Commit Graph

19095 Commits (91e40195bd33c25d5a0a2780d7d4663bbdcfb360)

Author SHA1 Message Date
trujillo-adam 91e40195bd
Merge pull request #15080 from hashicorp/docs/fix-type-service-reg
fixed broken link/typo in service mesh reg page
2022-10-20 13:21:24 -07:00
Derek Menteer 3f2403ffe4 Update go mod file for api package. 2022-10-20 15:08:03 -05:00
Derek Menteer 9b4846ce64 Update changelog for release. 2022-10-20 15:08:03 -05:00
trujillo-adam c5f736fdab fixed broken link/typo in service mesh reg page 2022-10-20 13:00:33 -07:00
Chris S. Kim 5a02f73436
Merge pull request #15068 from hashicorp/kisunji/update-gomemdb
Update go-memdb to fix a goroutine leak
2022-10-20 14:46:53 -04:00
Chris S. Kim a7ea26192b Update expected encoding in test
go-memdb was updated in v1.3.3 to make integers in indexes sortable, which changed how integers were encoded.
2022-10-20 14:32:42 -04:00
Chris S. Kim f2209b2fbe Add changelog 2022-10-20 14:32:42 -04:00
Chris S. Kim 59f14f5e01 Update go-memdb to fix a goroutine leak 2022-10-20 14:32:42 -04:00
Chris S. Kim 052142065a
Merge pull request #15063 from hashicorp/update-redhat-tag
[CI-only] Update RedHat registry tag
2022-10-20 13:49:02 -04:00
trujillo-adam 2765f58bc7
Merge pull request #14166 from nickwales/main
Typo fix
2022-10-20 09:24:50 -07:00
Sam Salisbury 7b4da9d4f4
docker: update redhat_tag 2022-10-20 16:01:38 +01:00
Michael Klein c35556caa7
Merge pull request #15023 from hashicorp/ui/fix/token-secret-id-handling
ui: Fix token in cookie passthrough
2022-10-20 08:49:37 +02:00
Freddy 678f8b8876
Merge pull request #15065 from hashicorp/gh-15051-advertise_addr_wan 2022-10-19 18:10:56 -06:00
freddygv 6d9be5fb15 Use plain TaggedAddressWAN 2022-10-19 16:32:44 -06:00
freddygv 8d211cc9cc Add unit test 2022-10-19 16:26:15 -06:00
cskh eae5f87002 changelog 2022-10-19 16:37:50 -04:00
cskh 058ee4fb84 fix: wan address isn't used by peering token 2022-10-19 16:33:25 -04:00
Curt Bushko 00cf1fbd44
Merge pull request #15064 from hashicorp/curtbushko/update-envoy-bootstrap
update prometheus template args
2022-10-19 16:17:42 -04:00
Curt Bushko 161273a931
Update command/connect/envoy/bootstrap_tpl.go
Co-authored-by: Paul Glass <pglass@hashicorp.com>
2022-10-19 15:52:10 -04:00
Curt Bushko cd185c4c2c update prometheus template args 2022-10-19 15:44:19 -04:00
Michele Degges 45cfb1272f
[CI-only] Update RedHat registry tag
There are a few changes being made to RedHat's registry on October 20, 2022 that affect the way images need to be tagged prior to being pushed to the registry. This PR changes the tag to conform to the new standard. 

We have other work queued up in crt-workflows-common and actions-docker-build to support the other required changes. 

This PR should be merged to `main` and all release branches on or after October 20, 2022, and MUST be merged before your next production release. Otherwise, the automation to push to the RedHat registry will not work.

----

A detailed list of changes shared from RedHat (as an FYI):

The following changes will occur for container certification projects that leverage the Red Hat hosted registry [[registry.connect.redhat.com](http://registry.connect.redhat.com/)] for image distribution:

- All currently published images are migrating to a NEW, Red Hat hosted quay registry. Partners do not have to do anything for this migration, and this will not impact customers. The registry will still utilize [registry.connect.redhat.com](http://registry.connect.redhat.com/) as the registry URL.

- The registry URL currently used to push, tag, and certify images, as well as the registry login key, will change. You can see these changes under the “Images” tab of the container certification project. You will now see a [quay.io](http://quay.io/) address and will no longer see [scan.connect.redhat.com](http://scan.connect.redhat.com/).

- Partners will have the opportunity to auto-publish images by selecting “Auto-publish” in the Settings tab of your certification project. This will automatically publish images that pass all certification tests.

- For new container image projects, partners will have the option to host within their own chosen image registry while using [registry.connect.redhat.com](http://registry.connect.redhat.com/) as a proxy address. This means the end user can authenticate to the Red Hat registry to pull a partner image without having to provide additional authentication to the partner’s registry.
2022-10-19 10:55:48 -07:00
Nitya Dhanushkodi 5e156772f6
Remove ability to specify external addresses in GenerateToken endpoint (#14930)
* Reverts "update generate token endpoint to take external addresses (#13844)"

This reverts commit f47319b7c6.
2022-10-19 09:31:36 -07:00
Tyler Wendlandt 2a9cc3f084
Merge pull request #14971 from hashicorp/ui/feature/agentless-nodes-banner
ui: agentless nodes notice banner banner
2022-10-19 09:06:46 -06:00
cskh 6a9739ad7e
chore: fix the module path to align with the code structure (#15053) 2022-10-19 10:36:35 -04:00
Michael Klein 7285a9160f Cleanup app boot by using hcp service 2022-10-19 08:34:36 +02:00
Michael Klein 14b90314e9 Encapsulate hcp related logic in service 2022-10-19 08:34:36 +02:00
Michael Klein dcdcdbc5ea Fix `TokenSecretID`-handling 2022-10-19 08:34:36 +02:00
Michael Klein cc25602df1 Add tests for TokenSecretID handling 2022-10-19 08:34:30 +02:00
Tu Nguyen e8fcbfe19e
Merge pull request #15036 from hashicorp/update-ent-license-link
Update enterprise license link
2022-10-18 23:22:01 -07:00
Kyle Havlovitz 5c3427608b
Merge pull request #15035 from hashicorp/vault-ttl-update-warn
Warn instead of returning error when missing intermediate mount tune permissions
2022-10-18 15:41:52 -07:00
Tyler Wendlandt d59d0a36cd
Merge pull request #14974 from hashicorp/ui/chore/enable-synthetic-nodes-in-mock-data
ui: enable synthetic nodes in mock data
2022-10-18 16:00:47 -06:00
Chris S. Kim 3d05a8e9af Remove unused methods from template 2022-10-18 16:35:16 -04:00
cskh d562d363fc
peering: skip registering duplicate node and check from the peer (#14994)
* peering: skip register duplicate node and check from the peer

* Prebuilt the nodes map and checks map to avoid repeated for loop

* use key type to struct: node id, service id, and check id
2022-10-18 16:19:24 -04:00
wenincode 15d14ba308 Enable synthetic nodes in mock data via env var 2022-10-18 13:45:14 -06:00
trujillo-adam 588a196c86
Merge pull request #15033 from hashicorp/docs/fix-front-matter-typo
Docs/fix front matter typo
2022-10-18 12:31:28 -07:00
R.B. Boyer c3fa46c3f6
test: possibly fix flaky TestEnvoy/case-ingress-gateway-multiple-services test (#15034)
The integration test TestEnvoy/case-ingress-gateway-multiple-services is flaky
and this possibly reduces the flakiness by explicitly waiting for services to show
up in the catalog as healthy before waiting for them to show up in envoy as
healthy which gives it just a bit more time to sync.
2022-10-18 14:23:52 -05:00
Chris S. Kim 29a297d3e9
Refactor client RPC timeouts (#14965)
Fix an issue where rpc_hold_timeout was being used as the timeout for non-blocking queries. Users should be able to tune read timeouts without fiddling with rpc_hold_timeout. A new configuration `rpc_read_timeout` is created.

Refactor some implementation from the original PR 11500 to remove the misleading linkage between RPCInfo's timeout (used to retry in case of certain modes of failures) and the client RPC timeouts.
2022-10-18 15:05:09 -04:00
Kyle Havlovitz d122108992 Warn instead of returning an error when intermediate mount tune permission is missing 2022-10-18 12:01:25 -07:00
wenincode 9da2a73785 Call super with arguments to safeguard against future changes 2022-10-18 11:53:24 -06:00
Tu Nguyen b46172d4a3 Update enterprise license link 2022-10-18 10:52:50 -07:00
wenincode 815439b593 Update yarn lockfile 2022-10-18 10:17:03 -06:00
trujillo-adam 3f3847d651 clarification that Consul K8s in these instructions refers to the the CLI tool 2022-10-18 09:14:26 -07:00
trujillo-adam 55b387b5be removed quotation marks around front matter and revised the introduction 2022-10-18 08:56:38 -07:00
R.B. Boyer 0cca4c088d
test: possibly fix flake in TestIntentionGetExact (#15021)
Restructure test setup to be similar to TestAgent_ServerCertificate
and see if that's enough to avoid flaking after join.
2022-10-18 10:51:20 -05:00
wenincode c450183b4c Use local-storage service to manage localStorage
Use local-storage service, prototyped here https://github.com/LevelbossMike/local-storage-service, to manage local storage usage in an octane way. Does not write to local storage in tests by default and is easy to stub out.
2022-10-18 09:40:47 -06:00
Dhia Ayachi 5eb2bad8fd
bump relevant modules versions (#14972) 2022-10-18 11:24:26 -04:00
Michael Klein 47053c185d Improve testability `env`-service 2022-10-18 16:07:12 +02:00
Iryna Shustava 5cd0ccfc75
Support auth method with snapshot agent [ENT] (#15020)
Port of hashicorp/consul-enterprise#3303
2022-10-17 15:57:48 -06:00
R.B. Boyer fe2d41ddad
cache: prevent goroutine leak in agent cache (#14908)
There is a bug in the error handling code for the Agent cache subsystem discovered:

1. NotifyCallback calls notifyBlockingQuery which calls getWithIndex in
   a loop (which backs off on-error up to 1 minute)

2. getWithIndex calls fetch if there’s no valid entry in the cache

3. fetch starts a goroutine which calls Fetch on the cache-type, waits
   for a while (again with backoff up to 1 minute for errors) and then
   calls fetch to trigger a refresh

The end result being that every 1 minute notifyBlockingQuery spawns an
ancestry of goroutines that essentially lives forever.

This PR ensures that the goroutine started by `fetch` cancels any prior
goroutine spawned by the same line for the same key.

In isolated testing where a cache type was tweaked to indefinitely
error, this patch prevented goroutine counts from skyrocketing.
2022-10-17 14:38:10 -05:00
R.B. Boyer 02a858efa0
ca: fix a masked bug in leaf cert generation that would not be notified of root cert rotation after the first one (#15005)
In practice this was masked by #14956 and was only uncovered fixing the
other bug.

  go test ./agent -run TestAgentConnectCALeafCert_goodNotLocal

would fail when only #14956 was fixed.
2022-10-17 13:24:27 -05:00