Commit Graph

15699 Commits

Author SHA1 Message Date
Dhia Ayachi 4992218676
convert expiration indexed in ACLToken table to use `indexerSingle` (#11018)
* move intFromBool to be available for oss

* add expiry indexes

* remove dead code: `TokenExpirationIndex`

* fix remove indexer `TokenExpirationIndex`

* fix rebase issue
2021-09-13 14:37:16 -04:00
Dhia Ayachi 1f23bdf388
add locality indexer partitioning (#11016)
* convert `Roles` index to use `indexerSingle`

* split authmethod write indexer to oss and ent

* add index locality

* add locality unit tests

* move intFromBool to be available for oss

* use Bool func

* refactor `aclTokenList` to merge func
2021-09-13 11:53:00 -04:00
Jared Kirschner def2d9d96d
Merge pull request #10837 from jkirschner-hashicorp/improve-docs-dns-with-acl
Improve documentation around using DNS with ACLs Enabled
2021-09-13 11:09:09 -04:00
Kyle MacDonald 13e0bb2906
website: fixup incorrect markdown syntax (#11015) 2021-09-13 10:36:34 -04:00
Jared Kirschner 4b28cfb54a docs: add ACL component relationships visual 2021-09-10 15:33:23 -07:00
Jared Kirschner e0b65303d4 docs: discuss use of ACLs on DNS page 2021-09-10 15:33:23 -07:00
Dhia Ayachi 3638825db8
convert `indexAuthMethod` index to use `indexerSingle` (#11014)
* convert `Roles` index to use `indexerSingle`

* fix oss build

* split authmethod write indexer to oss and ent

* add auth method unit tests
2021-09-10 16:56:56 -04:00
Paul Banks e96136f9a7
Merge pull request #10613 from hashicorp/feature/mesh-header-manip
Feature: allow manipulation of HTTP headers in ingress and mesh routing
2021-09-10 21:40:26 +01:00
Paul Banks b9dd859c6d
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-09-10 21:29:43 +01:00
Paul Banks 64957f2d22
Document how to make namespace wildcard intentions. (#10724)
* Update intentions.mdx

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-09-10 21:25:09 +01:00
Paul Banks ecbe8f0656 Include namespace and partition in error messages when validating ingress header manip 2021-09-10 21:11:00 +01:00
Paul Banks e6642c6dae Refactor HTTPHeaderModifiers.MergeDefaults based on feedback 2021-09-10 21:11:00 +01:00
Paul Banks a1acb7ec3b Fix enterprise test failures caused by differences in normalizing EnterpriseMeta 2021-09-10 21:11:00 +01:00
Paul Banks 3484d77b18 Fix enterprise discovery chain tests; Fix multi-level split merging 2021-09-10 21:11:00 +01:00
Paul Banks 46400a033f Add Envoy integration test to show Header manip can interpolate Envoy variables 2021-09-10 21:09:24 +01:00
Paul Banks 89947bef1f Add Changelog entry and api package support for HTTP Header manip 2021-09-10 21:09:24 +01:00
Paul Banks e0ad412f1d Remove unnecessary check 2021-09-10 21:09:24 +01:00
Paul Banks 27e520971f Remove stray file 2021-09-10 21:09:24 +01:00
Paul Banks 5c6d27555b Fix discovery chain test fixtures 2021-09-10 21:09:24 +01:00
Paul Banks bc1c86df96 Integration tests for all new header manip features 2021-09-10 21:09:24 +01:00
Paul Banks 1dd1683ed9 Header manip for split legs plumbing 2021-09-10 21:09:24 +01:00
Paul Banks f70f7b2389 Header manip for service-router plumbed through 2021-09-10 21:09:24 +01:00
Paul Banks fc2ed4cdf4 Ingress gateway header manip plumbing 2021-09-10 21:09:24 +01:00
Paul Banks 2db02cdba2 Add HTTP header manip for router and splitter entries 2021-09-10 21:09:24 +01:00
Paul Banks 7ac9b46f08 Header manip and validation added for ingress-gateway entries 2021-09-10 21:09:24 +01:00
Dhia Ayachi 82b30f8020
convert `Roles` index to use `indexerMulti` (#11013)
* convert `Roles` index to use `indexerMulti`

* add role test in oss

* fix oss to use the right index func

* preallocate slice
2021-09-10 16:04:33 -04:00
Dhia Ayachi 569e18d002
convert indexPolicies in ACLTokens table to the new index (#11011) 2021-09-10 14:57:37 -04:00
Dhia Ayachi 0d0edeec27
convert indexSecret to the new index (#11007) 2021-09-10 09:10:11 -04:00
Dhia Ayachi f0cbe25ca6
convert indexAccessor to the new index (#11002) 2021-09-09 16:28:04 -04:00
Hans Hasselberg 24c6ce0be0
tls: consider presented intermediates during server connection tls handshake. (#10964)
* use intermediates when verifying

* extract connection state

* remove useless import

* add changelog entry

* golint

* better error

* wording

* collect errors

* use SAN.DNSName instead of CommonName

* Add test for unknown intermediate

* improve changelog entry
2021-09-09 21:48:54 +02:00
Jared Kirschner 2798b3e02f
Merge pull request #10834 from jkirschner-hashicorp/improve-docs-configure-ui-https
docs: give tutorials links for securing UI access
2021-09-09 11:08:11 -04:00
Peter M deeda282bd
Merge pull request #10995 from hashicorp/pcmccarron-patch-1
adding NIA to sidebar nav
2021-09-08 10:56:26 -06:00
Peter M 649a03edd5
fixing link error
path was pointing to the wrong page on new sidebar addition.
2021-09-08 10:20:58 -06:00
Chris S. Kim 3fb797382b
Sync enterprise changes to oss (#10994)
This commit updates OSS with files for enterprise-specific admin partitions feature work
2021-09-08 11:59:30 -04:00
Sergey Matyukevich 19a744191f
Allow configuring graceful stop in testutil (#10566)
* Allow configuring graceful stop in testutil

Signed-off-by: Sergey Matyukevich <s.matyukevich@gmail.com>

* add a changelog

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2021-09-08 11:12:54 -04:00
Jared Kirschner b2b00606fb docs: give tutorials links for securing UI access 2021-09-07 22:13:09 -07:00
Kyle Havlovitz a7b5a5d1b4
Merge pull request #10984 from hashicorp/mesh-resource
acl: adding a new mesh resource
2021-09-07 15:06:20 -07:00
Dhia Ayachi 96d7842118
partition dicovery chains (#10983)
* partition dicovery chains

* fix default partition for OSS
2021-09-07 16:29:32 -04:00
Peter M a75da4060d
adding NIA to sidebar nav 2021-09-07 12:44:07 -06:00
trujillo-adam cbb9db9860
Merge pull request #10980 from hashicorp/docs-fix-policy-federation-vm-k8-secondary
fixing the policy for configuring k8 clusters as secondary in federated arch
2021-09-07 08:10:39 -07:00
trujillo-adam 9bedec4006
Update website/content/docs/k8s/installation/multi-cluster/vms-and-kubernetes.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2021-09-07 07:53:57 -07:00
Matt Keeler 081f1777e7
Add changelog known issues for latest patch releases (#10992)
This is to advertise the issue with TLS verification and a temporary workaround.
2021-09-07 09:14:06 -04:00
Daniel Nephin 4d5a39e622 acl: remove ACL.IsSame
The only caller of this method was removed in a recent commit along with replication.
2021-09-03 12:59:12 -04:00
Daniel Nephin 4dd5bb8e3b acl: remove legacy ACL replication 2021-09-03 12:42:06 -04:00
mrspanishviking 447e1331f3
Merge pull request #10815 from hashicorp/docs/prepared-query-consistency-modes-3475
docs: Add supported consistency modes to prepared queries
2021-09-03 07:43:40 -07:00
R.B. Boyer 4206f585f0 acl: adding a new mesh resource 2021-09-03 09:12:03 -04:00
Dhia Ayachi 72391dc99c
try to infer command partition from node partition (#10981) 2021-09-03 08:37:23 -04:00
trujillo-adam 2f92768b75 fixing the policy for configuring k8 clusters as secondary in federated arch 2021-09-02 15:26:41 -07:00
mrspanishviking ab47aac5b4
Merge pull request #10977 from hashicorp/nia-style-fix
docs: fixed numbering of license bullets and corrected indent
2021-09-02 12:51:35 -07:00
Karl Cardenas 77b93b6cce
docs: indenting pr web dev guidance and Blake 2021-09-02 11:25:49 -07:00