* add root_cert_ttl option for consul connect, vault ca providers
Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
* add changelog, pr feedback
Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
* Update .changelog/11428.txt, more docs
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
* Update website/content/docs/agent/options.mdx
Co-authored-by: Kyle Havlovitz <kylehav@gmail.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
Co-authored-by: Kyle Havlovitz <kylehav@gmail.com>
Existing config entries prefixed by service- are specific to individual
services. Since this config entry applies to partitions it is being
renamed.
Additionally, the Partition label was changed to Name because using
Partition at the top-level and in the enterprise meta was leading to the
enterprise meta partition being dropped by msgpack.
* add require http codes in api and use in operator_autopilot health check
* add StatusError type in api package
Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
Signed-off-by: Jakub Sokołowski <jakub@status.im>
* agent: add failures_before_warning setting
The new setting allows users to specify the number of check failures
that have to happen before a service status us updated to be `warning`.
This allows for more visibility for detected issues without creating
alerts and pinging administrators. Unlike the previous behavior, which
caused the service status to not update until it reached the configured
`failures_before_critical` setting, now Consul updates the Web UI view
with the `warning` state and the output of the service check when
`failures_before_warning` is breached.
The default value of `FailuresBeforeWarning` is the same as the value of
`FailuresBeforeCritical`, which allows for retaining the previous default
behavior of not triggering a warning.
When `FailuresBeforeWarning` is set to a value higher than that of
`FailuresBeforeCritical it has no effect as `FailuresBeforeCritical`
takes precedence.
Resolves: https://github.com/hashicorp/consul/issues/10680
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Co-authored-by: Jakub Sokołowski <jakub@status.im>
* convert `Policies` index to use `indexerMulti`
* remove non used indexer
* fix oss policy Get
* add oss tests
* remove reference to partition in oss test
* convert `Roles` index to use `indexerMulti`
* add role test in oss
* fix oss to use the right index func
* convert `Roles` index to use `indexerSingle`
* split authmethod write indexer to oss and ent
* add auth method unit tests
* add index locality
* move intFromBool to be available for oss
* add expiry indexes
* add api tests
* fix rebase
* use Bool func
* preallocate slice
* rename variable
Licensing recently changed in Consul v1.10 and along with those changes
the client API was updated such that PutLicense and ResetLicense both
immediately return an error to avoid an unecessary round trip that will
inevitably fail.
For reference, see: 08eb600ee5
Unfortunately, this change broke forward compatibility such that a v1.10
client can no longer make these requests to a v1.9 server which is a
valid use case.
This commit reintroduces these requests to fix this compatibility
breakage but leaves the deprecation notices in tact.
Some previous changes broke interrupting the debug on SigInterupt. This change restores
the original behaviour by passing a context to requests.
Since a new API client function was required to pass the context, I had
it also return an io.ReadCloser, so that output can be streamed to files
instead of fully buffering in process memory.
These methods are being kept around in the api module for now to allow the api module
to work with older versions of the HTTP API, but we are no longer able to test them.
Since the endpoints are removed there is no way for them to change, so there does not
appear to be a need to keep running the tests.
Missed the need to add support for unix domain socket config via
api/command line. This is a variant of the problems described in
it is easy to drop one.
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
Add support for setting QueryOptions on the following agent API endpoints:
- /agent/health/service/name/:name
- /agent/health/service/id/:id
- /agent/service/maintenance/:id
This follows the same pattern used in #9903 to support query options
for other agent API endpoints.
Resolves#9710
R.B. Boyer