Bisakh
85b2855cdf
acl: update GetPolicyByName method implementation ( #11055 )
2021-09-28 10:46:27 -04:00
Jared Kirschner
5d593e930b
Merge pull request #10702 from jkirschner-hashicorp/network-segments-docs-enhancements
...
Network segments docs enhancements
2021-09-28 10:24:05 -04:00
Paul Banks
05c8387891
Merge pull request #10725 from hashicorp/banks-patch-3
...
Call out the incompatibility of wildcards and L7 permissions
2021-09-28 13:51:41 +01:00
David Yu
208389f5ad
docs: consul-k8s cli install, add bin/
to source path ( #11146 )
...
Add `bin/` to path from which you move `consul-k8s` to `/usr/local/bin/consul-k8s`
2021-09-27 22:11:54 -07:00
R.B. Boyer
0069c586df
changelog updates for 1.10.3, 1.9.10, and 1.8.16 ( #11160 )
2021-09-27 15:36:14 -05:00
Noel Quiles
937801d52d
Update alert banner for HashiConf Global 2021 ( #11154 )
2021-09-27 14:25:25 -04:00
John Cowen
7639cc8797
ui: Adds Flight icons to our icon set ( #11097 )
...
* ui: Adds Flight icons to our icon set
This commit doesn't actually add anything to the UI, rather just makes
the flight icons available for use.
2021-09-27 18:26:42 +01:00
John Cowen
ce731453ea
ui: Hide create buttons for policies/roles/namespaces with readonly access ( #10914 )
...
This PR adds a check to policy, role and namespace list pages to make sure the user has can write those things before offering to create them via a button. (The create page/form would then be a read-only form)
2021-09-27 17:20:44 +01:00
John Cowen
d157c63fe4
ui: Don't show the CRD menu for read-only intentions ( #11149 )
...
* ui: Don't show the CRD menu for read-only intentions
The UI bug here manifests itself only when a user/token is configured to have read-only access to intentions. Instead of only letting folks click to see a read only page of the intention, we would show an additional message saying that the intention was read-only due to it being 'Managed by [a kubernetes] CRD'. Whilst the intention was still read only, this extra message was still confusing for users.
This PR fixes up the conditional logic and further moves the logic to use ember-can - looking at the history of the files in question, this bug snuck itself in partly due to it being 'permission-y type stuff' previous to using ember-can and when something being editable or not was nothing to do with ACLs. Then we moved to start using ember-can without completely realising what IsEditable previously meant. So overall the code here is a tiny bit clearer/cleaner by adding a proper can view CRD intention instead of overloading the idea of 'editability'.
2021-09-27 17:19:32 +01:00
John Cowen
2d3f08263c
ui: Adds a set of basic unit tests for abilities ( #11132 )
2021-09-27 16:46:26 +01:00
John Cowen
a3f45ad70c
ui: Remove info panel from the nspace menu when editing nspaces ( #11130 )
...
* ui: Remove info panel form the nspace menu when editing nspaces
2021-09-24 18:05:22 +01:00
John Cowen
b19e14e8a8
ui: Add initial partition support to intentions ( #11129 )
...
* ui: Add initial partition support to intentions
2021-09-24 17:31:58 +01:00
Blake Covarrubias
78a3b9f3e1
docs: Decode K8s secrets with base64decode function
...
Use kubectl's base64decode template function (added in K8s 1.11) to
decode values in Secrets. Removes external call to `base64` utility on
the host system.
2021-09-24 08:59:34 -07:00
John Cowen
e287feb85f
ui: Use last-child for selecting the desired nspace instead of nth-child ( #11127 )
2021-09-24 13:04:41 +01:00
John Cowen
98f5cb45b2
ui: Remove refresh-route action for session invalidation ( #11105 )
...
* ui: Move action to the correct button for session invalidation
* Remove refresh-route completely, its not needed
2021-09-24 12:10:10 +01:00
trujillo-adam
75a14772e8
Merge pull request #11028 from hashicorp/docs-k8s-cli-alpha
...
adding k8s-cli alpha docs
2021-09-23 16:35:56 -07:00
trujillo-adam
7b7436515f
adding timeout flags, wait flag, and updated build procedure
2021-09-23 16:07:56 -07:00
Dhia Ayachi
4505cb2920
Refactor table index acl phase 2 ( #11133 )
...
* extract common methods from oss and ent
* remove unreachable code
* add missing normalize for binding rules
* fix oss to use Query
2021-09-23 15:26:09 -04:00
CJ
6d20f74c90
docs: Fix grammatical errors in glossary ( #10751 )
2021-09-23 08:36:52 -07:00
Paul Banks
f8412cf5fa
Merge pull request #10903 from hashicorp/feature/ingress-sds
...
Add Support to for providing TLS certificates for Ingress listeners from an SDS source
2021-09-23 16:19:05 +01:00
Dhia Ayachi
ebe333b947
Refactor table index ( #11131 )
...
* convert tableIndex to use the new pattern
* make `indexFromString` available for oss as well
* refactor `indexUpdateMaxTxn`
2021-09-23 11:06:23 -04:00
Paul Banks
d57931124f
Final readability tweaks from review
2021-09-23 10:17:12 +01:00
Paul Banks
8c8cde524e
Add Envoy integration test for split-route SDS case
2021-09-23 10:17:03 +01:00
Paul Banks
626232e4cd
Minor improvements to SDS server from review
2021-09-23 10:13:41 +01:00
Paul Banks
66c625a64d
Fix subtle loop bug and add test
2021-09-23 10:13:41 +01:00
Paul Banks
7198d0bd80
Refactor SDS validation to make it more contained and readable
2021-09-23 10:13:19 +01:00
Paul Banks
fe4f69613c
Refactor Ingress-specific lister code to separate file
2021-09-23 10:13:19 +01:00
Paul Banks
f4f0793a10
Minor PR typo and cleanup fixes
2021-09-23 10:13:19 +01:00
Paul Banks
4cc1ccf892
Revert abandonned changes to proxycfg for Ent test consistency
2021-09-23 10:13:19 +01:00
Paul Banks
d812a0edc7
Fix merge conflict in xds tests
2021-09-23 10:12:37 +01:00
Paul Banks
3b2a4fc458
Allow skipping v2 compat tests for SDS as it's only the SDS server integration that doesn't support v2
2021-09-23 10:12:37 +01:00
Paul Banks
cd6491ea71
Fix integration tests in CI - serve SDS certs from the Docker image not a mounted path
2021-09-23 10:12:37 +01:00
Paul Banks
c2174260bc
Fix integration test for older Envoy versions
2021-09-23 10:12:37 +01:00
Paul Banks
a24efd20fc
Fix some more Enterprise Normalization issues affecting tests
2021-09-23 10:12:37 +01:00
Paul Banks
aa3240483f
Add changelog; Add API package support for new fields.
2021-09-23 10:12:37 +01:00
Paul Banks
15969327c0
Remove unused argument to fix lint error
2021-09-23 10:09:11 +01:00
Paul Banks
9422e4ebc7
Handle namespaces in route names correctly; add tests for enterprise
2021-09-23 10:09:11 +01:00
Paul Banks
1f62bca08b
Add basic integration test for Envoy ingress with SDS
2021-09-23 10:08:02 +01:00
Paul Banks
9d576a08dc
Update xDS routes to support ingress services with different TLS config
2021-09-23 10:08:02 +01:00
Paul Banks
8a4254a894
Update xDS Listeners with SDS support
2021-09-23 10:08:02 +01:00
Paul Banks
8548e15f1b
Update proxycfg to hold more ingress config state
2021-09-23 10:08:02 +01:00
Paul Banks
0e410a1b1f
Add ingress-gateway config for SDS
2021-09-23 10:08:02 +01:00
Mark Anderson
c87d57bfeb
partitions/authmethod-index work from enterprise ( #11056 )
...
* partitions/authmethod-index work from enterprise
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-09-22 13:19:20 -07:00
Chris S. Kim
d222f170a7
connect: Allow upstream listener escape hatch for prepared queries ( #11109 )
2021-09-22 15:27:10 -04:00
R.B. Boyer
ba13416b57
grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters ( #11099 )
...
Fixes #11086
2021-09-22 13:14:26 -05:00
John Cowen
b0b88286b8
ui: Add initial i18n docs page ( #10888 )
2021-09-22 18:51:39 +01:00
John Cowen
5857b2214f
ui: Add partition parameter when clearing child-selector forms in ACLs ( #11106 )
2021-09-22 18:36:09 +01:00
John Cowen
f08e27a5f0
ui: Add an isDestroyed check for the MenuPanel component ( #11104 )
...
This solves an occasionally flakey tests I see every so often
2021-09-22 18:33:31 +01:00
John Cowen
51149cdae2
ui: Remove legacy ACLs ( #11096 )
2021-09-22 18:32:51 +01:00
John Cowen
5da06645b0
ui: Gracefully recover from non-existent DC errors ( #11077 )
...
* ui: Gracefully recover from non-existent DC errors
This PR fixes what happens in the UI if you try to navigate to a non-existing DC.
When we received a 500 error from an API response due to a non-existent DC, previously we would show a 404 error, which is what we were trying to convey. But in the spirit of the UI being a 'thin client', its probably best to just show the 500 error from the API response, which may help folks to debug any issues better.
* Automatically set the CONSUL_DATACENTER_LOCAL env var for testing
2021-09-22 18:26:36 +01:00