freddygv
1c46470a29
Add methods to check intention has wildcard src or dst
2021-03-17 22:15:48 -06:00
freddygv
39e6d41fdf
Add changelog entry
2021-03-17 22:09:02 -06:00
freddygv
291d7562d1
Cancel watch on all errors
2021-03-17 21:44:14 -06:00
freddygv
de7f2a1a74
Split up normalizing from defaulting values for upstream cfg
2021-03-17 21:37:55 -06:00
freddygv
c4ff0e6eca
Uncomment listener tests
2021-03-17 21:37:12 -06:00
freddygv
6c43195e2a
Merge master and fix upstream config protocol defaulting
2021-03-17 21:13:40 -06:00
Freddy
44e4da2b6b
Add internal RPC endpoint to compute upstreams from intentions
2021-03-17 17:39:35 -06:00
freddygv
0c8b618ca0
Temporarily silence spurious wakeup. Addressing false positive in beta.
2021-03-17 17:25:29 -06:00
freddygv
60690cf5c9
Merge remote-tracking branch 'origin/master' into intention-topology-endpoint
2021-03-17 17:14:38 -06:00
Freddy
63dcb7fa76
Add TransparentProxy option to proxy definitions
2021-03-17 17:01:45 -06:00
Freddy
fb252e87a4
Add per-upstream configuration to service-defaults
2021-03-17 16:59:51 -06:00
freddygv
15a145b9f6
Add changelog and cleanup todo for beta
2021-03-17 16:45:13 -06:00
freddygv
ca2a62d807
Rename hasChains for clarity
2021-03-17 16:42:29 -06:00
freddygv
3c7e5c3308
PR comments
2021-03-17 16:18:56 -06:00
Daniel Nephin
af17ab54e0
Merge pull request #9865 from hashicorp/dnephin/state-index-config-entries
...
state: convert config-entries table to the new pattern of functional indexers
2021-03-17 17:40:59 -04:00
freddygv
4c58711594
Upstreams loop is only for prepared queries and they are not CentrallyConfigured
2021-03-17 15:32:52 -06:00
freddygv
9256d09255
Handle prepared queries in Upstreams loop and escape hatches in disco chain loop
2021-03-17 15:17:43 -06:00
freddygv
5b59780431
Update xds for transparent proxy
2021-03-17 13:40:49 -06:00
freddygv
3c97e5a777
Update proxycfg for transparent proxy
2021-03-17 13:40:39 -06:00
freddygv
d19a5830dd
Do not include consul as upstream or downstream
2021-03-17 13:40:04 -06:00
Daniel Nephin
d2591312f8
state: add tests for config-entry indexers
2021-03-17 14:41:46 -04:00
Daniel Nephin
1b8f8b135e
state: convert config-entries kind index to new pattern
2021-03-17 14:40:57 -04:00
Daniel Nephin
bfcf463c3a
state: remove config-entries namespace index
...
Use a prefix of the ID index instead.
2021-03-17 14:40:57 -04:00
Daniel Nephin
dcbb1ba5dd
state: remove unnecessary method receiver
2021-03-17 14:40:57 -04:00
Daniel Nephin
b43977423f
state: convert config-entries table to new indexer pattern
...
Using functional indexes to isolate enterprise differentiation and
remove reflection.
2021-03-17 14:40:57 -04:00
Daniel Nephin
98c32599e4
Merge pull request #9881 from hashicorp/dnephin/state-index-service-check-nodes
...
state: convert services.node and checks.node indexes
2021-03-17 14:12:02 -04:00
Daniel Nephin
b771baa1f5
Merge pull request #9863 from hashicorp/dnephin/config-entry-kind-name
...
state: move ConfigEntryKindName
2021-03-17 14:09:39 -04:00
hashicorp-ci
110da59c6c
auto-updated agent/uiserver/bindata_assetfs.go from commit 9e715842d
2021-03-17 16:03:18 +00:00
John Cowen
d47ccb859f
ui: Improves UI engineering docs ( #9875 )
...
Also fixes some typos in with-overlay
2021-03-17 15:58:17 +00:00
hashicorp-ci
fab276cb7d
auto-updated agent/uiserver/bindata_assetfs.go from commit f9e8b26af
2021-03-17 14:45:58 +00:00
Kenia
eab741eab8
ui: Create auth-method show page with General Info Tab ( #9845 )
...
* Update list items to be linkable to auth-methods show
* Add general, namespace, and binding sub-routes
* Remove namespace and binding tabs to be done separately
* Update auth-method byId endpoint
* Style the show auth-method kubernetes type
* Finish Kubernetes auth-method type styling
* OIDC and JWT auth-method styling
* Create consul-auth-method-view component
* Add navigation test for auth-methods
* Create Certificate component
2021-03-17 10:40:56 -04:00
hashicorp-ci
d38917b12b
auto-updated agent/uiserver/bindata_assetfs.go from commit aca797658
2021-03-17 11:27:44 +00:00
John Cowen
5ff1897070
ui: Adds warning icon to side menu when ACLs are disabled ( #9864 )
...
* ui: Adds warning icon to side menu when ACLs are are disabled
2021-03-17 11:23:00 +00:00
hashicorp-ci
7123aaad92
auto-updated agent/uiserver/bindata_assetfs.go from commit 41471719e
2021-03-17 10:50:59 +00:00
John Cowen
62a9dffcae
ui: CSP Improvements ( #9847 )
...
* Configure ember-auto-import so we can use a stricter CSP
* Create a fake filesystem using JSON to avoid inline scripts in index
We used to have inline scripts in index.html in order to support embers
filepath fingerprinting and our configurable rootURL.
Instead of using inline scripts we use application/json plus a JSON blob
to create a fake filesystem JSON blob/hash/map to hold all of the
rootURL'ed fingerprinted file paths which we can then retrive later in
non-inline scripts.
We move our inlined polyfills script into the init.js external script,
and we move the CodeMirror syntax highlighting configuration inline
script into the main app itself - into the already existing CodeMirror
initializer (this has been moved so we can lookup a service located
document using ember's DI container)
* Set a strict-ish CSP policy during development
2021-03-17 10:46:21 +00:00
freddygv
a3184e6cd7
Refactor makePublicListener
...
By accepting a name the function can be used for other inbound listeners,
like the one for TransparentProxy.
2021-03-16 19:22:26 -06:00
Daniel Nephin
c140ae899b
Merge pull request #9886 from hashicorp/sdk/to_testing_TB
...
[SDK] change all cases of *testing.T to testing.TB
2021-03-16 20:28:35 -04:00
Daniel Nephin
3d6644a245
Merge pull request #9475 from cbroglie/tls-server-name
...
Add support for configuring TLS ServerName for health checks
2021-03-16 20:24:44 -04:00
Daniel Nephin
96276fc7b8
Add changelog for 9475
2021-03-16 18:22:25 -04:00
Christopher Broglie
94b02c3954
Add support for configuring TLS ServerName for health checks
...
Some TLS servers require SNI, but the Golang HTTP client doesn't
include it in the ClientHello when connecting to an IP address. This
change adds a new TLSServerName field to health check definitions to
optionally set it. This fixes #9473 .
2021-03-16 18:16:44 -04:00
John Eikenberry
fe938b9849
[SDK] change all cases of *testing.T to testing.TB
...
Using the interface opens up the use of all methods to benchmarks as
well as tests.
2021-03-16 15:05:39 -07:00
Daniel Nephin
23df31f7c0
Merge pull request #8698 from pierreca/fix-iserreof
...
Use errors.Is() in IsErrEOF()
2021-03-16 17:56:15 -04:00
freddygv
cba952a6a5
Add cache-type for Internal.IntentionUpstreams
2021-03-16 11:06:47 -06:00
Daniel Nephin
0b3930272d
state: convert services.node and checks.node indexes
...
Using NodeIdentity to share the indexes with both.
2021-03-16 13:00:31 -04:00
freddygv
b79039c21c
Prefix match type vars to match use
2021-03-16 09:49:24 -06:00
freddygv
fed983fe9a
Pass txn into service list queries
2021-03-16 09:33:08 -06:00
freddygv
26ba0c0fc8
Pass txn into intention match queries
2021-03-16 08:03:52 -06:00
freddygv
d7f3bcc8bb
Replace CertURI.Authorize() calls.
...
AuthorizeIntentionTarget is a generalized version of the old function,
and can be evaluated against sources or destinations.
2021-03-15 18:06:04 -06:00
freddygv
eb6c0cbea0
Fixup typo, comments, and regression
2021-03-15 17:50:47 -06:00
freddygv
9bfb0969f9
Fixup upstream test
2021-03-15 17:20:30 -06:00