6bc2c0e1ce
state: use constants for acl-roles table and indexes
2021-03-19 19:45:37 -04:00
d4e02024fe
state: convert acl-policies table to new pattern
2021-03-19 15:24:00 -04:00
845a10354e
state: use constants and add tests for acl-policies table
2021-03-19 15:19:57 -04:00
f6533a08f8
state: add indexer test for services.ID index
2021-03-19 14:13:14 -04:00
1d1c03d0cd
state: handle wildcard for services.ID index
...
When listing services, use the id_prefix directly if wildcards are allowed.
Error if a wildcard is used for a query that does not index the wildcard
2021-03-19 14:12:19 -04:00
bae69b2352
state: fix prefix index with the new pattern
...
Prefix queries are generally being used to match part of a partial
index. We can support these indexes by using a function that accept
different types for each subset of the index.
What I found interesting is that in the generic StringFieldIndexer the
implementation for PrefixFromArgs would remove the trailing null, but
at least in these 2 cases we actually want a null terminated string.
We simply want fewer components in the string.
2021-03-19 14:12:17 -04:00
ec50454fb3
state: move services.ID to new pattern
2021-03-19 14:11:59 -04:00
f5a52a4501
state: add tests for gateway-service table indexers
2021-03-18 12:09:42 -04:00
66632538d8
state: use constants and remove wrapping
...
for GatewayServices table
2021-03-18 12:08:59 -04:00
d77bdd26c5
state: Move UpstreamDownstream to state package
2021-03-18 12:08:59 -04:00
ca3686f4aa
state: add tests for mesh-topology table indexers
2021-03-18 12:08:57 -04:00
8a1a11814d
state: use constants for mesh-topology table operations
2021-03-18 12:08:03 -04:00
28c29e6ab4
Merge pull request #9899 from hashicorp/wildcard-ixn-oss
...
Add methods to check intention has wildcard src or dst
2021-03-18 08:33:07 -06:00
1c46470a29
Add methods to check intention has wildcard src or dst
2021-03-17 22:15:48 -06:00
6c43195e2a
Merge master and fix upstream config protocol defaulting
2021-03-17 21:13:40 -06:00
0c8b618ca0
Temporarily silence spurious wakeup. Addressing false positive in beta.
2021-03-17 17:25:29 -06:00
60690cf5c9
Merge remote-tracking branch 'origin/master' into intention-topology-endpoint
2021-03-17 17:14:38 -06:00
d19a5830dd
Do not include consul as upstream or downstream
2021-03-17 13:40:04 -06:00
d2591312f8
state: add tests for config-entry indexers
2021-03-17 14:41:46 -04:00
1b8f8b135e
state: convert config-entries kind index to new pattern
2021-03-17 14:40:57 -04:00
bfcf463c3a
state: remove config-entries namespace index
...
Use a prefix of the ID index instead.
2021-03-17 14:40:57 -04:00
dcbb1ba5dd
state: remove unnecessary method receiver
2021-03-17 14:40:57 -04:00
b43977423f
state: convert config-entries table to new indexer pattern
...
Using functional indexes to isolate enterprise differentiation and
remove reflection.
2021-03-17 14:40:57 -04:00
98c32599e4
Merge pull request #9881 from hashicorp/dnephin/state-index-service-check-nodes
...
state: convert services.node and checks.node indexes
2021-03-17 14:12:02 -04:00
b771baa1f5
Merge pull request #9863 from hashicorp/dnephin/config-entry-kind-name
...
state: move ConfigEntryKindName
2021-03-17 14:09:39 -04:00
0b3930272d
state: convert services.node and checks.node indexes
...
Using NodeIdentity to share the indexes with both.
2021-03-16 13:00:31 -04:00
b79039c21c
Prefix match type vars to match use
2021-03-16 09:49:24 -06:00
fed983fe9a
Pass txn into service list queries
2021-03-16 09:33:08 -06:00
26ba0c0fc8
Pass txn into intention match queries
2021-03-16 08:03:52 -06:00
d7f3bcc8bb
Replace CertURI.Authorize() calls.
...
AuthorizeIntentionTarget is a generalized version of the old function,
and can be evaluated against sources or destinations.
2021-03-15 18:06:04 -06:00
eb6c0cbea0
Fixup typo, comments, and regression
2021-03-15 17:50:47 -06:00
e4e14639b2
Add state store function for intention upstreams
2021-03-15 08:50:35 -06:00
4976c000b7
Refactor IntentionDecision
...
This enables it to be called for many upstreams or downstreams of a
service while only querying intentions once.
Additionally, decisions are now optionally denied due to L7 permissions
being present. This enables the function to be used to filter for
potential upstreams/downstreams of a service.
2021-03-15 08:50:35 -06:00
2a53b8293a
proxycfg: use rpcclient/health.Client instead of passing around cache name
...
This should allow us to swap out the implementation with something other
than `agent/cache` without making further code changes.
2021-03-12 11:46:04 -05:00
c33570be34
catalog_events: set the right key for connect snapshots
2021-03-12 11:35:43 -05:00
e2215d9f0f
rpcclient: use streaming for connect health
2021-03-12 11:35:42 -05:00
b98abb6f09
Update server-side config resolution and client-side merging
2021-03-10 21:05:11 -07:00
4877183bc6
Merge pull request #9797 from hashicorp/dnephin/state-index-node-id
...
state: convert nodes.ID to the new pattern of functional indexers
2021-03-10 17:34:23 -05:00
51ad94360b
state: move ConfigEntryKindName
...
Previously this type was defined in structs, but unlike the other types in structs this type
is not used by RPC requests. By moving it to state we can better indicate that this is not
an API type, but part of the state implementation.
2021-03-10 12:27:22 -05:00
5c5ba9564d
Merge pull request #9796 from hashicorp/dnephin/state-cleanup-catalog-index-oss
...
state: remove duplicate tableCheck indexes
2021-03-10 12:20:09 -05:00
94820e67a8
structs: remove EnterpriseMeta.GetNamespace
...
I added this recently without realizing that the method already existed and was named
NamespaceOrEmpty. Replace all calls to GetNamespace with NamespaceOrEmpty or NamespaceOrDefault
as appropriate.
2021-03-09 15:17:26 -05:00
97bc073bd9
state: adjust compare for catalog events
...
Document that this comparison should roughly match MatchesKey
Only sort by overrideKey or service name, but not both
Add namespace to the sort.
The client side also builds a map of these based on the namespace/node/service key, so the only order
that really matters is the ordering of register/dereigster events.
2021-03-09 14:00:36 -05:00
0d3bb68255
state: handle terminating gateway events properly in snapshot
...
Refactored out a function that can be used for both the snapshot and stream of events to translate
an event into an appropriate connect event.
Previously terminating gateway events would have used the wrong key in the snapshot, which would have
caused them to be filtered out later on.
Also removed an unused function, and some commented out code.
2021-03-09 14:00:35 -05:00
de3fba8ef3
Add remaining terminating gateway tests for namespaces
...
Co-Authored-By: Daniel Nephin <dnephin@hashicorp.com>
2021-03-09 14:00:35 -05:00
38aeb88908
Start to setup enterprise tests for terminating gateway streaming events.
...
Co-Authored-By: Kyle Havlovitz <kylehav@gmail.com>
2021-03-09 14:00:35 -05:00
d0b37f18f0
state: Add support for override of namespace
...
in MatchesKey
also tests for MatchesKey
Co-Authored-By: Kyle Havlovitz <kylehav@gmail.com>
2021-03-09 14:00:35 -05:00
ba59727337
state: update calls to ensureConfigEntryTxn
...
The EnterpriseMeta paramter was removed after this code was written, but before it merged.
Also the table name constant has changed.
2021-03-09 14:00:35 -05:00
730cc575e6
state: add 2 more test cases for terminate gateway streaming events
...
Co-Authored-By: Kyle Havlovitz <kylehav@gmail.com>
2021-03-09 14:00:34 -05:00
eadc8546a9
Added 6 new test cases for terminating gateway events
...
Co-Authored-By: Daniel Nephin <dnephin@hashicorp.com>
2021-03-09 14:00:34 -05:00
15b0d5f62b
state: Add two more tests for connect events with terminating gateways
...
And expand one test case to cover more.
Co-Authored-By: Kyle Havlovitz <kylehav@gmail.com>
2021-03-09 14:00:34 -05:00
Daniel Nephin