open-consul/agent
Daniel Nephin 1f670c22f5 ca: remove one call to provider.ActiveRoot
ActiveRoot should not be called from the secondary DC, because there
should not be a requirement to run the same Vault instance in a
secondary DC. SignIntermediate is called in a secondary DC, so it should
not call ActiveRoot

We would also like to change the interface of ActiveRoot so that we can
support using an intermediate cert as the primary CA in Consul. In
preparation for making that change I am reducing the number of calls to
ActiveRoot, so that there are fewer code paths to modify when the
interface changes.

This change required a change to the mockCAServerDelegate we use in
tests. It was returning the RootCert for SignIntermediate, but that is
not an accurate fake of production. In production this would also be a
separate cert.
2022-01-06 16:55:50 -05:00
..
ae
auto-config Rename Master and AgentMaster fields in config protobuf (#11764) 2021-12-07 19:59:38 +00:00
cache
cache-types add MustRevalidate flag to connect_ca_leaf cache type; always use on non-blocking queries (#11693) 2021-12-02 11:32:15 -08:00
checks re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
config config: correctly capture all errors. 2022-01-05 17:51:03 -05:00
connect fix misleading errors on vault shutdown 2021-12-08 18:42:52 -05:00
consul ca: remove one call to provider.ActiveRoot 2022-01-06 16:55:50 -05:00
debug
dns
exec re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
grpc Merge remote-tracking branch 'origin/main' into serve-panic-recovery 2021-12-07 16:30:41 -05:00
local clone the service under lock to avoid a data race (#11940) 2022-01-06 14:33:06 -05:00
metadata partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
mock
pool grpc: ensure that streaming gRPC requests work over mesh gateway based wan federation (#10838) 2021-08-24 16:28:44 -05:00
proxycfg reset coalesceTimer to nil as soon as the event is consumed (#11924) 2022-01-05 12:17:47 -05:00
router light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
routine-leak-checker Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
rpc/subscribe Merge branch 'main' into serve-panic-recovery 2021-11-06 16:12:06 +01:00
rpcclient/health agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
structs Use ptr receiver in all Upstream methods 2021-12-13 18:56:14 -07:00
submatview grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#11099) 2021-09-22 13:14:26 -05:00
systemd
token agent/token: rename agent_master to agent_recovery (internally) (#11744) 2021-12-07 12:12:47 +00:00
uiserver ui: Pass primary dc through to uiserver (#11317) 2021-10-26 10:30:17 -04:00
xds additional test fixes 2021-12-13 18:56:44 -07:00
acl.go api: Return 404 when deregistering a non-existent check (#11950) 2022-01-06 12:38:37 -08:00
acl_endpoint.go Ensure consistency with error-handling across all handlers. (#11599) 2022-01-05 12:11:03 -05:00
acl_endpoint_legacy.go
acl_endpoint_legacy_test.go agent: Ensure partition is considered in agent endpoints (#11427) 2021-10-26 15:20:57 -04:00
acl_endpoint_test.go Ensure consistency with error-handling across all handlers. (#11599) 2022-01-05 12:11:03 -05:00
acl_oss.go agent: support X-Consul-Results-Filtered-By-ACLs header in agent-local endpoints (#11610) 2021-12-03 20:36:28 +00:00
acl_test.go agent: support X-Consul-Results-Filtered-By-ACLs header in agent-local endpoints (#11610) 2021-12-03 20:36:28 +00:00
agent.go Rename ACLMasterToken => ACLInitialManagementToken (#11746) 2021-12-07 12:39:28 +00:00
agent_endpoint.go Ensure consistency with error-handling across all handlers. (#11599) 2022-01-05 12:11:03 -05:00
agent_endpoint_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
agent_endpoint_test.go api: Return 404 when deregistering a non-existent check (#11950) 2022-01-06 12:38:37 -08:00
agent_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
agent_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
apiserver.go
apiserver_test.go
catalog_endpoint.go try to infer command partition from node partition (#10981) 2021-09-03 08:37:23 -04:00
catalog_endpoint_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
catalog_endpoint_test.go
check.go
config_endpoint.go Support Check-And-Set deletion of config entries (#11419) 2021-11-01 16:42:01 +00:00
config_endpoint_test.go Support Check-And-Set deletion of config entries (#11419) 2021-11-01 16:42:01 +00:00
connect_auth.go Account for partitions in ixn match/decision 2021-09-16 14:39:01 -06:00
connect_ca_endpoint.go add root_cert_ttl option for consul connect, vault ca providers (#11428) 2021-11-02 11:02:10 -07:00
connect_ca_endpoint_test.go
coordinate_endpoint.go try to infer command partition from node partition (#10981) 2021-09-03 08:37:23 -04:00
coordinate_endpoint_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
delegate_mock_test.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
denylist.go
denylist_test.go
discovery_chain_endpoint.go
discovery_chain_endpoint_test.go Remove useInDatacenter from disco chain requests 2021-10-26 23:35:21 -06:00
dns.go dns: add endpoint for querying service virtual IPs 2021-12-02 16:40:28 -08:00
dns_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
dns_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
enterprise_delegate_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
event_endpoint.go event: support X-Consul-Results-Filtered-By-ACLs header in list (#11616) 2021-12-03 17:38:59 +00:00
event_endpoint_test.go event: support X-Consul-Results-Filtered-By-ACLs header in list (#11616) 2021-12-03 17:38:59 +00:00
federation_state_endpoint.go
health_endpoint.go
health_endpoint_test.go
http.go Ensure consistency with error-handling across all handlers. (#11599) 2022-01-05 12:11:03 -05:00
http_decode_test.go add test cases for h2ping_use_tls default behavior 2021-10-09 17:12:52 -04:00
http_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
http_oss_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
http_register.go cleanup: Clarify deprecated legacy intention endpoints (#11635) 2021-11-23 19:32:18 -05:00
http_test.go add path escape and unescape to path params 2022-01-03 08:18:32 -08:00
intentions_endpoint.go cleanup: Clarify deprecated legacy intention endpoints (#11635) 2021-11-23 19:32:18 -05:00
intentions_endpoint_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
intentions_endpoint_test.go agent: Reject partitions in legacy intention endpoints (#11181) 2021-10-01 13:18:57 -04:00
keyring.go
keyring_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
kvs_endpoint.go
kvs_endpoint_test.go
metrics.go agent: move agent tls metric monitor to a more appropriate place 2021-10-27 16:26:09 -04:00
metrics_test.go Add tests for cert expiry metrics 2021-10-28 14:38:57 -04:00
nodeid.go
nodeid_test.go
notify.go
notify_test.go
operator_endpoint.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
operator_endpoint_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
operator_endpoint_test.go
prepared_query_endpoint.go fixing various bits of enterprise meta plumbing to be more correct (#10889) 2021-08-20 14:34:23 -05:00
prepared_query_endpoint_test.go
reload.go
remote_exec.go
remote_exec_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
retry_join.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
retry_join_test.go
service_checks_test.go
service_manager.go oss portion of ent #1069 (#10883) 2021-08-20 12:57:45 -04:00
service_manager_test.go Remove some usage of md5 from the system (#11491) 2021-11-04 13:07:54 -07:00
session_endpoint.go
session_endpoint_test.go
setup.go agent: move agent tls metric monitor to a more appropriate place 2021-10-27 16:26:09 -04:00
setup_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
sidecar_service.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
sidecar_service_test.go
signal_unix.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
signal_windows.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
snapshot_endpoint.go
snapshot_endpoint_test.go
status_endpoint.go
status_endpoint_test.go
streaming_test.go regenerate expired certs (#11462) 2021-11-01 11:40:16 -04:00
testagent.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
testagent_test.go
translate_addr.go
txn_endpoint.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
txn_endpoint_test.go refactor session state store tables to use the new index pattern (#11525) 2021-11-08 16:20:50 -05:00
ui_endpoint.go acl: use wildcard partition in metrics proxy ui endpoint 2021-12-10 15:58:17 -08:00
ui_endpoint_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
ui_endpoint_test.go ent->oss test fix (#10926) 2021-08-26 14:06:49 -04:00
user_event.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
user_event_test.go Update 4 non-acl tests that used the legacy ACL.Apply 2021-09-21 17:57:29 -04:00
util.go Remove some usage of md5 from the system (#11491) 2021-11-04 13:07:54 -07:00
util_test.go Remove some usage of md5 from the system (#11491) 2021-11-04 13:07:54 -07:00
watch_handler.go
watch_handler_test.go