2f0eba1980
acl: remove ACLTokenTypeClient,
...
along with the last test referencing it.
2021-10-25 17:25:14 -04:00
88c6aeea34
acl: remove legacy arg to store.ACLTokenSet
...
And remove the tests for legacy=true
2021-10-25 17:25:14 -04:00
b31a7fc498
acl: remove EmbeddedPolicy
...
This method is no longer. It only existed for legacy tokens, which are no longer supported.
2021-10-25 17:25:14 -04:00
ceaa36f983
acl: remove tests for resolving legacy tokens
...
The code for this was already removed, which suggests this is not actually testing what it claims.
I'm guessing these are still resolving because the tokens are converted to non-legacy tokens?
2021-10-25 17:25:14 -04:00
a46e3bd2fc
acl: stop replication on leadership lost
...
It seems like this was missing. Previously this was only called by init of ACLs during an upgrade.
Now that legacy ACLs are removed, nothing was calling stop.
Also remove an unused method from client.
2021-10-25 17:24:12 -04:00
15cd8c7ab8
Remove incorrect TODO
2021-10-25 17:20:06 -04:00
589b238374
acl: move the legacy ACL struct to the one package where it is used
...
It is now only used for restoring snapshots. We can remove it in phase 2.
2021-10-25 17:20:06 -04:00
0ba5d0afcd
acl: remove most of the rest of structs/acl_legacy.go
2021-10-25 17:20:06 -04:00
ab5cdce760
Merge pull request #11163 from hashicorp/feature/ingress-tls-mixed
...
Add support for enabling connect-based ingress TLS per listener.
2021-10-25 21:36:01 +01:00
6433a57d3c
fix autopilot_failure_tolerance, add autopilot metrics test case ( #11399 )
...
Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
2021-10-25 10:55:59 -07:00
67a624a49f
use *telemetry.MetricsPrefix as prometheus.PrometheusOpts.Name ( #11290 )
...
Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
2021-10-21 13:33:01 -07:00
75f69a98a2
fix leadership transfer on leave suggestions ( #11387 )
...
* add suggestions
* set isLeader to false when leadership transfer succeed
2021-10-21 14:02:26 -04:00
2d1ac1f7d0
try to perform a leadership transfer when leaving ( #11376 )
...
* try to perform a leadership transfer when leaving
* add a changelog
2021-10-21 12:44:31 -04:00
752a285552
Add new service-exports config entry
2021-10-20 12:24:18 -07:00
716b05f934
Merge pull request #11293 from bisakhmondal/service_filter
...
expression validation of service-resolver subset filter
2021-10-20 08:57:37 -04:00
4808b97d9c
Rebase and rebuild golden files for Envoy version bump
2021-10-19 21:37:58 +01:00
ff405d35c7
Refactor `resolveListenerSDSConfig` to pass in whole config
2021-10-19 20:58:29 +01:00
5c8702b182
Add support for enabling connect-based ingress TLS per listener.
2021-10-19 20:58:28 +01:00
55dd52cb17
acl: small OSS refactors to help ensure that auth methods with namespace rules work with partitions ( #11323 )
2021-10-14 15:38:05 -05:00
f76fddb28e
Use stored entmeta to fill authzContext
2021-10-14 08:57:40 -06:00
bdf3e951f8
Ensure partition is handled by auto-encrypt
2021-10-14 08:32:45 -06:00
bb228ab165
fix: only add prom autopilot gauges to servers ( #11241 )
...
Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
2021-10-13 09:25:30 -07:00
0a6d683c84
Update Intentions.List with partitions ( #11299 )
2021-10-13 10:47:12 -04:00
3e8ece97a8
acl: fix bug in 'consul members' filtering with partitions ( #11263 )
2021-10-13 09:18:16 -05:00
929ad1e80f
add service resolver subset filter validation
2021-10-13 02:56:04 +05:30
2cd80e5f66
Merge pull request #11222 from hashicorp/clly/service-mesh-metrics
...
Start tracking connect service mesh usage metrics
2021-10-11 14:35:03 -05:00
2119351f77
Replace fmt.Sprintf with function
2021-10-11 12:43:38 -05:00
7f28301212
fix consul_autopilot_healthy metric emission ( #11231 )
...
https://github.com/hashicorp/consul/issues/10730
2021-10-08 10:31:50 -07:00
38986d6371
Rename ConfigUsageEnterprise to EnterpriseConfigEntryUsage
2021-10-08 10:53:34 -05:00
76b3c4ed3c
Rename and prefix ConfigEntry in Usage table
...
Rename ConfigUsage functions to ConfigEntry
prefix ConfigEntry kinds with the ConfigEntry table name to prevent
potential conflicts
2021-10-07 16:19:55 -05:00
0e39a7a333
Add connect specific prefix to Usage table
...
Ensure that connect Kind's are separate from ConfigEntry Kind's to
prevent miscounting
2021-10-07 16:16:23 -05:00
f9ba7c39b5
Add changelog, website and metric docs
...
Add changelog to document what changed.
Add entry to telemetry section of the website to document what changed
Add docs to the usagemetric endpoint to help document the metrics in code
2021-10-05 13:34:24 -05:00
5446009299
Fixing SOA record to use alt domain when alt domain in use ( #10431 )
2021-10-05 10:47:27 -04:00
e03b7e4c68
Merge pull request #11182 from hashicorp/dnephin/acl-legacy-remove-upgrade
...
acl: remove upgrade from legacy, start in non-legacy mode
2021-10-04 17:25:39 -04:00
e47c5c5ceb
Merge pull request #11118 from hashicorp/eculver/remove-envoy-1.15
...
Remove support for Envoy 1.15
2021-10-04 23:14:24 +02:00
d279c60010
Merge pull request #11115 from hashicorp/eculver/envoy-1.19.1
...
Add support for Envoy 1.19.1
2021-10-04 23:13:26 +02:00
b9f0014d70
acl: remove updateEnterpriseSerfTags
...
The only remaining caller is a test helper, and the tests don't use the enterprise gossip
pools.
2021-10-04 17:01:51 -04:00
5ac360b22d
Merge pull request #11126 from hashicorp/dnephin/acl-legacy-remove-resolve-and-get-policy
...
acl: remove ACL.GetPolicy RPC endpoint and ACLResolver.resolveTokenLegacy
2021-10-04 16:29:51 -04:00
ed5693b537
Add metrics to count the number of service-mesh config entries
2021-10-04 14:50:17 -05:00
9c487389cf
Add metrics to count connect native service mesh instances
...
This will add the counts of the service mesh instances tagged by
whether or not it is connect native
2021-10-04 14:37:05 -05:00
8000ea45ca
Add metrics to count service mesh Kind instance counts
...
This will add the counts of service mesh instances tagged by the
different ServiceKind's.
2021-10-04 14:36:59 -05:00
b6435259c3
acl: fix test failures caused by remocving legacy ACLs
...
This commit two test failures:
1. Remove check for "in legacy ACL mode", the actual upgrade will be removed in a following commit.
2. Remove the early WaitForLeader in dc2, because with it the test was
failing with ACL not found.
2021-10-01 18:03:10 -04:00
e74ce0fb2e
Add 1.15 versions to too old list
2021-10-01 11:28:26 -07:00
3c8ca0dbd2
agent: Reject partitions in legacy intention endpoints ( #11181 )
2021-10-01 13:18:57 -04:00
bf94949d48
Support partitions in parseIntentionStringComponent ( #11202 )
2021-10-01 12:36:12 -04:00
8bd52995d1
fix token list by auth method ( #11196 )
...
* add tests to OIDC authmethod and fix entMeta when retrieving auth-methods
* fix oss compilation error
2021-10-01 12:00:43 -04:00
4cdcaf3658
Merge branch 'eculver/envoy-1.19.1' into eculver/remove-envoy-1.15
2021-09-30 11:32:28 -07:00
7b157bba4e
regenerate more envoy golden files
2021-09-30 10:57:47 -07:00
ec935a2486
acl: call stop for the upgrade goroutine when done
...
TestAgentLeaks_Server was reporting a goroutine leak without this. Not sure if it would actually
be a leak in production or if this is due to the test setup, but seems easy enough to call it
this way until we remove legacyACLTokenUpgrade.
2021-09-29 17:36:43 -04:00
0c077d0527
acl: only run startACLUpgrade once
...
Since legacy ACL tokens can no longer be created we only need to run this upgrade a single
time when leadership is estalbished.
2021-09-29 16:22:01 -04:00
Daniel Nephin