Commit Graph

21504 Commits (a1f00e454899d8c35fd152188523bb5a2fa54795)

Author SHA1 Message Date
Dhia Ayachi fe820d561a
Upgrade ubi image to 9.4 (#21750)
* upgrade go to 1.23.1, upgrade ubi image to 9.4

* add changelog

* revert go version upgrade
2024-09-17 11:48:02 -04:00
Michael Zalimeni 29c2cbcbe2
ci: fix versions.hcl parsing by removing extraneous comma (#21752)
Commas are not expected after HCL blocks. This is causing parsing in BPA
to fail and may interfere w/ other release-related workflows.
2024-09-17 15:27:35 +00:00
Deniz Onur Duzgun 176ea31ed9
ci: update the security-scanner gha token (#21748) 2024-09-17 10:49:01 -04:00
sarahalsmiller e0785bc4f9
Initialize 1.20 Release (#21746)
* init release branch

* init 1.20 nightly tests

* drop 1.17 nightly tests for new release cycle

* drop 1.17 from test matrix

* Update nightly-test-integrations-1.20.x.yml
2024-09-16 22:06:56 +00:00
Michael Zalimeni 5e20e13c8e
ci: fix CI skip script hole (#21741)
In some environments, the script will not fail despite SKIP_CHECK_BRANCH
being unset, leading to the script explicitly skipping CI when it should
fail fast.

Prevent this by explicitly checking for the env var.
2024-09-16 16:35:49 -04:00
sarahalsmiller 17d43c6316
Fix supression (#21744)
fix supression
2024-09-16 18:43:51 +00:00
sarahalsmiller 5a84cd1abf
Update security-scan.hcl (#21739) 2024-09-16 17:42:36 +00:00
Deniz Onur Duzgun ac41822332
ci: fix security-scanner conditional skip (#21740) 2024-09-16 13:23:04 -04:00
sarahalsmiller 667eac2ac5
Suppress CVE-2024-8096 (#21737) 2024-09-16 16:08:29 +00:00
Phil Renaud d315ff1df8
[ui] Pin ansi-html to 0.0.8 (#21735)
Pin ansi-html to 0.0.8
2024-09-16 11:22:00 -04:00
Phil Renaud f924a017b2
[ui] Codemirror resolution pinned in package.json (#21715)
Codemirror pinned
2024-09-13 20:32:02 +00:00
Phil Renaud 4efac491e7
[ui] Prettify ember-cli-build (#21731)
* Missed prettification at a pre-merge step earlier

* Missed lint-removal
2024-09-13 15:30:46 -04:00
Michael Zalimeni c40eecf8f9
security: update alpine base image to 3.20 (#21729)
* security: update alpine base image to 3.20

* security: update scan config to remove old triage exceptions
2024-09-13 19:02:11 +00:00
Phil Renaud de281cbfb7
[ui] codemirror lint removal (#21726)
* ui: remove json linting dependency

* Remove modes from codemirror change hooks

* Modes and line numbers re-added, linting still removed, old underscore removed

* Changelog added

---------

Co-authored-by: dduzgun-security <deniz.duzgun@hashicorp.com>
2024-09-13 13:59:40 -04:00
sarahalsmiller 30b5ffa281
Hard update all 1.3 dataplane to 1.6 (#21728)
* hard update all 1.3 dataplane to 1.6

* update 1.5 image
2024-09-13 11:30:25 -05:00
Phil Renaud 9bab2ed939
[ui] Markdown-it pinned (#21717)
Markdown-it pinned
2024-09-12 18:15:12 -04:00
John Maguire 8c197db664
add script to generate changelog for a PR (#21719)
* add script to generate changelog for a PR

* handle enterprise changelogs

* add command to generate changelog

* remove script to handle changelog release
2024-09-12 16:55:35 +00:00
Phil Renaud 0cc0fa7188
[ui] Simple url sanitization for get-env and document.cookie (#21711)
Simple url sanitization for get-env and document.cookie
2024-09-12 12:27:22 -04:00
John Maguire a3ac555a5e
[NET-10952] fix cluster dns lookup family to gracefully handle ipv6 (#21703)
* update jwks cluster creation to gracefully handle ipv6

* update unit tests for dns lookup family

* Add changelog
2024-09-12 15:37:36 +00:00
sarahalsmiller 320b708b9f
Bump Envoy, remove support for unsupported versions (#21616)
* bump envoy

* changelog

* drop breaking change note

* update docs

* udpate port tests
2024-09-12 15:32:18 +00:00
Deniz Onur Duzgun 1a62917ad1
security: triage vendor alerts (#21716)
* security: triage vendor alerts

* add wildcard to vendor
2024-09-12 15:08:20 +00:00
Phil Renaud 35ffb312b0
[ui] Pin a newer version of Braces (#21710)
Pin a newer version of Braces
2024-09-11 16:24:58 -04:00
sarahalsmiller 07fae7bb0b
[Security] Fix XSS Vulnerability where content-type header wasn't explicitly set (#21704)
* explicitly add content-type anywhere possible and add middleware to set and warn

* added tests, fixed typo

* clean up unused constants

* changelog

* fix call order in middleware
2024-09-11 14:23:21 -05:00
sarahalsmiller 876a0a7778
Update security-scan.hcl (#21707) 2024-09-11 19:21:45 +00:00
Anita Akaeze 7653ffb0a5
security: Upgrade Go to 1.22.7 (#21705)
* security: Upgrade Go to 1.22.7

* add changelog
2024-09-10 15:07:05 -07:00
John Murret 8d2178d83d
exclude release branches for 1.15 thru 1.18 (#21682) 2024-09-09 11:19:26 -06:00
Brian Mathiyakom e4d4435099
Fix the server/client typo in the Agent docs (#21675) 2024-09-06 10:01:24 -07:00
R.B. Boyer 3e6f1c1fe1
remove v2 tenancy, catalog, and mesh (#21592)
* remove v2 tenancy, catalog, and mesh

- Inline the v2tenancy experiment to false

- Inline the resource-apis experiment to false

- Inline the hcp-v2-resource-apis experiment to false

- Remove ACL policy templates and rule language changes related to
  workload identities (a v2-only concept) (e.g. identity and
  identity_prefix)

- Update the gRPC endpoint used by consul-dataplane to no longer respond
  specially for v2

- Remove stray v2 references scattered throughout the DNS v1.5 newer
  implementation.

* changelog

* go mod tidy on consul containers

* lint fixes from ENT

---------

Co-authored-by: John Murret <john.murret@hashicorp.com>
2024-09-05 08:50:46 -06:00
Michael Zalimeni 188af1ccb0
test: fix Envoy int tests and add container logs (#21674)
Correctly set the the version of Consul built by the `dev-build` job,
which is then copied into the Consul dev image used in integration
tests.

This was causing failures starting sidecar proxies via `consul connect
envoy` due to a mismatch between the (incorrect) Consul binary's
supported Envoy versions and the (correct) Envoy version under test.

Also add debug log uploads to each int test so we can more easily
diagnose this sort of failure in the future, as it was entirely hidden
in test output.
2024-08-30 16:25:27 -04:00
Deniz Onur Duzgun 64683180f3
security(deps): bump aws-sdk-go to v1.55.5 (#21684)
* security(deps): bump aws-sdk-go to v1.55.5

* add changelog

* edit changelog
2024-08-29 17:04:51 +00:00
Aimee Ukasick c1d0fc938a
Docs CE-709: Remove circular links (#21685)
Docs CE-70: Remove circular links

Remove links to tutorials that no longer exist and redirect back
to the ACL overview page.
2024-08-29 11:57:32 -05:00
Jorge Marey d12f9cf4d1
Set replication metric to 0 when losing leadership (#20665)
* Set replication metric to 0 when losing leadership

* Fix replication metrics on replication.go also

---------

Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
2024-08-29 16:51:44 +00:00
John Murret ab794b59f8
update version, changelog, and submodules after 1.19.2, 1.18.4, 1.17.7 and 1.15.14 releases (#21676)
* update changelog

* Update CHANGELOG.md

* remove duplicate 1.19.1 section

* update version

* update go.mod with most recent modules
2024-08-28 09:39:12 -06:00
John Murret f187b92e3a
run integration tests on push in main and release/* (#21666)
* run integration tests on push in main and release/*

* Update .github/workflows/test-integrations.yml

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>

---------

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>
2024-08-26 20:12:54 +00:00
John Murret 9c02eff1cd
add module retractions (#21665) 2024-08-26 17:49:51 +00:00
Michael Zalimeni 2a99624859
test: update pause Docker image in Envoy int tests (#21659)
k8s.gcr.io has been migrated to registry.k8s.io for several years now,
and the old registry is being shut down, causing image pull failures.

Update to target the new registry when pulling the pause image used in
Envoy integration tests.
2024-08-26 16:39:35 +00:00
Poonam Jadhav cc2c8fb92b
NET-5912/service-defaults protocol validation (#21593)
* fix: add validation for protocol field on service-defaults config entry

* test: update test cases with correct protocol
2024-08-26 11:10:57 -04:00
Michael Zalimeni 5710cbd7ba
ci: fix workflow graph for 1.18 Envoy int tests (#21642)
This branch is no longer active on CE, so its jobs should all be skipped
via check-ent. One job was missed so it fails nightly right now.
2024-08-22 17:32:01 +00:00
John Murret 53c225b198
add build support script to print out the submodule versions required in other submodules (#21635)
* add build support script to print out the submodule versions required in other submodules

* update help and usage.  exclude current submodule in output.
2024-08-22 15:59:33 +00:00
John Maguire 0e47b380b2
[NET-10774] Fix Group Reference in GatewayPolcy Docs (#21625)
fix group reference for gateway policy
2024-08-20 12:33:07 -04:00
John Maguire 9d06fc3380
remove consul-k8s submodule (#21622) 2024-08-20 15:18:13 +00:00
Nitya Dhanushkodi ed738a6f98
fix: use Envoy's default for validate_clusters to fix breaking routes when some backend clusters don't exist (#21587) 2024-08-19 22:39:28 -07:00
John Maguire b88ddb8f9f
update goldenfile checker for running in ent repo (#21617) 2024-08-19 18:14:13 +00:00
John Maguire bc4c479a31
[NET-10737] Add CI Checks for Generated Testdata (#21613)
* Add checks to CI to ensure that generated golden files for xds tests are up to date

* fix file permissions

* debugging

* more debugging

* more debugging

* more debugging

* more debugging

* I can't type

* this might be correct

* removing debug prints
2024-08-19 11:49:05 -04:00
John Murret f76da16000
Fix TestDNS_ServiceLookup_ARecordLimits so that it only creates test agents the minimal amount of time (#21608)
* get rid of unused column

* get rid of duplicate section now that deletion of unused column makes the section duplicate..

* explicit set protocol rathern than infer it in checkDNSService

* explicit have attribute for whether to set EDNS0 in the test cases  rathern than infer it in checkDNSService

* now modify so that test agents are only created for each unique configuration which is based on the a_record_limit.

* Fix TestDNS_ServiceLookup_AnswerLimits  so that it only creates test agents the minimal amount of time. (#21609)

Fix TestDNS_ServiceLookup_AnswerLimits  so that it only creates test agents the minimal amount of time
2024-08-15 18:09:09 +00:00
danielehc e2bb1b76cc
CE-657 - Move Application leader election tutorial to docs (#21366)
* First commit

* Fix navigation

* Add some commands

* Structure draft

* Complete usage doc structure

* Fix link

* Apply suggestions from code review

Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Apply suggestions from code review

* Replace tutorial path

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: boruszak <jeffrey.boruszak@hashicorp.com>
2024-08-15 09:07:30 +02:00
John Maguire 58fad92cd3
fix where jwt clusters are generated (#21606) 2024-08-14 20:03:00 +00:00
John Maguire 1fa428552b
[NET-10719] Fix cluster generation for jwt clusters for external jwt providers (#21604)
* Fix cluster generation for jwt clusters for external jwt providers

* add changelog
2024-08-14 15:41:02 -04:00
John Maguire 8555404662
[NET-10733] fix generation of xds resources (#21603)
fix generation of xds resources
2024-08-14 15:00:00 -04:00
Michael Zalimeni a570858a35
docs: Update compatibility.mdx for OpenShift (#21600)
Remove note that OpenShift 4.16 is not yet available, now that it's been released.

It will be added to the matrix in a future update once we've tested compatibility across eligible `consul-k8s` versions.
2024-08-14 12:59:13 -04:00