beb9f17337
Add default resolvers to disco chains based on the default sameness group ( #16837 )
2023-03-31 14:35:56 -04:00
b97a3a17d8
add order by locality failover to Consul enterprise ( #16791 )
2023-03-30 10:08:38 -04:00
dd0e8eec14
copyright headers for agent folder ( #16704 )
...
* copyright headers for agent folder
* Ignore test data files
* fix proto files and remove headers in agent/uiserver folder
* ignore deep-copy files
2023-03-28 14:39:22 -04:00
2bf2e81a6b
add sameness groups to discovery chains ( #16671 )
2023-03-20 09:12:37 -04:00
68046060ea
add sameness group support to service resolver failover and redirects ( #16664 )
2023-03-17 10:48:06 -04:00
d449096190
Add Peer Locality to Discovery Chains ( #16588 )
...
Add peer locality to discovery chains
2023-03-10 12:59:47 -05:00
5c8414e772
Add support for failover policies ( #16505 )
2023-03-03 11:12:38 -05:00
2916821b55
Add ServiceResolver RequestTimeout for route timeouts to make TerminatingGateway upstream timeouts configurable ( #16495 )
...
* Leverage ServiceResolver ConnectTimeout for route timeouts to make TerminatingGateway upstream timeouts configurable
* Regenerate golden files
* Add RequestTimeout field
* Add changelog entry
2023-03-03 09:37:12 -05:00
71f7f2e3dc
Add support for configuring Envoys route idle_timeout ( #14340 )
...
* Add idleTimeout
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2022-11-29 17:43:15 -05:00
ae1646706f
Regenerate files according to 1.19.2 formatter
2022-10-24 16:12:08 -04:00
4d9309327f
Add the ability to retry on reset connection to service-routers ( #12890 )
2022-10-05 13:06:44 -04:00
2a370d456b
Update the structs and discovery chain for service resolver redirects to cluster peers. ( #14366 )
2022-08-29 09:51:32 -04:00
3d45306e1b
Cluster peering failover disco chain changes ( #14296 )
2022-08-23 09:13:43 -04:00
40ce1c8288
Add `Targets` field to service resolver failovers. ( #14162 )
...
This field will be used for cluster peering failover.
2022-08-15 09:20:25 -04:00
0905c1d83d
Manual Structs fixup
...
Change things by hand that I couldn't figure out how to automate
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-04-05 14:51:10 -07:00
ab099e5fcb
Refactor config checks oss ( #12550 )
...
Currently the config_entry.go subsystem delegates authorization decisions via the ConfigEntry interface CanRead and CanWrite code. Unfortunately this returns a true/false value and loses the details of the source.
This is not helpful, especially since it the config subsystem can be more complex to understand, since it covers so many domains.
This refactors CanRead/CanWrite to return a structured error message (PermissionDenied or the like) with more details about the reason for denial.
Part of #12241
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-03-11 13:45:51 -08:00
11fdc70b34
configentry: make a new package to hold shared config entry structs that aren't used for RPC or the FSM ( #12384 )
...
First two candidates are ConfigEntryKindName and DiscoveryChainConfigEntries.
2022-02-22 10:36:36 -06:00
65875a7c69
Remove support for failover to partition
...
Failing over to a partition is more siimilar to failing over to another
datacenter than it is to failing over to a namespace. In a future
release we should update how localities for failover are specified. We
should be able to accept a list of localities which can include both
partition and datacenter.
2021-12-06 12:32:24 -07:00
a1c1e36be7
Allow cross-partition references in disco chain
...
* Add partition fields to targets like service route destinations
* Update validation to prevent cross-DC + cross-partition references
* Handle partitions when reading config entries for disco chain
* Encode partition in compiled targets
2021-12-06 12:32:19 -07:00
929ad1e80f
add service resolver subset filter validation
2021-10-13 02:56:04 +05:30
e6642c6dae
Refactor HTTPHeaderModifiers.MergeDefaults based on feedback
2021-09-10 21:11:00 +01:00
3484d77b18
Fix enterprise discovery chain tests; Fix multi-level split merging
2021-09-10 21:11:00 +01:00
e0ad412f1d
Remove unnecessary check
2021-09-10 21:09:24 +01:00
1dd1683ed9
Header manip for split legs plumbing
2021-09-10 21:09:24 +01:00
2db02cdba2
Add HTTP header manip for router and splitter entries
2021-09-10 21:09:24 +01:00
7ac9b46f08
Header manip and validation added for ingress-gateway entries
2021-09-10 21:09:24 +01:00
96d7842118
partition dicovery chains ( #10983 )
...
* partition dicovery chains
* fix default partition for OSS
2021-09-07 16:29:32 -04:00
f766b6dff7
oss portion of ent #1069 ( #10883 )
2021-08-20 12:57:45 -04:00
608b291565
acl: use authz consistently as the variable name for an acl.Authorizer
...
Follow up to https://github.com/hashicorp/consul/pull/10737#discussion_r682147950
Renames all variables for acl.Authorizer to use `authz`. Previously some
places used `rule` which I believe was an old name carried over from the
legacy ACL system.
A couple places also used authorizer.
This commit also removes another couple of authorizer nil checks that
are no longer necessary.
2021-08-17 12:14:10 -04:00
31bbab8ae7
Merge pull request #10560 from jkirschner-hashicorp/change-sane-to-reasonable
...
Replace use of 'sane' where appropriate
2021-07-06 11:46:04 -04:00
4c3b1b8b7b
Replace use of 'sane' where appropriate
...
HashiCorp voice, style, and language guidelines recommend avoiding ableist
language unless its reference to ability is accurate in a particular use.
2021-07-02 12:18:46 -04:00
9778bee35a
structs: prohibit config entries from referencing more than one partition at a time ( #10478 )
...
affected kinds: service-defaults, ingress-gateway, terminating-gateway, service-intentions
2021-06-23 16:44:10 -05:00
dcf80907a9
structs: fix cache keys
...
So that requests are cached properly, and the cache does not return the wrong data for a
request.
2021-05-31 17:22:16 -04:00
35c4efd220
connect: support defining intentions using layer 7 criteria ( #8839 )
...
Extend Consul’s intentions model to allow for request-based access control enforcement for HTTP-like protocols in addition to the existing connection-based enforcement for unspecified protocols (e.g. tcp).
2020-10-06 17:09:13 -05:00
33af8dab9a
Resolve conflicts against master
2020-09-11 18:41:58 -06:00
60cb306524
Add session flag to cookie config
2020-09-11 18:34:03 -06:00
5871b667a5
Revert EnvoyConfig nesting
2020-09-11 09:21:43 -06:00
56fdae9ace
Update resolver defaulting
2020-09-03 13:08:44 -06:00
c4bce2154b
Move valid policies to pkg level
2020-09-02 15:49:03 -06:00
daad3b9210
Remove LB infix and move injection to xds
2020-09-02 15:13:50 -06:00
b0bde51e70
connect: all config entries pick up a meta field ( #8596 )
...
Fixes #8595
2020-09-02 14:10:25 -05:00
d7bda050e0
Restructure structs and other PR comments
2020-09-02 09:10:50 -06:00
58a018c20b
Add documentation for resolver LB cfg
2020-08-28 14:46:13 -06:00
391d569a45
Add LB policy to service-resolver
2020-08-27 19:44:02 -06:00
f2b8bf109c
xds: use envoy's rbac filter to handle intentions entirely within envoy ( #8569 )
2020-08-27 12:20:58 -05:00
89d95561df
Enable gofmt simplify
...
Code changes done automatically with 'gofmt -s -w'
2020-06-16 13:21:11 -04:00
644eb3b33a
Add alias struct tags for new decode hook
2020-05-27 16:24:47 -04:00
2e0f750f1a
Add unconvert linter
...
To find unnecessary type convertions
2020-05-12 13:47:25 -04:00
2524a028ea
OSS Changes for various config entry namespacing bugs ( #7226 )
2020-02-06 10:52:25 -05:00
485a0a65ea
Updates to Config Entries and Connect for Namespaces ( #7116 )
2020-01-24 10:04:58 -05:00
Eric Haberkorn