luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent
History
Connor b3af482e09
Support Vault Namespaces explicitly in CA config (#11477) 
* Support Vault Namespaces explicitly in CA config

If there is a Namespace entry included in the Vault CA configuration,
set it as the Vault Namespace on the Vault client

Currently the only way to support Vault namespaces in the Consul CA
config is by doing one of the following:
1) Set the VAULT_NAMESPACE environment variable which will be picked up
by the Vault API client
2) Prefix all Vault paths with the namespace

Neither of these are super pleasant. The first requires direct access
and modification to the Consul runtime environment. It's possible and
expected, not super pleasant.

The second requires more indepth knowledge of Vault and how it uses
Namespaces and could be confusing for anyone without that context. It
also infers that it is not supported

* Add changelog

* Remove fmt.Fprint calls

* Make comment clearer

* Add next consul version to website docs

* Add new test for default configuration

* go mod tidy

* Add skip if vault not present

* Tweak changelog text
 		2021-11-05 11:42:28 -05:00
..
ae testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
auto-config Ensure partition is handled by auto-encrypt 2021-10-14 08:32:45 -06:00
cache cache: Fix bug where connection errors can cause early cache expiry (#9979) 2021-04-08 11:11:15 +01:00
cache-types Finish removing useInDatacenter 2021-10-26 23:36:01 -06:00
checks fix test 2021-10-05 00:48:09 -04:00
config add root_cert_ttl option for consul connect, vault ca providers (#11428) 2021-11-02 11:02:10 -07:00
connect Support Vault Namespaces explicitly in CA config (#11477) 2021-11-05 11:42:28 -05:00
consul add root_cert_ttl option for consul connect, vault ca providers (#11428) 2021-11-02 11:02:10 -07:00
debug chore: upgrade to gopsutil/v3 (#9118) 2020-11-06 20:48:38 -05:00
dns Add DNS recursor strategy option (#10611) 2021-07-19 15:22:51 -07:00
exec
grpc regenerate expired certs (#11462) 2021-11-01 11:40:16 -04:00
local Merge pull request #11177 from hashicorp/dnephin/remove-entmeta-methods 2021-09-29 12:08:07 -04:00
metadata acl: remove reading of serf acl tags 2021-09-29 15:45:11 -04:00
mock
pool grpc: ensure that streaming gRPC requests work over mesh gateway based wan federation (#10838) 2021-08-24 16:28:44 -05:00
proxycfg Exclude default partition from GatewayKey string 2021-11-01 14:45:52 -06:00
router Correcting the changed function name in comment 2021-02-06 20:23:40 -05:00
routine-leak-checker acl: call stop for the upgrade goroutine when done 2021-09-29 17:36:43 -04:00
rpc/subscribe acl: remove legacy arg to store.ACLTokenSet 2021-10-25 17:25:14 -04:00
rpcclient/health agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
structs Support Vault Namespaces explicitly in CA config (#11477) 2021-11-05 11:42:28 -05:00
submatview grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#11099) 2021-09-22 13:14:26 -05:00
systemd
token
uiserver ui: Pass primary dc through to uiserver (#11317) 2021-10-26 10:30:17 -04:00
xds Store GatewayKey in proxycfg snapshot for re-use 2021-11-01 13:58:53 -06:00
acl.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
acl_endpoint.go acl: remove unused translate rules endpoint 2021-10-05 18:26:05 -04:00
acl_endpoint_legacy.go http: update legacy ACL endpoints to return an error 2021-08-17 13:09:29 -04:00
acl_endpoint_legacy_test.go agent: Ensure partition is considered in agent endpoints (#11427) 2021-10-26 15:20:57 -04:00
acl_endpoint_test.go acl: remove unused translate rules endpoint 2021-10-05 18:26:05 -04:00
acl_oss.go acl: fix bug in 'consul members' filtering with partitions (#11263) 2021-10-13 09:18:16 -05:00
acl_test.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
agent.go segments: ensure that the serf_lan_allowed_cidrs applies to network segments (#11495) 2021-11-04 17:17:19 -05:00
agent_endpoint.go agent: for various /v1/agent endpoints parse the partition parameter on the request (#11444) 2021-10-28 16:44:38 -05:00
agent_endpoint_oss.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
agent_endpoint_test.go Convert (some) test endpoints to use ServeHTTP instead of direct calls to handlers. (#11445) 2021-11-03 11:12:36 -04:00
agent_oss.go Add oss impl of registerEntCache 2021-10-27 11:15:25 -06:00
agent_test.go Remove some usage of md5 from the system (#11491) 2021-11-04 13:07:54 -07:00
apiserver.go agent: fix bug with multiple listeners 2020-11-18 13:03:29 -05:00
apiserver_test.go
catalog_endpoint.go try to infer command partition from node partition (#10981) 2021-09-03 08:37:23 -04:00
catalog_endpoint_oss.go agent: add partition labels to catalog API metrics where appropriate (#10890) 2021-08-20 15:09:39 -05:00
catalog_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
check.go
config_endpoint.go Support Check-And-Set deletion of config entries (#11419) 2021-11-01 16:42:01 +00:00
config_endpoint_test.go Support Check-And-Set deletion of config entries (#11419) 2021-11-01 16:42:01 +00:00
connect_auth.go Account for partitions in ixn match/decision 2021-09-16 14:39:01 -06:00
connect_ca_endpoint.go add root_cert_ttl option for consul connect, vault ca providers (#11428) 2021-11-02 11:02:10 -07:00
connect_ca_endpoint_test.go ca: remove unused RotationPeriod field 2021-07-05 19:15:44 -04:00
coordinate_endpoint.go try to infer command partition from node partition (#10981) 2021-09-03 08:37:23 -04:00
coordinate_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
delegate_mock_test.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
denylist.go
denylist_test.go
discovery_chain_endpoint.go http: Check HTTPUseCache in a single place 2020-12-11 14:03:47 -05:00
discovery_chain_endpoint_test.go Remove useInDatacenter from disco chain requests 2021-10-26 23:35:21 -06:00
dns.go Merge pull request #11348 from kbabuadze/fix-answers-alt-domain 2021-10-29 17:09:20 -04:00
dns_oss.go
dns_test.go Merge pull request #11348 from kbabuadze/fix-answers-alt-domain 2021-10-29 17:09:20 -04:00
enterprise_delegate_oss.go
event_endpoint.go acl: Remove the remaining authz == nil checks 2021-07-30 14:55:35 -04:00
event_endpoint_test.go Update 4 non-acl tests that used the legacy ACL.Apply 2021-09-21 17:57:29 -04:00
federation_state_endpoint.go
health_endpoint.go http: set consistency header properly 2021-05-06 13:19:45 -04:00
health_endpoint_test.go streaming: fix enable of streaming in the client 2021-06-28 17:23:14 -04:00
http.go acl: adding a new mesh resource 2021-09-03 09:12:03 -04:00
http_decode_test.go add test cases for h2ping_use_tls default behavior 2021-10-09 17:12:52 -04:00
http_oss.go Sync enterprise changes to oss (#10994) 2021-09-08 11:59:30 -04:00
http_oss_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
http_register.go acl: remove unused translate rules endpoint 2021-10-05 18:26:05 -04:00
http_test.go agent: fix two data race in agent tests 2021-07-14 18:58:16 -04:00
intentions_endpoint.go Update Intentions.List with partitions (#11299) 2021-10-13 10:47:12 -04:00
intentions_endpoint_oss_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
intentions_endpoint_test.go agent: Reject partitions in legacy intention endpoints (#11181) 2021-10-01 13:18:57 -04:00
keyring.go
keyring_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
kvs_endpoint.go Add content type headers to raw KV responses 2021-04-14 16:20:22 -04:00
kvs_endpoint_test.go Add content type headers to raw KV responses 2021-04-14 16:20:22 -04:00
metrics.go agent: move agent tls metric monitor to a more appropriate place 2021-10-27 16:26:09 -04:00
metrics_test.go Add tests for cert expiry metrics 2021-10-28 14:38:57 -04:00
nodeid.go chore: upgrade to gopsutil/v3 (#9118) 2020-11-06 20:48:38 -05:00
nodeid_test.go
notify.go
notify_test.go
operator_endpoint.go Fix defaults for autopilot config update 2021-07-06 18:39:40 -04:00
operator_endpoint_oss.go Add a CLI command for retrieving the autopilot configuration. (#9142) 2020-11-11 13:19:02 -05:00
operator_endpoint_test.go Fix defaults for autopilot config update 2021-07-06 18:39:40 -04:00
prepared_query_endpoint.go fixing various bits of enterprise meta plumbing to be more correct (#10889) 2021-08-20 14:34:23 -05:00
prepared_query_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
reload.go
remote_exec.go
remote_exec_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
retry_join.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
retry_join_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
service_checks_test.go agent: move deprecated AddServiceFromSource to a test file 2021-01-25 17:25:03 -05:00
service_manager.go oss portion of ent #1069 (#10883) 2021-08-20 12:57:45 -04:00
service_manager_test.go Remove some usage of md5 from the system (#11491) 2021-11-04 13:07:54 -07:00
session_endpoint.go
session_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
setup.go agent: move agent tls metric monitor to a more appropriate place 2021-10-27 16:26:09 -04:00
setup_oss.go Move some things around to allow for license updating via config reload 2021-05-25 09:57:50 -04:00
sidecar_service.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
sidecar_service_test.go agent: update proxy upstreams to inherit namespace from service (#10688) 2021-07-26 17:12:29 -04:00
signal_unix.go
signal_windows.go
snapshot_endpoint.go
snapshot_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
status_endpoint.go
status_endpoint_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
streaming_test.go regenerate expired certs (#11462) 2021-11-01 11:40:16 -04:00
testagent.go fix consul_autopilot_healthy metric emission (#11231) 2021-10-08 10:31:50 -07:00
testagent_test.go
translate_addr.go
txn_endpoint.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
txn_endpoint_test.go agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669) 2021-07-22 13:20:45 -05:00
ui_endpoint.go structs: rename the last helper method. 2021-09-29 11:48:38 -04:00
ui_endpoint_oss_test.go testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
ui_endpoint_test.go ent->oss test fix (#10926) 2021-08-26 14:06:49 -04:00
user_event.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
user_event_test.go Update 4 non-acl tests that used the legacy ACL.Apply 2021-09-21 17:57:29 -04:00
util.go Remove some usage of md5 from the system (#11491) 2021-11-04 13:07:54 -07:00
util_test.go Remove some usage of md5 from the system (#11491) 2021-11-04 13:07:54 -07:00
watch_handler.go
watch_handler_test.go