Commit graph

4767 commits

Author SHA1 Message Date
James Phillips 7e7c1ebb13
Fixes implementation of node ACLs for /v1/catalog/node/<node>.
This would return a "permission denied" error, but this changes it to
return the same response as a node that doesn't exist (as was originally
intended and written in the code comments).
2016-12-12 16:53:31 -08:00
James Phillips 7a21a591b8
Adds full ACL coverage for /v1/health endpoints. 2016-12-12 16:28:52 -08:00
James Phillips 8db53b4ac2
Adds complete ACL coverage for /v1/coordinate/nodes and Coordinate.Update RPC. 2016-12-12 14:52:27 -08:00
James Phillips 67f1fe8d0b
Adds support for a new "acl_agent_token" which is used for internal
catalog operations.
2016-12-12 14:52:27 -08:00
James Phillips 99a5ae2737
Bans anonymous queries that aren't tied to a session.
This gets us coverage of PQ creation under the existing service
policy or the soon-to-be-added session policy.
2016-12-12 14:52:27 -08:00
James Phillips 4bb56b83ea Merge pull request #2590 from hashicorp/acl-complete-catalog
Adds new node ACL policy and applies it to catalog endpoints.
2016-12-12 14:52:10 -08:00
James Phillips 1ec02e5af4
Adds complete ACL coverage for /v1/catalog/service/<service>. 2016-12-12 08:34:15 -08:00
James Phillips 4dc3b17078
Adds complete ACL coverage for /v1/catalog/nodes. 2016-12-10 16:49:19 -08:00
James Phillips 63a6abe03c
Adds complete ACL coverage for /v1/catalog/node/<node>. 2016-12-10 16:49:19 -08:00
James Phillips 8ed0b81adb
Adds complete ACL coverage for /v1/catalog/deregister.
This included some state store helpers to make this more efficient.
2016-12-09 21:04:44 -08:00
James Phillips 7fa693a338
Adds complete ACL coverage for /v1/catalog/register. 2016-12-09 21:04:37 -08:00
James Phillips b7daa87ec7 Merge pull request #2575 from bradleyfalzon/patch-1
Link to consensus.html#deployment-table not #toc_4
2016-12-08 14:02:52 -08:00
James Phillips 2b19a5340c
Removes the exception for the "consul" service in the catalog. 2016-12-07 17:58:23 -08:00
Seth Vargo 9228b7b3ca Merge pull request #2580 from hashicorp/sethvargo/kv_main
Switch to KV CLI in getting started
2016-12-07 14:42:13 -08:00
Seth Vargo 52637b1125
Switch to KV CLI in getting started 2016-12-07 14:01:51 -08:00
Seth Vargo dc64fb64af Merge pull request #2579 from hashicorp/sethvargo/kv_main
Update homepage to use KV CLI instead of curl
2016-12-07 11:56:59 -08:00
Seth Vargo 6f24588b8f
Update homepage to use KV CLI instead of curl 2016-12-07 11:32:35 -08:00
James Phillips e86bfd9953
Adds support to ACL package for node policies. 2016-12-06 20:05:15 -08:00
Kyle Havlovitz 3ff0271e68 Update CHANGELOG.md 2016-12-06 20:14:58 -05:00
Kyle Havlovitz 42dbf55fc3 Merge pull request #2574 from hashicorp/f-udp-checksum
Update memberlist vendor deps
2016-12-06 14:20:29 -05:00
James Phillips 1393403bd2
Sorts all the ACl policy handlers for easier navigation (no functional changes). 2016-12-06 11:06:15 -08:00
James Phillips eb07e77c1c
Adds an opt-in for new ACL policies and features coming in Consul 0.8. 2016-12-06 11:06:14 -08:00
Seth Vargo 49dab41ed0 Merge pull request #2557 from hashicorp/sethvargo/safer_server
Use a random port instead of idx in testutil
2016-12-06 10:09:28 -08:00
Bradley Falzon de851480c5 Link to consensus.html#deployment-table not #toc_4 2016-12-06 15:40:40 +10:30
James Phillips c5ca72c5a5
Fixes broken link in options doc. 2016-12-05 18:53:51 -08:00
James Phillips 7c0f6bd742 Clarifies ACL replication token. 2016-12-05 18:43:05 -08:00
Kyle Havlovitz 3a771c8994
Update memberlist vendor deps 2016-12-05 17:27:52 -05:00
James Phillips 75f068accc Merge pull request #2568 from shantanugadgil/patch-1
Update kv.html.markdown
2016-12-03 11:23:56 -08:00
shantanugadgil 09f30bc375 Update kv.html.markdown 2016-12-03 13:35:55 +05:30
James Phillips 8d2ed27a74 Update CHANGELOG.md 2016-12-02 07:56:51 -08:00
James Phillips 8b9a0ff3d8 Update CHANGELOG.md 2016-12-02 07:56:06 -08:00
Sean Chittenden cf02ce2033
Small vendor update for go-sockaddr: now able to filter by CIDR. 2016-12-03 01:21:34 +11:00
Sean Chittenden f0ab957711 Merge pull request #2563 from hashicorp/f-sockaddr-0.7
F sockaddr 0.7
2016-12-02 22:38:32 +11:00
Sean Chittenden 73d8efa908
Update Windows support. 2016-12-02 18:05:18 +11:00
James Phillips 0e189fd204 Merge pull request #2564 from mzupan/fix-query-doc
Doc Fix: The Near key is out of place
2016-12-01 22:50:22 -08:00
Mike Zupan 492d39fbb3 Needs to be moved
This took 2 hours from my life. The near has to be inside a service and not in the main block.
2016-12-01 22:47:02 -08:00
Sean Chittenden 98afed5da3
Fix compilation on Windows. 2016-12-02 17:04:28 +11:00
Sean Chittenden 1ca285221a
Run all known addresses through go-sockaddr/template.
The following is now possible:

```
$ consul agent -dev -client="{{GetPrivateIP}}" -bind='{{GetInterfaceIP "en0"}}'
```
2016-12-02 16:35:38 +11:00
Sean Chittenden 4104e9e53a
Import github.com/hashicorp/go-sockaddr 2016-12-02 15:14:44 +11:00
Kyle Havlovitz 26a26a489d Add retry with backoff to initial bootstrap checks (#2561) 2016-12-01 17:05:02 -05:00
Kyle Havlovitz 3649c18ef0 Fix race issue in monitor endpoint test 2016-12-01 13:40:00 -05:00
James Phillips 33b29ccfd7 Merge pull request #2556 from williamlord/master
Update snapshot.html.markdown for spelling mistake
2016-12-01 07:44:06 -08:00
James Phillips f2d233c5f0 Update CHANGELOG.md 2016-12-01 07:43:10 -08:00
James Phillips 08c648f976 Merge pull request #2531 from alicebob/txntypes
fix KVOp types
2016-12-01 07:41:10 -08:00
Seth Vargo a3cd42bd68
Use a random port instead of idx in testutil
The testutil server uses an atomic incrementer to generate unique port
numbers. This works great until tests are run in parallel, _across
packages_. Because each package starts at the same "offset" idx, they
collide.

One way to overcome this is to run each packages' test in isolation, but
that makes the test suite much longer as it does not maximize
parallelization. Alternatively, instead of having "predictable" ports,
we can let the OS choose a random open port automatically.

This still has a (albeit smaller) race condition in that the OS could
return an open port twice, before the server has a chance to actually
start and occupy said port. In practice, I have not been able to hit
this race condition, so it either doesn't happen or it happens far less
frequently that the existing implementation.

I'm not sure how I feel about the panic, but this is just test code, so
I'm including to say it's okay?
2016-12-01 17:24:26 +02:00
William Lord 67a84e0e20 Update snapshot.html.markdown 2016-12-01 10:11:35 +00:00
James Phillips 55d7859a50 Update CHANGELOG.md 2016-11-30 21:47:33 -08:00
James Phillips dc37498327 Merge pull request #2533 from mckennajones/bug2526
Fix for KV put command
2016-11-30 21:46:04 -08:00
James Phillips 7880b314ce Update CHANGELOG.md 2016-11-30 21:44:01 -08:00
James Phillips bd5adea5ba Merge pull request #2555 from hashicorp/pr-2497-slackpad
Updates Circonus library and adds support for custom display name and tags.
2016-11-30 21:42:01 -08:00