Commit Graph

14709 Commits (90b42c66fa61956cb7ce9d50595c3a9328e7e7d8)

Author SHA1 Message Date
Jared Kirschner 9e8bda1f3c Generalize base64 command usage in docs
The base64 CLI utility has two different short flag arguments for decode
depending on the platform: -D and -d.

Previously, the docs used the -D flag exclusively with the base64 utility.
Luckily, the long form of the flag is the same across platforms: --decode.

All uses of the base64 -D flag have been replaced with --decode.
2021-07-28 12:34:38 -04:00
Kenia ae34d7b4cd ui: Fix dropdown option duplications (#10706) 2021-07-27 21:34:53 +00:00
Chris S. Kim 74fa06f243
agent: update proxy upstreams to inherit namespace from service (#10688) (#10698)
(cherry picked from commit 91c90a672a)
2021-07-27 15:23:25 -04:00
trujillo-adam a44e5ea7fb
Merge pull request #10685 from hashicorp/docs-fix-broken-link-swim-article
Docs fix broken link swim article
2021-07-27 12:49:00 -04:00
Blake Covarrubias 54161cb2d9 docs: Add version callout for `kv import -prefix`
Add a sentence stating the version of Consul that introduced the
`-prefix` option for `consul kv import`.

Resolves #10172
2021-07-26 10:14:34 -07:00
Fabio Lichinchi a1b7e57eb0
Update vault.mdx (#10679) 2021-07-26 09:28:29 -07:00
Bryce Kalow 595a15eaff web: migrate to web platform- packages (#10640)
* migrate usages of nextjs-scripts to platform packages

* Updates hashi packages
2021-07-26 10:03:33 -05:00
Freddy 9265d20859 Log the correlation ID when blocking queries fire (#10689)
Knowing that blocking queries are firing does not provide much
information on its own. If we know the correlation IDs we can
piece together which parts of the snapshot have been populated.

Some of these responses might be empty from the blocking
query timing out. But if they're returning quickly I think we
can reasonably assume they contain data.
2021-07-23 22:38:03 +00:00
Dhia Ayachi 3dde24d8c9 config raft apply silent error (#10657)
* return an error when the index is not valid

* check response as bool when applying `CAOpSetConfig`

* remove check for bool response

* fix error message and add check to test

* fix comment

* add changelog
2021-07-22 14:33:12 +00:00
Blake Covarrubias b5b5c21654 Merge pull request #10462 from hashicorp/docs/add-ns-agent-services-9710
docs: Add namespace parameters to /agent/service* endpoints
2021-07-21 18:17:40 +00:00
Blake Covarrubias ad92927e86 Merge pull request #10462 from hashicorp/docs/add-ns-agent-services-9710
docs: Add namespace parameters to /agent/service* endpoints
2021-07-21 18:17:37 +00:00
Blake Covarrubias c792f3738a docs: Update responses for /v1/session/ endpoints post 1.7
Update output for /v1/session/ endpoints to match output post Consul
1.7.0.

Documents new `NodeChecks` and `ServiceChecks` parameters which were
added in that release.

Resolves #7341, resolves #10095
2021-07-21 15:28:33 +00:00
Blake Covarrubias 5376692add docs: Update responses for /v1/session/ endpoints post 1.7
Update output for /v1/session/ endpoints to match output post Consul
1.7.0.

Documents new `NodeChecks` and `ServiceChecks` parameters which were
added in that release.

Resolves #7341, resolves #10095
2021-07-21 15:28:29 +00:00
Freddy c9349e353b Avoid panic on concurrent writes to cached service config map (#10647)
If multiple instances of a service are co-located on the same node then
their proxies will all share a cache entry for their resolved service
configuration. This is because the cache key contains the name of the
watched service but does not take into account the ID of the watching
proxies.

This means that there will be multiple agent service manager watches
that can wake up on the same cache update. These watchers then
concurrently modify the value in the cache when merging the resolved
config into the local proxy definitions.

To avoid this concurrent map write we will only delete the key from
opaque config in the local proxy definition after the merge, rather
than from the cached value before the merge.
2021-07-20 16:10:37 +00:00
Blake Covarrubias 2e044acd90 website: Fix circular redirect with TLS on existing cluster
Fix an issue where /docs/k8s/operations/tls-on-existing-cluster would
never load when navigating directly to the URL because of a circular
redirect.
2021-07-20 15:43:27 +00:00
Blake Covarrubias c3509bb094 website: Fix circular redirect with TLS on existing cluster
Fix an issue where /docs/k8s/operations/tls-on-existing-cluster would
never load when navigating directly to the URL because of a circular
redirect.
2021-07-20 15:43:24 +00:00
Blake Covarrubias c469c701fe docs: Add intentions to ACL System docs (#10323)
Adds mention of `intentions` rules to ACL System and ACL Rules pages.

Resolves #9790
2021-07-19 22:32:24 +00:00
Blake Covarrubias d93550e21a docs: Add intentions to ACL System docs (#10323)
Adds mention of `intentions` rules to ACL System and ACL Rules pages.

Resolves #9790
2021-07-19 22:32:21 +00:00
Blake Covarrubias c8393cb25f docs: Fix spelling errors across website 2021-07-19 21:30:41 +00:00
Blake Covarrubias 0ab7dd7cc1 docs: Fix spelling errors across website 2021-07-19 21:30:37 +00:00
Daniel Nephin 91962e7495 Merge pull request #10009 from hashicorp/dnephin/trim-dns-response-with-edns
dns: properly trim response when EDNS is used
2021-07-16 22:10:03 +00:00
Mike Morris 31a9e36dd9 Merge remote-tracking branch 'origin/stable-website' into release/1.10.1 2021-07-15 17:24:19 -04:00
hc-github-team-consul-core c800094210 Putting source back into Dev Mode 2021-07-15 19:33:15 +00:00
hc-github-team-consul-core db839f18ba
Release v1.10.1 2021-07-15 18:49:34 +00:00
hc-github-team-consul-core 40ac83c9d3
update bindata_assetfs.go 2021-07-15 18:49:33 +00:00
Dhia Ayachi fc38e8fba9 add changelogs for 1.10.1 2021-07-15 13:30:29 -04:00
Freddy e3e31375c8
Merge pull request #10622 from hashicorp/vuln/validate-sans-1.10 2021-07-15 10:05:06 -06:00
freddygv 803df59268 Fixup prepared query ns defaulting 2021-07-15 09:37:37 -06:00
freddygv 066e950b7d Add changelog entry 2021-07-15 09:31:43 -06:00
Daniel Nephin d808d7897a Merge pull request #10617 from hashicorp/dnephin/config-add-missing-docs
docs: add config options that were missing
2021-07-15 15:24:28 +00:00
Daniel Nephin 0b6330928a Merge pull request #10617 from hashicorp/dnephin/config-add-missing-docs
docs: add config options that were missing
2021-07-15 15:24:24 +00:00
R.B. Boyer 104ee65e17 xds: ensure single L7 deny intention with default deny policy does not result in allow action (CVE-2021-36213) (#10619) 2021-07-15 15:09:48 +00:00
John Cowen e92b9e8e82 ui: [BUGFIX] Ensure we use the ns query param name when requesting permissions (#10608)
Previously when namespaces were enabled, we weren't requesting permission for the actively selected namespace, and instead always checking the permissions for the default namespace.

This commit ensures we request permissions for the actively selected namespace.
2021-07-15 11:19:55 +00:00
John Cowen 15f6b10e4a ui: [BUGFIX] Ensure in-folder KVs are created in the correct folder (#10569)
When clicking to create a KV within folder name, would would be viewing a form that was a form for creating a KV in the root, which when the user clicked to save, saved the KV in the root.

For the moment at least I've removed the code that strips double slashes, and whilst this isn't ideal, it looks like we've picked up one of those bugs that turns into a 'feature', and completely reworking KV to not rely on the double slashes is not really an option right now.
2021-07-15 09:38:23 +00:00
freddygv 0bf181ae55 Update golden files 2021-07-14 22:41:51 -06:00
freddygv 8e4ca495d5 Validate SANs for passthrough clusters and failovers 2021-07-14 22:41:51 -06:00
freddygv faac20cd40 Update golden files to account for SAN validation 2021-07-14 22:41:02 -06:00
freddygv bdacb71d22 Validate Subject Alternative Name for upstreams
These changes ensure that the identity of services dialed is
cryptographically verified.

For all upstreams we validate against SPIFFE IDs in the format used by
Consul's service mesh:

spiffe://<trust-domain>/ns/<namespace>/dc/<datacenter>/svc/<service>
2021-07-14 22:41:02 -06:00
John Cowen 70f29c2312 ui: [BUGFIX] Fix KV Code Editor syntax loading (#10605)
This commit adds a bit of string wrangling to avoid the keys in our javascript source file also being transformed. Additionally, whilst looking at this we decided that Maps are a better dictionary than javascript objects, so we moved to use those here also (but this doesn't affect the issue)
2021-07-14 17:56:18 +00:00
John Cowen 6a0d4358e6 ui: Show the correct 'ACLs Disabled' page when ACLs are disabled (#10604)
Adds 'can access ACLs' which means one of two things

1. When ACLs are disabled I can access the 'please enable ACLs' page
2. When ACLs are enabled, its the same as canRead
2021-07-14 17:52:50 +00:00
Melissa Kam 7d0a1effd6 Merge pull request #10614 from hashicorp/nia/docs-0.2.1
nia/docs 0.2.1
2021-07-14 17:04:06 +00:00
Melissa Kam 29a677ee89 Merge pull request #10614 from hashicorp/nia/docs-0.2.1
nia/docs 0.2.1
2021-07-14 17:04:03 +00:00
David Yu 0324727dce docs: Add link to learn guide on migrating ACL tokens (#10609)
* docs: Add link to learn guide on migrating ACL tokens
2021-07-13 21:03:39 +00:00
David Yu 140fc5d449 docs: Add link to learn guide on migrating ACL tokens (#10609)
* docs: Add link to learn guide on migrating ACL tokens
2021-07-13 21:03:33 +00:00
Iryna Shustava ae767d9cfc cli/sdk: Allow applying redirect-traffic rules in a provided Linux namespace (#10564) 2021-07-13 16:06:25 +00:00
Daniel Nephin ca788e089e Merge pull request #10579 from hashicorp/dnephin/improve-config-docs-tls
docs: Improve TLS user documentation
2021-07-12 23:09:57 +00:00
Daniel Nephin caeddc6aab Merge pull request #10579 from hashicorp/dnephin/improve-config-docs-tls
docs: Improve TLS user documentation
2021-07-12 23:09:53 +00:00
Noel Quiles 9a35e47dda Bump hashi-stack-menu (#10599) 2021-07-12 22:28:38 +00:00
Noel Quiles 83276ded13 Bump hashi-stack-menu (#10599) 2021-07-12 22:28:35 +00:00
Curt Marker 1c86eae663 Fixed a typo that broke the example static-server deployment (#10582)
The service account was typo'd and needs to be fixed
2021-07-12 20:33:59 +00:00