Joshua Montgomery
5446009299
Fixing SOA record to use alt domain when alt domain in use ( #10431 )
2021-10-05 10:47:27 -04:00
Daniel Nephin
e03b7e4c68
Merge pull request #11182 from hashicorp/dnephin/acl-legacy-remove-upgrade
...
acl: remove upgrade from legacy, start in non-legacy mode
2021-10-04 17:25:39 -04:00
Evan Culver
e47c5c5ceb
Merge pull request #11118 from hashicorp/eculver/remove-envoy-1.15
...
Remove support for Envoy 1.15
2021-10-04 23:14:24 +02:00
Evan Culver
d279c60010
Merge pull request #11115 from hashicorp/eculver/envoy-1.19.1
...
Add support for Envoy 1.19.1
2021-10-04 23:13:26 +02:00
Daniel Nephin
b9f0014d70
acl: remove updateEnterpriseSerfTags
...
The only remaining caller is a test helper, and the tests don't use the enterprise gossip
pools.
2021-10-04 17:01:51 -04:00
Daniel Nephin
5ac360b22d
Merge pull request #11126 from hashicorp/dnephin/acl-legacy-remove-resolve-and-get-policy
...
acl: remove ACL.GetPolicy RPC endpoint and ACLResolver.resolveTokenLegacy
2021-10-04 16:29:51 -04:00
Daniel Nephin
b6435259c3
acl: fix test failures caused by remocving legacy ACLs
...
This commit two test failures:
1. Remove check for "in legacy ACL mode", the actual upgrade will be removed in a following commit.
2. Remove the early WaitForLeader in dc2, because with it the test was
failing with ACL not found.
2021-10-01 18:03:10 -04:00
Evan Culver
e74ce0fb2e
Add 1.15 versions to too old list
2021-10-01 11:28:26 -07:00
Chris S. Kim
3c8ca0dbd2
agent: Reject partitions in legacy intention endpoints ( #11181 )
2021-10-01 13:18:57 -04:00
Chris S. Kim
bf94949d48
Support partitions in parseIntentionStringComponent ( #11202 )
2021-10-01 12:36:12 -04:00
Dhia Ayachi
8bd52995d1
fix token list by auth method ( #11196 )
...
* add tests to OIDC authmethod and fix entMeta when retrieving auth-methods
* fix oss compilation error
2021-10-01 12:00:43 -04:00
Evan Culver
4cdcaf3658
Merge branch 'eculver/envoy-1.19.1' into eculver/remove-envoy-1.15
2021-09-30 11:32:28 -07:00
Evan Culver
7b157bba4e
regenerate more envoy golden files
2021-09-30 10:57:47 -07:00
Daniel Nephin
ec935a2486
acl: call stop for the upgrade goroutine when done
...
TestAgentLeaks_Server was reporting a goroutine leak without this. Not sure if it would actually
be a leak in production or if this is due to the test setup, but seems easy enough to call it
this way until we remove legacyACLTokenUpgrade.
2021-09-29 17:36:43 -04:00
Daniel Nephin
0c077d0527
acl: only run startACLUpgrade once
...
Since legacy ACL tokens can no longer be created we only need to run this upgrade a single
time when leadership is estalbished.
2021-09-29 16:22:01 -04:00
Daniel Nephin
f21097beda
acl: remove reading of serf acl tags
...
We no long need to read the acl serf tag, because servers are always either ACL enabled or
ACL disabled.
We continue to write the tag so that during an upgarde older servers will see the tag.
2021-09-29 15:45:11 -04:00
Daniel Nephin
b866e3c4f4
acl: fix test failure
...
For some reason removing legacy ACL upgrade requires using an ACL token now
for this WaitForLeader.
2021-09-29 15:21:30 -04:00
Daniel Nephin
ebb2388605
acl: remove legacy ACL upgrades from Server
...
As part of removing the legacy ACL system
2021-09-29 15:19:23 -04:00
Daniel Nephin
41a97360ca
acl: fix test failures caused by remocving legacy ACLs
...
This commit two test failures:
1. Remove check for "in legacy ACL mode", the actual upgrade will be removed in a following commit.
2. Use the root token in WaitForLeader, because without it the test was
failing with ACL not found.
2021-09-29 15:15:50 -04:00
Daniel Nephin
b73b68d696
acl: remove ACL.GetPolicy endpoint and resolve legacy acls
...
And all code that was no longer used once those two were removed.
2021-09-29 14:33:19 -04:00
Daniel Nephin
b8da06a34d
acl: remove ACL upgrading from Clients
...
As part of removing the legacy ACL system ACL upgrading and the flag for
legacy ACLs is removed from Clients.
This commit also removes the 'acls' serf tag from client nodes. The tag is only ever read
from server nodes.
This commit also introduces a constant for the acl serf tag, to make it easier to track where
it is used.
2021-09-29 14:02:38 -04:00
Daniel Nephin
33a5448604
Merge pull request #11136 from hashicorp/dnephin/acl-resolver-fix-default-authz
...
acl: fix default Authorizer for down_policy extend-cache/async-cache
2021-09-29 13:45:12 -04:00
Daniel Nephin
afb1dd5827
Merge pull request #11110 from hashicorp/dnephin/acl-legacy-remove-initialize
...
acl: remove initializeLegacyACL and the rest of the legacy FSM commands
2021-09-29 13:44:30 -04:00
Daniel Nephin
a9ac148c92
Merge pull request #10999 from hashicorp/dnephin/revert-config-xds-port
...
Revert config xds_port
2021-09-29 13:39:15 -04:00
Daniel Nephin
bd28d23b55
command/envoy: stop using the DebugConfig from Self endpoint
...
The DebugConfig in the self endpoint can change at any time. It's not a stable API.
This commit adds the XDSPort to a stable part of the XDS api, and changes the envoy command to read
this new field.
It includes support for the old API as well, in case a newer CLI is used with an older API, and
adds a test for both cases.
2021-09-29 13:21:28 -04:00
Daniel Nephin
2995ac61f2
acl: remove the last of the legacy FSM
...
Replace it with an implementation that returns an error, and rename some symbols
to use a Deprecated suffix to make it clear.
Also remove the ACLRequest struct, which is no longer referenced.
2021-09-29 12:42:23 -04:00
Daniel Nephin
a8358f7575
acl: remove bootstrap-init FSM operation
2021-09-29 12:42:23 -04:00
Daniel Nephin
ea2e0ad2ec
acl: remove initializeLegacyACL from leader init
2021-09-29 12:42:23 -04:00
Daniel Nephin
4e36442583
acl: remove ACLDelete FSM command, and state store function
...
These are no longer used now that ACL.Apply has been removed.
2021-09-29 12:42:23 -04:00
Daniel Nephin
7e37c9a765
acl: remove legacy field to ACLBoostrap
2021-09-29 12:42:23 -04:00
Daniel Nephin
402d3792b6
Revert "Merge pull request #10588 from hashicorp/dnephin/config-fix-ports-grpc"
...
This reverts commit 74fb650b6b966588f8faeec26935a858af2b8bb5, reversing
changes made to 58bd8173364effb98b9fd9f9b98d31dd887a9bac.
2021-09-29 12:28:41 -04:00
Daniel Nephin
d4c48a3f23
Merge pull request #11101 from hashicorp/dnephin/acl-legacy-remove-rpc-2
...
acl: remove legacy ACL.Apply RPC
2021-09-29 12:23:55 -04:00
Daniel Nephin
69a83aefcf
Merge pull request #11177 from hashicorp/dnephin/remove-entmeta-methods
...
structs: remove EnterpriseMeta helper methods
2021-09-29 12:08:07 -04:00
Daniel Nephin
acb62aa896
Merge pull request #10986 from hashicorp/dnephin/acl-legacy-remove-rpc
...
acl: remove legacy ACL RPC - part 1
2021-09-29 12:04:09 -04:00
Daniel Nephin
1bc07c5166
structs: rename the last helper method.
...
This one gets used a bunch, but we can rename it to make the behaviour more obvious.
2021-09-29 11:48:38 -04:00
Daniel Nephin
93b3e110b6
structs: remove another helper
...
We already have a helper funtion.
2021-09-29 11:48:03 -04:00
Daniel Nephin
17652227f6
structs: remove two methods that were only used once each.
...
These methods only called a single function. Wrappers like this end up making code harder to read
because it adds extra ways of doing things.
We already have many helper functions for constructing these types, we don't need additional methods.
2021-09-29 11:47:03 -04:00
Daniel Nephin
a0e08086f7
Merge pull request #10988 from hashicorp/dnephin/acl-legacy-remove-config
...
acl: isolate deprecated config and warn when they are used
2021-09-29 11:40:14 -04:00
Daniel Nephin
3f4f7d2f3f
Merge pull request #9456 from hashicorp/dnephin/config-deprecation
...
config: Use DeprecatedConfig struct for deprecated config fields
2021-09-29 11:37:40 -04:00
Evan Culver
cb5ef13fde
Merge remote-tracking branch 'origin/eculver/remove-envoy-1.15' into eculver/remove-envoy-1.15
2021-09-28 16:06:36 -07:00
Evan Culver
eaa9394cb2
Fix typo
...
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2021-09-29 01:05:45 +02:00
Evan Culver
64f94b10ce
Merge branch 'eculver/envoy-1.19.1' into eculver/remove-envoy-1.15
2021-09-28 15:59:43 -07:00
Evan Culver
807871224a
Merge branch 'main' into eculver/envoy-1.19.1
2021-09-28 15:58:20 -07:00
Chris S. Kim
3f79aaf509
Cleanup unnecessary normalizing method ( #11169 )
2021-09-28 15:31:12 -04:00
Daniel Nephin
4ed9476a61
Merge pull request #11084 from krastin/krastin-autopilot-loggingtypo
...
Fix a tiny typo in logging in autopilot.go
2021-09-28 15:11:11 -04:00
Evan Culver
e2363c13ff
Merge branch 'main' into eculver/envoy-1.19.1
2021-09-28 11:54:33 -07:00
Chris S. Kim
90fe20c3a2
agent: Clean up unused built-in proxy config ( #11165 )
2021-09-28 11:29:10 -04:00
Daniel Nephin
30fe14eed3
acl: fix default authorizer for down_policy
...
This was causing a nil panic because a nil authorizer is no longer valid after the cleanup done
in https://github.com/hashicorp/consul/pull/10632 .
2021-09-23 18:12:22 -04:00
Daniel Nephin
a6a7069ecf
Remove t.Parallel from TestACLResolver_DownPolicy
...
These tests run in under 10ms, t.Parallel does nothing but slow them down and
make failures harder to debug when one panics.
2021-09-23 18:12:22 -04:00
Dhia Ayachi
4505cb2920
Refactor table index acl phase 2 ( #11133 )
...
* extract common methods from oss and ent
* remove unreachable code
* add missing normalize for binding rules
* fix oss to use Query
2021-09-23 15:26:09 -04:00