4ee15914b0
auto-updated agent/uiserver/bindata_assetfs.go from commit e23b5b003
2020-12-02 15:53:16 +00:00
a814338374
auto-updated agent/uiserver/bindata_assetfs.go from commit 9ac7bc180
2020-12-02 15:46:59 +00:00
297210ad93
auto-updated agent/uiserver/bindata_assetfs.go from commit a5b9ada9a
2020-12-02 09:49:40 +00:00
af9687e0b8
auto-updated agent/uiserver/bindata_assetfs.go from commit cf38309f6
2020-12-01 15:49:06 +00:00
91d5d6c586
Merge pull request #9009 from hashicorp/update-secondary-ca
...
connect: Fix an issue with updating CA config in a secondary datacenter
2020-11-30 14:49:28 -08:00
c5167cf9c4
Use a buffered channel for CA intermediate renew func
2020-11-30 14:37:24 -08:00
149e1e5f13
auto-updated agent/uiserver/bindata_assetfs.go from commit afe0f2614
2020-11-30 18:47:37 +00:00
45f7de452f
auto-updated agent/uiserver/bindata_assetfs.go from commit b5abbf122
2020-11-30 17:33:21 +00:00
58797598dc
auto-updated agent/uiserver/bindata_assetfs.go from commit d1ebe8c14
2020-11-30 17:27:35 +00:00
c03baa7b57
auto-updated agent/uiserver/bindata_assetfs.go from commit f46ef3e3f
2020-11-30 17:07:25 +00:00
4801228104
auto-updated agent/uiserver/bindata_assetfs.go from commit a59a2f860
2020-11-30 16:57:34 +00:00
2fd62ba8de
auto-updated agent/uiserver/bindata_assetfs.go from commit 9cf30e74e
2020-11-30 15:09:43 +00:00
17a86be022
Merge pull request #9284 from hashicorp/dnephin/agent-service-register
...
local: mark service as InSync when added to local agent state
2020-11-27 15:49:55 -05:00
4c5fab6e00
local: mark service and checks as InSync when added
...
If the existing service and checks are the same as the new registration.
2020-11-27 15:31:12 -05:00
8c5c6e77ec
fix serf_wan documentation ( #9289 )
...
WAN config is different than LAN config, source of truth is
f72d2042a8/config.go (L315-L326)
2020-11-27 20:49:43 +01:00
b6e469e1e9
auto-updated agent/uiserver/bindata_assetfs.go from commit 408174f3b
2020-11-27 15:45:17 +00:00
813f0d552d
Merge pull request #9247 from pierresouchay/streaming_predictible_order_for_health
...
[Streaming] Predictable order for results of /health/service/:serviceName to mimic memdb
2020-11-25 15:53:18 -05:00
09673426e3
Applied suggestions from @dnephin
...
* Renamed `cachedHealResultSorter` into `sortCheckServiceNodes`
* Use `<` instead of `strings.Compare`
* Single line comparison in unit test
2020-11-25 21:40:51 +01:00
6d6b6c15c6
server: fix panic when deleting a non existent intention ( #9254 )
...
* server: fix panic when deleting a non existent intention
* add changelog
* Always return an error when deleting non-existent ixn
Co-authored-by: freddygv <gh@freddygv.xyz>
2020-11-24 13:44:20 -05:00
293360339b
auto-updated agent/uiserver/bindata_assetfs.go from commit 6f8b5acbe
2020-11-24 17:51:46 +00:00
4039a19ed3
auto-updated agent/uiserver/bindata_assetfs.go from commit 9c3c7bcf3
2020-11-24 14:38:24 +00:00
25f9e232af
add missing descriptions for metrics
2020-11-23 22:06:30 +01:00
7a8844ccce
add entries for missing fsm operations and mark duplicated metrics prefixes as deprecated
2020-11-23 12:42:51 -08:00
a01f853aa5
Clean up the logic in persistNewRootAndConfig
2020-11-20 15:54:44 -08:00
3ea27d75e4
Merge pull request #9245 from hashicorp/telemetry/fix-missing-and-stale-docs
...
Telemetry/fix missing and stale docs
2020-11-20 12:54:29 -08:00
9239df6dbd
[Streaming] Predictable order for results of /health/service/:serviceName to mimic memdb
...
This ensures the result is consitent with/witout streaming
Will partially fix #9239
2020-11-20 16:23:35 +01:00
ed719c978b
Merge branch 'master' into 6074-allow-config-MaxHeaderBytes
2020-11-20 07:43:53 -06:00
26a9c985c5
Add CA server delegate interface for testing
2020-11-19 20:08:06 -08:00
4ad076207e
add telemetry and definition help entries for missing catalog and acl metrics
2020-11-19 13:29:44 -08:00
7bcbc59dea
command: when generating envoy bootstrap configs use the datacenter returned from the agent services endpoint ( #9229 )
...
Fixes #9215
2020-11-19 15:27:31 -06:00
46205bbf27
remove stale entries and rename/define acl.resolveToken
2020-11-19 13:06:28 -08:00
22a0ab69ae
auto-updated agent/uiserver/bindata_assetfs.go from commit d913af2bb
2020-11-19 18:45:01 +00:00
e4e306210a
Require operator:write to get Connect CA config ( #9240 )
...
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that operators with `operator:read` ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the `/v1/connect/ca/configuration` endpoint, including the private key. This allows the user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services. This would potentially allow them to masquerade (receive/send traffic) as any service in the mesh.
--
This PR increases the permissions required to read the Connect CA's private key when it was configured via the `/connect/ca/configuration` endpoint. They are now `operator:write`.
2020-11-19 10:14:48 -07:00
293ba9e0b5
auto-updated agent/uiserver/bindata_assetfs.go from commit 687ce1f9c
2020-11-19 16:13:04 +00:00
35c5f83ea3
Merge pull request #9224 from hashicorp/dnephin/fix-multiple-http-listeners
...
agent: fix bug with multiple listeners
2020-11-18 16:52:29 -05:00
8647483605
Use freeport
...
To prevent other tests which already use freeport from flaking when port 0 steals their reserved port.
2020-11-18 16:07:34 -05:00
75a1727b31
auto-updated agent/uiserver/bindata_assetfs.go from commit 591a96d5b
2020-11-18 19:07:25 +00:00
fc07c63974
auto-updated agent/uiserver/bindata_assetfs.go from commit 1edef424a
2020-11-18 19:00:19 +00:00
fed2a61dfc
agent: fix bug with multiple listeners
...
Previously the listener was being passed to a closure in a loop without
capturing the loop variable. The result is only the last listener is
used, so the http/https servers only listen on one address.
This problem is fixed by capturing the variable by passing it into a
function.
2020-11-18 13:03:29 -05:00
393d83dfa3
auto-updated agent/uiserver/bindata_assetfs.go from commit 664f1d9aa
2020-11-18 11:17:06 +00:00
c8d4a40a87
connect: update some function comments in CA manager
2020-11-17 16:00:19 -08:00
b9306d8827
acl: remove a test-only method
2020-11-17 18:16:34 -05:00
9e7c8dd19d
Remove two unused delegate methods
2020-11-17 18:16:26 -05:00
d9af48afce
Merge pull request #9160 from hashicorp/dnephin/go-test-race-in-to-out-list
...
ci: change go-test-race package list to exclude list
2020-11-17 13:13:38 -05:00
4bca029be9
Refactor to call non-voting servers read replicas ( #9191 )
...
Co-authored-by: Kit Patella <kit@jepsen.io>
2020-11-17 10:53:57 -05:00
4dfcdbab26
Merge pull request #9198 from hashicorp/mkcp/telemetry/add-all-metric-definitions
...
Add metric definitions for all metrics known at Consul start
2020-11-16 15:54:50 -08:00
95fa102195
auto-updated agent/uiserver/bindata_assetfs.go from commit fe728855e
2020-11-16 23:41:31 +00:00
2763833d32
Add DC and NS support for Envoy metrics ( #9207 )
...
This PR updates the tags that we generate for Envoy stats.
Several of these come with breaking changes, since we can't keep two stats prefixes for a filter.
2020-11-16 16:37:19 -07:00
36aaf86647
Merge branch 'mkcp/telemetry/add-all-metric-definitions' of ssh://github.com/hashicorp/consul into mkcp/telemetry/add-all-metric-definitions
2020-11-16 15:26:12 -08:00
4c30ebbb73
fix some tests that were broken from the TelemetryConfig change
2020-11-16 15:22:36 -08:00
7ec3ad5b73
linting: sort and group import
2020-11-16 14:17:24 -08:00
1f0b26c9d3
update runtime_test to handle PrometheusOpts expiry field change
2020-11-16 14:16:12 -08:00
197a37a860
Prevent panic if autopilot health is requested prior to leader establishment finishing. ( #9204 )
2020-11-16 17:08:17 -05:00
6290be054a
use the MetricsPrefix to set the service name and provide as slice literal to avoid bugs from append modifying its first arg
2020-11-16 14:01:12 -08:00
464d13d80b
push prometheus sink definiitons into prometheus.PrometheusOpts
2020-11-16 12:44:47 -08:00
de88ceed1c
Merge pull request #9114 from hashicorp/dnephin/filtering-in-stream
...
stream: improve naming of Payload methods
2020-11-16 14:20:07 -05:00
0b18f5612e
trim help strings to save a few bytes
2020-11-16 11:02:11 -08:00
374748dafc
merge master
2020-11-16 10:46:53 -08:00
42641671b3
auto-updated agent/uiserver/bindata_assetfs.go from commit 959974e96
2020-11-16 15:27:40 +00:00
af719981f3
finish adding static server metrics
2020-11-13 16:26:08 -08:00
0a86533e20
Reorganize some CA manager code for correctness/readability
2020-11-13 14:46:01 -08:00
5de81c1375
connect: Add CAManager for synchronizing CA operations
2020-11-13 14:33:44 -08:00
0b4876f906
connect: Add logic for updating secondary DC intermediate on config set
2020-11-13 14:33:44 -08:00
db1184c094
server: intentions CRUD requires connect to be enabled ( #9194 )
...
Fixes #9123
2020-11-13 16:19:12 -06:00
b486c1bce8
add the service name in the agent rather than in the definitions themselves
2020-11-13 13:18:04 -08:00
e323014faf
server: remove config entry CAS in legacy intention API bridge code ( #9151 )
...
Change so line-item intention edits via the API are handled via the state store instead of via CAS operations.
Fixes #9143
2020-11-13 14:42:21 -06:00
6300abed18
server: skip deleted and deleting namespaces when migrating intentions to config entries ( #9186 )
2020-11-13 13:56:41 -06:00
a343365da7
ci: update to Go 1.15.4 and alpine:3.12 ( #9036 )
...
* ci: stop building darwin/386 binaries
Go 1.15 drops support for 32-bit binaries on Darwin https://golang.org/doc/go1.15#darwin
* tls: ConnectionState::NegotiatedProtocolIsMutual is deprecated in Go 1.15, this value is always true
* correct error messages that changed slightly
* Completely regenerate some TLS test data
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2020-11-13 13:02:59 -05:00
45a8bc9472
auto-updated agent/uiserver/bindata_assetfs.go from commit 1059a51a3
2020-11-13 16:00:39 +00:00
b8d6e195ed
auto-updated agent/uiserver/bindata_assetfs.go from commit 78b704be8
2020-11-13 15:44:14 +00:00
758384893d
server: break up Intention.Apply monolithic method ( #9007 )
...
The Intention.Apply RPC is quite large, so this PR attempts to break it down into smaller functions and dissolves the pre-config-entry approach to the breakdown as it only confused things.
2020-11-13 09:15:39 -06:00
9533372ded
first pass on agent-configured prometheusDefs and adding defs for every consul metric
2020-11-12 18:12:12 -08:00
70093be98c
Merge pull request #9162 from hashicorp/dnephin/fix-grpc-metrics
...
grpc: fix metrics
2020-11-12 17:03:01 -05:00
dc2cb412b8
auto-updated agent/uiserver/bindata_assetfs.go from commit 6b2970402
2020-11-12 18:49:48 +00:00
a5bd1ba323
agent: return the default ACL policy to callers as a header ( #9101 )
...
Header is: X-Consul-Default-ACL-Policy=<allow|deny>
This is of particular utility when fetching matching intentions, as the
fallthrough for a request that doesn't match any intentions is to
enforce using the default acl policy.
2020-11-12 10:38:32 -06:00
c6dd87c79e
auto-updated agent/uiserver/bindata_assetfs.go from commit 7243f1f4f
2020-11-12 15:45:53 +00:00
a7fec642fc
ci: go-test-race switch to exclude list
...
Most packages should pass the race detector. An exclude list ensures
that new packages are automatically tested with -race.
Also fix a couple small test races to allow more packages to be tested.
Returning readyCh requires a lock because it can be set to nil, and
setting it to nil will race without the lock.
Move the TestServer.Listening calls around so that they properly guard
setting TestServer.l. Otherwise it races.
Remove t.Parallel in a small package. The entire package tests run in a
few seconds, so t.Parallel does very little.
In auto-config, wait for the AutoConfig.run goroutine to stop before
calling readPersistedAutoConfig. Without this change there was a data
race on reading ac.config.
2020-11-11 14:44:57 -05:00
956bff398a
grpc: fix grpc metrics
...
defaultMetrics was being set at package import time, which meant that it received an instance of
the original default. But lib/telemetry.InitTelemetry sets a new global when it is called.
This resulted in the metrics being sent nowhere.
This commit changes defaultMetrics to be a function, so it will return the global instance when
called. Since it is called after InitTelemetry it will return the correct metrics instance.
2020-11-11 14:27:25 -05:00
58f98db227
Add a CLI command for retrieving the autopilot configuration. ( #9142 )
2020-11-11 13:19:02 -05:00
aac3729a6c
auto-updated agent/uiserver/bindata_assetfs.go from commit 6423a2c10
2020-11-11 17:03:36 +00:00
2badb01d30
Add a paramter in state store methods to indicate whether a resource insertion is from a snapshot restoration ( #9156 )
...
The Catalog, Config Entry, KV and Session resources potentially re-validate the input as its coming in. We need to prevent snapshot restoration failures due to missing namespaces or namespaces that are being deleted in enterprise.
2020-11-11 11:21:42 -05:00
4c2ca3a516
auto-updated agent/uiserver/bindata_assetfs.go from commit e1d977138
2020-11-11 14:48:38 +00:00
e033ad896a
Merge pull request #9149 from joel0/wrap-errors
...
Use error wrapping to preserve error type info
2020-11-10 18:27:08 -05:00
386eb567f9
Merge pull request #8976 from joel0/wrap-eof
...
Wrap rpc error object
2020-11-10 17:04:11 -05:00
87747ecd34
Use error wrapping to preserve error type info
2020-11-10 21:50:09 +00:00
9fdbc68c92
auto-updated agent/uiserver/bindata_assetfs.go from commit e18d8e299
2020-11-10 16:37:33 +00:00
892fa384fe
auto-updated agent/uiserver/bindata_assetfs.go from commit fb6202929
2020-11-10 14:42:02 +00:00
5626983031
auto-updated agent/uiserver/bindata_assetfs.go from commit c8e40ee0d
2020-11-09 17:34:25 +00:00
1f40f51a58
Fix a bunch of linter warnings
2020-11-09 09:22:12 -05:00
755fb72994
Switch to using the external autopilot module
2020-11-09 09:22:11 -05:00
901df77971
auto-updated agent/uiserver/bindata_assetfs.go from commit 5c0ec13fb
2020-11-09 09:31:52 +00:00
eaafa5c17d
auto-updated agent/uiserver/bindata_assetfs.go from commit d9672bca8
2020-11-09 09:19:52 +00:00
9ccb340893
chore: upgrade to gopsutil/v3 ( #9118 )
...
* deps: update golang.org/x/sys
* deps: update imports to gopsutil/v3
* chore: make update-vendor
2020-11-06 20:48:38 -05:00
e4a78c977d
stream: document that Payload must be immutable
...
If they are sent to EventPublisher.Publish.
Also document that PayloadEvents is expected to come from a subscription and that it is
not immutable.
2020-11-06 13:00:33 -05:00
9b37ea7dcb
Revert "Add namespace support for metrics (OSS) ( #9117 )" ( #9124 )
...
This reverts commit 06b3b017d326853dbb53bc0ec08ce371265c5ce9.
2020-11-06 10:24:32 -06:00
4db32dd6c5
auto-updated agent/uiserver/bindata_assetfs.go from commit 3a68686cc
2020-11-06 15:04:29 +00:00
6e87590a9a
auto-updated agent/uiserver/bindata_assetfs.go from commit 848f72f66
2020-11-06 09:31:18 +00:00
874efe705f
Add namespace support for metrics (OSS) ( #9117 )
2020-11-05 18:24:29 -07:00
4fc073b1f4
stream: rename FilterByKey
2020-11-05 19:21:16 -05:00
d4cd2fa6a8
stream: Add HasReadPermission to Payload
...
Required now that filter is a method on PayloadEvents instead of Event
2020-11-05 19:17:18 -05:00
hashicorp-ci