Commit graph

8881 commits

Author SHA1 Message Date
Paul Banks 25628f0e69
Add config option to disable HTTP printable char path check (#4442) 2018-07-26 13:53:39 +01:00
Kyle Havlovitz bf4c8aeac6
Update CHANGELOG.md 2018-07-25 17:54:58 -07:00
Kyle Havlovitz ecc02c6aee
Merge pull request #4400 from hashicorp/leaf-cert-ttl
Add configurable leaf cert TTL to Connect CA
2018-07-25 17:53:25 -07:00
Kyle Havlovitz 68d7a9fbd3
connect/ca: simplify passing of leaf cert TTL 2018-07-25 17:51:45 -07:00
Jack Pearkes 45f9fa9a89
Update CHANGELOG.md 2018-07-25 16:24:21 -07:00
Siva Prasad a5ebab63e7 Vendoring update for go-discover. (#4412)
* New Providers added and updated vendoring for go-discover

* Vendor.json formatted using make vendorfmt

* Docs/Agent/auto-join: Added documentation for the new providers introduced in this PR

* Updated the golang.org/x/sys/unix in the vendor directory

* Agent: TestGoDiscoverRegistration updated to reflect the addition of new providers

* Deleted terraform.tfstate from vendor.

* Deleted terraform.tfstate.backup

Deleted terraform state file artifacts from unknown runs.

* Updated x/sys/windows vendor for Windows binary compilation
2018-07-25 16:21:04 -07:00
Pierre Souchay 7bf22a5091 Added explainations on how having a working configuration for Prometheus (#4397)
* Added explainations on how having a working configuration for Prometheus

Since Prometheus escapes by default query parameters, this paragraph explains
how having `format=prometheus` to be taken into account by prometheus.

* Rephrase Prometheus notes in documentation as requested by @pearkes
2018-07-25 16:17:38 -07:00
Sergey Shepelev e6dea80797 website: typo in node meta additional section (#4429) 2018-07-25 13:32:36 -07:00
Mitchell Hashimoto 1bd002d44b
Merge pull request #4446 from jharley/patch-1
Documentation: Add missing word for Watches clarification
2018-07-25 14:36:00 -05:00
Jason Harley 73b68450ca
Add missing word for Watches clarification
`Watches use blocking queries monitor` reads awkwardly, I figured 'to' was missing
2018-07-25 15:34:45 -04:00
Paul Banks 217137b775
Fixes #4421: General solution to stop blocking queries with index 0 (#4437)
* Fix theoretical cache collision bug if/when we use more cache types with same result type

* Generalized fix for blocking query handling when state store methods return zero index

* Refactor test retry to only affect CI

* Undo make file merge

* Add hint to error message returned to end-user requests if Connect is not enabled when they try to request cert

* Explicit error for Roots endpoint if connect is disabled

* Fix tests that were asserting old behaviour
2018-07-25 20:26:27 +01:00
Matt Keeler 78124043bf Fix cross compiling with make
make XC_OS=linux XC_ARCH=amd64 when running on macos puts its binaries in ${GOPATH}/bin/linux_amd64/consul and not ${GOPATH}/bin/consul

This makes the build pull the binary from the right location.
2018-07-25 15:21:11 -04:00
Paul Banks 17de36c36e
Allow config-file based Service Definitions for unmanaged proxies and Connect-natice apps. (#4443) 2018-07-25 19:55:41 +01:00
Matt Keeler 015ea28f7d
Update CHANGELOG.md 2018-07-25 14:50:06 -04:00
Geoffrey Grosenbach 39aa3a34ff Remove deprecated Ruby consul-client library (#4419)
The GitHub repo for this library says that it is no longer maintained
and should not be used. The Ruby Diplomat library provides similar
functionality instead (and is already listed here).
2018-07-25 11:47:54 -07:00
Matt Keeler 2eceddafec
Merge pull request #4438 from hashicorp/bugfix/keyring-acl
ACL Bug Fixes
2018-07-25 14:47:19 -04:00
Mitchell Hashimoto dcd3a0d7c4
Update CHANGELOG.md 2018-07-25 09:28:25 -07:00
Mitchell Hashimoto d0d40a4c34
Merge pull request #4314 from hashicorp/b-ignore-check
command/connect/proxy: ignore check doesn't exist on -register
2018-07-25 11:26:40 -05:00
Paul Banks feeea60dea
Ooops that was meant to be to a branch no master... EMORECOFFEE
Revert "Add config option to disable HTTP printable char path check"

This reverts commit eebe45a47b4df5c0271b17f0fd1bd85db8bdefca.
2018-07-25 15:54:11 +01:00
Paul Banks d6c16dd0ad
Add config option to disable HTTP printable char path check 2018-07-25 15:52:37 +01:00
Matt Keeler 23a61f5714 Rewrite all of acl_test.go
This is now using table driven testing. In addition to conversion of old tests I also implemented several new tests for the acl fixes in my previous commit.

In particular the issues I saw with ACLs for prepared queries, keyring and operator all have tests for those and comments indicating that they would have previously failed.
2018-07-24 20:29:34 -04:00
Matt Keeler f300869574 Fix ACL enforcement
This creates one function that takes a rule and the required permissions and returns whether it should be allowed and whether to leave the decision to the parent acl.

Then this function is used everywhere. This makes acl enforcement consistent.

There were several places where a default allow policy with explicit deny rules wasnt being handled and several others where it wasn’t using the parent acl appropriately but would lump no policy in with a deny policy. All of that has been fixed.
2018-07-24 16:21:56 -04:00
Paul Banks b3771e2e6c
Refactor test retry to only affect CI (#4436)
* Refactor test retry to only affect CI

* Move test install deps out of the retry loop

* Add internal targets to PHONY too
2018-07-24 15:12:48 +01:00
Paul Banks c6d4210cc6
Update CHANGELOG.md 2018-07-24 12:36:44 +01:00
Paul Banks 186987874c
Merge pull request #4353 from azam/add-serf-lan-wan-port-args
Make RPC, Serf LAN, Serf WAN port configurable from CLI
2018-07-24 12:33:10 +01:00
Peter Souter 056db5d697 Adds Monitoring with Telegraf guide (#4227)
* Installing Telegraf
* Configuring Telegraf 
* Configuring Consul to send metrics to Telegraf
* Important metrics and aggregates
2018-07-23 16:46:43 -07:00
Mitchell Hashimoto 7d44a719cd
Update CHANGELOG.md 2018-07-23 09:18:56 -07:00
Kyle Havlovitz a125735d76
connect/ca: check LeafCertTTL when rotating expired roots 2018-07-20 16:04:04 -07:00
Paul Banks 2d5be9a07e
Merge pull request #4427 from hashicorp/connect-api-docs
Add /health/connect to docs and make consistent with /catalog/connect
2018-07-20 21:24:57 +01:00
Mitchell Hashimoto 5c42dacef4
Merge pull request #4320 from hashicorp/f-alias-check
Add "Alias" Check Type
2018-07-20 13:01:33 -05:00
azam 5290d69cb3 Make Serf LAN & WAN port configurable from CLI
Make RPC port accessible to CLI

Add tests and documentation for server-port, serf-lan-port, serf-wan-port CLI arguments
2018-07-21 02:17:21 +09:00
Paul Banks b3ab641a99
Add /health/connect to docs and make consistent with /catalog/connect 2018-07-20 16:50:28 +01:00
Matt Keeler dc314c3229
Update CHANGELOG.md 2018-07-20 09:00:06 -04:00
Matt Keeler 6802ad6c4f
Merge pull request #4407 from hashicorp/proxy-persist
Persist proxies from config files
2018-07-20 08:58:38 -04:00
Jack Pearkes fe77ea8bdc
readme: add note about security related issues (#4401)
* readme: add note about security related issues

This is a reminder to encourage responsible disclosure (vs. publicly on GitHub) for security-related issues.

* readme: link to security page
2018-07-19 12:43:36 -07:00
Mitchell Hashimoto dedc5ad69f
agent/local: silly spacing on select statements 2018-07-19 14:21:30 -05:00
Mitchell Hashimoto e42ca78c5d
agent/local: address remaining test feedback 2018-07-19 14:20:50 -05:00
Matt Keeler 95e8f795df Use the agent logger instead of log module 2018-07-19 11:22:01 -04:00
Matt Keeler a89dab55d3 Update a couple erroneous tests. 2018-07-19 09:20:51 -04:00
Mitchell Hashimoto 81f6486fb5
agent/local: don't use time.After in test since notify is instant 2018-07-18 16:16:28 -05:00
Matt Keeler 953b72318f Persist proxies from config files
Also change how loadProxies works. Now it will load all persisted proxies into a map, then when loading config file proxies will look up the previous proxy token in that map.
2018-07-18 17:04:35 -04:00
John Cowen a1a0c1db0a
Merge pull request #4410 from hashicorp/bugfix/gh-4175-service-ip
UI - Bugfix: Show Service IP not the Node IP
2018-07-18 18:39:39 +01:00
John Cowen 56719485c8
Merge pull request #4383 from hashicorp/feature/ui-tag-text-search
UI - Tag Text Search
2018-07-18 18:38:46 +01:00
John Cowen 9ae81696a1 Use some for the tags search instead of munging and searching 2018-07-18 18:15:03 +01:00
John Cowen f7209e63f1 ADd some extra tests to pick up on searching by two joined tags 2018-07-18 18:14:20 +01:00
John Cowen f993130937 Add basic searching by tags using the freetext search near-term 2018-07-18 18:14:19 +01:00
John Cowen 6c9f4fbe8a Acceptance test for searching service by tag 2018-07-18 18:13:18 +01:00
John Cowen e1fed4d41e
Merge pull request #4349 from hashicorp/feature/remove-rm-api-double
UI - Stop trying to remove consul-api-double we don't need to anymore
2018-07-18 17:54:21 +01:00
John Cowen 7a41c40dbc Show the Service.IP address instead of the Node.IP address in detail 2018-07-18 13:37:14 +01:00
John Cowen d8ab56666c Make the tests break by switching to a Service.IP 2018-07-18 13:35:57 +01:00