Commit Graph

15417 Commits

Author SHA1 Message Date
Daniel Nephin acb62aa896
Merge pull request #10986 from hashicorp/dnephin/acl-legacy-remove-rpc
acl: remove legacy ACL RPC - part 1
2021-09-29 12:04:09 -04:00
lornasong 31acf7e657
nia/docs 0.4.0-beta1 (#11170)
* docs/nia: Add Consul KV condition

* docs/nia: Clarify boolean Consul KV condition options

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* nia/docs: Remove TFE-only restriction

Also updates Terraform Enterprise references to the more
general Terraform Cloud term.

* nia/docs: Update Terraform Cloud features

* nia/docs: Callouts for v0.4.0-beta

* docs/nia: Indicate version for removal of tag field

Clarifying when this tag will be removed so there is no confusion
when it is not present in the v0.4.0-beta release.

Co-authored-by: Melissa Kam <mkam@hashicorp.com>
Co-authored-by: Melissa Kam <3768460+mkam@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-09-29 12:03:27 -04:00
Daniel Nephin 1bc07c5166 structs: rename the last helper method.
This one gets used a bunch, but we can rename it to make the behaviour more obvious.
2021-09-29 11:48:38 -04:00
Daniel Nephin 93b3e110b6 structs: remove another helper
We already have a helper funtion.
2021-09-29 11:48:03 -04:00
Daniel Nephin 17652227f6 structs: remove two methods that were only used once each.
These methods only called a single function. Wrappers like this end up making code harder to read
because it adds extra ways of doing things.

We already have many helper functions for constructing these types, we don't need additional methods.
2021-09-29 11:47:03 -04:00
Daniel Nephin a0e08086f7
Merge pull request #10988 from hashicorp/dnephin/acl-legacy-remove-config
acl: isolate deprecated config and warn when they are used
2021-09-29 11:40:14 -04:00
Daniel Nephin 3f4f7d2f3f
Merge pull request #9456 from hashicorp/dnephin/config-deprecation
config: Use DeprecatedConfig struct for deprecated config fields
2021-09-29 11:37:40 -04:00
Luke Kysow ab0bfcd3ca
Add TOC to helm reference (#11144) 2021-09-28 16:25:40 -07:00
Evan Culver cb5ef13fde
Merge remote-tracking branch 'origin/eculver/remove-envoy-1.15' into eculver/remove-envoy-1.15 2021-09-28 16:06:36 -07:00
Evan Culver eaa9394cb2
Fix typo
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2021-09-29 01:05:45 +02:00
Evan Culver 64f94b10ce
Merge branch 'eculver/envoy-1.19.1' into eculver/remove-envoy-1.15 2021-09-28 15:59:43 -07:00
Evan Culver 807871224a
Merge branch 'main' into eculver/envoy-1.19.1 2021-09-28 15:58:20 -07:00
Luke Kysow e71a042bcc
Fix broken link (#11171) 2021-09-28 14:04:33 -07:00
Chris S. Kim 3f79aaf509
Cleanup unnecessary normalizing method (#11169) 2021-09-28 15:31:12 -04:00
Daniel Nephin 4ed9476a61
Merge pull request #11084 from krastin/krastin-autopilot-loggingtypo
Fix a tiny typo in logging in autopilot.go
2021-09-28 15:11:11 -04:00
Evan Culver e2363c13ff
Merge branch 'main' into eculver/envoy-1.19.1 2021-09-28 11:54:33 -07:00
Jared Kirschner 25181b2cc6
Merge pull request #11167 from hashicorp/add-cross-dc-comm-model-visual
Improve mesh gateway diagram
2021-09-28 13:19:18 -04:00
Jared Kirschner 21753a9331 Improve mesh gateway diagram
Diagram now shows all possible cross-DC communication models supported by mesh
gateways for both the control and data planes.
2021-09-28 09:56:05 -07:00
Chris S. Kim 90fe20c3a2
agent: Clean up unused built-in proxy config (#11165) 2021-09-28 11:29:10 -04:00
Bisakh 85b2855cdf
acl: update GetPolicyByName method implementation (#11055) 2021-09-28 10:46:27 -04:00
Jared Kirschner 5d593e930b
Merge pull request #10702 from jkirschner-hashicorp/network-segments-docs-enhancements
Network segments docs enhancements
2021-09-28 10:24:05 -04:00
Paul Banks 05c8387891
Merge pull request #10725 from hashicorp/banks-patch-3
Call out the incompatibility of wildcards and L7 permissions
2021-09-28 13:51:41 +01:00
David Yu 208389f5ad
docs: consul-k8s cli install, add `bin/` to source path (#11146)
Add `bin/` to path from which you move `consul-k8s` to `/usr/local/bin/consul-k8s`
2021-09-27 22:11:54 -07:00
R.B. Boyer 0069c586df
changelog updates for 1.10.3, 1.9.10, and 1.8.16 (#11160) 2021-09-27 15:36:14 -05:00
Noel Quiles 937801d52d
Update alert banner for HashiConf Global 2021 (#11154) 2021-09-27 14:25:25 -04:00
John Cowen 7639cc8797
ui: Adds Flight icons to our icon set (#11097)
* ui: Adds Flight icons to our icon set

This commit doesn't actually add anything to the UI, rather just makes
the flight icons available for use.
2021-09-27 18:26:42 +01:00
John Cowen ce731453ea
ui: Hide create buttons for policies/roles/namespaces with readonly access (#10914)
This PR adds a check to policy, role and namespace list pages to make sure the user has can write those things before offering to create them via a button. (The create page/form would then be a read-only form)
2021-09-27 17:20:44 +01:00
John Cowen d157c63fe4
ui: Don't show the CRD menu for read-only intentions (#11149)
* ui: Don't show the CRD menu for read-only intentions

The UI bug here manifests itself only when a user/token is configured to have read-only access to intentions. Instead of only letting folks click to see a read only page of the intention, we would show an additional message saying that the intention was read-only due to it being 'Managed by [a kubernetes] CRD'. Whilst the intention was still read only, this extra message was still confusing for users.

This PR fixes up the conditional logic and further moves the logic to use ember-can - looking at the history of the files in question, this bug snuck itself in partly due to it being 'permission-y type stuff' previous to using ember-can and when something being editable or not was nothing to do with ACLs. Then we moved to start using ember-can without completely realising what IsEditable previously meant. So overall the code here is a tiny bit clearer/cleaner by adding a proper can view CRD intention instead of overloading the idea of 'editability'.
2021-09-27 17:19:32 +01:00
John Cowen 2d3f08263c
ui: Adds a set of basic unit tests for abilities (#11132) 2021-09-27 16:46:26 +01:00
John Cowen a3f45ad70c
ui: Remove info panel from the nspace menu when editing nspaces (#11130)
* ui: Remove info panel form the nspace menu when editing nspaces
2021-09-24 18:05:22 +01:00
John Cowen b19e14e8a8
ui: Add initial partition support to intentions (#11129)
* ui: Add initial partition support to intentions
2021-09-24 17:31:58 +01:00
Blake Covarrubias 78a3b9f3e1 docs: Decode K8s secrets with base64decode function
Use kubectl's base64decode template function (added in K8s 1.11) to
decode values in Secrets. Removes external call to `base64` utility on
the host system.
2021-09-24 08:59:34 -07:00
John Cowen e287feb85f
ui: Use last-child for selecting the desired nspace instead of nth-child (#11127) 2021-09-24 13:04:41 +01:00
John Cowen 98f5cb45b2
ui: Remove refresh-route action for session invalidation (#11105)
* ui: Move action to the correct button for session invalidation

* Remove refresh-route completely, its not needed
2021-09-24 12:10:10 +01:00
trujillo-adam 75a14772e8
Merge pull request #11028 from hashicorp/docs-k8s-cli-alpha
adding k8s-cli alpha docs
2021-09-23 16:35:56 -07:00
trujillo-adam 7b7436515f adding timeout flags, wait flag, and updated build procedure 2021-09-23 16:07:56 -07:00
Daniel Nephin 52ecd0d107 docs: clarify acl down policy 2021-09-23 18:13:39 -04:00
Daniel Nephin 30fe14eed3 acl: fix default authorizer for down_policy
This was causing a nil panic because a nil authorizer is no longer valid after the cleanup done
in https://github.com/hashicorp/consul/pull/10632.
2021-09-23 18:12:22 -04:00
Daniel Nephin a6a7069ecf Remove t.Parallel from TestACLResolver_DownPolicy
These tests run in under 10ms, t.Parallel does nothing but slow them down and
make failures harder to debug when one panics.
2021-09-23 18:12:22 -04:00
Dhia Ayachi 4505cb2920
Refactor table index acl phase 2 (#11133)
* extract common methods from oss and ent

* remove unreachable code

* add missing normalize for binding rules

* fix oss to use Query
2021-09-23 15:26:09 -04:00
Daniel Nephin cc46fcc53e config: Move ACLEnableKeyListPolicy to DeprecatedConfig 2021-09-23 15:15:00 -04:00
Daniel Nephin 107c24a68a config: move acl_ttl to DeprecatedConfig 2021-09-23 15:14:59 -04:00
Daniel Nephin 5eb2bebdf8 config: move acl_{default,down}_policy to DeprecatedConfig 2021-09-23 15:14:59 -04:00
Daniel Nephin 408eb0e08e config: Deprecate EnableACLReplication
replaced by ACL.TokenReplication
2021-09-23 15:14:59 -04:00
Daniel Nephin d54db5917f config: move ACL master token and replication to DeprecatedConfig 2021-09-23 15:14:59 -04:00
CJ 6d20f74c90
docs: Fix grammatical errors in glossary (#10751) 2021-09-23 08:36:52 -07:00
Paul Banks f8412cf5fa
Merge pull request #10903 from hashicorp/feature/ingress-sds
Add Support to for providing TLS certificates for Ingress listeners from an SDS source
2021-09-23 16:19:05 +01:00
Dhia Ayachi ebe333b947
Refactor table index (#11131)
* convert tableIndex to use the new pattern

* make `indexFromString` available for oss as well

* refactor `indexUpdateMaxTxn`
2021-09-23 11:06:23 -04:00
Paul Banks d57931124f Final readability tweaks from review 2021-09-23 10:17:12 +01:00
Paul Banks 8c8cde524e Add Envoy integration test for split-route SDS case 2021-09-23 10:17:03 +01:00