Commit graph

6286 commits

Author SHA1 Message Date
James Phillips 1a8f4296df Update CHANGELOG.md 2017-07-17 12:55:52 -07:00
James Phillips c82d84a1dd Updates memberlist to pick up Lifeguard research findings. (#3287)
See https://www.hashicorp.com/blog/making-gossip-more-robust-with-lifeguard/.
2017-07-17 12:54:17 -07:00
James Phillips 861063d3a4 Update CHANGELOG.md 2017-07-17 12:50:53 -07:00
James Phillips a449af9eb8 Update CHANGELOG.md 2017-07-17 12:50:33 -07:00
James Phillips 42472e8bb5 Prevents disabling gossip keyring file from disabling gossip encryption. (#3278) 2017-07-17 12:48:45 -07:00
James Phillips 9eb17dc37f Update CHANGELOG.md 2017-07-17 12:05:22 -07:00
James Phillips 788dd255a1 Adds new config to make script checks opt-in, updates documentation. (#3284) 2017-07-17 11:20:35 -07:00
James Phillips f7629a4f66 Fixes a broken link. 2017-07-17 00:07:34 -07:00
James Phillips 096003df5a Update CHANGELOG.md 2017-07-17 00:02:27 -07:00
James Phillips 08b490df9c Update CHANGELOG.md 2017-07-16 21:14:31 -07:00
James Phillips 838591c916 Changes remote exec KV read to call GetTokenForAgent(). (#3283)
* Changes remote exec KV read to call GetTokenForAgent(), which can use
the acl_agent_token instead of the acl_token.

Fixes #3160.

* Fixes remote exec unit test with ACLs.

* Adds unhappy ACL path to unit tests for remote exec.
2017-07-16 21:12:16 -07:00
James Phillips 1035029b0a Update CHANGELOG.md 2017-07-16 20:09:49 -07:00
James Phillips 5876b81896 Adds node read privileges to the acl_agent_master_token. (#3277)
Fixes #3113.
2017-07-16 20:08:26 -07:00
James Phillips e1861c581e Update CHANGELOG.md 2017-07-16 14:30:22 -07:00
Frank Schröder de97fb0670 azure: tag map can return nil (#3280)
Fixes #3193
2017-07-16 14:29:43 -07:00
James Phillips 6cba31df99 Update CHANGELOG.md 2017-07-16 14:28:16 -07:00
Frank Schroeder 3562048572 vendor: drop unused dependencies 2017-07-15 14:35:20 -07:00
James Phillips 510c3ab6dc Update CHANGELOG.md 2017-07-15 00:09:04 -07:00
James Phillips ac7c48c3ea Obfuscates ACL tokens appearing in /v1/acl/<verb>/<token> APIs. (#3276)
* Obfuscates ACL tokens appearing in /v1/acl APIs.

* Makes test positively identify the desired strings.

* Adds an example and explanation of the regular expression.
2017-07-15 00:07:08 -07:00
James Phillips 8b0e14ade4 Update CHANGELOG.md 2017-07-14 20:45:07 -07:00
James Phillips 759be97635 Changes ACL clone response to 403 if not authorized, or if token doesn't exist. (#3275)
Fixes #1113
2017-07-14 20:43:30 -07:00
Kyle Havlovitz 2dc0231374 Update CHANGELOG.md 2017-07-14 17:53:44 -07:00
Kyle Havlovitz 8b7b612dfc Merge pull request #3274 from hashicorp/tls-area-docs
Add network area TLS setting to docs
2017-07-14 17:45:53 -07:00
Kyle Havlovitz d985dbc36b
Add TLS setting to router areas 2017-07-14 17:38:08 -07:00
James Phillips 9e93ef94f1 Update CHANGELOG.md 2017-07-14 17:32:09 -07:00
James Phillips f5188dfe8c Expands and rework context support in the API client. (#3273) 2017-07-14 17:30:08 -07:00
Kyle Havlovitz 6ea05706a1
Add network area TLS setting to docs 2017-07-14 17:06:33 -07:00
James Phillips 3c5a36357c
Sort tags so output is deterministic. 2017-07-14 17:00:08 -07:00
James Phillips 1f8c79cdb5 Update CHANGELOG.md 2017-07-14 16:32:49 -07:00
James Bardin 96ae8c1231 accept recv-only channels for cancellations (#3271)
Cancellation channels are often derived from a Context, which
returns a directional `<-chan struct{}` from Done(). In order to use
this with parts of of the consul API, one is required to create a new
channel and dispatch a separate goroutine to watch for context
cancellation and close the new channel.

Changing the signature for the methods that take cancellation channels
will allow easier integration with existing uses of Context. Since the
cancellation pattern only reads from these channels, there should be no
backwards incompatibility with existing codebases, and most of the
methods already accept only the correct type.
2017-07-14 16:31:44 -07:00
Frank Schroeder d5d49b9b94
vendor: github.com/Sirupsen -> github.com/sirupsen 2017-07-14 13:07:44 -07:00
Frank Schroeder ac46399ab5
vendor: update github.com/fsouza/go-dockerclient
Update go-dockerclient and dependant dependencies
to add fix for go-dockerclient#622.

Fixes #3254
2017-07-14 13:07:44 -07:00
James Phillips cbd3ec8f0c Update CHANGELOG.md 2017-07-14 12:51:35 -07:00
James Phillips 26ca0327e2 Update CHANGELOG.md 2017-07-14 12:51:19 -07:00
Seth Vargo a2ba7071e9 Add catalog CLI functions (#3204) 2017-07-14 12:45:08 -07:00
James Phillips d63bf807a8 Update acl.html.md 2017-07-13 22:40:15 -07:00
James Phillips 21948e0747 Update CHANGELOG.md 2017-07-13 22:39:03 -07:00
James Phillips 22147b336d Update CHANGELOG.md 2017-07-13 22:37:12 -07:00
James Phillips 8572931afe Cleans up version 8 ACLs in the agent and the docs. (#3248)
* Moves magic check and service constants into shared structs package.

* Removes the "consul" service from local state.

Since this service is added by the leader, it doesn't really make sense to
also keep it in local state (which requires special ACLs to configure), and
requires a bunch of special cases in the local state logic. This requires
fewer special cases and makes ACL bootstrapping cleaner.

* Makes coordinate update ACL log message a warning, similar to other AE warnings.

* Adds much more detailed examples for bootstrapping ACLs.

This can hopefully replace https://gist.github.com/slackpad/d89ce0e1cc0802c3c4f2d84932fa3234.
2017-07-13 22:33:47 -07:00
wdevarshi a3f7faa7e4 Update agent.html.md (#3266) 2017-07-13 22:30:10 -07:00
Frank Schroeder 36e9ef4b1d
build: run vet on make test 2017-07-11 16:16:57 -07:00
Frank Schroeder d5554d06fe
update .gitignore 2017-07-11 16:16:55 -07:00
James Phillips 91f293b251 Update CHANGELOG.md 2017-07-11 10:03:42 -07:00
Frank Schroeder 3fcf1bc9e2
agent: fix go vet issue 2017-07-11 07:13:46 -07:00
preetapan 06c494d4c6 Merge pull request #3258 from hashicorp/raft_library_update
Update raft library to pick up cleanup of temporary snapshot files
2017-07-11 08:25:15 -05:00
Preetha Appan 891558cd09 Update raft library to pick up cleanup of temporary snapshot files 2017-07-11 08:22:57 -05:00
James Phillips a66d61622a Adds a version note about block_endpoints config. 2017-07-10 13:56:02 -07:00
James Phillips 8cb44c8eb2 Update CHANGELOG.md 2017-07-10 13:54:41 -07:00
James Phillips 68991da95f Adds the ability to blacklist specific HTTP endpoints. (#3252) 2017-07-10 13:51:25 -07:00
James Phillips 8e4749139d Update CHANGELOG.md 2017-07-10 09:42:18 -07:00