Commit Graph

11709 Commits

Author SHA1 Message Date
Alvin Huang 1cb06ce7f0
Merge pull request #7956 from hashicorp/update-master-to-1.8.0-beta2
Update master to 1.8.0 beta2
2020-06-01 16:52:19 -04:00
R.B. Boyer 8369f7d7f3 update changelog 2020-06-01 11:46:19 -05:00
R.B. Boyer 7bd7895047
acl: allow auth methods created in the primary datacenter to optionally create global tokens (#7899) 2020-06-01 11:44:47 -05:00
R.B. Boyer 6148d07f28 update changelog 2020-05-29 16:17:30 -05:00
R.B. Boyer 16db20b1f3
acl: remove the deprecated `acl_enforce_version_8` option (#7991)
Fixes #7292
2020-05-29 16:16:03 -05:00
Jono Sosulska 7a13c96a2a
Replace whitelist/blacklist terminology with allowlist/denylist (#7971)
* Replace whitelist/blacklist terminology with allowlist/denylist
2020-05-29 14:19:16 -04:00
Shantanu Gadgil 08cb4e5c6b
add gobetween to the Consul tools (#7973)
add gobetween to the Consul tools
2020-05-29 11:17:22 -07:00
Chris Piraino 967ecf59b0
Remove underscores from gateway URL paths (#7962) 2020-05-28 14:19:17 -05:00
Alvin Huang 8dcba62e86 update CHANGELOG after rebasing release/1.8.x after 1.8.0-beta2 2020-05-28 14:42:52 -04:00
hashicorp-ci 6af122d259 Putting source back into Dev Mode 2020-05-28 14:39:39 -04:00
hashicorp-ci 827448fa7f Release v1.8.0-beta2 2020-05-28 14:39:38 -04:00
hashicorp-ci 6b8bedd004 update bindata_assetfs.go 2020-05-28 14:39:37 -04:00
Chris Piraino 1b7aa5a035 Update CHANGELOG.md 2020-05-28 14:39:37 -04:00
John Cowen e446daf6ae Update CHANGELOG.md 2020-05-28 14:39:34 -04:00
John Cowen ab5c38a6b5 Update CHANGELOG.md 2020-05-28 14:39:34 -04:00
Chris Piraino d54956b436 Update CHANGELOG.md 2020-05-28 14:39:33 -04:00
hashicorp-ci 06c02fe9c2 Putting source back into Dev Mode 2020-05-28 14:39:30 -04:00
hashicorp-ci a69cd5ff4b Release v1.8.0-beta1 2020-05-28 14:39:29 -04:00
hashicorp-ci 634a0e630a update bindata_assetfs.go 2020-05-28 14:39:28 -04:00
Luke Kysow 1edf879169
Merge pull request #7936 from hashicorp/helm-k8s-mgw
Helm docs for k8s mesh gateways and federation
2020-05-28 10:51:03 -07:00
Luke Kysow 80031e7921
Helm docs for k8s mesh gateways and federation 2020-05-28 10:49:59 -07:00
Daniel Nephin 23bbded0c3
Merge pull request #7947 from hashicorp/dnephin/add-linter-staticcheck-3
ci: Enable staticcheck and fix most errors
2020-05-28 12:25:46 -04:00
Daniel Nephin ea6c2b2adc ci: Add staticcheck and fix most errors
Three of the checks are temporarily disabled to limit the size of the
diff, and allow us to enable all the other checks in CI.

In a follow up we can fix the issues reported by the other checks one
at a time, and enable them.
2020-05-28 11:59:58 -04:00
Daniel Nephin e359b10f77
Merge pull request #7963 from hashicorp/dnephin/replace-lib-translate-keys
Replace lib.TranslateKeys with a mapstructure decode hook
2020-05-27 16:51:26 -04:00
Daniel Nephin 8f939da431 config: use the new HookTranslateKeys instead of lib.TranslateKeys
With the exception of CA provider config, which will be migrated at some
later time.
2020-05-27 16:24:47 -04:00
Daniel Nephin 644eb3b33a Add alias struct tags for new decode hook 2020-05-27 16:24:47 -04:00
Daniel Nephin 8dc52a56ea config: add HookTranslteKeys
This hook replaces lib.TranslateKeys and has a number of advantages:

1. Primarily, aliases for fields are defined on the field itself, making
   the aliases much easier to maintain, and more obvious to the reader.
2. TranslateKeys translation rules are not aware of structure. It could
   very easily incorrectly translate a key on one struct that was intended
   to be a translation rule for a completely different struct, leading
   to very hard to debug errors. The hook removes the need for the
   unexpected "translation rule is an empty string to indicate stop
   traversal" special case.
3. TranslateKeys attempts to duplicate a bunch of tree traversal logic
   that already exists in mapstructure. Using mapstructure for traversal
   removes the need to traverse the entire structure multiple times, and
   makes the behaviour more obvious to the reader.

This change is being made to enable a future change of replacing
PatchSliceOfMaps. TranslateKeys sits in between PatchSliceOfMaps and
mapstructure.Decode, so it must be converted to a hook first, before
PatchSliceOfMaps can be replaced by a decode hook.
2020-05-27 16:24:47 -04:00
R.B. Boyer 54c7f825d6
create lib/stringslice package (#7934) 2020-05-27 11:47:32 -05:00
R.B. Boyer 2b2ee434ef update changelog 2020-05-27 11:33:16 -05:00
R.B. Boyer 813d69622e
agent: handle re-bootstrapping in a secondary datacenter when WAN federation via mesh gateways is configured (#7931)
The main fix here is to always union the `primary-gateways` list with
the list of mesh gateways in the primary returned from the replicated
federation states list. This will allow any replicated (incorrect) state
to be supplemented with user-configured (correct) state in the config
file. Eventually the game of random selection whack-a-mole will pick a
winning entry and re-replicate the latest federation states from the
primary. If the user-configured state is actually the incorrect one,
then the same eventual correct selection process will work in that case,
too.

The secondary fix is actually to finish making wanfed-via-mgws actually
work as originally designed. Once a secondary datacenter has replicated
federation states for the primary AND managed to stand up its own local
mesh gateways then all of the RPCs from a secondary to the primary
SHOULD go through two sets of mesh gateways to arrive in the consul
servers in the primary (one hop for the secondary datacenter's mesh
gateway, and one hop through the primary datacenter's mesh gateway).
This was neglected in the initial implementation. While everything
works, ideally we should treat communications that go around the mesh
gateways as just provided for bootstrapping purposes.

Now we heuristically use the success/failure history of the federation
state replicator goroutine loop to determine if our current mesh gateway
route is working as intended. If it is, we try using the local gateways,
and if those don't work we fall back on trying the primary via the union
of the replicated state and the go-discover configuration flags.

This can be improved slightly in the future by possibly initializing the
gateway choice to local on startup if we already have replicated state.
This PR does not address that improvement.

Fixes #7339
2020-05-27 11:31:10 -05:00
Alvin Huang f830637448
bump beta callout to v1.8.0-beta2 (#7945) 2020-05-26 12:51:44 -04:00
Raphaël Rondeau b799471e29
connect: fix endpoints clusterName when using cluster escape hatch (#7319)
```changelog
* fix(connect): fix endpoints clusterName when using cluster escape hatch
```
2020-05-26 10:57:22 +02:00
Pierre Souchay fa43d427cb
Stop all watches before shuting down anything dring shutdown. (#7526)
This will prevent watches from being triggered.

```changelog
* fix(agent):  stop all watches before shuting down
```
2020-05-26 10:01:49 +02:00
Luke Kysow 064bd2e9ca
Merge pull request #7944 from hashicorp/k8s-mgw-docs-update
Update for consul:1.8.0-beta2
2020-05-25 11:26:28 -07:00
Luke Kysow 11933ee640
Update for consul:1.8.0-beta2 2020-05-25 11:26:09 -07:00
R.B. Boyer aa3fdddd16 update changelog 2020-05-21 16:09:57 -05:00
R.B. Boyer 7e42819a71
connect: ensure proxy-defaults protocol is used for upstreams (#7938) 2020-05-21 16:08:39 -05:00
Jeff Escalante 10b79907a0 env variable clarity 2020-05-21 14:50:45 -04:00
Jeff Escalante c093b4903f mod stylelint to be more accurate 2020-05-21 14:50:45 -04:00
Jeff Escalante 7a43926fa4 upgrade to stylelint release 2020-05-21 14:50:45 -04:00
Jeff Escalante 483ca3acf7 remove unused dependencies, adjust 404 link color 2020-05-21 14:50:45 -04:00
Jeff Escalante 306e8c84b6 update dependencies 2020-05-21 14:50:45 -04:00
Kyle Havlovitz 5aefdea1a8
Standardize support for Tagged and BindAddresses in Ingress Gateways (#7924)
* Standardize support for Tagged and BindAddresses in Ingress Gateways

This updates the TaggedAddresses and BindAddresses behavior for Ingress
to match Mesh/Terminating gateways. The `consul connect envoy` command
now also allows passing an address without a port for tagged/bind
addresses.

* Update command/connect/envoy/envoy.go

Co-authored-by: Freddy <freddygv@users.noreply.github.com>

* PR comments

* Check to see if address is an actual IP address

* Update agent/xds/listeners.go

Co-authored-by: Freddy <freddygv@users.noreply.github.com>

* fix whitespace

Co-authored-by: Chris Piraino <cpiraino@hashicorp.com>
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2020-05-21 09:08:12 -05:00
Peter M 2232f5cba8 Updated resource heading to correct error 2020-05-20 15:26:56 -07:00
Daniel Nephin 6604e72c6d
Merge pull request #7933 from hashicorp/dnephin/state-txn-missing-errors
state: fix unhandled error
2020-05-20 17:00:20 -04:00
Daniel Nephin f9a89db86e
Update agent/consul/state/catalog.go
Co-authored-by: Hans Hasselberg <me@hans.io>
2020-05-20 16:34:14 -04:00
Seth Hoenig 7ea75263ea
grpc: use default resolver scheme for grpc dialing (#7617)
Currently checks of type gRPC will emit log messages such as,

    2020/02/12 13:48:22 [INFO] parsed scheme: ""
    2020/02/12 13:48:22 [INFO] scheme "" not registered, fallback to default scheme

Without adding full support for using custom gRPC schemes (maybe that's
right long-term path) we can just supply the default scheme as provided
by the grpc library.

Fixes https://github.com/hashicorp/consul/issues/7274
and https://github.com/hashicorp/nomad/issues/7415
2020-05-20 22:26:26 +02:00
Daniel Nephin e1e1c13b35 state: use an error to indicate compare failed
Errors are values. We can use the error value to identify the 'comparison failed' case which makes the function easier to use and should make it harder to miss handle the error case
2020-05-20 12:43:33 -04:00
Freddy 36c2ae0900
Update ingress/terminating gateway ACL docs (#7891) 2020-05-20 09:27:25 -06:00
Paul Mundt 9b15050b44
docs: Add Dart client to list of Libraries and SDKs (#7884) 2020-05-20 12:42:12 +02:00