Commit Graph

15485 Commits

Author SHA1 Message Date
Hans Hasselberg 0e2605335f
connect: use inline_string instead for envoy ca(#7024) 2020-01-10 15:57:54 +01:00
R.B. Boyer 20f51f9181 connect: derive connect certificate serial numbers from a memdb index instead of the provider table max index (#7011) 2020-01-09 16:32:19 +01:00
R.B. Boyer 446f0533cd connect: ensure that updates to the secondary root CA configuration use the correct signing key ID values for comparison (#7012)
Fixes #6886
2020-01-09 16:28:16 +01:00
danielehc 71eca6330c
added disclaimer about network segments due to Serf limitations (#7004)
* added disclaimer about network segments due to Serf limitations

using work made at https://github.com/hashicorp/consul/pull/6558 by @thepomeranian

* Lowercasing functionality name

* Update website/source/docs/enterprise/network-segments/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Co-authored-by: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2020-01-09 10:41:31 +01:00
danielehc aca0720a0e
Update docs to point to new learn guide (#7003)
* Changed the link to point to new guide
* Removed querystring from link
2020-01-09 10:26:47 +01:00
DevOps Rob 7a4b055f50 Azure MSI for cloud auto-join (#7000)
* Azure MSI documentation

Adding in note about support for Azure MSI authentication method for Cloud auto-join

* fixing text formatting

fixing text formatting

* missing word

missing word - variable

* Update website/source/docs/agent/cloud-auto-join.html.md

Language change to be specific about where the security risk mitigation is concerned

Co-Authored-By: Jack Pearkes <jackpearkes@gmail.com>

Co-authored-by: Jack Pearkes <jackpearkes@gmail.com>
2020-01-08 20:43:45 -05:00
kaitlincarter-hc dcd8153244
updating the ent docs to mention GCP (#7001) 2020-01-07 13:19:34 -08:00
tehmoon 7fead04f2e docs: Fix extraVolumes mount paths in helm.html.md (#7008) 2020-01-07 12:13:09 -08:00
Rémi Lapeyre 6b4050fdbf docs: fix typo in ACL legacy documentation (#7006) 2020-01-07 14:33:56 +01:00
kaitlincarter-hc 21f1e7a1b4
[docs] Managing ACL Policies (#6573)
* New Acl policy guide

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

Co-authored-by: Paul Banks <banks@banksco.de>
2020-01-06 15:44:17 -08:00
kaitlincarter-hc ddaf9e0d44
[docs] New Replication Guide (#5823)
* new replication guide

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* fixing list

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* fixing another list

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* fixing formating

* Updating based on feedback.

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* updating introduction based on feedback

* Update website/source/docs/guides/acl-replication.md

* updating intro based on feedback

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* updating based on feedback

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Additional note about servers

Co-authored-by: R.B. Boyer <public@richardboyer.net>
Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 15:35:59 -08:00
kaitlincarter-hc c3f6d8e4cd
New Connect guide for new users (#6749) 2020-01-06 15:17:24 -08:00
Matt Keeler 421148f793
Move Session.CheckIDs into OSS only code. (#6993) 2020-01-03 15:51:19 -05:00
Luke Kysow 89f57372ce
Merge pull request #6978 from hashicorp/docs/helm-move-bootstrapacls-under-global
Move bootstrapACLs under global key in Helm docs
2019-12-23 08:46:08 -08:00
Blake Covarrubias 532d6d0d18 Move bootstrapACLs under global key in Helm docs
The global.bootstrapACLs key in the Helm chart docs was inadvertently
moved to a top-level key in commit 12e6ef8, which is incorrect.

This commit reverts that error.
2019-12-21 18:47:42 -08:00
hashicorp-ci 3f08ba7379
Release v1.7.0-beta2 2019-12-20 17:16:53 +00:00
hashicorp-ci 8d53a33bf0
update bindata_assetfs.go 2019-12-20 17:16:51 +00:00
Matt Keeler 9ea83a749b
Revert "Remove docs refs to NS inference from ACL token" (#6976)
This reverts commit 3a8426de9c76e7d8dd2728e4ae78bc4e5e18626a.

# Conflicts:
#	command/flags/http.go
#	website/source/api/acl/binding-rules.html.md
#	website/source/api/acl/policies.html.md
#	website/source/api/acl/roles.html.md
#	website/source/api/acl/tokens.html.md
#	website/source/api/kv.html.md
#	website/source/api/session.html.md
#	website/source/docs/commands/_http_api_namespace_options.html.md
2019-12-20 11:52:50 -05:00
John Cowen e5601d4e40
Update CHANGELOG.md 2019-12-20 15:35:00 +00:00
John Cowen 2a0a13001d
Merge pull request #6966 from hashicorp/ui-staging
ui: UI Release Merge (ui-staging merge)
2019-12-20 15:30:43 +00:00
John Cowen aa058a7162
ui: Make sure that the namespace is passed when changing a token via [Use] (#6973)
* Pass the namespace parameter through to the repo when using a token
* Refresh the namespace menu when somebody [Use]s a token
2019-12-20 14:57:10 +00:00
John Cowen 18c659b8e7
ui: Cope with the possibility of receiving no namespaces (#6975) 2019-12-20 14:56:18 +00:00
John Cowen 16d2e4365a
Ensure ember-data ids are created correct taking into account the nspace (#6974) 2019-12-20 14:30:19 +00:00
R.B. Boyer 84ff640b79 update changelog 2019-12-19 10:24:54 -06:00
R.B. Boyer 42f80367be
Restore a few more service-kind index updates so blocking in ServiceDump works in more cases (#6948)
Restore a few more service-kind index updates so blocking in ServiceDump works in more cases

Namely one omission was that check updates for dumped services were not
unblocking.

Also adds a ServiceDump state store test and also fix a watch bug with the
normal dump.

Follow-on from #6916
2019-12-19 10:15:37 -06:00
Blake Covarrubias befb914cf6 Add 'kind = connect-proxy' to mesh_gateway.html 2019-12-18 15:35:42 -08:00
Hans Hasselberg a9fa438487
Update CHANGELOG.md 2019-12-18 22:33:32 +01:00
Hans Hasselberg 1bf94b01e2
log: handle discard all logfiles properly (#6945)
* Handle discard all logfiles properly

Fixes https://github.com/hashicorp/consul/issues/6892.

The [docs](https://www.consul.io/docs/agent/options.html#_log_rotate_max_files) are stating:

> -log-rotate-max-files - to specify the maximum number of older log
> file archives to keep. Defaults to 0 (no files are ever deleted). Set to
> -1 to disable rotation and discard all log files.

But the `-1` case was not implemented and led to a panic when being
used.

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>
2019-12-18 22:31:22 +01:00
Matt Keeler 396e636572
Update CHANGELOG.md 2019-12-18 15:30:48 -05:00
Matt Keeler fa74fcb811
Update CHANGELOG.md 2019-12-18 15:13:31 -05:00
Matt Keeler 1e59560e0e
Enterprise Sync - 2019.12.18 (#6968)
Enterprise Sync - 2019.12.18
2019-12-18 15:05:36 -05:00
Matt Keeler 6de4eb8569
OSS changes for implementing token based namespace inferencing
remove debug log
2019-12-18 14:07:08 -05:00
Matt Keeler 185654b075
Unflake the TestACLEndpoint_TokenList test
In order to do this I added a waitForLeaderEstablishment helper which does the right thing to ensure that leader establishment has finished.

fixup
2019-12-18 14:07:07 -05:00
Kyle MacDonald f0befc3b7a
website: embed yt videos on intro pages (#6871)
- website: embed yt videos on intro pages
- for /docs/connect
- for /intro
- css to handle iframe responding at smaller viewports
- Update consul connect video with introductory description. Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
- Update consul connect intro with introductory description. Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2019-12-18 13:54:39 -05:00
Matt Keeler 8af12bf4f4
Miscellaneous acl package cleanup
• Renamed EnterpriseACLConfig to just Config
• Removed chained_authorizer_oss.go as it was empty
• Renamed acl.go to errors.go to more closely describe its contents
2019-12-18 13:44:32 -05:00
Matt Keeler bdf025a758
Rename EnterpriseAuthorizerContext -> AuthorizerContext 2019-12-18 13:43:24 -05:00
John Cowen 6e8a8a2bc0
ui: Various amends for 1.7beta (#6965)
* Remove empty init

* Actually make the disco chain endpoint send the nspace, note:

The backend doesn't support this as yet.

* Tweak the font size of flash-messages ever so slightly

* Make sure the nspace menu is kept up to date when creating a new one

* Move comment to the correct place

* Only refresh the namespace menu if you specifically created a nspace

* Change FIXMEs to TODOs as we are happy for these to wait until later
2019-12-18 18:27:54 +00:00
Matt Keeler 5c56aab3be
Change how namespaces are specified for the CLI (#6960) 2019-12-18 11:06:39 -05:00
Matt Keeler af1d101937
OSS changes to allow for parsing the enterprise DNS config prop… (#6959) 2019-12-18 10:16:35 -05:00
John Cowen e545c82e1e ui: Discovery Chain (#6746)
* Add data layer for discovery chain (model/adapter/serializer/repo)

* Add routing plus template for routing tab

* Add extra deps - consul-api-double upgrade plus ngraph for graphing

* Add discovery-chain and related components and helpers:

1. discovery-chain to orchestrate/view controller
2. route-card, splitter-card, resolver card to represent the 3 different
node types.
3. route-match helper for easy formatting of route rules
4. dom-position to figure out where things are in order to draw lines
5. svg-curve, simple wrapper around svg's <path d=""> attribute format.
6. data-structs service. This isn't super required but we are using
other data-structures provided by other third party npm modules in other
yet to be merged PRs. All of these types of things will live here for
easy access/injection/changability
7. Some additions to our css-var 'polyfill' for a couple of extra needed
rules

* Related CSS for discovery chain

1. We add a %card base component here, eventually this will go into our
base folder and %stats-card will also use it for a base component.
2. New icon for failovers

* ui: Discovery Chain Continued (#6939)

1. Add in the things we use for the animations
2 Use IntersectionObserver so we know when the tab is visible,
otherwise the dom-position helper won't work as the dom elements don't
have any display.
3. Add some base work for animations and use them a little
4. Try to detect if a resolver is a redirect. Right now this works for
datacenters and namespaces, but it can't work for services and subsets -
we are awaiting backend support for doing this properly.
5. Add a fake 'this service has no routes' route that says 'Default'
6. redirect icon
7. Add CSS.escape polyfill for Edge
2019-12-18 12:26:47 +00:00
John Cowen 31f36ce096 ui: Namespace Support (#6639)
Adds namespace support to the UI:

1. Namespace CRUD/management
2. Show Namespace in relevant areas (intentions, upstreams)
3. Main navigation bar improvements
4. Logic/integration to interact with a new `internal/acl/authorize` endpoint
2019-12-18 12:26:47 +00:00
John Cowen 3dfb41486e ui: %form-element-textarea > %form-area-textinput typo (#6952) 2019-12-18 12:26:46 +00:00
John Cowen e190615f97 ui: Fixes styling of 'duplicate intention' error message (#6936) 2019-12-18 12:26:46 +00:00
John Cowen 09b46dcfdc ui: Remove `writable` usage from policy and use the request instead (#6934) 2019-12-18 12:26:45 +00:00
John Cowen 1b5658d5ac ui: Use base fonts throughout the app (#6881)
We've had a set of %placeholders in our base styles for quite a while
but not butten the bullet to use them. This begins to use them.

We had to make a small amount of tweaks to base whilst doing this, but
its as we'd prefer there to be as few font placeholders as possible. We
might/should be able to reduce these further at somepoint, or
potentially rename them. We currently have six header fonts (or 4 header
fonts/2 strong body fonts) and 3 body fonts.

We also noticed an empty CSS file and deleted that while we were here.
We also noticed that the bottom border of structure tabs was a pixel
larger than ours so we tweaked that here also.
2019-12-18 12:26:45 +00:00
John Cowen 572e3891fe ui: Remove some javascript files we no longer use (#6853) 2019-12-18 12:26:44 +00:00
John Cowen 421bbd9987 ui: Ensure %app-content > %app-view-content rename is complete (#6843)
In https://github.com/hashicorp/consul/pull/6575 we changed the name of
%app-content to %app-view-content, but missed a few places that needed
renaming, this corrects that.
2019-12-18 12:26:44 +00:00
John Cowen f52e1f607d ui: Expose checks (#6575)
Adds visibility for `Expose.Checks` config setting for proxies.

1. Adds an 'Exposed Path' tab to the proxy detail page to show the user information on exposed paths.
2. If the users has exposed their healthchecks we also add this information to the Service detail page for this proxy (only for http2 and gRPC checks)
2019-12-18 12:26:43 +00:00
John Cowen eb7b69cc24 ui: CSS Upgrade (action-group,form-elements,sliding-toggle,breadcrumbs) (#6495)
This includes an update of our CSS npm module. The majority of this is
just moving files from one folder to another.

1. %breadrumbs: As well as moving we've added 'milestone' breadcrumbs
2. %checkbox-group: Moved
3. %radio-group: Moved
4. %sliding-toggle: Moved (used to be called just %toggle)
5. %form-elements: Moved and added a new %inline-alert for form field
messaging (see Structure design system)
6. %action-group is now a composition of %menu-panel, %toggle-button,
plus edits to existing style to bring the %action-groups inline with the
dropdowns from Structure). %action-group also includes a composed
%confirmation-alert that is yet to be include. This will be compiled out
until we integrate it.

We've also removed some of our old icon placeholders as the above
work seased to use some of them.

Now we done this I'd say all in all over half of our CSS components now
use the CSS npm module.

The CSS specific to Consul UI also uses much of this CSS module by way
of helper placeholders such as our %frames.
2019-12-18 12:26:43 +00:00
John Cowen 39010d2b76 ui: Adds ember-data blueprints for Consul specific HTTP adapter etc (#6461)
* ui: Adds ember-data blueprints for Consul specific HTTP adapter etc

These are currently quite Consul specific, but we also overwrite the
default model-test blueprint to keep the names consistent (dasherized)
for easy test filtering.

```
ember generate [adapter|serializer|model|repository|route] <name>
```
2019-12-18 12:26:42 +00:00