Commit Graph

15252 Commits (ccbda0c285dc5f6e87d53924d9ee9ce51324e28f)

Author SHA1 Message Date
Paul Banks ccbda0c285 Update proxycfg to hold more ingress config state 2021-09-23 10:08:02 +01:00
Paul Banks 4e39f03d5b Add ingress-gateway config for SDS 2021-09-23 10:08:02 +01:00
Mark Anderson d88d9e71c2
partitions/authmethod-index work from enterprise (#11056)
* partitions/authmethod-index work from enterprise

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-09-22 13:19:20 -07:00
Chris S. Kim f972048ebc
connect: Allow upstream listener escape hatch for prepared queries (#11109) 2021-09-22 15:27:10 -04:00
R.B. Boyer 706fc8bcd0
grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#11099)
Fixes #11086
2021-09-22 13:14:26 -05:00
John Cowen 6bc8af364f
ui: Add initial i18n docs page (#10888) 2021-09-22 18:51:39 +01:00
John Cowen 61e69a9fe5
ui: Add partition parameter when clearing child-selector forms in ACLs (#11106) 2021-09-22 18:36:09 +01:00
John Cowen ececa7da45
ui: Add an isDestroyed check for the MenuPanel component (#11104)
This solves an occasionally flakey tests I see every so often
2021-09-22 18:33:31 +01:00
John Cowen e088d8674c
ui: Remove legacy ACLs (#11096) 2021-09-22 18:32:51 +01:00
John Cowen 6e396e4456
ui: Gracefully recover from non-existent DC errors (#11077)
* ui: Gracefully recover from non-existent DC errors

This PR fixes what happens in the UI if you try to navigate to a non-existing DC.

When we received a 500 error from an API response due to a non-existent DC, previously we would show a 404 error, which is what we were trying to convey. But in the spirit of the UI being a 'thin client', its probably best to just show the 500 error from the API response, which may help folks to debug any issues better.

* Automatically set the CONSUL_DATACENTER_LOCAL env var for testing
2021-09-22 18:26:36 +01:00
John Cowen cf638ee551
ui: Always show main navigation Key/Value link (#10916)
* ui: Ignore response from API for KV permissions

Currently there is no way for us to use our HTTP authorization API
endpoint to tell us whether a user has access to any KVs (including the
case where a user may not have access to the root KV store, but do have
access to a sub item)

This is a little weird still as in the above case the user would click
on this link and still get a 403 for the root, and then have to manually
type in the URL for the KV they do have access to.

Despite this we think this change makes sense as at least something about KV is
visible in the main navigation.

Once we have the ability to know if any KVs are accessible, we can add
this guard back in.

We'd initially just removed the logic around the button, but then
noticed there may be further related KV issues due to the nested nature
of KVs so we finally decided on simply ignoring the responses from the
HTTP API, essentially reverting the KV area back to being a thin client.
This means when things are revisited in the backend we can undo this
easily change in one place.

* Move acceptance tests to use ACLs perms instead of KV ones
2021-09-22 18:23:59 +01:00
Connor 1e3ba26223
Merge pull request #11090 from hashicorp/clly/kv-usage-metrics
Add KVUsage to consul state usage metrics
2021-09-22 11:26:56 -05:00
Ashwin Venkatesh fd7f670f12
Update docs (#11111) 2021-09-22 12:26:08 -04:00
Connor Kelly ba706501e1
Strip out go 1.17 bits 2021-09-22 11:04:48 -05:00
R.B. Boyer 5253c78be7
Merge pull request #11108 from hashicorp/sync-1.11.0-alpha-tag
Sync 1.11.0 alpha tag
2021-09-22 10:57:12 -05:00
hc-github-team-consul-core 9cbd27dbbd Putting source back into Dev Mode 2021-09-22 10:09:18 -05:00
R.B. Boyer a1e8564b92 Version 1.11.0-alpha
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEs2y6kaLAcwxDX8KAsLRBCXaFtnYFAmFDyoMACgkQsLRBCXaF
 tna8nQ//bVAd6nKI0Xgotmf2Loce0yobD6PH8IyzllO24jPSGwHFXQsx0d8a5QkV
 H1wx6KrXysXKCojrICX3/88T4KNypYpIXIBZoTBQ0rEXaTMoqACcT4y58/UcjFg2
 bN8T/wjvD8BV2e0xcZb2C6SgXx8m64UtZKePN1fobKBEpSCszJz8EeWPtPzXdWps
 f9axbgV81qy9DTyO7MvbOvco/QaEgzjK+o/57bcLBXZmfWpI1DIARkgIY8XB7pC3
 Gq59OegjqjiCliJcnLfIpvemLZg/7BhnLOO5ccvctdgoxFUnzsWk+mKTL0tPyy+d
 ZNa1kVgIQKWUoSRje7rHUSu+270PifLegp3zrHLrwKpa2UQGldck13hSMTyBqz1n
 5TywpdMJoXZSj5tml2lvaskUh91zvO9v6sX4zJJkES/Kt2KXdHBAGkmzPuiXl5YW
 1eScGz5990CwULinV+Cb32HYEojSSD4FWs9KC5NpJmI2kIOiybgiUKIG5uKdz0wh
 971BDjCNTC+x+pivtyEy0HAWOUlqROYRpCc40e7Xx0LmJvQ0nqCK2rCWC+0Bi1jK
 QCeesSK7vm6Hnw3/OnlIu7fu71+KZs1qGJBtBcqCoxTsgONd5+woWL5ziUZd7Bh2
 JloGlOrUFk2Ci2XeD0EO5lboLwsaMVDHXXx1beee5u7b2nORKDA=
 =tXEa
 -----END PGP SIGNATURE-----

Merge tag 'v1.11.0-alpha' into main

Version 1.11.0-alpha
2021-09-22 10:05:57 -05:00
Matt Keeler c04d5c4238 Add changelog entry for audit logging header extraction improvement 2021-09-22 10:23:01 -04:00
Matt Keeler a6a359cc80 Add a mock Agent delegate to ease/improve some types of testing 2021-09-22 10:23:01 -04:00
hc-github-team-consul-core 47b99d0b78 auto-updated agent/uiserver/bindata_assetfs.go from commit 9c0233cf5 2021-09-22 13:05:38 +00:00
John Cowen 9c0233cf59 Revert "ui: Add partition parameter when clearing child-selector forms in ACLs"
This reverts commit a670bde57d.
2021-09-22 14:00:34 +01:00
John Cowen a670bde57d ui: Add partition parameter when clearing child-selector forms in ACLs 2021-09-22 13:57:33 +01:00
hc-github-team-consul-core 7efb015ca9 auto-updated agent/uiserver/bindata_assetfs.go from commit cfbd1bb84 2021-09-22 09:26:14 +00:00
John Cowen cfbd1bb84e
ui: [BUGFIX] Re-enable namespace menus whilst editing intentions (#11095)
This PR supersedes #10706 and fixes #10686 whilst making sure that saving intentions continues to work.

The original fix in #10706 ignored the change action configured for the change event on the menus, meaning that the selected source/destination namespace could not be set by the user when editing/creating intentions. This, coupled with the fact that using the later intention exact endpoint for API requests endpoint means that you could not use wildcard namespaces for saving intentions.

All in all this meant that intentions could no longer be saved using the UI (whilst using ENT)

This PR reverts #10706 to fix the intention saving issue, and adds a fix for the original visual issue of nspaces doubling up in the menu once clicked. This meant repeating the existing functionality for nspaces aswell as services. It did seem strange to me that the original issue was only apparent for the nspace menus and not the service menus which should all function exactly the same way.

There is potentially more to come here partly related to what the exact functionality should be, but I'm working with other folks to figure out what the best way forwards is longer term. In the meantime this brings us back to the original functionality with the visual issue fixed.

Squashed commits:

* Revert "ui: Fix dropdown option duplications (#10706)"

This reverts commit eb5512fb74.

* ui: Ensure additional nspaces are added to the unique list of nspaces

* Add some acceptance tests
2021-09-22 10:21:20 +01:00
Daniel Nephin aee8a9511d
Merge pull request #10985 from hashicorp/dnephin/acl-legacy-remove-replication
acl: remove legacy ACL replication
2021-09-21 17:56:54 -04:00
Connor 1ddee0680c
Apply suggestions from code review
Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
2021-09-21 10:52:46 -05:00
R.B. Boyer b2d17ac448
xds: fix representation of incremental xDS subscriptions (#10987)
Fixes #10563

The `resourceVersion` map was doing two jobs prior to this PR. The first job was
to track what version of every resource we know envoy currently has. The
second was to track subscriptions to those resources (by way of the empty
string for a version). This mostly works out fine, but occasionally leads to
consul removing a resource and accidentally (effectively) unsubscribing at the
same time.

The fix separates these two jobs. When all of the resources for a subscription
are removed we continue to track the subscription until envoy explicitly
unsubscribes
2021-09-21 09:58:56 -05:00
FFMMM 377c3a9b0b
add StatusError to api package (#11054)
* add require http codes in api and use in operator_autopilot health check

* add StatusError type in api package

Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
2021-09-20 14:04:13 -07:00
Dhia Ayachi 9592990773
Rerun go-test and go-test-32bits tests up to 3 times before failing (#11059)
* Rerun go-test and go-test-32bits tests up to 3 times before failing

* do not run rerun fail report in oss

* set back rerun fail report but print to stdin instead of comment
2021-09-20 16:04:59 -04:00
Connor Kelly ae3457b96a
Fix test 2021-09-20 13:44:43 -05:00
Connor Kelly ea9c4f5822
Add changelog entry 2021-09-20 12:52:19 -05:00
Connor Kelly 59f9f67cc2
Add new telemetry to website
This will add information about the new kv_usage metric to the website
2021-09-20 12:43:40 -05:00
Connor Kelly 052f224ee5
Add KVUsage to consul state usage metrics
This change will add the number of entries in the consul KV store to the
already existing usage metrics.
2021-09-20 12:41:54 -05:00
R.B. Boyer 5fe613dd05
xds: ensure the active streams counters are 64 bit aligned on 32 bit systems (#11085) 2021-09-20 11:07:11 -05:00
R.B. Boyer 2af8e16ef9
api: add partition field to acl structs (#11080) 2021-09-17 11:53:03 -05:00
Evan Culver c4c833fd0e
sso/oidc: add support for acr_values request parameter (#11026)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
2021-09-17 09:10:05 -07:00
hc-github-team-consul-core 01e9740467
Release v1.11.0-alpha 2021-09-16 22:51:47 +00:00
hc-github-team-consul-core 27cdd36a66
update bindata_assetfs.go 2021-09-16 22:51:46 +00:00
Kyle Havlovitz ec1c5b3377
Merge pull request #11074 from hashicorp/1.11.0-alpha-changelog
update changelog for v1.11.0-alpha
2021-09-16 15:34:13 -07:00
Kyle Havlovitz 65bd2b4a5b update changelog for v1.11.0-alpha 2021-09-16 15:32:08 -07:00
Iryna Shustava 770c67a7e3
Merge pull request #11050 from hashicorp/ecs-beta-doc-prep
docs: ECS docs for beta
2021-09-16 16:27:53 -06:00
Kyle Havlovitz 87f5e1b58d
Merge pull request #11073 from hashicorp/changelog/admin-partitions
changelog: add admin partitions feature note
2021-09-16 15:26:38 -07:00
Mike Morris 250b826196
Create _987.md 2021-09-16 18:21:39 -04:00
Freddy 8591620b5d
Merge pull request #11071 from hashicorp/partitions/ixn-decisions 2021-09-16 15:18:23 -06:00
freddygv 49248a0802 Fixup proxycfg tproxy case 2021-09-16 15:05:28 -06:00
freddygv fc8fc060a7 Remove ent checks from oss test 2021-09-16 14:53:28 -06:00
R.B. Boyer faa6fd0919
acl: ensure the global management policy grants all necessary partition privileges (#11072) 2021-09-16 15:53:10 -05:00
freddygv bf7a1358d6 Ensure partition is defaulted in authz 2021-09-16 14:39:01 -06:00
freddygv 47109e0c0c Default the partition in ixn check 2021-09-16 14:39:01 -06:00
freddygv 82d2caa288 Fixup test 2021-09-16 14:39:01 -06:00