline-fix/extremely-eager-chamois
backport/raft-fix-nonvoter/evenly-pro-cod
backport/rboyer/deployer-makefile/early-steady-sloth
backport/rboyer/fix-drift/singularly-glad-locust
backport/release/1.18.0-followup
backport/releng/remove-duplicate-ubi/mainly-sterling-bulldog
backport/releng/remove-duplicate-ubi/singularly-leading-finch
backport/remove-CONSUL_HCP_LINK_ENABLED-flag/scarcely-precise-silkworm
backport/remove-unused-are-hosts-set-check/loudly-sweet-dingo
backport/revert-17166-jm/remove-compat-test-splitting/reliably-lenient-roughy
backport/ronald/fix-docs-typo/uniformly-teaching-martin
backport/sarahalsmiller-timeoutbehaviormutation/only-native-cow
backport/security-coredns-fix/1.15.x
backport/security-coredns-fix/1.16.x
backport/security-coredns-fix/1.17.x
backport/set-product-version/enormously-glad-titmouse
backport/set-product-version/infinitely-awaited-halibut
backport/set-product-version/instantly-direct-kitten
backport/spatel/NET-1646-add-max-ejection-percent/rarely-working-guinea
backport/spatel/busl-2024/correctly-picked-buffalo
backport/spatel/busl-2024/entirely-closing-dove
backport/spatel/busl-2024/namely-saved-squid
backport/spatel/emit-consul-version-periodically/kindly-close-wasp
backport/spatel/emit-consul-version-periodically/mentally-choice-bug
backport/spatel/list-default-peername/endlessly-moral-krill
backport/spatel/oss_to_ce/highly-moral-spider
backport/spatel/oss_to_ce/mentally-well-moccasin
backport/spatel/oss_to_ce/obviously-proud-fish
backport/support-fossa-scanning/actually-nearby-bream
backport/support-fossa-scanning/allegedly-fleet-donkey
backport/support-fossa-scanning/externally-darling-dane
backport/support-fossa-scanning/separately-exact-marlin
backport/tauhid621/exported_services_api_grpc/literally-cuddly-gecko
backport/tauhid621_exported_services_docs_and_cli/normally-positive-lionfish
backport/tauhid621_exported_services_docs_and_cli/specially-blessed-longhorn
backport/test_skip_ci/literally-cuddly-woodcock
backport/test_skip_ci/usually-glowing-fowl
backport/test_skip_ci/widely-normal-platypus
backport/tgate-http2-upstream/merely-civil-mouse
backport/troubleshoot-ports
backport/ui/CC-7062-get-back-metrics-test-with-updated-selector-upd/broadly-diverse-bear
backport/ui/NET-438-add-ent-version-suffix/actively-faithful-walleye
backport/ui/NET-438-add-ent-version-suffix/privately-inspired-escargot
backport/ui/bug/fix#18406/promptly-choice-goose
backport/ui/bug/fix#18406/roughly-credible-llama
backport/ui/bugfix/icon-tweaks/wrongly-quick-sunbird
backport/ui/feature/hcp/absolutely-mighty-mastiff
backport/ui/feature/make-global-read-only-policy-non-editable/frequently-crack-mouse
backport/ui/feature/make-global-read-only-policy-non-editable/infinitely-related-hornet
backport/ui/feature/make-global-read-only-policy-non-editable/instantly-hardy-chamois
backport/update-apigw-version/annually-renewing-whippet
backport/update-apigw-version/commonly-noted-vervet
backport/update-docs-for-splitting/primarily-smashing-halibut
backport/update-e2e-tests-for-namespaces/wholly-daring-porpoise
backport/update-ent-license-link/exactly-bold-hyena
backport/update-envoy/merely-stunning-doberman
backport/update-exported-services-compat-triggers/immensely-humble-labrador
backport/update_docs_multicluster_k8s/admittedly-decent-grubworm
backport/update_docs_multicluster_k8s/hideously-epic-tiger
backport/upgrade-test-targetImage/enormously-endless-bluegill
backport/upgrade-test-targetImage/generally-guiding-horse
backport/upgrade-testcontainer-version/pleasantly-moved-penguin
backport/upgrade-to-node-18/rationally-fancy-flamingo
backport/upstream-oss-merge/briefly-guided-quagga
backport/vault-compatability-consul-pki-token/arguably-cool-silkworm
backport/vault-compatability-consul-pki-token/incredibly-discrete-lamprey
backport/vault-compatability-consul-pki-token/lightly-arriving-cattle
backport/vault-compatability-consul-pki-token/terribly-grand-tetra
backport/vault-compatability-consul-pki-token/usefully-ethical-kiwi
backport/zalimeni/alemuro/3101-support-statefulset-pvc-retain--docs/logically-complete-krill
backport/zalimeni/feature/net-1151-l7-intentions-security-fixes--api-docs-1.19
backport/zalimeni/fix-submodule-versions-latest/thankfully-funny-colt
backport/zalimeni/k8s-1.4.0-docs-feedback/willingly-strong-pony
backport/zalimeni/net-3900-fix-tproxy-extension-panic/slowly-blessed-moray
backport/zalimeni/net-4904-bump-envoy-versions-docs/normally-endless-wren
backport/zalimeni/net-5146-bump-go-net_http-cve/externally-innocent-maggot
backport/zalimeni/net-5163-prioritize-by-locality-test/pleasantly-central-chow
backport/zalimeni/net-5163-prioritize-by-locality-test/primarily-harmless-marmoset
backport/zalimeni/net-5163-prioritize-by-locality-test/ultimately-related-drum
backport/zalimeni/net-5163-prioritize-by-locality-test/verbally-suited-aphid
backport/zalimeni/net-5217-derive-proxy-locality-from-parent-service-oss/absolutely-pumped-adder
backport/zalimeni/net-5622-consolidate-envoy-version-mgmt/similarly-crisp-mako
backport/zalimeni/net-6725-fix-sidecarproxycontroller-flake/literally-on-raven
backport/zalimeni/net-6725-fix-sidecarproxycontroller-flake/primarily-logical-stingray
backport/zalimeni/net-6741-add-make-target-dependency-update-modules/entirely-genuine-koi
backport/zalimeni/net-6741-add-make-target-dependency-update-modules/partly-welcome-unicorn
backport/zalimeni/net-7713-v2-docs-virtual-port-ref-k8s--1.18.0
backport/zalimeni/net-9224-bump-go-1.21.10/uniquely-bold-jackal
backport/zalimeni/test-bpa-0.4.1/urgently-accepted-snipe
backport/zalimeni/upgrade-vault-remove-go-jose.v2/extremely-feasible-rat
backport/zalimeni/upgrade-vault-remove-go-jose.v2/privately-square-walrus
backport/zalimeni/upgrade-vault-remove-go-jose.v2/usually-quality-locust
backport/zalimeni/use-go-version-file/firmly-tops-chow
backport/zalimeni/use-go-version-file/marginally-modest-condor
backport/zalimeni/use-go-version-file/sincerely-native-man
backup-windows-integration-27th-june
backup_grafana-dashboards
banks-patch-1
blake/1.11-oidc-ui-nspace-fix
blake/fix-kv-import-folder-prefix-10906
blake/ingress-no-dnsname-port-gh-11092
blake/support-qname-minimization-6579
blake/v1.8.0-ingress-websocket-fix
bny-custom-04052021
boruszak/docs-stable-merge
boxofrad/autoreload-merge
boxofrad/backend-list-by-owner
boxofrad/better-vault-error-logging
boxofrad/controller-api-spike
boxofrad/extract-type-registration
boxofrad/fix-changelog-pr-links
boxofrad/rename-master-acl-tokens-internally
boxofrad/resource-service-client
boxofrad/spike-catalog-write-rate-limit
boxofrad/spike-resource-http
boxofrad/spike-server-resource
boxofrad/spike-version-translation
boxofrad/streaming-contention-close-in-goroutine
boxofrad/streaming-contention-experiment
boxofrad/streaming-contention-next-fast-path
boxofrad/streaming-contention-semaphore-wakeup
boxofrad/streaming-contention-simple-semaphore
boxofrad/upgrade-grpc
brk.check-link-follow-redirect
brk.feat/mdx-v2
bug-service-defaults-override-by-proxy-defaults
build-darwin-ubuntu
bump-api
bump/go-and-envoy/rc1.20
case-insensitive-node-names-acl-checks
catalog-service-list-filter
catalog_node_watch_fix
cc-4931/nick-refactor
cc-7178-skip-flakey-test-in-navigation
changes-to-ui-folder-test
checkpoint_telemetry_poc
cherry-pick-fix
cherry-pick-merge
ci/main-assetfs-build
ci/update-security-scanner-token
clarify-connect-language-in-cli-help-text
clarify-hcl-cli
clly/upgrade-vault-api
cluster-peering-partitions
code-organization
commontopo-better
community-12079
compliance/add-headers
computed-gateway-routes-spike
config-issue-616
config_replication_id
consistent-error-handling
consul-docs-ia-redesign
consul-docs-ia-redesign-v2
consul-vs-comp
container-test-speedup
controller-cache
copy-working-file
core-multiport-fixes
correct-acl-hash-replication
crt-consul-migration
crt-migration-build-flags
cts-deprecate-port-option
cts-ls-test-docs
cts-pan-ngfw
dan/1.19.0/changelog-update
dans/NET-1154/persist-ca-updates-in-peering
dans/NET-3917/initial-fetch-timeout-permafix
dans/NET-7910/v2-dns-enable-peering
dans/fic-https-basic-test
dans/fix-compat-test-access-logs
dans/make-peer-name-uniform
dans/remove-multiport-docs
dans/remove-ws-from-jira-gha
dans/skaffold-experiment
dans/test-pr-labeler
dans/that-time-dan-broke-consul
david-yu-admin-partitions
david-yu-bug-report
david-yu-bump-envoy
david-yu-cluster-peering-docs-1-12
david-yu-edit-pr
david-yu-patch-1
david-yu-patch-2
david-yu-release-note
david-yu-v2-update
debug-1.16-api
debug-sdk
debugging-jm/NET-6294
debugging-jm/NET-6294-deepcopy
deepcopy-gatewaycontroller
dep/raft-boltdb
dependabot/github_actions/actions/setup-go-5.1.0
dependabot/github_actions/browser-actions/setup-chrome-1.7.2
dependabot/github_actions/docker/setup-qemu-action-3.2.0
dependabot/github_actions/golangci/golangci-lint-action-6.1.1
dependabot/github_actions/slackapi/slack-github-action-2.0.0
dependabot/go_modules/github.com/aliyun/alibaba-cloud-sdk-go-1.63.53
dependabot/go_modules/github.com/aws/aws-sdk-go-1.44.128
dependabot/go_modules/github.com/hashicorp/go-sockaddr-1.0.7
dependabot/go_modules/github.com/hashicorp/hcp-sdk-go-0.123.0
dependabot/go_modules/github.com/hashicorp/raft-1.7.1
dependabot/go_modules/github.com/hashicorp/raft-boltdb/v2-2.3.0
dependabot/go_modules/github.com/olekukonko/tablewriter-0.0.5
dependabot/go_modules/go.opentelemetry.io/otel/metric-1.32.0
dependabot/go_modules/golang.org/x/oauth2-0.24.0
dependabot/go_modules/gotest.tools/v3-3.5.1
dependabot/go_modules/k8s.io/apimachinery-0.31.3
dependabot/go_modules/test-integ/github.com/docker/docker-25.0.6incompatible
dependabot/go_modules/test/integration/consul-container/github.com/docker/docker-25.0.6incompatible
dependabot/go_modules/test/integration/consul-container/github.com/opencontainers/runc-1.1.14
dependabot/npm_and_yarn/ui/cross-spawn-6.0.6
dependabot/npm_and_yarn/ui/elliptic-6.6.0
dependabot/npm_and_yarn/ui/express-4.20.0
dependabot/npm_and_yarn/ui/follow-redirects-1.15.6
dependabot/npm_and_yarn/ui/rollup-2.79.2
dependabot/npm_and_yarn/ui/webpack-5.94.0
dependabot/npm_and_yarn/website/husky-9.1.7
dependabot/npm_and_yarn/website/next-15.0.3
dependabot/npm_and_yarn/website/prettier-3.3.3
derekm/NET-6565/release-1.15.3-wpac
derekm/improve-vip-lookups
derekm/xds-use-same-http-protocol-downstream-to-localapp
dhia/ca-cas-config-refactor
dhiaayachi/NET-4926-v1-ns-delete
dhiaayachi/NET-5519-ns-bridge-2
dhiaayachi/fix-trustbundle-peers
dhiaayachi/go-toolchain
dhiaayachi/raft-wal-backend-as-default
dhiaayachi/raft-wal-backend-as-default-code
disable-flaky
disco-retain-details
dl-license
dnephin/acl-resolve-token-4
dnephin/acl-resolve-token-5
dnephin/acl-resolver-6
dnephin/acl-resolver-7
dnephin/agent-setup-user-event-handler
dnephin/ca-cluster-id
dnephin/ca-cluster-id-2
dnephin/ca-manager-move-to-new-package
dnephin/ca-manager-move-to-new-package-2
dnephin/ca-remove-unused-fields
dnephin/catalog-service-list-filter
dnephin/ci-handle-ent-differences
dnephin/cleanup-ae
dnephin/cleanup-ae-2
dnephin/cleanup-ae-3
dnephin/conn-pool-docs
dnephin/deprecate-verify-incoming
dnephin/docs-day-acl-move-config-ref
dnephin/docs-day-acl-move-rules-table
dnephin/docs-day-acl-overview
dnephin/docs-more-details-about-vault-provider
dnephin/enable-logging-color
dnephin/fix-serf-tag-data-race
dnephin/http-struct-interfaces
dnephin/move-dns-server-to-apiServers
dnephin/prefix-overlap-watches
dnephin/remove-lib-translate-keys-attempt-2
dnephin/rpc-metrics
dnephin/secure-defaults
dnephin/structs-proxy-defaults-remove-name-field
dns-srv-separate-tag-from-protocol
doc-clarify-version-format
doc-fix-missing-fed-methods
docs-backport-fix-er
docs-cluster-peering-technical-preview
docs-day
docs/1-17-release-notes
docs/1.17-docs-reconcile
docs/add-partition-query-api
docs/agent-config
docs/api-catalog-register-snake_case
docs/api-overview-devdot
docs/auto-cert
docs/clarify-connect-language
docs/clarify-crd-tutorial
docs/clarify-cross-partition-mgw-export-requirement
docs/clarify-network-area-mesh-gw-compatibility
docs/cli-breakout-positional-args
docs/cli-characteristics-and-crossref
docs/cluster-peering-beta
docs/cluster-peering-improvements
docs/cluster-peering-updates
docs/consul-ia-experiement-fdbk-1
docs/consul-ia-experiment
docs/consul-ia-experiment-cts-adam
docs/consul-k8s-upgrade
docs/consul-snapshot-agent-kms-policy-4369
docs/cts-zscaler-partner-guide
docs/er-404-inline-checker
docs/fix-broken-links
docs/fix-broken-links-1
docs/fix-broken-markdown-link
docs/fix-ent-dns-service-lookup-link
docs/fix-exported-services
docs/fix-release-notes-links
docs/intentions-refactor-docs-day-2022
docs/jeff-sandbox
docs/jkirschner-hashicorp-patch-1
docs/k8s-0-49-helm-docs
docs/k8s-deployment
docs/krastin/connect-serviceintentions-fixlinks
docs/krastin/nomad-for-consul
docs/manual-backport-for-LTS
docs/manual-backport-kv-page
docs/misc-fixes
docs/note-about-connect-service-upstream-env-var
docs/peer-in-dns-lookups
docs/proposed-docs-overview-pages
docs/rebackport-k8s-fed-req-failed-pick
docs/redirect-dns-docs
docs/refactor-discover-services-docs
docs/release-1.17-reconcile-1
docs/rework-service-splitter-ref-docs
docs/rework-service-splitter-ref-docs-no-objects
docs/sentence-case-titles
docs/tables-instead-of-lists
docs/update-config-entry-ref-component
docs/update-content-cluster-peering
docs/update-faq-header
docs/update-loglevel-trace
docs/update-storage-class-ref-arch
docs/update-wan-fed-mesh-gateway-guide
docs/vault-connect-ca-namespace-improvements
docs/vault-secrets-backend-limitations
docs/waf-page-migration
ds-nd/net-9016-kvdataloss
dstough/CSLC-130-restrict-terminating-gateway-access-to-tls
dstough/GH-11250-system-ca-for-tgateways
dstough/acl-for-destinations
dstough/gateway-linked-endpoint
dstough/test-endpoint-service-query
dyu-cluster-peering-fix-1-12
dyu-license
dyu-relnotes
dyu/1.15-docs
dyu/dockerfile
dyu/envoy-bump
eculver/1.12.x/latest-changelog
eculver/1.13.0-alpha1-changelog
eculver/auth-method-docs
eculver/enable-arm-verifications
eculver/envoy-1.21.1
eculver/missing-docs-changes
eculver/oss-ent/new-params
eculver/stable-website/latest-envoy-support
eculver/verifications
eculver/verify-release-artifacts
eikenb/cloudfoundry-vault-provider-auth
eikenb/matrix-integration-testing
eikenb/vault-integration-testing
eliminate-gotest.tools/v3
envoy-crash-help
envoy-ext-local-ratelimit-fix
errors/acl-agent-token-not-set
errors/acl-not-found-bootstrap-not-exist
evrowe-consul-ui-readme-update
experiment/raft-grpc
extend-retry
external-services
f-reloadable-configuration-enable-debug-backup
feature-negotiation-grpc-api
feature/acl-replication-status
feature/envoy-support-tlsv13
ffmmm/b-10871
ffmmm/default-prom-s
fix-agent-cache-leak-3
fix-broken-dockerfile-sam
fix-cherry-pick
fix-controller-watch
fix-deregister-url-service-id
fix-entpoint-get-500
fix-failing-linting-test
fix-fips-build-amd
fix-flaky
fix-flaky-peerstream-test
fix-integ-machines
fix-lambda-docs-spacing-bug
fix-lambda-l7-routing
fix-leaf-panic
fix-leaf-timeout
fix-peering-2-partitions
fix-protobuf-generation
fix-syslog
fix-tests
fix-transparent-proxy
fix/make-test-deployer
fix_k8s_helm_docs_june
fixes/helper-text-config-entry-delete
gateway-listener-binding-bugfix
gateways/typed-status-regen
gh-13491
gh-18096-fix-missing-ttl-value
gh-maxconnections-ingress-gateway
gha-basic-artifact-validation
go-action-cache
gotest-remote-cache
gotest-remote-cache-2
grpc-envoy-bootstrap-params-oss-test
grpc-tls-compat
gw-xds-handling-eventual-consistency
hack-cloudlink
hack-deploy
hack-hcp-integration-split
hackathon/consul-common-errors
hans/ccm-playground
hcp-LastContact
hcp-link-config-skeleton
hcp/expose-grpc-scada
health-prefer-connect
hk/jm/test-integrations-fix-compatibility-test
hk/jm/test-integrations-fix-upgrade-test
ignore-exported-prefix-on-cluster-metrics
im2nguyen-patch-1
improve-intention-error-messages
improve_ci_run_time
increase-maching-size
ingress-gw-tracing-config
iradix-improved
ishustava/NET-5580-bump-all-resource-versions
ishustava/auth-method-secondary-dc
ishustava/authz-types
ishustava/debug-mesh-gw-test
ishustava/dns-proxy-poc
ishustava/fix-agent-proxy-mgr-instantiation
ishustava/mesh-controller-upstream-proxy
ishustava/multi-port-test-fixes
ishustava/sidecar-proxy-controller-tproxy
ishustava/spike-agent-cache-watch
ishustava/spike-controller-leaf-cert-watch
ishustava/spike-proxy-cfg-src-v2
ishustava/test-int-tests
ishustava/v2-traffic-perms-ir-suggestions
ishustava/vault-k8s-docs
ishustava/xds-server-v2
japple-rel-notes-reorg
japple/cherry-pick-1.11.x-release-notes
jer/ccm-read-only-squashed
jer/merge-ccm-bootstrap-config
jjtimmons/backport-48c8a83
jjtimmons/backport-otel-freq-2
jjtimmons/hcp-telemetry-periodic-refresh-start-up
jjtimmons/increase-buckets
jkirschner-hashicorp-patch-2
jm-client-timeout
jm-net-5879
jm-plug
jm-plug-git
jm-plug-http
jm/0427
jm/1.19-updated-go-mods
jm/1.5-sub
jm/1.9-sub
jm/3372-2
jm/NET-3372
jm/NET-3394
jm/NET-4237
jm/NET-4739
jm/NET-4931
jm/NET-4944
jm/NET-4944-1
jm/NET-5150
jm/NET-5590-xds-server
jm/NET-5822-test
jm/NET-6294-NET-4944
jm/NET-6385-hack
jm/NET-6941
jm/NET-8431
jm/acc-tests
jm/agent-hack
jm/bpa
jm/branch-filters
jm/break-branch-protection
jm/cc
jm/checking-changes-old
jm/client-timeout
jm/client-timeout-2
jm/delete-website
jm/destination-tests-grpc
jm/empty-endpoints
jm/ent-deps
jm/ent-dev-migration
jm/explicit-based-l7
jm/fix-jwt-auth-bug
jm/fix-sw-qa
jm/gh-20360
jm/gh-call
jm/gha-recreation
jm/go-testcontainers
jm/go-tests-notify
jm/go-tests-notify-2
jm/gtsm
jm/hack
jm/hack-int
jm/hack-int2
jm/hcp-vault
jm/helm
jm/helm-updates
jm/ip-rate-limit-api
jm/mock-handler
jm/mock-handler-2
jm/move-code
jm/multi-port-integ
jm/multilimiter-memdb
jm/net-4941-leaf
jm/plug
jm/preflight
jm/release-1.18.4
jm/remove-compat-test-splitting
jm/resource-tests
jm/retract
jm/retry-on-connect-failure
jm/rmv-compat
jm/same-docker-compose
jm/snap-restore
jm/snapshot-restore-tests
jm/split-compatibility
jm/split-tests
jm/success
jm/test
jm/test-integrations-hui-test-integ
jm/test-split
jm/test-splitting
jm/ul
jm/v2-dns-v1-data-fetcher
jm/v2-examples
jm/vault-ent-license
jm/vault-gossip
jm/vault-wan-fed
jm/vault-wan-fed-2
jm/verify-linux-fix
jm96441n/manual-backport-dupe-parents
johnlanda/bench
johnlanda/trafficpermissionscontroller
jwt-multiple-virtual-hosts
k8s_healthcheck
kisunji-patch-1
kisunji/1.12.x-revert-pathescape
kisunji/1.13.x-docs-cherrypick
kisunji/1.14.x-docs-backport
kisunji/NET-1396-token-self-expanded
kisunji/NET-2590-default-intention-policy
kisunji/approval-button
kisunji/assetfs-merge-ci
kisunji/cache-fix-test
kisunji/catalog-service-list-filter
kisunji/ent-label-ratelimit
kisunji/fix-golden
kisunji/fix-stable-website
kisunji/fix-stable-website-2
kisunji/go1.17.4
kisunji/grpc-native-balancer
kisunji/kv-docs-fix
kisunji/lintest
kisunji/merge-stable-website
kisunji/merge-test
kisunji/more-ent-test-fixes
kisunji/net-6230-namespace-trafperms
kisunji/peering-bugfix-changelog
kisunji/pin-circleci-docker-version
kisunji/replace-registry-pattern
kisunji/rpc-shim
kisunji/serveraddrs-generate-token-req
kisunji/small
kisunji/small-testfix
kisunji/subloggers
kisunji/temp
kisunji/temp-rpc-deadline
kisunji/upgrade-warning
km.vercel-config
kv-1.10.8-withlogs
kv-1.14.8-withlogs
lambda-beta-docs
lambda-docs
leadership-transfer-cmd
listener-route-spike
lkysow/consul-plugin-exec
lkysow/serverless-via-metadata
lkysow/service-not-exist
lkysow/windows-tests
loadtest-test
local-mesh-gateway-pst
locality-aware-routing
lorna/cc-6925/1-15
loshz/NET-7225-peeringv2-proto-check
luoxuan00733-patch-1
m1-investigate
ma/backport-stable-website
ma/ipv6-robustness-fixes
ma/md5_fix_oss
ma/move-enterprise-meta-try2-oss
ma/resource-listing
ma/typo-fix
ma/vault-namespace-intermediate-provider
main
make-codegen
malizz/NET-1663/fix-bug
malizz/update-proto-imports-in-1.14.x
manual-backport-1.8.0-ingress-gateway
markcv-upstreamConfig-update
mathew.estafanous/dev
max-jitter
may-alignment
mesh-gateway-all-the-things
mesh-gateway-broken-all-the-things
mgw-wanfed-hard-network-partition
migrate-tests-to-use-slack-actions
mirror-to-ent
mktg-tf-b183f7b50da4e35426c936006092c7b3
more-lambda-docs-tweaks
mrktfix18
mvincent/no-freelist-logging
natemollica-nm-patch-1
natemollica-nm-patch-2
nd/bring-back-peering-ext-addr
nd/net-7510-openapi-followup-matt-poc
nd/spike-proxy-state-controller
nd/update-compat
net-5889/workloadhealth-tests
net-6138/release/1.17.x
net-6230-namespace-tp
net-6706
net-7953/adjust-computed-gateway-protos
net-7984/clusters-for-api-gateways
net-7986/routes-for-api-gateways
net-8075/certs-for-api-gateways
net-8416-add-gateway-api-request-redirect-filter
nfi-api-client-nop-write
nfi-cache-unit-test-results
nfi-fix-go-test-check
nfi-fix-test-integ-go-mod
nfi-gha-fiddling
nfi-go-test-cache
nfi-poc-gotestdoc
nfi-poc-unit-and-upgrade
nfi-poc-unit-and-upgrade-type
nfi-split-lint-from-go-tests
nia_resize_image
nickcellino/link-status
nicoleta/bum-envoy-on-1.15.x
nicoleta/bump-envoy
nicoleta/bump-envoy-on-1.18.x
no-change-cache
no-op-ron-lint
nvanthao/b-delete-config
nvanthao/b-snapshot-recovery
only_async_trigger_changes
openapi
optimized-seek-prefix-watch
origin/markcv/CSEP-157/duplicate-sidecar-port-validation
origin/markcv/update-envoy-version-doc
oss-merge-pr-branch
oss-merge-v2
oss-rename-trigger
partition/session-test-kvs-endpoint
pcmccarron-patch-1
peering-upstream-annotation
pglass/dump-aws-bearer-token
poc-alpn-glow
poc-cli-grpc
poc-httpfilter
preetha/NET-1322
promtheus_consul_version
propogate-request-time-downstream
proxycfg-deadlock
proxycfg-deadlock-2
proxycfg/init-local-gateways-map
raft-tls-include-intermediates
rboyer/add-linter-net-rpc
rboyer/deployer-with-v2-tproxy-bookmark
rboyer/fix-manual-vip-writes
rboyer/fix-v2-testing
rboyer/golden-proto-json
rboyer/hack-neo
rboyer/proxy-configuration-cache
rboyer/spike-agent-cache-watch--fork
rboyer/wrappedtypes
rboyer/xds-refactor
reach
rebase-multiport-test-fixes
refactor-add-patches
release/1.10.0
release/1.10.0-alpha
release/1.10.0-beta1
release/1.10.0-beta2
release/1.10.0-beta3
release/1.10.0-beta4
release/1.10.0-rc
release/1.10.0-rc2
release/1.10.1
release/1.10.1-beta1
release/1.10.10
release/1.10.11
release/1.10.12
release/1.10.2
release/1.10.4
release/1.10.5
release/1.10.6
release/1.10.7
release/1.10.8
release/1.10.9
release/1.10.x
release/1.11.0
release/1.11.0-alpha
release/1.11.0-beta1
release/1.11.0-beta2
release/1.11.0-beta3
release/1.11.0-rc
release/1.11.1
release/1.11.10
release/1.11.11
release/1.11.2
release/1.11.3
release/1.11.4
release/1.11.5
release/1.11.6
release/1.11.7
release/1.11.8
release/1.11.9
release/1.11.x
release/1.12.0
release/1.12.0-beta1
release/1.12.1
release/1.12.2
release/1.12.3
release/1.12.4
release/1.12.5
release/1.12.6
release/1.12.7
release/1.12.8
release/1.12.9
release/1.12.x
release/1.13.0
release/1.13.0-alpha1
release/1.13.0-alpha2
release/1.13.0-techpreview1
release/1.13.1
release/1.13.2
release/1.13.3
release/1.13.4
release/1.13.5
release/1.13.6
release/1.13.7
release/1.13.8
release/1.13.9
release/1.13.x
release/1.14.0
release/1.14.0-beta1
release/1.14.1
release/1.14.10
release/1.14.11
release/1.14.2
release/1.14.3
release/1.14.4
release/1.14.5
release/1.14.6
release/1.14.7
release/1.14.8
release/1.14.9
release/1.14.x
release/1.15.0
release/1.15.1
release/1.15.10
release/1.15.12
release/1.15.15
release/1.15.2
release/1.15.3
release/1.15.4
release/1.15.5
release/1.15.6
release/1.15.7
release/1.15.8
release/1.15.9
release/1.15.x
release/1.16.0
release/1.16.0-rc1
release/1.16.1
release/1.16.2
release/1.16.3
release/1.16.4
release/1.16.5
release/1.16.6
release/1.16.8
release/1.16.x
release/1.17.0
release/1.17.0-rc1
release/1.17.1
release/1.17.2
release/1.17.3
release/1.17.5
release/1.17.7
release/1.17.x
release/1.18.0
release/1.18.0-rc1
release/1.18.1
release/1.18.2
release/1.18.4
release/1.18.5
release/1.18.x
release/1.19.0
release/1.19.1
release/1.19.2
release/1.19.3
release/1.19.x
release/1.20.0
release/1.20.0-rc1
release/1.20.1
release/1.20.x
release/1.6.10
release/1.6.7
release/1.6.9
release/1.6.x
release/1.7.10
release/1.7.11
release/1.7.12
release/1.7.13
release/1.7.14
release/1.7.5
release/1.7.6
release/1.7.8
release/1.7.9
release/1.7.x
release/1.8.0
release/1.8.1
release/1.8.10
release/1.8.11
release/1.8.11-beta1
release/1.8.11-beta2
release/1.8.12
release/1.8.13
release/1.8.14
release/1.8.15
release/1.8.17
release/1.8.18
release/1.8.19
release/1.8.2
release/1.8.4
release/1.8.5
release/1.8.6
release/1.8.7
release/1.8.7-beta1
release/1.8.8
release/1.8.9
release/1.8.9-beta1
release/1.8.x
release/1.9.0
release/1.9.0-beta2
release/1.9.0-beta3
release/1.9.0-rc1
release/1.9.1
release/1.9.11
release/1.9.12
release/1.9.13
release/1.9.14
release/1.9.15
release/1.9.16
release/1.9.17
release/1.9.2
release/1.9.3
release/1.9.4
release/1.9.5
release/1.9.6
release/1.9.7
release/1.9.8
release/1.9.9
release/1.9.x
releng-329
remove-deprecated-peering-fields
remove-gogo-getters
remove-legacy-acl-endpoints-cli
remove-legacy-acl-vestiges
remove-references-to-consul-connect
remove-to-ingress
replace-learn-links
resource-type-gen2
resource-type-scope-gen
resource-v1
resource-v1-1.18
retry-flaky
retry-join-timeout
retry-timeout-e2e-test-NET-5208
revert-11376-leadership-transfer-onleave
revert-11692-cherry-pick-fix
revert-17760-backport/docs/lkysow-upgrade/scarcely-master-adder
revert-18796-docs/ext-authz-apigee
revert-19038-NET-5788-fix-ready-listeners-in-core
revert-20682-CC-7479-add-alert-to-link-to-hcp-modal-to-refresh-page
revert-21572-zalimeni/update-bpa
revert-version-updates
robyer/deployer-l7-split-tests
ron-test
routes-controller
sa-restructure-documentation
sar-for-unit-tests
sarah-test
sarah-test-docker-cpus
sarah/test-license-script
sarah/test-reproducible-build
scratch/data-source-metrics
security/auto-go-bump
security/ui-dependency-bump
server-rate-limit/mock-handler-2
server-rate-limit/multilimiter-lock
serverless-via-metadata
service-endpoints-id-ports
service-owner-ref
service-tags-upgrade-fix
shutdown-test-agents
silent-ui-tests
skpratt/acl-controller-test
skpratt/acl-error-debug
skpratt/resource-api-support
skpratt/temp-debug
skpratt/test-coverage-report-ci
skpratt/workload-identity
sm/add-goarm-to-main
smre-317/redhat-projectid
sp/better-make-help
spatel/NET-1847-repro
spatel/NET-3409-automate-goimports-on-commit-using-precommit
spatel/better-testlist-main
spatel/fix-typo
spatel/gci-format-all-the-things
spatel/post-release-fixups
spatel/pre-commit
spatel/sandbox
spatel/scope-required-in-registration
spatel/throwaway
spatel/throwaway-gci-results
spatel/throwaway-gci-results-2
spatel/throwaway-reviser-results
sqm
stable-website
stepbui1-patch-1
streaming-rpc
stub-api-gateway-xds
stub-v2-gateways
suppress-alpine-image-vulns
tagged-addrs
tagger-14
tauhid621/exported_services_api
tauhid621/peer_exported_services_api
temp
temp-branch
terminating-gateway-overrides
terminating-gateway-service
terminating-gateway-service-base
test-branch
test-gh-fix
test-go-build-cache
test-linter
test-no-concurrency
test-no-concurrency-full
test-no-disk
test-prepare
test/jjtimmons/hcp-telemetry
test/load-test-lambda
test/zalimeni/docs-skip-md
test/zalimeni/docs-skip-mdx
test_ci_skip
testingconsul-clean-up
tgw/resolver-query-fix
tgw/resolver-query-fix-1-10
tgw/resolver-query-fix-1-9
traffic-permissions-cache
troubleshoot/changelog
ua-test/conflict-1
udp-check
ui/CC-6137
ui/CC-7062-get-back-metrics-test-with-updated-selector
ui/CC-7062-get-back-metrics-test-with-updated-selector-for-draft
ui/CC-7062-get-back-metrics-test-with-updated-selector-upd
ui/NET-438-add-ent-version-suffix
ui/NET-438/add-ent-version-suffix
ui/NET-5414
ui/ariadne-core-ui
ui/ariadne/ui-changes
ui/backport/1.8.x/11328
ui/bugfix/2-instance-1-proxy
ui/bugfix/403-partitions-endpoint
ui/bugfix/fixup-routlets
ui/bugfix/notfound-t
ui/bugfix/spelling
ui/cc-7178-skip-flakey-test-in-navigation
ui/chore/ci/1.11.x
ui/chore/remove-tooltip-component
ui/chore/standardize-statechart-yield
ui/chore/upgrade-327
ui/chore/upgrade-ember-3-28
ui/codemirror-lint-removal
ui/copy-edits-for-built-in-policy-alert
ui/copy-link-mock-endpoint-to-prefixed-api
ui/de-lint
ui/feature/ember-update-3.28.6
ui/feature/fault-tolerance-link
ui/feature/fix-auth-method-views
ui/feature/has-peerings-class
ui/feature/ui-config-dashboard-urls
ui/feature/use-cut-list-item-for-services
ui/fix-home-link
ui/fix-mock-api-endpoint
ui/fix-tests-whoopsie
ui/node-engine
ui/remove-jsonlint-dep
ui/rm-intention-test-with-latency
ui/scratch/ci-stuff
ui/scratch/empty
ui/scratch/empty-w-route
ui/scratch/light-sshhhhh
ui/scratch/side-app-example
ui/scratch/storybook-overlord
ui/temporary-remove-tests-which-fails-on-consul-enterprise
ui/temporary-remove-token-policy-test
update-api-version
update-go-1.18.9-rboyer
update-golang-x-libs
update-link-to-documents-from-link-to-hcp-modal
update-linux-package-license
update-node-version-to-14
update-to-blessed-fork-of-mapstucture
update-upgrade-test-image
update-version-1.17
update_gen_meta
update_gen_meta-1
update_gen_meta-2
updategolangx
upgrade-1.3-dataplane-to-1.6-dataplane
upgrade-test-remove-docker-login
urldecode-url-query-params-part-1
use_values_yaml_instead_of_config_yaml
using-art-hashi
v2-backend-ref-note
v2-docstring-updates
v2-gateways-api-proto
v2-gateways-controller
v2-tproxy-container-tests
validate-decoded-helper
vanphan24-patch-1
vault-compatability-consul-pki-token
vault-nomad-version-bump
wal-docs
wan-fed-v2
wasm-filters
website/1.10.0
windows-integration-test-envoy
windows-preview
wire-up-traffic-permissions
x/bench-catalog
x/singleflight
x/streaming-v2
x/wal
xds-native-primitives-poc
xds/cds-ack
xw/NET-5725-client-refactor
xw/NET-5725-grpc-cli-clean-up
zalimeni/add-make-target-dependency-update-modules
zalimeni/api-1.23.0-release
zalimeni/api-sdk-backwards-compat-go-version-detect
zalimeni/check-go-max-procs
zalimeni/dhiaayachi/raft-wal-backend-as-default--suggestions
zalimeni/dns-recurse-only-if-enabled
zalimeni/enable-security-scans-release--test
zalimeni/feature/net-1151-l7-intentions-security-fixes--archive
zalimeni/fix-nightly-branch-sourcing-get-go-version
zalimeni/go-work
zalimeni/net-3447-reintroduce-new-extension-resources
zalimeni/net-5189-fix-any-slice-handling-repeated-fields
zalimeni/net-5586-support-virtual-port-xroute-dest
zalimeni/net-5622-consolidate-envoy-version-mgmt-1.17
zalimeni/net-5622-consolidate-envoy-version-mgmt-1.18
zalimeni/net-5622-consolidate-envoy-version-mgmt-test-1.19-nightly
zalimeni/net-5622-consolidate-envoy-version-mgmt-test-nightly-upgrade
zalimeni/net-6597-upgrade-go-jose-go-oidc
zalimeni/net-6600-remove-insecure-hash-use
zalimeni/net-9141-exclude-ce-license-ent
zalimeni/net-9229-remove-coredns-1.16
zalimeni/no-op-test-ci-1.14
zalimeni/sanitize-slack-ci-failure-input--test
zalimeni/skip-failure-notification-slack-on-cancel--test-skip-latest
zalimeni/skip-failure-notification-slack-on-cancel--test-skip-refactor
zalimeni/submodules-to-go-work
zalimeni/test-ci-skips
zalimeni/test-ent-license-exclusion
zalimeni/test-ent-license-exclusion--baseline-main
zalimeni/test-ent-license-exclusion-2
zalimeni/test/main-baseline-envoy-int-tests
zalimeni/tmp-show-least-request-prop-override-golden
zalimeni/try-go-workspace-submodules
zalimeni/update-k8s-docs-1.17.x
zalimeni/update-submodules-post-1.5.0
zalimeni/use-consul-go-version-nomad-vault-int-suite
zalimeni/verify-docker-engine-version
zs.test-mdx-fixes
zs.test-placeholder-page-removal
api/v1.0.0
api/v1.0.1
api/v1.1.0
api/v1.10.0
api/v1.10.1
api/v1.11.0
api/v1.12.0
api/v1.13.0
api/v1.13.1
api/v1.14.0
api/v1.15.0
api/v1.15.1
api/v1.15.2
api/v1.15.3
api/v1.16.0
api/v1.17.0
api/v1.18.0
api/v1.18.1
api/v1.18.2
api/v1.19.0
api/v1.19.1
api/v1.19.2
api/v1.2.0
api/v1.20.0
api/v1.21.0
api/v1.21.1
api/v1.21.2
api/v1.21.3
api/v1.21.4
api/v1.22.0
api/v1.22.0-rc1
api/v1.23.0
api/v1.24.0
api/v1.25.0
api/v1.25.1
api/v1.26.0-rc1
api/v1.26.1
api/v1.26.1-rc1
api/v1.27.0
api/v1.27.1
api/v1.27.2
api/v1.28.0
api/v1.28.0-rc1
api/v1.28.1
api/v1.28.2
api/v1.28.3
api/v1.28.4
api/v1.28.5
api/v1.29.0
api/v1.29.1
api/v1.29.2
api/v1.29.3
api/v1.29.4
api/v1.29.5
api/v1.29.5-rc1
api/v1.29.6
api/v1.3.0
api/v1.30.0
api/v1.4.0
api/v1.5.0
api/v1.6.0
api/v1.7.0
api/v1.8.0
api/v1.8.1
api/v1.9.0
api/v1.9.1
ent-changelog-1.15.11
ent-changelog-1.15.12
ent-changelog-1.15.13
ent-changelog-1.15.14
ent-changelog-1.15.15
ent-changelog-1.16.7
ent-changelog-1.16.8
ent-changelog-1.17.4
ent-changelog-1.17.5
ent-changelog-1.17.6
ent-changelog-1.17.7
ent-changelog-1.18.3
ent-changelog-1.18.4
ent-changelog-1.18.5
ent-changelog-1.19.3
envoyextensions/v0.1.0
envoyextensions/v0.1.1
envoyextensions/v0.1.2
envoyextensions/v0.2.0
envoyextensions/v0.2.1
envoyextensions/v0.2.2
envoyextensions/v0.2.3
envoyextensions/v0.2.4
envoyextensions/v0.3.0
envoyextensions/v0.3.0-rc1
envoyextensions/v0.4.0
envoyextensions/v0.4.1
envoyextensions/v0.5.0-rc1
envoyextensions/v0.5.1
envoyextensions/v0.5.1-rc1
envoyextensions/v0.5.2
envoyextensions/v0.5.3
envoyextensions/v0.5.4
envoyextensions/v0.6.0
envoyextensions/v0.6.0-rc1
envoyextensions/v0.6.1
envoyextensions/v0.6.2
envoyextensions/v0.7.0
envoyextensions/v0.7.1
envoyextensions/v0.7.2
envoyextensions/v0.7.3
envoyextensions/v0.7.4
envoyextensions/v0.7.4-rc1
envoyextensions/v0.7.5
envoyextensions/v0.7.6
internal/v0.1.0
list
proto-public/v0.1.0
proto-public/v0.1.1
proto-public/v0.2.0
proto-public/v0.2.1
proto-public/v0.3.0
proto-public/v0.4.0
proto-public/v0.4.0-rc1
proto-public/v0.4.1
proto-public/v0.5.0-rc1
proto-public/v0.5.1
proto-public/v0.5.1-rc1
proto-public/v0.5.2
proto-public/v0.5.3
proto-public/v0.5.4-rc1
proto-public/v0.6.0
proto-public/v0.6.0-rc1
proto-public/v0.6.1
proto-public/v0.6.2
proto-public/v0.6.3
sdk/v0.1.0
sdk/v0.1.1
sdk/v0.10.0
sdk/v0.11.0
sdk/v0.12.0
sdk/v0.13.0
sdk/v0.13.1
sdk/v0.14.0
sdk/v0.14.0-rc1
sdk/v0.14.1
sdk/v0.14.2-rc1
sdk/v0.14.3-rc1
sdk/v0.15.0
sdk/v0.15.1
sdk/v0.16.0
sdk/v0.16.0-rc1
sdk/v0.16.1
sdk/v0.2.0
sdk/v0.3.0
sdk/v0.4.0
sdk/v0.5.0
sdk/v0.6.0
sdk/v0.7.0
sdk/v0.8.0
sdk/v0.9.0
stable-website-pre-1.12.0-force-push
troubleshoot/v0.1.0
troubleshoot/v0.1.1
troubleshoot/v0.1.2
troubleshoot/v0.2.0
troubleshoot/v0.2.1
troubleshoot/v0.2.2
troubleshoot/v0.3.0
troubleshoot/v0.3.0-rc1
troubleshoot/v0.3.1
troubleshoot/v0.4.0-rc1
troubleshoot/v0.4.1
troubleshoot/v0.4.1-rc1
troubleshoot/v0.5.0
troubleshoot/v0.5.1
troubleshoot/v0.5.2
troubleshoot/v0.5.3
troubleshoot/v0.5.4
troubleshoot/v0.6.0
troubleshoot/v0.6.0-rc1
troubleshoot/v0.6.1
troubleshoot/v0.6.2
troubleshoot/v0.6.3
troubleshoot/v0.6.5
troubleshoot/v0.7.0
troubleshoot/v0.7.1
troubleshoot/v0.7.2
troubleshoot/v0.7.2-rc1
troubleshoot/v0.7.3
v0.1.0
v0.2.0
v0.2.1
v0.3.0
v0.3.1
v0.4.0
v0.4.1
v0.5.0
v0.5.0rc1
v0.5.1
v0.5.2
v0.6.0
v0.6.0-rc1
v0.6.0-rc2
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.6.4-rc1
v0.6.4-rc2
v0.6.4-rc3
v0.7.0
v0.7.0-rc1
v0.7.0-rc2
v0.7.1
v0.7.2
v0.7.2-rc1
v0.7.3
v0.7.4
v0.7.5
v0.8.0
v0.8.0-rc1
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.9.0
v0.9.0-rc1
v0.9.1
v0.9.2
v0.9.3
v0.9.3-rc1
v0.9.3-rc2
v0.9.4
v1.0.0
v1.0.0-beta1
v1.0.0-beta2
v1.0.1
v1.0.1-rc1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.1.0
v1.1.1
v1.10.0
v1.10.0-alpha
v1.10.0-beta1
v1.10.0-beta2
v1.10.0-beta3
v1.10.0-beta4
v1.10.0-rc
v1.10.0-rc2
v1.10.1
v1.10.1-beta1
v1.10.10
v1.10.11
v1.10.12
v1.10.2
v1.10.3
v1.10.4
v1.10.5
v1.10.6
v1.10.7
v1.10.8
v1.10.9
v1.11.0
v1.11.0-alpha
v1.11.0-beta1
v1.11.0-beta2
v1.11.0-beta3
v1.11.0-rc
v1.11.1
v1.11.10
v1.11.11
v1.11.2
v1.11.3
v1.11.4
v1.11.5
v1.11.6
v1.11.7
v1.11.8
v1.11.9
v1.12.0
v1.12.0-beta1
v1.12.1
v1.12.2
v1.12.3
v1.12.4
v1.12.5
v1.12.6
v1.12.7
v1.12.8
v1.12.9
v1.13.0
v1.13.0-alpha1
v1.13.0-alpha2
v1.13.1
v1.13.2
v1.13.3
v1.13.4
v1.13.5
v1.13.6
v1.13.7
v1.13.8
v1.13.9
v1.14.0
v1.14.0-beta1
v1.14.1
v1.14.10
v1.14.11
v1.14.2
v1.14.3
v1.14.4
v1.14.5
v1.14.6
v1.14.7
v1.14.8
v1.14.9
v1.15.0
v1.15.1
v1.15.10
v1.15.11
v1.15.2
v1.15.3
v1.15.4
v1.15.5
v1.15.6
v1.15.7
v1.15.8
v1.15.9
v1.16.0
v1.16.0-rc1
v1.16.1
v1.16.2
v1.16.3
v1.16.4
v1.16.5
v1.16.6
v1.16.7
v1.17.0
v1.17.0-rc1
v1.17.1
v1.17.2
v1.17.3
v1.17.4
v1.18.0
v1.18.0-rc1
v1.18.1
v1.18.2
v1.19.0
v1.19.1
v1.19.2
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.20.0
v1.20.0-rc1
v1.20.1
v1.3.0
v1.3.1
v1.4.0
v1.4.0-rc1
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.5.0
v1.5.1
v1.5.2
v1.5.3
v1.6.0
v1.6.0-beta1
v1.6.0-beta2
v1.6.0-beta3
v1.6.0-rc1
v1.6.1
v1.6.10
v1.6.2
v1.6.3
v1.6.4
v1.6.5
v1.6.6
v1.6.7
v1.6.8
v1.6.9
v1.7.0
v1.7.0-beta1
v1.7.0-beta2
v1.7.0-beta3
v1.7.0-beta4
v1.7.1
v1.7.10
v1.7.11
v1.7.12
v1.7.13
v1.7.14
v1.7.2
v1.7.3
v1.7.4
v1.7.5
v1.7.6
v1.7.7
v1.7.8
v1.7.9
v1.8.0
v1.8.0-beta1
v1.8.0-beta2
v1.8.0-rc1
v1.8.1
v1.8.10
v1.8.11
v1.8.11-beta1
v1.8.11-beta2
v1.8.12
v1.8.13
v1.8.14
v1.8.15
v1.8.16
v1.8.17
v1.8.18
v1.8.19
v1.8.2
v1.8.3
v1.8.4
v1.8.5
v1.8.6
v1.8.7
v1.8.7-beta1
v1.8.8
v1.8.9
v1.8.9-beta1
v1.9.0
v1.9.0-beta1
v1.9.0-beta2
v1.9.0-beta3
v1.9.0-rc1
v1.9.1
v1.9.10
v1.9.11
v1.9.12
v1.9.13
v1.9.14
v1.9.15
v1.9.16
v1.9.17
v1.9.2
v1.9.3
v1.9.4
v1.9.5
v1.9.6
v1.9.7
v1.9.8
v1.9.9
${ noResults }
135 Commits (6302ef31fc60556af4d599dce7b220491dcab302)
Author | SHA1 | Message | Date |
---|---|---|---|
John Murret |
11bcf521ae
|
dns v2 - both empty string and default should be allowed for namespace and partition in CE (#21230)
* dns v2 - both empty string and default should be allowed for namespace and partition in Ce * add changelog * use default partition constant * use constants in validation. --------- Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com> |
6 months ago |
Chris S. Kim |
26661a1c3b
|
Add default intention policy (#20544)
|
10 months ago |
Matt Keeler |
59cb12c798
|
Migrate the Endpoints controller to use the controller cache (#20241)
* Add cache resource decoding helpers * Implement a common package for workload selection facilities. This includes: * Controller cache Index * ACL hooks * Dependency Mapper to go from workload to list of resources which select it * Dependency Mapper to go from a resource which selects workloads to all the workloads it selects. * Update the endpoints controller to use the cache instead of custom mappers. Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com> |
10 months ago |
Mike Nomitch |
302f994410
|
[NET-6640] Adds "Policy" BindType to BindingRule (#19499)
feat: add bind type of policy Co-authored-by: Ronald Ekambi <ronekambi@gmail.com> |
1 year ago |
Iryna Shustava |
dfea3a0efe
|
acls,catalog,mesh: properly authorize workload selectors on writes (#19260)
To properly enforce writes on resources that have workload selectors with prefixes, we need another service authorization rule that allows us to check whether read is allowed within a given prefix. Specifically we need to only allow writes if the policy prefix allows for a wider set of names than the prefix selector on the resource. We should also not allow policies with exact names for prefix matches. Part of [NET-3993] |
1 year ago |
Chris S. Kim |
92ce814693
|
Remove old build tags (#19128)
|
1 year ago |
skpratt |
21ea527089
|
TrafficPermissions: add ACL hooks (#19023)
* add ACL hooks * add hooks for CTPs |
1 year ago |
Iryna Shustava |
d85fc535fb
|
acl: default tenancy with the no-auth ACL resolver (#19006)
When using the no-auth acl resolver (the case for most controllers and the get-envoy-boostrap-params endpoint), ResolveTokenAndDefaultMeta method only returns an acl resolver. However, the resource service relies on the ent meta to be filled in to do the tenancy defaulting and inheriting it from the token when one is present. So this change makes sure that the ent meta defaulting always happens in the ACL resolver. |
1 year ago |
Chris S. Kim |
d090668c37
|
Add workload identity ACL rules (#18769)
|
1 year ago |
Semir Patel |
53e28a4963
|
OSS -> CE (community edition) changes (#18517)
|
1 year ago |
hashicorp-copywrite[bot] |
5fb9df1640
|
[COMPLIANCE] License changes (#18443)
* Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Updating the license from MPL to Business Source License Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at <Blog URL>, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl. * add missing license headers * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 --------- Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com> |
1 year ago |
Jeremy Jacobson |
6424ef6a56
|
[CC-5719] Add support for builtin global-read-only policy (#18319)
* [CC-5719] Add support for builtin global-read-only policy * Add changelog * Add read-only to docs * Fix some minor issues. * Change from ReplaceAll to Sprintf * Change IsValidPolicy name to return an error instead of bool * Fix PolicyList test * Fix other tests * Apply suggestions from code review Co-authored-by: Paul Glass <pglass@hashicorp.com> * Fix state store test for policy list. * Fix naming issues * Update acl/validation.go Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com> * Update agent/consul/acl_endpoint.go --------- Co-authored-by: Paul Glass <pglass@hashicorp.com> Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com> |
1 year ago |
Dan Upton |
a37a441991
|
server: wire up in-process Resource Service (#16978)
|
2 years ago |
Ronald |
4b2137c2fa
|
Add copyright headers for acl, api and bench folders (#16706)
* copyright headers for agent folder * Ignore test data files * fix proto files and remove headers in agent/uiserver folder * ignore deep-copy files * copyright headers for agent folder * fix merge conflicts * copyright headers for agent folder * Ignore test data files * fix proto files * ignore agent/uiserver folder for now * copyright headers for agent folder * Add copyright headers for acl, api and bench folders |
2 years ago |
skpratt |
db2bd404bf
|
Synthesize anonymous token pre-bootstrap when needed (#16200)
* add bootstrapping detail for acl errors * error detail improvements * update acl bootstrapping test coverage * update namespace errors * update test coverage * consolidate error message code and update changelog * synthesize anonymous token * Update token language to distinguish Accessor and Secret ID usage (#16044) * remove legacy tokens * remove lingering legacy token references from docs * update language and naming for token secrets and accessor IDs * updates all tokenID references to clarify accessorID * remove token type references and lookup tokens by accessorID index * remove unnecessary constants * replace additional tokenID param names * Add warning info for deprecated -id parameter Co-authored-by: Paul Glass <pglass@hashicorp.com> * Update field comment Co-authored-by: Paul Glass <pglass@hashicorp.com> --------- Co-authored-by: Paul Glass <pglass@hashicorp.com> * revert naming change * add testing * revert naming change --------- Co-authored-by: Paul Glass <pglass@hashicorp.com> |
2 years ago |
skpratt |
6f0b226b0d
|
ACL error improvements: incomplete bootstrapping and non-existent token (#16105)
* add bootstrapping detail for acl errors * error detail improvements * update acl bootstrapping test coverage * update namespace errors * update test coverage * add changelog * update message for unbootstrapped error * consolidate error message code and update changelog * logout message change |
2 years ago |
skpratt |
9199e99e21
|
Update token language to distinguish Accessor and Secret ID usage (#16044)
* remove legacy tokens * remove lingering legacy token references from docs * update language and naming for token secrets and accessor IDs * updates all tokenID references to clarify accessorID * remove token type references and lookup tokens by accessorID index * remove unnecessary constants * replace additional tokenID param names * Add warning info for deprecated -id parameter Co-authored-by: Paul Glass <pglass@hashicorp.com> * Update field comment Co-authored-by: Paul Glass <pglass@hashicorp.com> --------- Co-authored-by: Paul Glass <pglass@hashicorp.com> |
2 years ago |
skpratt |
a010902978
|
Remove legacy acl policies (#15922)
* remove legacy tokens * remove legacy acl policies * flatten test policies to *_prefix * address oss feedback re: phrasing and tests |
2 years ago |
skpratt |
ad43846755
|
Remove legacy acl tokens (#15947)
* remove legacy tokens * Update test comment Co-authored-by: Paul Glass <pglass@hashicorp.com> * fix imports * update docs for additional CLI changes * add test case for anonymous token * set deprecated api fields to json ignore and fix patch errors * update changelog to breaking-change * fix import * update api docs to remove legacy reference * fix docs nav data --------- Co-authored-by: Paul Glass <pglass@hashicorp.com> |
2 years ago |
Thomas Eckert |
13da1a5285
|
Native API Gateway Config Entries (#15897)
* Stub Config Entries for Consul Native API Gateway (#15644) * Add empty InlineCertificate struct and protobuf * apigateway stubs * Stub HTTPRoute in api pkg * Stub HTTPRoute in structs pkg * Simplify api.APIGatewayConfigEntry to be consistent w/ other entries * Update makeConfigEntry switch, add docstring for HTTPRouteConfigEntry * Add TCPRoute to MakeConfigEntry, return unique Kind * Stub BoundAPIGatewayConfigEntry in agent * Add RaftIndex to APIGatewayConfigEntry stub * Add new config entry kinds to validation allow-list * Add RaftIndex to other added config entry stubs * Update usage metrics assertions to include new cfg entries * Add Meta and acl.EnterpriseMeta to all new ConfigEntry types * Remove unnecessary Services field from added config entry types * Implement GetMeta(), GetEnterpriseMeta() for added config entry types * Add meta field to proto, name consistently w/ existing config entries * Format config_entry.proto * Add initial implementation of CanRead + CanWrite for new config entry types * Add unit tests for decoding of new config entry types * Add unit tests for parsing of new config entry types * Add unit tests for API Gateway config entry ACLs * Return typed PermissionDeniedError on BoundAPIGateway CanWrite * Add unit tests for added config entry ACLs * Add BoundAPIGateway type to AllConfigEntryKinds * Return proper kind from BoundAPIGateway * Add docstrings for new config entry types * Add missing config entry kinds to proto def * Update usagemetrics_oss_test.go * Use utility func for returning PermissionDeniedError * EventPublisher subscriptions for Consul Native API Gateway (#15757) * Create new event topics in subscribe proto * Add tests for PBSubscribe func * Make configs singular, add all configs to PBToStreamSubscribeRequest * Add snapshot methods * Add config_entry_events tests * Add config entry kind to topic for new configs * Add unit tests for snapshot methods * Start adding integration test * Test using the new controller code * Update agent/consul/state/config_entry_events.go * Check value of error * Add controller stubs for API Gateway (#15837) * update initial stub implementation * move files, clean up mutex references * Remove embed, use idiomatic names for constructors * Remove stray file introduced in merge * Add APIGateway validation (#15847) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * APIGateway InlineCertificate validation (#15856) * Add APIGateway validation * Add additional validations * Add protobuf definitions * Tabs to spaces * Add API structs * Move struct fields around a bit * Add validation for InlineCertificate * Fix ACL test * APIGateway BoundAPIGateway validation (#15858) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * Add validation for BoundAPIGateway * APIGateway TCPRoute validation (#15855) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Add TCPRoute normalization and validation * Add forgotten Status * Add some more field docs in api package * Fix test * Format imports * Rename snapshot test variable names * Add plumbing for Native API GW Subscriptions (#16003) Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com> |
2 years ago |
Chris S. Kim |
a7b34d50fc
|
Output user-friendly name for anonymous token (#15884)
|
2 years ago |
Dhia Ayachi |
f04f88e4b9
|
add missing code and fix enterprise specific code (#15375)
* add missing code and fix enterprise specific code * fix retry * fix flaky tests * fix linter error in test |
2 years ago |
Dhia Ayachi |
225ae55e83
|
Leadership transfer cmd (#14132)
* add leadership transfer command * add RPC call test (flaky) * add missing import * add changelog * add command registration * Apply suggestions from code review Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> * add the possibility of providing an id to raft leadership transfer. Add few tests. * delete old file from cherry pick * rename changelog filename to PR # * rename changelog and fix import * fix failing test * check for OperatorWrite Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> * rename from leader-transfer to transfer-leader * remove version check and add test for operator read * move struct to operator.go * first pass * add code for leader transfer in the grpc backend and tests * wire the http endpoint to the new grpc endpoint * remove the RPC endpoint * remove non needed struct * fix naming * add mog glue to API * fix comment * remove dead code * fix linter error * change package name for proto file * remove error wrapping * fix failing test * add command registration * add grpc service mock tests * fix receiver to be pointer * use defined values Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> * reuse MockAclAuthorizer * add documentation * remove usage of external.TokenFromContext * fix failing tests * fix proto generation * Apply suggestions from code review Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> * Apply suggestions from code review * add more context in doc for the reason * Apply suggestions from docs code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * regenerate proto * fix linter errors Co-authored-by: github-team-consul-core <github-team-consul-core@hashicorp.com> Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> |
2 years ago |
Freddy |
c58f86a00f
|
Fixup authz for data imported from peers (#15347)
There are a few changes that needed to be made to to handle authorizing reads for imported data: - If the data was imported from a peer we should not attempt to read the data using the traditional authz rules. This is because the name of services/nodes in a peer cluster are not equivalent to those of the importing cluster. - If the data was imported from a peer we need to check whether the token corresponds to a service, meaning that it has service:write permissions, or to a local read only token that can read all nodes/services in a namespace. This required changes at the policyAuthorizer level, since that is the only view available to OSS Consul, and at the enterprise partition/namespace level. |
2 years ago |
malizz |
b51f0e25e9
|
update ACLs for cluster peering (#15317)
* update ACLs for cluster peering * add changelog * Update .changelog/15317.txt Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com> Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com> |
2 years ago |
Chris S. Kim | bde57c0dd0 |
Regenerate files according to 1.19.2 formatter
|
2 years ago |
freddygv | bf51021c07 |
Use split wildcard partition name
This way OSS avoids passing a non-empty label, which will be rejected in OSS consul. |
2 years ago |
freddygv | b544ce6485 |
Add ACL enforcement to peering endpoints
|
2 years ago |
Freddy |
f99df57840
|
[OSS] Add new peering ACL rule (#13848)
This commit adds a new ACL rule named "peering" to authorize actions taken against peering-related endpoints. The "peering" rule has several key properties: - It is scoped to a partition, and MUST be defined in the default namespace. - Its access level must be "read', "write", or "deny". - Granting an access level will apply to all peerings. This ACL rule cannot be used to selective grant access to some peerings but not others. - If the peering rule is not specified, we fall back to the "operator" rule and then the default ACL rule. |
2 years ago |
Matt Keeler |
5105835cb2
|
Allow the /v1/internal/acl/authorize endpoint to authorize the “peering” resource (#13646)
Currently this just checks for operator read. In the near future it will check for peering specific rules once those are implemented. |
2 years ago |
Dan Upton |
e00e3a0bc3
|
Move ACLResolveResult into acl/resolver package (#13467)
Having this type live in the agent/consul package makes it difficult to put anything that relies on token resolution (e.g. the new gRPC services) in separate packages without introducing import cycles. For example, if package foo imports agent/consul for the ACLResolveResult type it means that agent/consul cannot import foo to register its service. We've previously worked around this by wrapping the ACLResolver to "downgrade" its return type to an acl.Authorizer - aside from the added complexity, this also loses the resolved identity information. In the future, we may want to move the whole ACLResolver into the acl/resolver package. For now, putting the result type there at least, fixes the immediate import cycle issues. |
2 years ago |
Chris S. Kim |
bb832e2bba
|
Add SourcePeer fields to relevant Intentions types (#13390)
|
2 years ago |
freddygv | 647c57a416 |
Add agent cache-type for TrustBundleListByService
There are a handful of changes in this commit: * When querying trust bundles for a service we need to be able to specify the namespace of the service. * The endpoint needs to track the index because the cache watches use it. * Extracted bulk of the endpoint's logic to a state store function so that index tracking could be tested more easily. * Removed check for service existence, deferring that sort of work to ACL authz * Added the cache type |
3 years ago |
Freddy |
4e215dc411
|
[OSS] Add upsert handling for receiving CheckServiceNode (#13061)
|
3 years ago |
Dan Upton |
a668c36930
|
acl: gRPC login and logout endpoints (#12935)
Introduces two new public gRPC endpoints (`Login` and `Logout`) and includes refactoring of the equivalent net/rpc endpoints to enable the majority of logic to be reused (i.e. by extracting the `Binder` and `TokenWriter` types). This contains the OSS portions of the following enterprise commits: - 75fcdbfcfa6af21d7128cb2544829ead0b1df603 - bce14b714151af74a7f0110843d640204082630a - cc508b70fbf58eda144d9af3d71bd0f483985893 |
3 years ago |
R.B. Boyer |
f507f62f3c
|
peering: initial sync (#12842)
- Add endpoints related to peering: read, list, generate token, initiate peering - Update node/service/check table indexing to account for peers - Foundational changes for pushing service updates to a peer - Plumb peer name through Health.ServiceNodes path see: ENT-1765, ENT-1280, ENT-1283, ENT-1283, ENT-1756, ENT-1739, ENT-1750, ENT-1679, ENT-1709, ENT-1704, ENT-1690, ENT-1689, ENT-1702, ENT-1701, ENT-1683, ENT-1663, ENT-1650, ENT-1678, ENT-1628, ENT-1658, ENT-1640, ENT-1637, ENT-1597, ENT-1634, ENT-1613, ENT-1616, ENT-1617, ENT-1591, ENT-1588, ENT-1596, ENT-1572, ENT-1555 Co-authored-by: R.B. Boyer <rb@hashicorp.com> Co-authored-by: freddygv <freddy@hashicorp.com> Co-authored-by: Chris S. Kim <ckim@hashicorp.com> Co-authored-by: Evan Culver <eculver@hashicorp.com> Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com> |
3 years ago |
Mark Anderson | 897ba08cfd |
add new entmeta stuff.
Signed-off-by: Mark Anderson <manderson@hashicorp.com> |
3 years ago |
R.B. Boyer |
d06183ba7f
|
syncing changes back from enterprise (#12701)
|
3 years ago |
Mark Anderson |
667fac8db1
|
Fixups for error messages from ACL Errors (#12620)
Fixups for error messages from ACL Errors Alter error messages to be more verbose and explanatory, something like: Permission denied: token with AccessorID '8a2d52a0-6b41-7077-8374-09d4fafa2d30 ' lacks permission 'service:read' on "foobar" on "foobar" in partition "foo" in namespace "bar" Signed-off-by: Mark Anderson <manderson@hashicorp.com> |
3 years ago |
Riddhi Shah | 95362cc5ea |
ACL pkg updates to support Agentless RPCs
For many of the new RPCs that will be added in Consul servers for Agentless work, the ACL token will need to be authorized for service:write on any service in any namespace in any partition. The ACL package updates are to make ServiceWriteAny related helpers available on the different authorizers. |
3 years ago |
Mark Anderson |
fa63aed1fa
|
Add source of authority annotations to the PermissionDeniedError output. (#12567)
This extends the acl.AllowAuthorizer with source of authority information. The next step is to unify the AllowAuthorizer and ACLResolveResult structures; that will be done in a separate PR. Part of #12481 Signed-off-by: Mark Anderson <manderson@hashicorp.com> |
3 years ago |
Mark Anderson |
aaefe15613
|
Bulk acl message fixup oss (#12470)
* First pass for helper for bulk changes Signed-off-by: Mark Anderson <manderson@hashicorp.com> * Convert ACLRead and ACLWrite to new form Signed-off-by: Mark Anderson <manderson@hashicorp.com> * AgentRead and AgentWRite Signed-off-by: Mark Anderson <manderson@hashicorp.com> * Fix EventWrite Signed-off-by: Mark Anderson <manderson@hashicorp.com> * KeyRead, KeyWrite, KeyList Signed-off-by: Mark Anderson <manderson@hashicorp.com> * KeyRing Signed-off-by: Mark Anderson <manderson@hashicorp.com> * NodeRead NodeWrite Signed-off-by: Mark Anderson <manderson@hashicorp.com> * OperatorRead and OperatorWrite Signed-off-by: Mark Anderson <manderson@hashicorp.com> * PreparedQuery Signed-off-by: Mark Anderson <manderson@hashicorp.com> * Intention partial Signed-off-by: Mark Anderson <manderson@hashicorp.com> * Fix ServiceRead, Write ,etc Signed-off-by: Mark Anderson <manderson@hashicorp.com> * Error check ServiceRead? Signed-off-by: Mark Anderson <manderson@hashicorp.com> * Fix Sessionread/Write Signed-off-by: Mark Anderson <manderson@hashicorp.com> * Fixup snapshot ACL Signed-off-by: Mark Anderson <manderson@hashicorp.com> * Error fixups for txn Signed-off-by: Mark Anderson <manderson@hashicorp.com> * Add changelog Signed-off-by: Mark Anderson <manderson@hashicorp.com> * Fixup review comments Signed-off-by: Mark Anderson <manderson@hashicorp.com> |
3 years ago |
Mark Anderson | 1a16f7ee70 |
Refactor to make ACL errors more structured. (#12308)
* First phase of refactoring PermissionDeniedError Add extended type PermissionDeniedByACLError that captures information about the accessor, particular permission type and the object and name of the thing being checked. It may be worth folding the test and error return into a single helper function, that can happen at a later date. Signed-off-by: Mark Anderson <manderson@hashicorp.com> |
3 years ago |
R.B. Boyer | b60d89e7ef |
bulk rewrite using this script
set -euo pipefail unset CDPATH cd "$(dirname "$0")" for f in $(git grep '\brequire := require\.New(' | cut -d':' -f1 | sort -u); do echo "=== require: $f ===" sed -i '/require := require.New(t)/d' $f # require.XXX(blah) but not require.XXX(tblah) or require.XXX(rblah) sed -i 's/\brequire\.\([a-zA-Z0-9_]*\)(\([^tr]\)/require.\1(t,\2/g' $f # require.XXX(tblah) but not require.XXX(t, blah) sed -i 's/\brequire\.\([a-zA-Z0-9_]*\)(\(t[^,]\)/require.\1(t,\2/g' $f # require.XXX(rblah) but not require.XXX(r, blah) sed -i 's/\brequire\.\([a-zA-Z0-9_]*\)(\(r[^,]\)/require.\1(t,\2/g' $f gofmt -s -w $f done for f in $(git grep '\bassert := assert\.New(' | cut -d':' -f1 | sort -u); do echo "=== assert: $f ===" sed -i '/assert := assert.New(t)/d' $f # assert.XXX(blah) but not assert.XXX(tblah) or assert.XXX(rblah) sed -i 's/\bassert\.\([a-zA-Z0-9_]*\)(\([^tr]\)/assert.\1(t,\2/g' $f # assert.XXX(tblah) but not assert.XXX(t, blah) sed -i 's/\bassert\.\([a-zA-Z0-9_]*\)(\(t[^,]\)/assert.\1(t,\2/g' $f # assert.XXX(rblah) but not assert.XXX(r, blah) sed -i 's/\bassert\.\([a-zA-Z0-9_]*\)(\(r[^,]\)/assert.\1(t,\2/g' $f gofmt -s -w $f done |
3 years ago |
R.B. Boyer | 31f6f55bbe |
test: normalize require.New and assert.New syntax
|
3 years ago |
freddygv | ed6076db26 |
Rename partition-exports to exported-services
Using a name less tied to partitions gives us more flexibility to use this config entry in OSS for exports between datacenters/meshes. |
3 years ago |
R.B. Boyer |
1e02460bd1
|
re-run gofmt on 1.17 (#11579)
This should let freshly recompiled golangci-lint binaries using Go 1.17 pass 'make lint' |
3 years ago |
Daniel Nephin | 8ba760a2fc |
acl: remove id and revision from Policy constructors
The fields were removed in a previous commit. Also remove an unused constructor for PolicyMerger |
3 years ago |
Daniel Nephin | 7c679c11e6 |
acl: remove Policy.ID and Policy.Revision
These two fields do not appear to be used anywhere. We use the structs.ACLPolicy ID in the ACLResolver cache, but the acl.Policy ID and revision are not used. |
3 years ago |
freddygv | 43360eb216 |
Rework acl exports interface
|
3 years ago |