Commit graph

14309 commits

Author SHA1 Message Date
freddygv a0be7dcc1d Add trace logs to proxycfg state runner and xds srv 2021-02-02 12:26:38 -07:00
Kim Ngo cf5d9c5d55
docs/nia: Update verbiage around securely configuring providers (#9684)
This reorganizes and flags where and when sensitive information may
be written in plain-text
2021-02-02 13:24:25 -06:00
freddygv 0fb96afe31 Avoid potential deadlock using non-blocking send
Deadlock scenario:
    1. Due to scheduling, the state runner sends one snapshot into
    snapCh and then attempts to send a second. The first send succeeds
    because the channel is buffered, but the second blocks.
    2. Separately, Manager.Watch is called by the xDS server after
    getting a discovery request from Envoy. This function acquires the
    manager lock and then blocks on receiving the CurrentSnapshot from
    the state runner.
    3. Separately, there is a Manager goroutine that reads the snapshots
    from the channel in step 1. These reads are done to notify proxy
    watchers, but they require holding the manager lock. This goroutine
    goes to acquire that lock, but can't because it is held by step 2.

Now, the goroutine from step 3 is waiting on the one from step 2 to
release the lock. The goroutine from step 2 won't release the lock until
the goroutine in step 1 advances. But the goroutine in step 1 is waiting
for the one in step 3. Deadlock.

By making this send non-blocking step 1 above can proceed. The coalesce
timer will be reset and a new valid snapshot will be delivered after it
elapses or when one is requested by xDS.
2021-02-02 11:31:14 -07:00
Brandon Romano c3817696a9
Merge pull request #9677 from hashicorp/km.hcp
website: 2/2 Updates for HCP
2021-02-02 08:39:52 -08:00
Kyle MacDonald 288f8202d2 website: add utm params for all cloud.hashi links 2021-02-02 09:09:16 -05:00
hashicorp-ci 7e7b56e13e auto-updated agent/uiserver/bindata_assetfs.go from commit e0ff7080a 2021-02-02 10:08:48 +00:00
John Cowen 8b58d81d64
ui: Adds unique-id helper (#9676) 2021-02-02 10:03:46 +00:00
Kyle MacDonald b4c9e50e42 Website updates for HCP (2/2)
website: prep hcp ctas

Add in updated HCP section

Fix broken link

website: remove superflous heading

website: add new try cloud cta to nav

website: adjust homepage hero CTAs

Update HCP description to match latest

Clean up Hero CTAs

Updates banner
2021-02-01 19:09:38 -08:00
Alvin Huang e29c9d2f52
ci: add script to check for .changelog file in PRs (#9641)
* ci: add .changelog file check for PRs

* Update .github/workflows/changelog-check.yml

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>

* add better disclaimer in changelog check script description

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2021-02-01 18:51:52 -05:00
Matt Keeler 74c3b69632
Release 1.9.3 (#9680) 2021-02-01 13:34:44 -05:00
hashicorp-ci d979b67d63 auto-updated agent/uiserver/bindata_assetfs.go from commit 0b7d676dc 2021-02-01 17:55:03 +00:00
John Cowen 75167fac83
ui: Add 'Scenario' debug function for easy saving debug scenarios (#9675) 2021-02-01 17:50:11 +00:00
hashicorp-ci 083fa1693b auto-updated agent/uiserver/bindata_assetfs.go from commit 3aef5cde2 2021-02-01 17:35:20 +00:00
John Cowen 30d8ee056e
ui: Adds the dump router dumping function only in dev mode (#9666) 2021-02-01 17:29:43 +00:00
Alvin Huang ebfe7ce675
ci: fail cherrypick if git push fails (#9673) 2021-01-29 19:42:14 -05:00
Mike Morris b176611c87
website: add release notes for 1.9 (#9189)
* website: initial draft of release notes framework

* website: fixup ref to 1-9-0.mdx

* Update website/pages/docs/release-notes/1-9-0.mdx

* Update website/pages/docs/release-notes/1-9-0.mdx

* website: add draft of 1.9.0 release notes

* website: move release-notes directory from /pages to /content

* Update 1-9-0.mdx

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-01-29 18:00:32 -05:00
Ashwin Venkatesh f7092a068f
Add docs for TLS Server Certificate rotation for K8S (#9636)
* Add docs for TLS Server Certificate rotation for K8s
2021-01-29 17:13:28 -05:00
Kyle Havlovitz 1dee4173c1 connect/ca: Allow ForceWithoutCrossSigning for all providers
This allows setting ForceWithoutCrossSigning when reconfiguring the CA
for any provider, in order to forcibly move to a new root in cases where
the old provider isn't reachable or able to cross-sign for whatever
reason.
2021-01-29 13:38:11 -08:00
Luke Kysow 320fcf4510
Add operations section to k8s notes (#9625)
* Add operations section to k8s notes

* Unify faq/troubleshooting
2021-01-29 11:15:40 -08:00
John Cowen c7f8c9141a
chore: changelog for 9660 (#9668) 2021-01-29 16:08:39 +00:00
hashicorp-ci d156596776 auto-updated agent/uiserver/bindata_assetfs.go from commit 3477b1de7 2021-01-29 16:03:41 +00:00
John Cowen 4a7e789cac
ui: Keep track of previous node checks and avoid adding them twice (#9661)
* Keep track of previous node checks and avoid adding them twice
2021-01-29 15:57:47 +00:00
John Cowen 793be59589
ui: Check for a non-existent items argument/attribute within DataCollection (#9662) 2021-01-29 15:53:28 +00:00
John Cowen 55ea532f88
ui: [BUGFIX] Fix missing or duplicate service instance health checks (#9660)
* Use NodeName not Node for cross checking proxies/instances

* Also copy over the meta data to keep the correct cursor/index

* When we sync checks to the ProxyInstance replace rather than accumulate
2021-01-29 15:51:23 +00:00
Daniel Nephin 09425b22a1 state: rename config-entries table const to match new pattern 2021-01-28 20:34:34 -05:00
Daniel Nephin 7d17e20270 state: move config-entries table to new pattern 2021-01-28 20:34:15 -05:00
Daniel Nephin 825b8ade39 state: use indexID
this change was already made to enterprise, so backporting it.
2021-01-28 20:30:08 -05:00
Daniel Nephin 2a262f07fc state: Move ACL schema indexes to match Ent
and use constants for table and index names.
2021-01-28 20:05:09 -05:00
Daniel Nephin 66c3c76aa6 Update go-memdb
To use a version that will not panic when an iterator is used with modifications.
2021-01-28 17:19:55 -05:00
Daniel Nephin 2eea58bcc4
Merge pull request #9302 from hashicorp/dnephin/add-service-3
agent: remove ServiceManager.Start goroutine
2021-01-28 16:59:41 -05:00
Kyle Havlovitz a299faec89
Merge pull request #9541 from sadedil/patch-1
Add a CLI tool for "Client Libraries & SDKs" page
2021-01-28 10:18:41 -08:00
Kyle Havlovitz 96761c0728
Merge pull request #9493 from Mongey/master
Allow setting arbitrary headers in API client
2021-01-28 10:16:48 -08:00
Daniel Nephin 373e23082c
Merge pull request #9451 from hashicorp/dnephin/config-tests-full
config: make config.TestLoad_FullConfig use config.Load
2021-01-27 18:48:16 -05:00
Daniel Nephin b0c5530b90
Merge pull request #9448 from hashicorp/dnephin/config-load-interface
config: reduce interface to a single Load function
2021-01-27 17:54:05 -05:00
Daniel Nephin 119a6b3642 contrib: Update contributing checklist for config 2021-01-27 17:52:54 -05:00
Daniel Nephin fc88c28bb9 config: make config.TestLoad_FullConfig use config.Load
This commit makes a number of changes that should make
TestLoad_FullConfig easier to work with, and make the test more like
real world scenarios.

* use separate files in testdata/ dir to store the config source.
  Separate files are much easier to edit because editors can syntax
  highlight json/hcl, and it makes strings easier to find. Previously
  trying to find strings would match strings used in other tests.
* use the exported config.Load interface instead of internal NewBuilder
  and BuildAndValidate.
* remove the tail config overrides, which are only necessary with
  nonZero works.
2021-01-27 17:51:53 -05:00
Daniel Nephin aa42ff5d81 config: Unexport Builder and NewBuilder
This type and constructor are implementation details of config loading.
All callers should use config.Load.
2021-01-27 17:41:53 -05:00
David Yu 23a5633aea
docs: Update Compat Matrix for Consul Helm 0.29 (#9657)
* docs: Update Compat Matrix for Consul Helm 0.29

Adding 0.29

* Update compatibility.mdx
2021-01-27 14:39:03 -08:00
Daniel Nephin 08b2039f5a config: replace calls to config.NewBuilder with config.Load
This is another incremental change to reduce config loading to a single
small interface. All calls to NewBuilder can be replaced with Load.
2021-01-27 17:34:43 -05:00
Daniel Nephin bd545963cc config: improve the interface of Load
This commit reduces the interface to Load() a bit, in preparation for
unexporting NewBuilder and having everything call Load.

The three arguments are reduced to a single argument by moving the other
two into the options struct.

The three return values are reduced to two by moving the RuntimeConfig
and Warnings into a LoadResult struct.
2021-01-27 17:34:43 -05:00
Daniel Nephin 63ba836257
Merge pull request #9252 from hashicorp/dnephin/config-unmethod
config: remove Builder receiver from funcs that dont use it
2021-01-27 17:31:17 -05:00
Alvin Huang 5a4a6d10f1
ci: reset working directory between cherrypick labels (#9656) 2021-01-27 15:51:12 -05:00
Matt Keeler 1379b5f7d6
Upgrade raft-autopilot and wait for autopilot it to stop when revoking leadership (#9644)
Fixes: 9626
2021-01-27 11:14:52 -05:00
hashicorp-ci 614c57a9c6 auto-updated agent/uiserver/bindata_assetfs.go from commit 25f989753 2021-01-27 10:47:58 +00:00
John Cowen 299ecff703
ui: Adds @NullValue attr decorator (#9587)
There are many places in the API where we receive a property set to
`null` which can then lead to defensive code deeper in the app in order
to guard for this type of thing when usually we are expecting an array
or for the property to be undefined using omitempty on the backend.

Previously we had two places where we would deal with this in the
serializer using our 'remove-null' util (KV and Intentions).

This new decorator lets you declaritively define this type of data using
a decorator @NullValue([]) (which would replce a null value with [].

@NullValue in turn uses a more generic @replace helper, which we
currently don't need but would let you replace any value with another,
not just a null value.

An additional benefit here is that the guard/replacement is executed
lazily when we get the property instead of serializing all the values
when they come in via the API. On super large datasets, where we only
visualize part of the dataset (say in our scroll panes), this feels like
a good improvement on the previous approach.
2021-01-27 10:41:24 +00:00
Hans Hasselberg 623aab5880
Add flags to support CA generation for Connect (#9585) 2021-01-27 08:52:15 +01:00
Luke Kysow 38d630e2e9
Document proxy-defaults config for prometheus (#9640) 2021-01-26 17:19:30 -08:00
Matt Keeler d0c9c8b271
Add changelog entry for change to the temporary client license duration (#9642) 2021-01-26 16:15:05 -05:00
hashicorp-ci 773f1c6b21 auto-updated agent/uiserver/bindata_assetfs.go from commit 92f0eb3bd 2021-01-26 18:00:09 +00:00
John Cowen cf63afaddb
ui: Re-organize our %h* placeholders (#9584)
We've always had this idea of being able to markup up information
semantically without thinking about what it should look like, then
applying our %h* placeholder styles to control what the information
should look like.

Back when we originally made our set of %h* placeholders, we tried to
follow Structure as much as possible, which defined the largest header
(which we thought would have been the h1 style) as a super large 3.5rem.

Therefore we made our set of %h* placeholders the same as Structure
beginning at a huge 3.5 size. We then re-overwrote those sizes only in
Consul specific CSS files thinking that this was due to us existing
before Structure did.

Lately we saw an extra clue in Structure - the extra large 3.5 header was
called 'h0'.

This commit moves all our headers to use a zero based scale, and
additionally uses our 3 digit scale as opposed to 1 digit (h1 vs h100),
similar to our color scales (note we don't use a hypen, which we can
alter later if need be), which means we can insert additional h150 etc
if need be.

Additional we stop styling our headers globally (h1 { @extend %h100; }
). This means there is no reason not to use headers for marking up
content depending on what it is rather than what it should look like,
and as a consequence means we can be more purposeful in ordering h*
tags.

Lastly, we use the new scale over the entire codebase and update a
couple of places where we were using using header tags due to what the
styleing for them looked like rather than what the meaning/order was.
2021-01-26 17:53:45 +00:00