84eda5fcd5
Backport of ci: increase runner size for security scans into release/1.17.x ( #20071 )
...
backport of commit e84dd20cb4
2024-01-02 18:17:08 +00:00
4e1e51904b
Backport of NET-6943 - Replace usage of deprecated Envoy field envoy.config.router.v3.WeightedCluster.total_weight. into release/1.17.x ( #20061 )
...
* no-op commit due to failed cherry-picking
* NET-6943 - Replace usage of deprecated Envoy field envoy.config.router.v3.WeightedCluster.total_weight. (#20011 )
---------
Co-authored-by: temp <temp@hashicorp.com>
Co-authored-by: John Murret <john.murret@hashicorp.com>
2024-01-02 17:31:51 +00:00
ce7e73bb3a
Backport of [DO NOT MERGE UNTIL EOY] update year in LICENSE and copywrite files into release/1.17.x ( #20067 )
2024-01-02 09:00:24 -08:00
59da5e792f
Backport into 1.17 of NET-6944 - Replace usage of deprecated Envoy field envoy.extensions.filters.http.lua.v3.Lua.inline_code ( #20054 )
...
NET-6944 - Replace usage of deprecated Envoy field envoy.extensions.filters.http.lua.v3.Lua.inline_code (#20012 )
2023-12-22 18:00:58 +00:00
cc9b6e2a02
Backport of fix formatting issue in envoy bootstrapping. into release/1.17.x ( #20043 )
...
backport of commit c4c2ddef30
2023-12-21 16:20:45 -07:00
4208875d5b
Backport of NET-6942 - Replace usage of deprecated Envoy field envoy.config.cluster.v3.Cluster.http_protocol_options. into release/1.17.x ( #20033 )
...
* backport of commit 79711465e0c9e5801e7e
2023-12-21 15:16:23 -07:00
8a0ea776da
Dockerfile: backport of #20014 for 1.17.x ( #20035 )
...
* Update Dockerfile
* Create 20014.txt
2023-12-21 13:22:46 -08:00
c8bbd39ca7
Backport of [NET-7009] security: update x/crypto to 0.17.0 into release/1.17.x ( #20029 )
...
backport of commit d8a33b4e72
2023-12-21 20:35:44 +00:00
e2a07a85e2
Backport of [NET-6969] security: Re-enable Go Module + secrets security scans for release branches into release/1.17.x ( #20021 )
...
* backport of commit 63030c8bb6f40a132a83
2023-12-21 15:29:46 +00:00
03c94a7cf0
Backport of agent: prevent empty server_metadata.json into release/1.17.x ( #19997 )
...
backport of commit 9fc0fc3dcc
2023-12-21 10:05:17 -05:00
5c7130b5a8
Update Helm Documenation with changes from release 1.3.1 ( #20004 )
2023-12-19 22:15:22 +00:00
64130aa4a3
Backport of NET 6409 into release/1.17.x ( #19987 )
...
NET 6409 (#19515 )
* Update website/content/docs/k8s/k8s-cli.mdx
* Update website/content/docs/k8s/k8s-cli.mdx
* fix doc
* Update website/content/docs/k8s/k8s-cli.mdx
---------
Co-authored-by: Ashesh Vidyut <134911583+absolutelightning@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2023-12-19 12:53:27 +05:30
1198fdd842
Backport of Net 6603 into release/1.17.x ( #19981 )
...
* no-op commit due to failed cherry-picking
* Net 6603 (#19718 )
* Update docs for NET-6603
* json format
* json caps
* Update website/content/docs/k8s/k8s-cli.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
---------
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
---------
Co-authored-by: temp <temp@hashicorp.com>
Co-authored-by: Ashesh Vidyut <134911583+absolutelightning@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-12-19 06:54:43 +00:00
8860173066
Backport of docs: Update network segments in compat matrix for Enterprise features into release/1.17.x ( #19984 )
...
backport of commit 225cd7fffb
2023-12-18 22:36:53 +00:00
d3ae8cf145
Backport of docs: typo formatting consul-k8s docs into release/1.17.x ( #19977 )
...
backport of commit 798f925b90
2023-12-18 20:21:50 +00:00
f5ab81e124
Backport of ci: upload test results to DataDog on test failure into release/1.17.x ( #19964 )
...
backport of commit 0085e75996
2023-12-15 22:37:09 +00:00
ad4851c973
Backport of Fix bug with prepared queries using sameness-groups. into release/1.17.x ( #19972 )
...
backport of commit 21bde38517
2023-12-15 13:17:08 -06:00
e8b710f861
Backport of Fix typo in service-defaults documentation into release/1.17.x ( #19961 )
...
backport of commit ce3277570c
2023-12-15 13:55:46 -05:00
4b35839bc3
update changelog and version ( #19967 )
2023-12-15 10:03:12 -08:00
94737e0718
Backport of NET-6317 - update usage of deprecated fields: http2_protocol_options and access_log_path into release/1.17.x ( #19953 )
...
* backport of commit 4d45c672b31e8797522e691dab71bd924d61fc04
2023-12-14 14:10:25 -07:00
e242648ba4
Backport of cli: Deprecate the `-admin-access-log-path` flag from `consul connect envoy` command in favor of: `-admin-access-log-config`. into release/1.17.x ( #19955 )
...
* backport of commit 9c1948362f23ae663d10af2d64e077
2023-12-14 14:09:53 -07:00
ed3ff29c4b
Backport of Update telemetry.mdx RPC Metrics into release/1.17.x ( #19949 )
...
* backport of commit ea114971a38df9c6f3bae2a3294b00
2023-12-14 11:15:01 -08:00
88d903731b
Backport of NET-6785: updating peering docs to include stream status and remote data into release/1.17.x ( #19938 )
...
backport of commit a785cbf3d1
2023-12-14 12:27:23 +05:30
a1b8cadb3b
Backport of docs: service rate limiting examples into release/1.17.x ( #19926 )
...
* backport of commit 8bbd7adc5c7540412043
2023-12-12 16:05:28 -08:00
38074d08f7
Backport of fix: token list in Role details page is updated with tokens linked to… into release/1.17.x ( #19923 )
...
fix: token list in Role details page is updated with tokens linked to… (#19912 )
Co-authored-by: Valeriia Ruban <valeriia.ruban@hashicorp.com>
2023-12-12 11:06:59 -08:00
c4caa3147d
Backport of Hash based config entry replication into release/1.17.x ( #19916 )
...
add hash based config entry replication
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2023-12-12 13:36:07 -05:00
6c6d978634
Backport of Remove warning for consul 1.17 deprecation into release/1.17.x ( #19905 )
...
backport of commit 8d43647ed9
2023-12-12 10:05:45 -05:00
a896e58d93
Backport of NET-6900: stop reconciling services when peering is enabled into release/1.17.x ( #19917 )
...
backport of commit a406813631
2023-12-12 08:01:30 -07:00
9cb44f6222
Backport of fix: remove test to unblock CI into release/1.17.x ( #19911 )
...
backport of commit de839085b9
2023-12-11 20:20:34 -08:00
1f7e42543e
Backport of docs: Updates to required ports into release/1.17.x ( #19898 )
...
* backport of commit 5a3c616f75bf1e4681b1a762adee3c8cb3f06ac9c97e52b082
2023-12-11 14:57:41 -08:00
b11ccb9c27
Backport of Add documentation for proxy-config-map and xds_fetch_timeout_ms. into release/1.17.x ( #19896 )
...
backport of commit 85e942475a
2023-12-11 15:57:55 -06:00
b24acb6fb3
Backport of [NET-6842] splitting go version on different lines into release/1.17.x ( #19891 )
...
backport of commit 2e594e15a9
2023-12-11 16:32:47 +00:00
212485578c
Backport of: Fix ClusterLoadAssignment timeouts dropping endpoints. into 1.17 ( #19884 )
...
Fix ClusterLoadAssignment timeouts dropping endpoints.
When a large number of upstreams are configured on a single envoy
proxy, there was a chance that it would timeout when waiting for
ClusterLoadAssignments. While this doesn't always immediately cause
issues, consul-dataplane instances appear to consistently drop
endpoints from their configurations after an xDS connection is
re-established (the server dies, random disconnect, etc).
This commit adds an `xds_fetch_timeout_ms` config to service registrations
so that users can set the value higher for large instances that have
many upstreams. The timeout can be disabled by setting a value of `0`.
This configuration was introduced to reduce the risk of causing a
breaking change for users if there is ever a scenario where endpoints
would never be received. Rather than just always blocking indefinitely
or for a significantly longer period of time, this config will affect
only the service instance associated with it.
2023-12-11 10:02:33 -06:00
fed1b2142d
Backport of Fix a test flake where a retry timer was being reused causing tests after the first to exit early into release/1.17.x ( #19869 )
...
backport of commit 4362d06542
2023-12-08 13:28:21 -05:00
f80fc2b548
Backport of Fix xDS missing endpoint race condition. into release/1.17.x ( #19874 )
...
backport of commit 7d8764dc0e
2023-12-08 11:59:21 -06:00
94fd096bfc
Backport of Remove Duplicate UBI Tags into release/1.17.x ( #19791 )
...
backport of commit caf160b65d
2023-12-08 17:27:48 +00:00
880713a10b
[Backport 1.17.x] Add CE version of Gateway Upstream Disambiguation ( #19868 )
...
* Add CE version of Gateway Upstream Disambiguation
* Add range variable shadow
---------
Co-authored-by: Thomas Eckert <teckert@hashicorp.com>
2023-12-08 17:00:14 +00:00
a34009b7c1
Backport of parse config protocol on write to optimize disco-chain compilation into release/1.17.x ( #19859 )
...
* parse config protocol on write to optimize disco-chain compilation (#19829 )
* parse config protocol on write to optimize disco-chain compilation
* add changelog
* add test fixes from PR
* adding missing config field
---------
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2023-12-07 15:35:26 -05:00
90638a4b6a
Backport of NET-6784: Adding cli command to list exported services to a peer into release/1.17.x ( #19851 )
...
* backport of commit 53f3d35d5ff75f976006f6c7fceafa6d956180fd
2023-12-07 13:40:42 +05:30
1eeae85806
Backport of Default "stats_flush_interval" to 1 minute for Consul Telemetry Collector into release/1.17.x ( #19703 )
...
* backport of commit 129d6bf20a5d597a3b53a6e8c5a93500c720748f74e632ea574a9a7a1f83
2023-12-06 13:18:15 -08:00
dfc5542fac
Backport of [NET-6650] Bump go version to 1.20.12 into release/1.17.x ( #19846 )
...
backport of commit af6045cdf1
2023-12-06 16:14:22 -05:00
1a5ace03f0
Backport of improve client RPC metrics consistency into release/1.17.x ( #19843 )
...
* backport of commit 06507fe05314e160573d088ec70f90
2023-12-06 14:06:17 -05:00
44a5abac07
Backport of cli: add a string method to gvk struct into release/1.17.x ( #19707 )
...
backport of commit a94fcc7077
2023-12-06 18:17:23 +00:00
b1acee8f94
Backport of [NET-6251] Nomad client templated policy into release/1.17.x ( #19839 )
...
backport of commit 9a8d0c848b
2023-12-06 11:18:33 -05:00
81a22ae9b6
Manual Backport of [Cloud][CC-6925] Updates to pushing server state into release/1.17.x ( #19810 )
...
* [Cloud][CC-6925] Updates to pushing server state (#19682 )
* Upgrade hcp-sdk-go to latest version v0.73
Changes:
- go get github.com/hashicorp/hcp-sdk-go
- go mod tidy
* From upgrade: regenerate protobufs for upgrade from 1.30 to 1.31
Ran: `make proto`
Slack: https://hashicorp.slack.com/archives/C0253EQ5B40/p1701105418579429
* From upgrade: fix mock interface implementation
After upgrading, there is the following compile error:
cannot use &mockHCPCfg{} (value of type *mockHCPCfg) as "github.com/hashicorp/hcp-sdk-go/config".HCPConfig value in return statement: *mockHCPCfg does not implement "github.com/hashicorp/hcp-sdk-go/config".HCPConfig (missing method Logout)
Solution: update the mock to have the missing Logout method
* From upgrade: Lint: remove usage of deprecated req.ServerState.TLS
Due to upgrade, linting is erroring due to usage of a newly deprecated field
22:47:56 [consul]: make lint
--> Running golangci-lint (.)
agent/hcp/testing.go:157:24: SA1019: req.ServerState.TLS is deprecated: use server_tls.internal_rpc instead. (staticcheck)
time.Until(time.Time(req.ServerState.TLS.CertExpiry)).Hours()/24,
^
* From upgrade: adjust oidc error message
From the upgrade, this test started failing:
=== FAIL: internal/go-sso/oidcauth TestOIDC_ClaimsFromAuthCode/failed_code_exchange (re-run 2) (0.01s)
oidc_test.go:393: unexpected error: Provider login failed: Error exchanging oidc code: oauth2: "invalid_grant" "unexpected auth code"
Prior to the upgrade, the error returned was:
```
Provider login failed: Error exchanging oidc code: oauth2: cannot fetch token: 401 Unauthorized\nResponse: {\"error\":\"invalid_grant\",\"error_description\":\"unexpected auth code\"}\n
```
Now the error returned is as below and does not contain "cannot fetch token"
```
Provider login failed: Error exchanging oidc code: oauth2: "invalid_grant" "unexpected auth code"
```
* Update AgentPushServerState structs with new fields
HCP-side changes for the new fields are in:
https://github.com/hashicorp/cloud-global-network-manager-service/pull/1195/files
* Minor refactor for hcpServerStatus to abstract tlsInfo into struct
This will make it easier to set the same tls-info information to both
- status.TLS (deprecated field)
- status.ServerTLSMetadata (new field to use instead)
* Update hcpServerStatus to parse out information for new fields
Changes:
- Improve error message and handling (encountered some issues and was confused)
- Set new field TLSInfo.CertIssuer
- Collect certificate authority metadata and set on TLSInfo.CertificateAuthorities
- Set TLSInfo on both server.TLS and server.ServerTLSMetadata.InternalRPC
* Update serverStatusToHCP to convert new fields to GNM rpc
* Add changelog
* Feedback: connect.ParseCert, caCerts
* Feedback: refactor and unit test server status
* Feedback: test to use expected struct
* Feedback: certificate with intermediate
* Feedback: catch no leaf, remove expectedErr
* Feedback: update todos with jira ticket
* Feedback: mock tlsConfigurator
* make proto for additional file in 1.17 not in main
2023-12-04 15:34:24 -05:00
45468ffe92
Backport of docs: improvements to v2 catalog explanation into release/1.17.x ( #19802 )
...
* backport of commit 425888af3493f981e702
2023-12-01 14:57:02 -08:00
cfbc6282e4
Backport of Docs: FIPS - add cluster peering info ( #19768 ) ( #19792 )
...
Docs: FIPS - add cluster peering info (#19768 )
* Docs: FIPS - add cluster peering info
* Update website/content/docs/enterprise/fips.mdx
* Update website/content/docs/enterprise/fips.mdx
* Update website/content/docs/enterprise/fips.mdx
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-12-01 08:19:23 -08:00
b099833774
Pin lint-consul-retry to version 1.3.0 ( #19776 )
...
The new version finds more issues which are fixed on main and not being backported.
2023-11-29 21:39:32 +00:00
f0bd34712e
Backport of [NET-6725] test: Address occasional flakes in sidecarproxy/controller_test.go into release/1.17.x ( #19772 )
...
backport of commit 5be0c8f89b
2023-11-29 17:42:08 +00:00
c8b5dfba94
Backport of docs: Rename locality docs observe section to verification into release/1.17.x ( #19771 )
...
* backport of commit 6aed75aead92cbc56337
2023-11-29 12:21:59 -05:00
hc-github-team-consul-core