Commit graph

10441 commits

Author SHA1 Message Date
tradel 1c9b271731 construct a common name for each CSR 2019-08-27 14:12:56 -07:00
tradel 8c733260cd add serviceID to leaf cert request 2019-08-27 14:12:22 -07:00
tradel b0bbcd8b94 add domain and nodeName to agent cert request 2019-08-27 14:11:40 -07:00
tradel 3dc47a9251 Added DC and domain args to Configure method 2019-08-27 14:09:01 -07:00
R.B. Boyer 1b3d066f90
test: send testagent logs through testing.Logf (#6411) 2019-08-27 12:21:30 -05:00
R.B. Boyer 0c5409d172
test: fix TestAgent.Start() to not segfault if the DNSServer cannot ListenAndServe (#6409)
The embedded `Server` field on a `DNSServer` is only set inside of the
`ListenAndServe` method. If that method fails for reasons like the
address being in use and is not bindable, then the `Server` field will
not be set and the overall `Agent.Start()` will fail.

This will trigger the inner loop of `TestAgent.Start()` to invoke
`ShutdownEndpoints` which will attempt to pretty print the DNS servers
using fields on that inner `Server` field. Because it was never set,
this causes a nil pointer dereference and crashes the test.
2019-08-27 10:45:05 -05:00
Alvin Huang 9662b7c01a
add nil pointer check for pointer to ACLToken struct (#6407) 2019-08-27 11:23:28 -04:00
Hans Hasselberg 108ba9fa15
Update CHANGELOG.md 2019-08-27 17:12:47 +02:00
Nick Fagerlund e4e3fd4299 website: Update middleman-hashicorp container and Gemfile.lock (#6374)
* website: Update middleman-hashicorp container and Gemfile.lock

Time marches on, and so do security vulnerabilities in Nokogiri. So it's time
for a new container.

As with last time, here's a reminder for the next person who needs to update
this:

- You shouldn't just update the dependency in Gemfile.lock, because your build
  times will go to heck as you compile Nokogiri from source on every run. So you
  need an updated container with all the dependencies.
- To update the container, you need to push a new tag to the middleman-hashicorp
  repo. Teamcity does the rest, and will ship a new container to Docker Hub
  (unless its credentials are out of date, in which case go ask team-eng-serv.)
- Once that's pushed:
    - Update Makefile
    - Update the Gemfile
    - Delete Gemfile.lock
    - `make website` until it comes up, then ctrl-C
    - Commit the changes

* website: Specify a different json version in Gemfile.lock

The Consul website uses different containers for preview and deploy, and this
oddball JSON version was causing issues. This commit sacrifices a little bit
of preview startup speed for (hopefully) working deploys.
2019-08-27 11:05:18 -04:00
Hans Hasselberg c87285e3a9
changelog: add known issues section for 1.6.
Update CHANGELOG.md
2019-08-27 14:40:26 +02:00
Hans Hasselberg 3314dfd4ec
make sure auto_encrypt has private key type and bits (#6392) 2019-08-27 14:37:56 +02:00
Hans Hasselberg dee5a4ac51
auto_encrypt: verify_incoming_rpc is good enough for auto_encrypt.allow_tls (#6376)
Previously `verify_incoming` was required when turning on `auto_encrypt.allow_tls`, but that doesn't work together with HTTPS UI in some scenarios. Adding `verify_incoming_rpc` to the allowed configurations.
2019-08-27 14:36:36 +02:00
Mike Morris c108fd01a0
bump eventmachine to 1.2.7 in Gemfile.lock (#6389) 2019-08-27 02:00:43 -04:00
R.B. Boyer fa2c0a7316
test: actually run envoy 1.11.1 integration tests on PRs (#6397) 2019-08-26 16:30:17 -05:00
R.B. Boyer 09ce7e1220
test: don't leak agent goroutines in TestAgent_sidecarServiceFromNodeService (#6396)
A goroutine dump using runtime.Stack() before/after shows a drop from 121 => 4.
2019-08-26 15:19:59 -05:00
Aaron Bennett 9988cf1200 update dependencies for enterprise change (#6395) 2019-08-26 15:22:28 -04:00
Freddy 51fbcc5fcd
Rephrase bind docs (#6394) 2019-08-26 11:31:55 -06:00
R.B. Boyer cd6ad9a530 Putting source back into Dev Mode 2019-08-26 12:22:20 -05:00
Hans Hasselberg e1bc7407d5
Update CHANGELOG.md
Co-Authored-By: Alvin Huang <17609145+alvin-huang@users.noreply.github.com>
2019-08-26 16:51:36 +02:00
Hans Hasselberg 4d8bc2f6b0
Update CHANGELOG.md
Co-Authored-By: Freddy <freddygv@users.noreply.github.com>
2019-08-26 16:38:32 +02:00
Hans Hasselberg 9ff7c17148
Update CHANGELOG.md 2019-08-26 16:29:57 +02:00
Hans Hasselberg 4f7a3e8fa8 make sure auto_encrypt has private key type and bits 2019-08-26 13:09:50 +02:00
hashicorp-ci 59bda8d3d5
Release v1.6.0 2019-08-23 22:10:51 +00:00
hashicorp-ci a3ac04526a
update bindata_assetfs.go 2019-08-23 22:10:50 +00:00
R.B. Boyer e45484c62f mod: bump main module to api v1.2.0 and sdk v0.2.0 2019-08-23 16:45:30 -05:00
R.B. Boyer a69d34f87d api: bump to sdk v0.2.0 2019-08-23 16:41:19 -05:00
R.B. Boyer 7ef2b5c4a6
flatten 1.6 series changelog (#6390) 2019-08-23 16:36:31 -05:00
Matt Keeler 505df4eaa3
Update CHANGELOG.md 2019-08-23 16:04:10 -04:00
Hans Hasselberg 15a8744ac7
Update CHANGELOG.md 2019-08-23 21:56:27 +02:00
R.B. Boyer 2d4a3b51d0
Merge pull request #6388 from hashicorp/release/1-6
merging release/1-6 into master
2019-08-23 13:44:46 -05:00
Matt Keeler 89ac998e8b
Secondary CA establishLeadership fix (#6383)
This prevents ACL issues (or other issues) during intermediate CA cert signing from failing leader establishment.
2019-08-23 11:32:37 -04:00
Anudeep Reddy 02197b2cd2 Update observability.html.md (#6379) 2019-08-23 17:07:48 +02:00
danielehc 992b1a8d88
Update agent.html.markdown.erb (#6380)
Adding a note on how to make Consul trust S3-compatible storage that expose a self-signed certificate.
2019-08-23 16:09:41 +02:00
Hans Hasselberg aada537d87
auto_encrypt: use server-port (#6287)
AutoEncrypt needs the server-port because it wants to talk via RPC. Information from gossip might not be available at that point and thats why the server-port is being used.
2019-08-23 10:18:46 +02:00
R.B. Boyer 37f89f8ffe update changelog 2019-08-22 15:13:06 -05:00
R.B. Boyer ea65298070
connect: allow 'envoy_cluster_json' escape hatch to continue to function (#6378) 2019-08-22 15:11:56 -05:00
Alvin Huang a6351223e7 Merge Consul OSS branch 'master' at commit 59150281c52fafa4a3320c42128f1caf9dbd083b 2019-08-21 18:22:19 -04:00
Alvin Huang 469cb6de6d
print a proper error message for master merge CI job failures (#6371) 2019-08-21 18:19:47 -04:00
Jack Pearkes 88b7db3b79 website: fix typo on mesh page (#6368)
Fixes #6345.
2019-08-21 16:35:11 -05:00
R.B. Boyer 17bf364668
docs: remove beta references; leave version notation (#6372) 2019-08-21 16:23:08 -05:00
R.B. Boyer e7b8032b48
docs: document how envoy escape hatches work with the discovery chain (#6350)
- Bootstrap escape hatches are OK.
- Public listener/cluster escape hatches are OK.
- Upstream listener/cluster escape hatches are not supported.

If an unsupported escape hatch is configured and the discovery chain is
activated log a warning and act like it was not configured.

Fixes #6160
2019-08-21 15:10:12 -05:00
Alvin Huang 387557dc34 Merge Consul OSS branch 'master' at commit ce9cfc773d529ae4b8259d195323c0c350c1f9f1 2019-08-21 16:07:04 -04:00
Alvin Huang 2821b69dc9
remove ci merge branches if nightly merge fails (#6369) 2019-08-21 15:56:27 -04:00
R.B. Boyer 5f9acb6894 docs: fixing L7 config entries documentation (#6358)
- add service-router example involving gRPC
- fix indentation on service-router page by splitting it up
- remove reference to removed setting
2019-08-21 12:29:53 -05:00
R.B. Boyer e04395ae1a docs: add documentation for discovery chains
Fixes #6273
2019-08-21 12:29:53 -05:00
Ján Dzurek e79a3a9e19 docs: ports docs missing paren fix (#6367) 2019-08-21 10:23:03 +02:00
hashicorp-ci f3a46e5a48 Merge Consul OSS branch 'master' at commit a7ded1bd8efcbc3c67978f050b6f16ec5e8a832d 2019-08-21 02:00:53 +00:00
Matt Keeler b1fdfed38d
Update CHANGELOG.md 2019-08-20 12:03:26 -04:00
Matt Keeler 8cb0560f52
Ensure that config entry writes are forwarded to the primary DC (#6339) 2019-08-20 12:01:13 -04:00
Matt Keeler 80b67c50da
Turned on Envoy 1.11.1 integration tests (#6347)
I also ran this against 1.5.2 so the docs update claiming compatibility should still be accurate.
2019-08-20 10:20:13 -04:00