Commit Graph

13344 Commits (d6f27c65643a691cb376e95782f904656cb3ed91)

Author SHA1 Message Date
R.B. Boyer 8e616a93c1
agent: sanitize ui metrics proxy header values on agent/self endpoint (#9104) 2020-11-05 13:25:27 -06:00
Daniel Nephin a33c50ef0d
Merge pull request #9073 from hashicorp/dnephin/backport-streaming-namespaces
streaming: backport namespace changes
2020-11-05 14:19:10 -05:00
Daniel Nephin c82f6ef2d8
Merge pull request #9061 from hashicorp/dnephin/event-fields
stream: support filtering by namespace
2020-11-05 14:18:35 -05:00
hashicorp-ci 977297390c auto-updated agent/uiserver/bindata_assetfs.go from commit 6ff094976 2020-11-05 19:12:03 +00:00
Kenia 6ff094976e
ui: Fix up typo for the UI config template url (#9109) 2020-11-05 14:04:40 -05:00
Jimmy Merritello 80c9f54bbc
Bump HSM version (#9102) 2020-11-05 11:48:12 -06:00
Joel Watson 1a50aa023a Fallback to alphabetic sorting if size is equal 2020-11-05 11:02:02 -06:00
Joel Watson be2a212d75 Add tests for new snapshot inspect flags 2020-11-05 11:01:44 -06:00
Joel Watson 5f5b49955c Update snapshot inspect formatter test 2020-11-05 10:40:02 -06:00
Joel Watson eafc593d0f Make key breakdown total size accurate 2020-11-05 10:32:23 -06:00
Joel Watson 52ea53f95e Update docs with new flags 2020-11-05 10:31:36 -06:00
Kent 'picat' Gruber 8c2f2ca806 Actually fix spelling of recommendations
I obviously have no idea how to spell this word
2020-11-05 11:13:14 -05:00
hashicorp-ci 9d15348565 auto-updated agent/uiserver/bindata_assetfs.go from commit 1ef18c4b6 2020-11-05 16:10:14 +00:00
John Cowen 1ef18c4b67
ui: Move mocks into the ui project (#9084)
* Add consul-api-double under api

* Update config to reflect api change

* Remove consul-api-double as a dependency

* api -> mock-api

* Fixup mocks path for staging
2020-11-05 16:03:49 +00:00
Kent 'picat' Gruber 2d0be0c7a0 Fix spelling of recomendations
Thank you @rboyer!
2020-11-04 17:44:51 -05:00
Kent 'picat' Gruber 961f475de2 Revamp security model documentation 2020-11-04 17:05:44 -05:00
Kit Patella 8993fea163 remove definitions for consul.runtime... metrics - they're prepended with hostnames and won't init 2020-11-04 14:02:47 -08:00
Kit Patella 9d9c4a646b upgrade go-metrics to latest 2020-11-04 14:02:13 -08:00
Joel Watson 4bf70dd857 Cleanup formatter 2020-11-04 14:36:42 -06:00
Joel Watson 208d6ebd95 Get JSON formatting working 2020-11-04 14:04:17 -06:00
R.B. Boyer 6ba776b4f3
agent: protect the ui metrics proxy endpoint behind ACLs (#9099)
This ensures the metrics proxy endpoint is ACL protected behind a
wildcard `service:read` and `node:read` set of rules. For Consul
Enterprise these will need to span all namespaces:

```
service_prefix "" { policy = "read" }
node_prefix ""    { policy = "read" }

namespace_prefix "" {
  service_prefix "" { policy = "read" }
  node_prefix ""    { policy = "read" }
}
```

This PR contains just the backend changes. The frontend changes to
actually pass the consul token header to the proxy through the JS plugin
will come in another PR.
2020-11-04 12:50:03 -06:00
Joel Watson e7a88d4a30 This ended up not being used. 2020-11-04 10:30:38 -06:00
Joel Watson 262fb3a0c3 Add snapshot inspect filter param 2020-11-04 10:11:20 -06:00
hashicorp-ci a2315bc839 auto-updated agent/uiserver/bindata_assetfs.go from commit 0f6c0a5c1 2020-11-04 09:37:51 +00:00
John Cowen 0f6c0a5c13
ui: Metrics - Provide a fetch-like http client that automatically adds the current ACL token (#9094)
* Remove local httpGet and shim one in from options

* Add custom httpGet to pass through to provider

* Make a fetch wrapper that adds your token

* Pass the fetch like fetchWithToken wrapper through to the provider

* Fix up httpGet to encode query params again and use fetch-like
2020-11-04 09:33:37 +00:00
Joel Watson 10f325dc81 Initial stab at snapshot inspect key breakdown 2020-11-03 18:00:44 -06:00
hashicorp-ci 1a5d4cfe43 auto-updated agent/uiserver/bindata_assetfs.go from commit d5d4155e1 2020-11-03 14:14:58 +00:00
John Cowen d5d4155e1a
ui: Storybook Install (#9049)
* ui: Install storybook into the main project

* Add a basic story for a notice

* Remove empty dependencies
2020-11-03 14:09:39 +00:00
Sean Ellefson acc6cfaaf6 Correcting text on when default was changed in Consul 2020-11-02 15:10:34 -08:00
Kit Patella 1c4885c44a add definitions for key metrics. This will not build until we have the definitions patch to go-metrics 2020-11-02 15:01:00 -08:00
R.B. Boyer 44bd8bd2ae
use the docker proxy for more envoy integration test containers (#9085) 2020-11-02 14:52:33 -06:00
R.B. Boyer 957293d884
wait_for_namespace should take two args (#9086) 2020-11-02 14:31:19 -06:00
hashicorp-ci 738ff1801f auto-updated agent/uiserver/bindata_assetfs.go from commit 56c2ff56e 2020-11-02 18:43:31 +00:00
Kenia 56c2ff56e4
ui: Update to not return metrics for ingress gateways (#9081) 2020-11-02 13:38:43 -05:00
Alvin Huang ae6185a554
use hashicorp docker mirror in envoy helper (#9080) 2020-11-02 11:37:03 -06:00
R.B. Boyer d7b37e3c6e
fix envoy integ test wait_for_namespace to actually work on CI (#9082) 2020-11-02 11:14:48 -06:00
hashicorp-ci c28f489a9a auto-updated agent/uiserver/bindata_assetfs.go from commit bf32a1799 2020-11-02 16:11:45 +00:00
John Cowen bf32a17994
ui: Remove string casting when passing index/checked for dropmenus (#9077)
* ui: Remove string casting when passing index/checked

* Check for e.target
2020-11-02 16:07:08 +00:00
hashicorp-ci 907c4ad789 auto-updated agent/uiserver/bindata_assetfs.go from commit 314eeda95 2020-11-02 14:40:27 +00:00
John Cowen 314eeda957
ui: Use eslint vs ember-cli-lint, sass vs dart-sass (#9078)
These two dependency changes means that @hashicorp/pds-ember can be
installed and used without any build/dependency issues
2020-11-02 14:35:10 +00:00
Alvin Huang ea88956c9c
use hashicorp docker mirror to prevent rate limit (#9070) 2020-10-30 17:59:13 -04:00
R.B. Boyer a66c4591d7
agent: introduce path allow list for requests going through the metrics proxy (#9059)
Added a new option `ui_config.metrics_proxy.path_allowlist`. This defaults to `["/api/v1/query", "/api/v1/query_range"]` when the metrics provider is set to `prometheus`.

Requests that do not use one of the allow-listed paths (via exact match) get a 403 Forbidden response instead.
2020-10-30 16:49:54 -05:00
Daniel Nephin b532e092dc structs: add a namespace test for CheckServiceNode.CanRead 2020-10-30 15:07:04 -04:00
Daniel Nephin 9b2fae9bac cache-type: use namespace in tests
to verify that the namespace is passed through correctly to the server.
2020-10-30 15:07:04 -04:00
Daniel Nephin b95b14e168 state: test EventPayloadCheckServiceNode.FilterByKey
Also fix a bug in that function when only one of key or namespace were the empty string.
2020-10-30 14:35:57 -04:00
Daniel Nephin 56d6079da3 stream: Add tests for filterByKey with namespace
And fix a bug where a request with a Namespace but no Key would not be properly filtered
2020-10-30 14:35:42 -04:00
Daniel Nephin 2c00045161 stream: Move FilterByKey events to a table
In preparation for adding new tests.
2020-10-30 14:35:28 -04:00
Daniel Nephin 44ed7910a3 proto: convert enterprise meta 2020-10-30 14:34:36 -04:00
Daniel Nephin 43c5803a25 state: use enterprise meta for creating events 2020-10-30 14:34:04 -04:00
Daniel Nephin 0ad2406d7c stream: include the namespace in the snap cache key
Otherwise the wrong snapshot could be returned when the same key is used in different namespaces
2020-10-30 14:34:04 -04:00