Commit graph

19200 commits

Author SHA1 Message Date
sarahalsmiller befefe42ee
Added check for empty peeringsni in restrictPeeringEndpoints (#15239)
Add check for empty peeringSNI in restrictPeeringEndpoints

Co-authored-by: Derek Menteer <derek.menteer@hashicorp.com>
2022-11-02 17:20:52 -05:00
cskh 0a3dbb1c6e
integ test: reduce flakiness due to compound output from retry (#15233)
* integ test: avoid flakiness due to compound output from retry

* changelog
2022-11-02 14:08:17 -04:00
Derek Menteer f704e72f3e
Prevent peering acceptor from subscribing to addr updates. (#15214) 2022-11-02 07:55:41 -05:00
Dan Stough 19ec59c930
test: refactor testcontainers and add peering integ tests (#15084) 2022-11-01 15:03:23 -04:00
Derek Menteer e74bd41a38
Regenerate test certificates. (#15218)
Regenerate test certificates
2022-11-01 10:51:13 -05:00
Nathan Coleman 59b20e0748
Update required Helm chart version to match APIGW release notes (#15168) 2022-10-31 16:31:10 -04:00
Derek Menteer cad89029dd Decrease retry time for failed peering connections. 2022-10-31 14:30:27 -05:00
R.B. Boyer 879584a773
test: fix flaky TestSubscribeBackend_IntegrationWithServer_DeliversAllMessages test (#15195)
Allow for some message duplication in subscription events during assertions.

I'm pretty sure the subscriptions machinery allows for messages to occasionally
be duplicated instead of dropping them, as a once-and-only-once queue is a pipe
dream and you have to pick one of the other two options.
2022-10-31 12:10:43 -05:00
Evan Culver 548cf6f7a4
connect: Add Envoy 1.24 to integration tests, remove Envoy 1.20 (#15093) 2022-10-31 10:50:45 -05:00
Derek Menteer 58f15db4c4 Allow peering endpoints to bypass verify_incoming. 2022-10-31 09:56:30 -05:00
Derek Menteer 065e538de3 Add tests. 2022-10-31 08:45:00 -05:00
Derek Menteer 59a385bc9a Fix peered service protocols using proxy-defaults. 2022-10-31 08:45:00 -05:00
R.B. Boyer eaf825e3a2
build: ensure 'make dev-docker' also produces a matching CLI binary at the same time (#15188) 2022-10-28 15:21:05 -05:00
Nathan Coleman 759e15eb99
Merge pull request #15187 from hashicorp/nathancoleman-patch-1
Fix broken link in Consul API Gateway docs
2022-10-28 15:35:29 -04:00
Nathan Coleman b370e2c3c2
Fix broken link in Consul API Gateway docs 2022-10-28 15:01:38 -04:00
R.B. Boyer fb1d62f96c
build: ensure 'make dev-docker' updates consul-dev:latest too (#15176)
Fixes a minor regression from #14222
2022-10-28 10:27:24 -05:00
Eric Haberkorn 57fb729547
Fix peering metrics bug (#15178)
This bug was caused by the peering health metric being set to NaN.
2022-10-28 10:51:12 -04:00
Tyler Wendlandt 571fd7b6db
Merge pull request #15153 from hashicorp/ui/chore/update-icons-to-use-flight-icons-component
ui: update icons to use flight icons component
2022-10-27 15:21:56 -06:00
wenincode 9251801c68 Replace main consul logo with FlightIcon 2022-10-27 14:28:10 -06:00
wenincode 2c7fabe447 Format index template 2022-10-27 14:23:41 -06:00
Michael Klein 3389d3883b
Merge pull request #15159 from hashicorp/ui/fix-peered-service-not-unique-based-on-peer
ui: Fix PeerName is part of service uniqueness
2022-10-27 20:26:50 +02:00
Michael Klein fc74c0c7fb
Merge pull request #15158 from hashicorp/ui/improve-layout-address-list-peer-detail
ui: Improve layout address list peer detail
2022-10-27 20:26:30 +02:00
Chris S. Kim a0ac76ecf5
Allow consul debug on non-ACL consul servers (#15155) 2022-10-27 09:25:18 -04:00
wenincode 3ed964864b Format intentions table hbs template 2022-10-26 11:46:35 -06:00
wenincode c72fec5433 Replace k8s informed action with flight icon 2022-10-26 11:07:42 -06:00
cskh 57380ea752
fix(peering): nil pointer in calling handleUpdateService (#15160)
* fix(peering): nil pointer in calling handleUpdateService

* changelog
2022-10-26 11:50:34 -04:00
Michael Klein 9c965f98fd Fix PeerName is part of service uniqueness
We need to make a PeerName part of a the service id when present.

This makes sure that peers can export services named
the same as other peers but have the UI still treat them
as separate services.
2022-10-26 17:34:45 +02:00
Michael Klein 9d36db3a2a
Merge pull request #15156 from hashicorp/ui/peer-create-redirect-to-show
ui: peer create redirect to show
2022-10-26 17:16:28 +02:00
wenincode 5f5d438724 Remove consul logo icons 2022-10-26 08:57:43 -06:00
wenincode 5e5598ff79 Update iconography documentation 2022-10-26 08:57:31 -06:00
Michael Klein b7c5229e79 Improve layout address list peer detail 2022-10-26 16:17:05 +02:00
Michael Klein 676e8afaf9
Merge pull request #15148 from hashicorp/ui/update-hds-usage-best-practices
UI: update hds usage to hds best practices
2022-10-26 16:10:05 +02:00
wenincode cb8f72490f Remove shadow-template/host and related components 2022-10-26 08:07:35 -06:00
wenincode 3dc9b27a0e Remove template log 2022-10-26 06:43:57 -06:00
Michael Klein be97a2a4a8 Redirect to peers.show after establishing peering 2022-10-26 11:15:57 +02:00
Michael Klein 6eaa9d94da Prettify peers.index template 2022-10-26 11:15:06 +02:00
Michael Klein ac41499d9b prettify peer/initiate form 2022-10-26 10:11:41 +02:00
wenincode 3c48128fe2 Add back logo-consul-color 2022-10-25 14:13:12 -06:00
wenincode 913873f520 Remove some icons 2022-10-25 14:02:38 -06:00
Eric Haberkorn 74baaf910c
fix bug that resulted in generating Envoy configs that use CDS with an EDS configuration (#15140) 2022-10-25 14:49:57 -04:00
wenincode ea247c5f63 Use FlightIcon component for k8s type select in authmethods 2022-10-25 12:01:09 -06:00
Luke Kysow 4956b81333
ingress-gateways: don't log error when registering gateway (#15001)
* ingress-gateways: don't log error when registering gateway

Previously, when an ingress gateway was registered without a
corresponding ingress gateway config entry, an error was logged
because the watch on the config entry returned a nil result.
This is expected so don't log an error.
2022-10-25 10:55:44 -07:00
Luke Kysow 1be7b5bf35
config entry: hardcode proxy-defaults name as global (#14833)
* config entry: hardcode proxy-defaults name as global

proxy-defaults can only have the name global. Because of this,
we support not even setting the name in the config file:

```
kind = "proxy-defaults"
```

Previously, writing this would result in the output:

```
Config entry written: proxy-defaults/
```

Now it will output:

```
Config entry written: proxy-defaults/global
```

This change follows what was done for the new Mesh config entry.
2022-10-25 10:55:15 -07:00
wenincode 1825580f5a Format auth method search bar template 2022-10-25 11:55:09 -06:00
wenincode f665912d05 Set the color to black for vault 2022-10-25 11:44:27 -06:00
Luke Kysow 6b1ec05470
autoencrypt: helpful error for clients with wrong dc (#14832)
* autoencrypt: helpful error for clients with wrong dc

If clients have set a different datacenter than the servers they're
connecting with for autoencrypt, give a helpful error message.
2022-10-25 10:13:41 -07:00
wenincode 596bb59707 Share code with new icons for sources select 2022-10-25 11:12:15 -06:00
Michael Klein 2f336f6a7a Update hds-docs with custom utility class 2022-10-25 18:40:36 +02:00
R.B. Boyer a01936442c
cache: refactor agent cache fetching to prevent unnecessary fetches on error (#14956)
This continues the work done in #14908 where a crude solution to prevent a
goroutine leak was implemented. The former code would launch a perpetual
goroutine family every iteration (+1 +1) and the fixed code simply caused a
new goroutine family to first cancel the prior one to prevent the
leak (-1 +1 == 0).

This PR refactors this code completely to:

- make it more understandable
- remove the recursion-via-goroutine strangeness
- prevent unnecessary RPC fetches when the prior one has errored.

The core issue arose from a conflation of the entry.Fetching field to mean:

- there is an RPC (blocking query) in flight right now
- there is a goroutine running to manage the RPC fetch retry loop

The problem is that the goroutine-leak-avoidance check would treat
Fetching like (2), but within the body of a goroutine it would flip that
boolean back to false before the retry sleep. This would cause a new
chain of goroutines to launch which #14908 would correct crudely.

The refactored code uses a plain for-loop and changes the semantics
to track state for "is there a goroutine associated with this cache entry"
instead of the former.

We use a uint64 unique identity per goroutine instead of a boolean so
that any orphaned goroutines can tell when they've been replaced when
the expiry loop deletes a cache entry while the goroutine is still running
and is later replaced.
2022-10-25 10:27:26 -05:00
wenincode c91e604591 Update icon-map to work for auth methods 2022-10-25 07:14:55 -06:00