Commit graph

16215 commits

Author SHA1 Message Date
Daniel Nephin d33bcda622 docs: move the ACL 'Authorization' section
This section was actually about authentication (not authorization).

We already have sections in our api and cli docs. This commit removes the section and replaces
it with a short paragraph in the Tokens section which links to the existing docs.
2022-01-10 17:10:39 -05:00
Daniel Nephin c5d6bbd19b docs: improve ACL system introduction 2022-01-10 14:05:46 -05:00
trujillo-adam 43d013ddcf
Merge pull request #11930 from hashicorp/docs/admin-partition-updates-1.11.0-misc
added line about wildcard intentions not supported for admin partitions
2022-01-10 07:53:58 -08:00
Evan Culver e3f5dc0987
Add missing changelog entries (#11973)
Added missing entries from:
* 1.8.18
* 1.8.19
* 1.9.12
* 1.9.13
* 1.10.5
* 1.10.6
* 1.11.1
2022-01-07 20:23:46 -08:00
trujillo-adam 15220e8d39 applied feedback 2022-01-07 15:43:51 -08:00
John Cowen dfc0f0e40c
ui: Remove KV pre-flight auth check (#11968)
* ui: Don't even ask whether we are authorized for a KV...

...just let the actual API tell us in the response, thin-client style.

* Add some similar commenting for previous PRs related to this problem
2022-01-07 19:26:54 +00:00
John Cowen 514e24ba9f
ui: Ensure service instance data does not get re-written on blocking refresh (#11903)
* Add some less fake API data

* Rename the models class so as to not be confused with JS Proxies

* Rearrange routlets slightly and add some initial outletFor tests

* Move away from a MeshChecks computed property and just use a helper

* Just use ServiceChecks for healthiness filtering for the moment

* Make TProxy cookie configurable

* Amend exposed paths and upstreams so they know about meta AND proxy

* Slight bit of TaggedAddresses refactor while I was checking for `meta` etc

* Document CONSUL_TPROXY_ENABLE
2022-01-07 19:16:21 +00:00
John Cowen 3ab747109b
ui: [BUGFIX] Fixes an issue when editing intentions from the service > intentions sub tab (#11937)
We recently changed the intentions form to take a full model of a dc rather than just the string identifier (so {Name: 'dc', Primary: true} vs just 'dc' in order to know whether the DC is the primary or not.

Unfortunately, we only did this on the global intentions page not the per service intentions page. This makes it impossible to save an intention from the per service intention page (whilst you can still save intentions from the global intention page as normal).

The fix here pretty much copy/pastes the approach taken in the global intention edit template over to the per service intention edit template.

Tests have been added for creation in the per service intention section, which again are pretty much just copied from the global one, unfortunately this didn't exist previously which would have helped prevent this.
2022-01-07 19:09:40 +00:00
John Cowen 86e885fc5b
ui: Upgrade AuthDialog (#11913)
- Move AuthDialog to use a Glimmer Component plus native named blocks/slots.
- Unravel the Auth* contextual components, there wasn't a lot of point having them as contextual components and now the AuthDialog (non-view-specific state machine component) can be used entirely separately from the view-specific components (AuthForm and AuthProfile).
- Move all the ACL related components that are in the main app chrome/navigation (our HashicorpConsul component) in our consul-acls sub package/module (which will eventually be loaded on demand only when ACLs are enabled)
2022-01-07 19:08:25 +00:00
John Cowen a08f2927fd
ui: Fix dark borders on certain visualizations (#11959) 2022-01-07 16:15:22 +00:00
Blake Covarrubias 048d9b69ba docs: Redirect mesh-gateway page to new location
The mesh gateway docs at /docs/connect/gateways/mesh-gateway were
moved in #11859 to a new location in order to accommodate the addition
of separate instructions for using gateways with admin partitions.

This commit redirects the old mesh gateway page to its new location at
/connect/gateways/mesh-gateway/service-to-service-traffic-datacenters.
2022-01-06 13:35:11 -08:00
Chris S. Kim c9735476a7
Fix Windows logging to files (#11960) 2022-01-06 16:07:09 -05:00
Blake Covarrubias b13fb553ac
api: Return 404 when deregistering a non-existent check (#11950)
Update the `/agent/check/deregister/` API endpoint to return a 404
HTTP response code when an attempt is made to de-register a check ID
that does not exist on the agent.

This brings the behavior of /agent/check/deregister/ in line with the
behavior of /agent/service/deregister/ which was changed in #10632 to
similarly return a 404 when de-registering non-existent services.

Fixes #5821
2022-01-06 12:38:37 -08:00
Dhia Ayachi 7e0b8354a5
clone the service under lock to avoid a data race (#11940)
* clone the service under lock to avoid a data race

* add change log

* create a struct and copy the pointer to mutate it to avoid a data race

* fix failing test

* revert added space

* add comments, to clarify the data race.
2022-01-06 14:33:06 -05:00
Dhia Ayachi 09688bdc38
upgrade raft to v1.3.3 (#11958)
* upgrade raft to v1.3.3

* add change log

* reword the changelog

Co-authored-by: FFMMM <FFMMM@users.noreply.github.com>

Co-authored-by: FFMMM <FFMMM@users.noreply.github.com>
2022-01-06 14:09:13 -05:00
trujillo-adam 1769d2594d
Merge pull request #11945 from hashicorp/docs/exported-services-language-issues
tweaks to the language used in the requirements section
2022-01-06 07:26:39 -08:00
mrspanishviking dcda97cdcc
Merge pull request #11952 from hashicorp/david-yu-vault-gossip-indent
docs: Fix indentation for gossipEncryption when using Vault secrets backend
2022-01-06 07:14:29 -07:00
David Yu f1841e36c9
docs: Fix indentation for gossipEncryption when using Vault secrets backend 2022-01-05 21:35:28 -08:00
Daniel Nephin d05264041e
Merge pull request #11918 from hashicorp/dnephin/tob-followup
Fix a few small bugs
2022-01-05 18:50:48 -05:00
Daniel Nephin f91fcb31d2 changelog 2022-01-05 17:51:03 -05:00
Daniel Nephin 4983c27703 snapshot: return the error from replyFn
The only function passed to SnapshotRPC today always returns a nil error, so there's no
way to exercise this bug in practice. This change is being made for correctness so that
it doesn't become a problem in the future, if we ever pass a different function to
SnapshotRPC.
2022-01-05 17:51:03 -05:00
Daniel Nephin fd084c15c3 cli: use file mode 0600 when saving a snapshot
So that other users on the machine can not access the snapshot data.
2022-01-05 17:51:03 -05:00
Daniel Nephin affe97e22d config: correctly capture all errors.
Some calls to multierror.Append were not using the existing b.err, which meant we
were losing all previous errors.
2022-01-05 17:51:03 -05:00
Chris S. Kim f7f5aca058
Fix test for ENT (#11946) 2022-01-05 15:18:08 -05:00
trujillo-adam ea2ae4b637 tweaks to the language used in the requirements section 2022-01-05 12:01:10 -08:00
Chris S. Kim 407b0b8963
Fix test for ENT (#11941) 2022-01-05 12:24:44 -05:00
Dhia Ayachi 5f6bf369af
reset coalesceTimer to nil as soon as the event is consumed (#11924)
* reset `coalesceTimer` to nil as soon as the event is consumed

* add change log

* refactor to add relevant test.

* fix linter

* Apply suggestions from code review

Co-authored-by: Freddy <freddygv@users.noreply.github.com>

* remove non needed check

Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-01-05 12:17:47 -05:00
Mathew Estafanous dc18933cc2
Ensure consistency with error-handling across all handlers. (#11599) 2022-01-05 12:11:03 -05:00
John Cowen 45b5742973
ui: Add selective no-console eslint rule (#11938) 2022-01-05 16:56:26 +00:00
John Cowen be78d76416
ui: Only allow partition creation with a single datacenter setup (#11817) 2022-01-05 14:52:06 +00:00
John Cowen 98aac0855c
ui: Configure routes in route config rather than classes (#11900) 2022-01-05 09:34:28 +00:00
Jared Kirschner 7abfe6bff9
Merge pull request #10894 from jkirschner-hashicorp/clarify-debug-msg-if-name-used-when-id-needed
Clarify service and health check not found error messages
2022-01-04 16:14:49 -05:00
Blake Covarrubias 4a36e4ee24
cli: Show node identities in acl token list output (#11926)
Fix the pretty CLI output of `consul acl token list` so that it
properly displays node identities that are associated with a token.
2022-01-04 12:44:43 -08:00
CJ 696ba5725f
Update glossary.mdx (#10766)
Corrected spelling errors
2022-01-04 15:41:07 -05:00
Noel Quiles 2c047e1c3a
website: Update copy (#11853) 2022-01-04 15:29:46 -05:00
Daniel Nephin de0b51ae8c
Merge pull request #11884 from assareh/patch-1
consul pls cert create usage example provided in CLI help shows outdated arguments
2022-01-04 15:17:32 -05:00
Jared Kirschner a9371f18e5 Clarify service and check error messages (use ID)
Error messages related to service and check operations previously included
the following substrings:
- service %q
- check %q

From this error message, it isn't clear that the expected field is the ID for
the entity, not the name. For example, if the user has a service named test,
the error message would read 'Unknown service "test"'. This is misleading -
a service with that *name* does exist, but not with that *ID*.

The substrings above have been modified to make it clear that ID is needed,
not name:
- service with ID %q
- check with ID %q
2022-01-04 11:42:37 -08:00
Jared Kirschner fc076c02c7
Merge pull request #11335 from littlestar642/url-encoded-args
URL-encode/decode resource names for HTTP API
2022-01-04 14:00:14 -05:00
Chris S. Kim d87fe70a82
testing: Revert assertion for virtual IP flag (#11932) 2022-01-04 11:24:56 -05:00
James Tran 91abfe4b01
ui: Add XML syntax highlighting to key/value editor (#11785)
* ui: Add XML syntax highlighting to key/value editor

* ui: Make explicit options that are specific to XML for clarity
2022-01-04 16:24:09 +00:00
John Cowen 1779246257
ui: Fix URL params decoding (#11931)
* ui: Move wildcard param decoding to routlet service
2022-01-04 16:08:06 +00:00
John Cowen 2e571b6406
ui: Ensure disconnect error doesn't appear w/auth change on some pages (#11905) 2022-01-04 14:55:32 +00:00
trujillo-adam 31551b49f4 added line about wildcard intentions not supported for admin partitions 2022-01-03 15:31:58 -08:00
David Yu c64c512d1b
docs: Clarification of Vault Consul K8s requirements for Auth Method (#11929)
* docs: Clarification of Vault Consul K8s requirements

* link back to requirements

* Update gossip.mdx

* Update index.mdx

* add details for K8s auth method requirement

* Update gossip.mdx

* Update server-tls.mdx

* Update connect-ca.mdx

* Update gossip.mdx

* Update server-tls.mdx

* Update website/content/docs/k8s/installation/vault/gossip.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/index.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/index.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/index.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/server-tls.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/index.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/index.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Update index.mdx

* Update index.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-03 14:17:55 -08:00
mrspanishviking d340961213
Merge pull request #11928 from hashicorp/consul-docs-issue
Consul docs issue
2022-01-03 11:13:18 -07:00
Karl Cardenas 807d358129
removing markdown file for consul docs day issue 2022-01-03 11:06:09 -07:00
Karl Cardenas ea6bef42e5
style update 2022-01-03 10:54:31 -07:00
Karl Cardenas 0eb34a694e
updating Consul docs day issue template 2022-01-03 10:49:56 -07:00
mrspanishviking e4309c0762
Merge pull request #11775 from hashicorp/docs-day-issue
chore: created an issue template for Consul docs day
2022-01-03 10:17:47 -07:00
Jared Kirschner d26f8e4529
Merge pull request #11820 from hashicorp/improve-ui-disabled-api-response
http: improve UI not enabled response message
2022-01-03 12:00:01 -05:00