* NET-2397: Add readme.md to upgrade test subdirectory
* remove test code
* fix link and update steps of adding new test cases (#16654)
* fix link and update steps of adding new test cases
* Apply suggestions from code review
---------
---------
Co-authored-by: cskh <hui.kang@hashicorp.com>
Co-authored-by: Nick Irvine <115657443+nfi-hashicorp@users.noreply.github.com>
* backport of commit 9ea73b3b8d
* backport of commit d3cffdeb4d
* backport of commit 0848aac017
* backport of commit 90b5e39d2d
* Refactor and fix flaky tests
* Fix bad merge
* add file that was never backported
* Fix bad merge again
* fix duplicate method
* remove extra import
* backport a slew of testing library code
* backport changes coinciding with library update
* backport changes coinciding with library update
---------
Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
* backport of commit 892d389d9b
* backport of commit 8a2468d6b5
* backport of commit f56894fdc1
* backport of commit ced73fc2ce
---------
Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
* backport of commit e14b4301fa
* backport of commit 525501337d
* backport of commit b1b2abc14a
* backport of commit ecaeff26aa
---------
Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
* no-op commit due to failed cherry-picking
* add http url path rewrite
* add Mike's test back in
* update kind to use api.APIGateway
---------
Co-authored-by: temp <temp@hashicorp.com>
Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
* Inline API Gateway TLS cert code (#16295)
* Include secret type when building resources from config snapshot
* First pass at generating envoy secrets from api-gateway snapshot
* Update comments for xDS update order
* Add secret type + corresponding golden files to existing tests
* Initialize test helpers for testing api-gateway resource generation
* Generate golden files for new api-gateway xDS resource test
* Support ADS for TLS certificates on api-gateway
* Configure TLS on api-gateway listeners
* Inline TLS cert code
* update tests
* Add SNI support so we can have multiple certificates
* Remove commented out section from helper
* regen deep-copy
* Add tcp tls test
---------
Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
* Fix bad merge
---------
Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
* [API Gateway] Add integration test for conflicted TCP listeners
* [API Gateway] Update simple test to leverage intentions and multiple listeners
* Fix broken unit test
* [API Gateway] Add integration test for HTTP routes
* [API Gateway] Add integration test for conflicted TCP listeners
* [API Gateway] Update simple test to leverage intentions and multiple listeners
* Fix broken unit test
* PR suggestions
Prior to this commit, secondary datacenters could not be initialized
as peering acceptors if ACLs were enabled. This is due to the fact that
internal server-to-server API calls would fail because the management
token was not generated. This PR makes it so that both primary and
secondary datacenters generate their own management token whenever
a leader is elected in their respective clusters.
1. Upgraded agent can inherit the persisted token and join the cluster
2. Agent token prior to upgrade is still valid after upgrade
3. Enable ACL in the agent configuration
Paul Banks