* no-op commit due to failed cherry-picking
* docs: minor fixes to JWT auth docs (#17680)
* Fixes
* service intentions fixes
---------
Co-authored-by: temp <temp@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* backport of commit ad6652a47b5c5f9e1b8aed673922b918f56dbfcc
* backport of commit 7a1e99b6b774257ef6e293c2d47375e3b2332b9a
---------
Co-authored-by: Matt Keeler <mjkeeler7@gmail.com>
* backport of commit 131d234bdab165d96601b8064c49ce17ee5f141a
* backport of commit 1adc48734d9347599c8a694d427c6b26e5a748a1
---------
Co-authored-by: Chris Thain <chris.m.thain@gmail.com>
* backport of commit 1602c996fd1bc6d73f9a2c34d93687700307382a
* backport of commit 132c6ee6c5e119b904d2133cb93722a7ab321634
* backport of commit 5e64b930f55531d4d6668b797b5643b98489d163
* backport of commit 83a7b3fe52adc04835c52ffeb08adbcc3ac23d17
---------
Co-authored-by: Paul Glass <pglass@hashicorp.com>
* backport of commit fb2f3b61004d9ef2296b51306ddbf5b6d72679ed
* backport of commit 178abb8495ba4bb35c29a835965e3f244a385865
* backport of commit 77b399877413c6e65669659deb8962c2cc5b52f6
* backport of commit a245b326ac030f7ef3292e7bbdb58e0b2850a12f
---------
Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
Other recent releases have not commented out the replace directives in
go.mod. Though it would be ideal to pin our submodules in the release
artifacts we produce, we need to tidy up our build pipeline to make this
feasible.
In the meantime, revert this change to keep the dependency entry
updates, but exclude them from the effective dependency tree.
* backport of commit 63e87434721824902d1bd8c7ef72456615020180
* backport of commit 896f11789b89062c745433a17dc37da5b56185fd
---------
Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
* backport of commit dc9c08d3b8cc1eda95a05a8b041ab2a3a5248dd0
* backport of commit 1271705a5cce5fe5e9487fed2ac965ab7aac3d59
---------
Co-authored-by: Ronald Ekambi <ronekambi@gmail.com>
Co-authored-by: Ronald <roncodingenthusiast@users.noreply.github.com>
* backport of commit d77784ba51fd6a5d598ea2b87cb6e36e0fed8e72
* backport of commit f5a557dd7a5995094b3af96f1c522d49acfe795b
* backport of commit 1d782d63c437ab16e30d5bd00a6b8c3cbad08845
---------
Co-authored-by: Ronald Ekambi <ronekambi@gmail.com>
* Add a ReplaceType dep mapper and move them into their own file
* Implement the service endpoints controller
* Implement a Catalog Controllers Integration Test
Ensure that the embedded api struct is properly parsed when
deserializing config containing a set ResourceFilter.Services field.
Also enhance existing integration test to guard against bugs and
exercise this field.
TLDR with many modules the versions included in each diverged quite a bit. Attempting to use Go Workspaces produces a bunch of errors.
This commit:
1. Fixes envoy-library-references.sh to work again
2. Ensures we are pulling in go-control-plane@v0.11.0 everywhere (previously it was at that version in some modules and others were much older)
3. Remove one usage of golang/protobuf that caused us to have a direct dependency on it.
4. Remove deprecated usage of the Endpoint field in the grpc resolver.Target struct. The current version of grpc (v1.55.0) has removed that field and recommended replacement with URL.Opaque and calls to the Endpoint() func when needing to consume the previous field.
4. `go work init <all the paths to go.mod files>` && `go work sync`. This syncrhonized versions of dependencies from the main workspace/root module to all submodules
5. Updated .gitignore to ignore the go.work and go.work.sum files. This seems to be standard practice at the moment.
6. Update doc comments in protoc-gen-consul-rate-limit to be go fmt compatible
7. Upgraded makefile infra to perform linting, testing and go mod tidy on all modules in a flexible manner.
8. Updated linter rules to prevent usage of golang/protobuf
9. Updated a leader peering test to account for an extra colon in a grpc error message.
When UpstreamEnvoyExtender was introduced, some code was left duplicated
between it and BasicEnvoyExtender. One path in that code panics when a
TProxy listener patch is attempted due to no upstream data in
RuntimeConfig matching the local service (which would only happen in
rare cases).
Instead, we can remove the special handling of upstream VIPs from
BasicEnvoyExtender entirely, greatly simplifying the listener filter
patch code and avoiding the panic. UpstreamEnvoyExtender, which needs
this code to function, is modified to ensure a panic does not occur.
This also fixes a second regression in which the Lua extension was not
applied to TProxy outbound listeners.
Sameness groups with default-for-failover enabled did not function properly with
tproxy whenever all instances of the service disappeared from the local cluster.
This occured, because there were no corresponding resolvers (due to the implicit
failover policy) which caused VIPs to be deallocated.
This ticket expands upon the VIP allocations so that both service-defaults and
service-intentions (without destination wildcards) will ensure that the virtual
IP exists.
* Sujata's peering-cli branch
* Added error message for connecting to cluster
* We can export service to peer
* export handling multiple peers
* export handles multiple peers
* export now can handle multiple services
* Export after 1st cleanup
* Successful export
* Added the namespace option
* Add .changelog entry
* go mod tidy
* Stub unit tests for peering export command
* added export in peering.go
* Adding export_test
* Moved the code to services from peers and cleaned the serviceNamespace
* Added support for exporting to partitions
* Fixed partition bug
* Added unit tests for export command
* Add multi-tenancy flags
* gofmt
* Add some helpful comments
* Exclude namespace + partition flags when running OSS
* cleaned up partition stuff
* Validate required flags differently for OSS vs. ENT
* Update success output to include only the requested consumers
* cleaned up
* fixed broken test
* gofmt
* Include all flags in OSS build
* Remove example previously added to peering command
* Move stray import into correct block
* Update changelog entry to include support for exporting to a partition
* Add required-ness label to consumer-peers flag description
* Update command/services/export/export.go
Co-authored-by: Dan Stough <dan.stough@hashicorp.com>
* Add docs placeholder for new services export command
* Moved piece of code to OSS
* Break config entry init + update into separate functions
* fixed
* Vary existing service export comparison for OSS vs. ENT
* Move OSS-specific test to export_oss_test.go
* Set config entry name based on partition being exported from
* Set namespace on added services
* Adding namespace
* Remove export documentation
We will include documentation in a followup PR
* Consolidate code from export_oss into export.go
* Consolidated export_oss_test.go and export_test.go
* Add example of partition export to command synopsis
* Allow empty peers flag if partitions flag provided
* Add test coverage for -consumer-partitions flag
* Update command/services/export/export.go
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
* Update command/services/export/export.go
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
* Update changelog entry
* Use "cluster peers" to clear up any possible confusion
* Update test assertions
---------
Co-authored-by: 20sr20 <sujata@hashicorp.com>
Co-authored-by: Dan Stough <dan.stough@hashicorp.com>
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
hc-github-team-consul-core