Dhia Ayachi
4992218676
convert expiration indexed in ACLToken table to use `indexerSingle` ( #11018 )
...
* move intFromBool to be available for oss
* add expiry indexes
* remove dead code: `TokenExpirationIndex`
* fix remove indexer `TokenExpirationIndex`
* fix rebase issue
2021-09-13 14:37:16 -04:00
Dhia Ayachi
1f23bdf388
add locality indexer partitioning ( #11016 )
...
* convert `Roles` index to use `indexerSingle`
* split authmethod write indexer to oss and ent
* add index locality
* add locality unit tests
* move intFromBool to be available for oss
* use Bool func
* refactor `aclTokenList` to merge func
2021-09-13 11:53:00 -04:00
Jared Kirschner
def2d9d96d
Merge pull request #10837 from jkirschner-hashicorp/improve-docs-dns-with-acl
...
Improve documentation around using DNS with ACLs Enabled
2021-09-13 11:09:09 -04:00
Kyle MacDonald
13e0bb2906
website: fixup incorrect markdown syntax ( #11015 )
2021-09-13 10:36:34 -04:00
Jared Kirschner
4b28cfb54a
docs: add ACL component relationships visual
2021-09-10 15:33:23 -07:00
Jared Kirschner
e0b65303d4
docs: discuss use of ACLs on DNS page
2021-09-10 15:33:23 -07:00
Dhia Ayachi
3638825db8
convert `indexAuthMethod` index to use `indexerSingle` ( #11014 )
...
* convert `Roles` index to use `indexerSingle`
* fix oss build
* split authmethod write indexer to oss and ent
* add auth method unit tests
2021-09-10 16:56:56 -04:00
Paul Banks
e96136f9a7
Merge pull request #10613 from hashicorp/feature/mesh-header-manip
...
Feature: allow manipulation of HTTP headers in ingress and mesh routing
2021-09-10 21:40:26 +01:00
Paul Banks
b9dd859c6d
Apply suggestions from code review
...
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-09-10 21:29:43 +01:00
Paul Banks
64957f2d22
Document how to make namespace wildcard intentions. ( #10724 )
...
* Update intentions.mdx
* Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-09-10 21:25:09 +01:00
Paul Banks
ecbe8f0656
Include namespace and partition in error messages when validating ingress header manip
2021-09-10 21:11:00 +01:00
Paul Banks
e6642c6dae
Refactor HTTPHeaderModifiers.MergeDefaults based on feedback
2021-09-10 21:11:00 +01:00
Paul Banks
a1acb7ec3b
Fix enterprise test failures caused by differences in normalizing EnterpriseMeta
2021-09-10 21:11:00 +01:00
Paul Banks
3484d77b18
Fix enterprise discovery chain tests; Fix multi-level split merging
2021-09-10 21:11:00 +01:00
Paul Banks
46400a033f
Add Envoy integration test to show Header manip can interpolate Envoy variables
2021-09-10 21:09:24 +01:00
Paul Banks
89947bef1f
Add Changelog entry and api package support for HTTP Header manip
2021-09-10 21:09:24 +01:00
Paul Banks
e0ad412f1d
Remove unnecessary check
2021-09-10 21:09:24 +01:00
Paul Banks
27e520971f
Remove stray file
2021-09-10 21:09:24 +01:00
Paul Banks
5c6d27555b
Fix discovery chain test fixtures
2021-09-10 21:09:24 +01:00
Paul Banks
bc1c86df96
Integration tests for all new header manip features
2021-09-10 21:09:24 +01:00
Paul Banks
1dd1683ed9
Header manip for split legs plumbing
2021-09-10 21:09:24 +01:00
Paul Banks
f70f7b2389
Header manip for service-router plumbed through
2021-09-10 21:09:24 +01:00
Paul Banks
fc2ed4cdf4
Ingress gateway header manip plumbing
2021-09-10 21:09:24 +01:00
Paul Banks
2db02cdba2
Add HTTP header manip for router and splitter entries
2021-09-10 21:09:24 +01:00
Paul Banks
7ac9b46f08
Header manip and validation added for ingress-gateway entries
2021-09-10 21:09:24 +01:00
Dhia Ayachi
82b30f8020
convert `Roles` index to use `indexerMulti` ( #11013 )
...
* convert `Roles` index to use `indexerMulti`
* add role test in oss
* fix oss to use the right index func
* preallocate slice
2021-09-10 16:04:33 -04:00
Dhia Ayachi
569e18d002
convert indexPolicies in ACLTokens table to the new index ( #11011 )
2021-09-10 14:57:37 -04:00
Dhia Ayachi
0d0edeec27
convert indexSecret to the new index ( #11007 )
2021-09-10 09:10:11 -04:00
Dhia Ayachi
f0cbe25ca6
convert indexAccessor to the new index ( #11002 )
2021-09-09 16:28:04 -04:00
Hans Hasselberg
24c6ce0be0
tls: consider presented intermediates during server connection tls handshake. ( #10964 )
...
* use intermediates when verifying
* extract connection state
* remove useless import
* add changelog entry
* golint
* better error
* wording
* collect errors
* use SAN.DNSName instead of CommonName
* Add test for unknown intermediate
* improve changelog entry
2021-09-09 21:48:54 +02:00
Jared Kirschner
2798b3e02f
Merge pull request #10834 from jkirschner-hashicorp/improve-docs-configure-ui-https
...
docs: give tutorials links for securing UI access
2021-09-09 11:08:11 -04:00
Peter M
deeda282bd
Merge pull request #10995 from hashicorp/pcmccarron-patch-1
...
adding NIA to sidebar nav
2021-09-08 10:56:26 -06:00
Peter M
649a03edd5
fixing link error
...
path was pointing to the wrong page on new sidebar addition.
2021-09-08 10:20:58 -06:00
Chris S. Kim
3fb797382b
Sync enterprise changes to oss ( #10994 )
...
This commit updates OSS with files for enterprise-specific admin partitions feature work
2021-09-08 11:59:30 -04:00
Sergey Matyukevich
19a744191f
Allow configuring graceful stop in testutil ( #10566 )
...
* Allow configuring graceful stop in testutil
Signed-off-by: Sergey Matyukevich <s.matyukevich@gmail.com>
* add a changelog
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2021-09-08 11:12:54 -04:00
Jared Kirschner
b2b00606fb
docs: give tutorials links for securing UI access
2021-09-07 22:13:09 -07:00
Kyle Havlovitz
a7b5a5d1b4
Merge pull request #10984 from hashicorp/mesh-resource
...
acl: adding a new mesh resource
2021-09-07 15:06:20 -07:00
Dhia Ayachi
96d7842118
partition dicovery chains ( #10983 )
...
* partition dicovery chains
* fix default partition for OSS
2021-09-07 16:29:32 -04:00
Peter M
a75da4060d
adding NIA to sidebar nav
2021-09-07 12:44:07 -06:00
trujillo-adam
cbb9db9860
Merge pull request #10980 from hashicorp/docs-fix-policy-federation-vm-k8-secondary
...
fixing the policy for configuring k8 clusters as secondary in federated arch
2021-09-07 08:10:39 -07:00
trujillo-adam
9bedec4006
Update website/content/docs/k8s/installation/multi-cluster/vms-and-kubernetes.mdx
...
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2021-09-07 07:53:57 -07:00
Matt Keeler
081f1777e7
Add changelog known issues for latest patch releases ( #10992 )
...
This is to advertise the issue with TLS verification and a temporary workaround.
2021-09-07 09:14:06 -04:00
Daniel Nephin
4d5a39e622
acl: remove ACL.IsSame
...
The only caller of this method was removed in a recent commit along with replication.
2021-09-03 12:59:12 -04:00
Daniel Nephin
4dd5bb8e3b
acl: remove legacy ACL replication
2021-09-03 12:42:06 -04:00
mrspanishviking
447e1331f3
Merge pull request #10815 from hashicorp/docs/prepared-query-consistency-modes-3475
...
docs: Add supported consistency modes to prepared queries
2021-09-03 07:43:40 -07:00
R.B. Boyer
4206f585f0
acl: adding a new mesh resource
2021-09-03 09:12:03 -04:00
Dhia Ayachi
72391dc99c
try to infer command partition from node partition ( #10981 )
2021-09-03 08:37:23 -04:00
trujillo-adam
2f92768b75
fixing the policy for configuring k8 clusters as secondary in federated arch
2021-09-02 15:26:41 -07:00
mrspanishviking
ab47aac5b4
Merge pull request #10977 from hashicorp/nia-style-fix
...
docs: fixed numbering of license bullets and corrected indent
2021-09-02 12:51:35 -07:00
Karl Cardenas
77b93b6cce
docs: indenting pr web dev guidance and Blake
2021-09-02 11:25:49 -07:00